package com.ruoyi.gateway.filter;

import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.utils.html.EscapeUtil;
import com.ruoyi.gateway.config.properties.XssProperties;
import io.netty.buffer.ByteBufAllocator;
import java.nio.charset.StandardCharsets;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.core.io.buffer.DefaultDataBufferFactory;
import org.springframework.core.io.buffer.NettyDataBuffer;
import org.springframework.core.io.buffer.NettyDataBufferFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

@ConditionalOnProperty(value = {"security.xss.enabled"}, havingValue = "true")
@Component
/* loaded from: input_file:BOOT-INF/classes/com/ruoyi/gateway/filter/XssFilter.class */
public class XssFilter implements GlobalFilter, Ordered {

    @Autowired
    private XssProperties xss;

    public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
        ServerHttpRequest request = serverWebExchange.getRequest();
        if (!this.xss.getEnabled().booleanValue()) {
            return gatewayFilterChain.filter(serverWebExchange);
        }
        HttpMethod method = request.getMethod();
        if (method == null || method == HttpMethod.GET || method == HttpMethod.DELETE) {
            return gatewayFilterChain.filter(serverWebExchange);
        }
        if (isJsonRequest(serverWebExchange) && !StringUtils.matches(request.getURI().getPath(), this.xss.getExcludeUrls())) {
            return gatewayFilterChain.filter(serverWebExchange.mutate().request(requestDecorator(serverWebExchange)).build());
        }
        return gatewayFilterChain.filter(serverWebExchange);
    }

    private ServerHttpRequestDecorator requestDecorator(ServerWebExchange serverWebExchange) {
        return new ServerHttpRequestDecorator(serverWebExchange.getRequest()) { // from class: com.ruoyi.gateway.filter.XssFilter.1
            public Flux<DataBuffer> getBody() {
                return super.getBody().buffer().map(list -> {
                    DataBuffer join = new DefaultDataBufferFactory().join(list);
                    byte[] bArr = new byte[join.readableByteCount()];
                    join.read(bArr);
                    DataBufferUtils.release(join);
                    byte[] bytes = EscapeUtil.clean(new String(bArr, StandardCharsets.UTF_8)).getBytes();
                    NettyDataBuffer allocateBuffer = new NettyDataBufferFactory(ByteBufAllocator.DEFAULT).allocateBuffer(bytes.length);
                    allocateBuffer.write(bytes);
                    return allocateBuffer;
                });
            }

            public HttpHeaders getHeaders() {
                HttpHeaders httpHeaders = new HttpHeaders();
                httpHeaders.putAll(super.getHeaders());
                httpHeaders.remove("Content-Length");
                httpHeaders.set("Transfer-Encoding", "chunked");
                return httpHeaders;
            }
        };
    }

    public boolean isJsonRequest(ServerWebExchange serverWebExchange) {
        return StringUtils.startsWithIgnoreCase(serverWebExchange.getRequest().getHeaders().getFirst("Content-Type"), "application/json");
    }

    public int getOrder() {
        return -100;
    }
}
