package com.lenovo.cloud.framework.custom.security.filter;

import com.lenovo.cloud.framework.custom.security.config.properties.FileUploadProperties;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Iterator;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.multipart.MultipartHttpServletRequest;

/* loaded from: input_file:com/lenovo/cloud/framework/custom/security/filter/FileUploadSecurityFilter.class */
public class FileUploadSecurityFilter extends OncePerRequestFilter {
    private final AntPathMatcher pathMatcher;
    private final FileUploadProperties properties;

    public FileUploadSecurityFilter(AntPathMatcher antPathMatcher, FileUploadProperties fileUploadProperties) {
        this.pathMatcher = antPathMatcher;
        this.properties = fileUploadProperties;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (isExcludedUrl(httpServletRequest.getRequestURI())) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (httpServletRequest instanceof MultipartHttpServletRequest) {
            MultipartHttpServletRequest multipartHttpServletRequest = (MultipartHttpServletRequest) httpServletRequest;
            Iterator it = multipartHttpServletRequest.getFileMap().keySet().iterator();
            while (it.hasNext()) {
                MultipartFile file = multipartHttpServletRequest.getFile((String) it.next());
                if (file != null && !file.isEmpty()) {
                    if (file.getSize() > this.properties.getMaxSize()) {
                        httpServletResponse.sendError(400, "File size exceeds limit");
                        return;
                    }
                    String contentType = file.getContentType();
                    if (contentType != null && !this.properties.getAllowedTypes().contains(contentType)) {
                        httpServletResponse.sendError(400, "File type not allowed");
                        return;
                    }
                    String originalFilename = file.getOriginalFilename();
                    if (originalFilename != null && !isValidFileName(originalFilename)) {
                        httpServletResponse.sendError(400, "Invalid file name");
                        return;
                    }
                }
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private boolean isExcludedUrl(String str) {
        return this.properties.getExcludeUrls().stream().anyMatch(str2 -> {
            return this.pathMatcher.match(str2, str);
        });
    }

    private boolean isValidFileName(String str) {
        if (str.contains("..") || str.contains("/") || str.contains("\\")) {
            return false;
        }
        return str.matches("^[a-zA-Z0-9._-]+$");
    }
}
