package cn.gtmap.gtc.starter.gcas.filter.xss;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.math3.geometry.VectorFormat;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.util.HtmlUtils;

/* loaded from: input_file:BOOT-INF/lib/gtmap-cloud-app-starter-1.2.10.jar:cn/gtmap/gtc/starter/gcas/filter/xss/XssHttpServletRequestWrapper.class */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
    private final boolean json;
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) XssHttpServletRequestWrapper.class);
    private static final XssObjectMapper xssObjectMapper = new XssObjectMapper();

    public XssHttpServletRequestWrapper(HttpServletRequest httpServletRequest, boolean z) {
        super(httpServletRequest);
        this.json = z;
    }

    @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
    public String getHeader(String str) {
        return HtmlUtils.htmlEscape(super.getHeader(str));
    }

    @Override // javax.servlet.ServletRequestWrapper, javax.servlet.ServletRequest
    public String getParameter(String str) {
        return HtmlUtils.htmlEscape(super.getParameter(str));
    }

    @Override // javax.servlet.ServletRequestWrapper, javax.servlet.ServletRequest
    public String[] getParameterValues(String str) {
        String[] parameterValues = super.getParameterValues(str);
        if (parameterValues == null) {
            return super.getParameterValues(str);
        }
        int length = parameterValues.length;
        String[] strArr = new String[length];
        for (int i = 0; i < length; i++) {
            strArr[i] = convent(parameterValues[i]);
        }
        return strArr;
    }

    @Override // javax.servlet.ServletRequestWrapper, javax.servlet.ServletRequest
    public ServletInputStream getInputStream() throws IOException {
        if (!this.json) {
            return super.getInputStream();
        }
        String requestBody = getRequestBody(super.getInputStream());
        try {
            requestBody = xssObjectMapper.writeValueAsString(xssObjectMapper.readValue(requestBody, Object.class));
        } catch (Exception e) {
            logger.warn("XssHttpServletRequestWrapper", (Throwable) e);
        }
        final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(requestBody.getBytes());
        return new ServletInputStream() { // from class: cn.gtmap.gtc.starter.gcas.filter.xss.XssHttpServletRequestWrapper.1
            @Override // java.io.InputStream
            public int read() throws IOException {
                return byteArrayInputStream.read();
            }

            @Override // javax.servlet.ServletInputStream
            public boolean isFinished() {
                return false;
            }

            @Override // javax.servlet.ServletInputStream
            public boolean isReady() {
                return false;
            }

            @Override // javax.servlet.ServletInputStream
            public void setReadListener(ReadListener readListener) {
            }
        };
    }

    private String getRequestBody(InputStream inputStream) {
        StringBuilder sb = new StringBuilder();
        int i = 0;
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("UTF-8")));
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                sb.append(readLine);
                i++;
            } catch (IOException e) {
                logger.warn("getRequestBody", (Throwable) e);
            }
        }
        return sb.toString();
    }

    private String convent(String str) {
        String str2 = str;
        if (str != null) {
            try {
            } catch (Exception e) {
                logger.warn("convent", (Throwable) e);
            }
            if (str.contains(VectorFormat.DEFAULT_PREFIX) && str.contains("}") && str.contains("\"")) {
                str2 = xssObjectMapper.writeValueAsString(xssObjectMapper.readValue(str, Object.class));
                return str2;
            }
        }
        str2 = HtmlUtils.htmlEscape(str);
        return str2;
    }
}
