package org.zodiac.server.proxy.http.request;

import io.netty.buffer.Unpooled;
import io.netty.handler.codec.http.HttpContent;
import io.netty.handler.codec.http.HttpObject;
import io.netty.handler.codec.http.HttpRequest;
import java.net.URLDecoder;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.zodiac.commons.constants.CharsetConstants;
import org.zodiac.commons.model.KeyValuePair;
import org.zodiac.commons.util.Colls;
import org.zodiac.commons.util.FileUtil;
import org.zodiac.commons.web.HttpRequestMethod;
import org.zodiac.server.proxy.config.ProxyConfig;
import org.zodiac.server.proxy.http.model.HttpFilterMessage;
import org.zodiac.server.proxy.http.util.HttpRequestUtil;

/* loaded from: input_file:org/zodiac/server/proxy/http/request/HttpPostBlackRequestFilter.class */
public class HttpPostBlackRequestFilter extends HttpRequestFilter {
    private static Pattern filePattern = Pattern.compile("Content-Disposition: form-data;(.+)filename=\"(.+)\\.(.*)\"");
    private Set<Pattern> patterns0 = Colls.set();
    private Set<Pattern> patterns1 = Colls.set();

    @Override // org.zodiac.server.proxy.config.ProxyConfigListener
    public void onChange(ProxyConfig proxyConfig) {
        if (proxyConfig == getProxyEntity().getFiles()[0]) {
            Set<Pattern> set = Colls.set();
            Iterator it = FileUtil.getDataSet(proxyConfig.getData()).iterator();
            while (it.hasNext()) {
                set.add(Pattern.compile((String) it.next()));
            }
            this.patterns0 = set;
            return;
        }
        Set<Pattern> set2 = Colls.set();
        Iterator it2 = FileUtil.getDataSet(proxyConfig.getData()).iterator();
        while (it2.hasNext()) {
            set2.add(Pattern.compile((String) it2.next()));
        }
        this.patterns1 = set2;
    }

    @Override // org.zodiac.server.proxy.config.ProxyFilter
    public HttpFilterMessage doFilter(HttpRequest httpRequest, HttpObject httpObject) {
        if (!(httpObject instanceof HttpRequest) || !((HttpRequest) httpObject).method().name().contentEquals(HttpRequestMethod.POST.name()) || !(httpObject instanceof HttpContent)) {
            return null;
        }
        HttpContent httpContent = (HttpContent) httpObject;
        String str = null;
        List<String> headerValues = HttpRequestUtil.getHeaderValues((HttpRequest) httpObject, "Content-Type");
        if (headerValues.size() <= 0 || headerValues.get(0) == null) {
            return null;
        }
        if (HttpRequestUtil.getHeaderValues((HttpRequest) httpObject, "Content-Type") == null || !headerValues.get(0).startsWith("multipart/form-data")) {
            try {
                str = URLDecoder.decode(new String(Unpooled.copiedBuffer(httpContent.content()).array()).replaceAll("%", "%25"), CharsetConstants.UTF_8_NAME);
            } catch (Exception e) {
                this.logger.warn("URL:{} {} body is inconsistent with the rules.", new Object[]{((HttpRequest) httpObject).uri(), HttpRequestMethod.POST.name(), e});
            }
        } else {
            str = new String(Unpooled.copiedBuffer(httpContent.content()).array());
        }
        if (str == null) {
            return null;
        }
        String[] split = str.split("=");
        if (split.length == 2) {
            HttpRequestUtil.setPostParameter(split[0].trim(), split[1].trim());
        }
        String realIp = HttpRequestUtil.getRealIp((HttpRequest) httpObject);
        for (Pattern pattern : this.patterns0) {
            if (pattern.matcher(str.toLowerCase()).find()) {
                hackLog(this.logger, realIp, HttpPostBlackRequestFilter.class.getSimpleName(), pattern.toString());
                return HttpFilterMessage.of("HttpPostRequestFilter Black List", new KeyValuePair[0]);
            }
        }
        Matcher matcher = filePattern.matcher(str);
        if (!matcher.find()) {
            return null;
        }
        String group = matcher.group(3);
        Iterator<Pattern> it = this.patterns1.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(group).matches()) {
                hackLog(this.logger, realIp, HttpPostBlackRequestFilter.class.getSimpleName(), filePattern.toString());
                return HttpFilterMessage.of("HttpPostRequestFilter Black List", new KeyValuePair[0]);
            }
        }
        return null;
    }
}
