package com.ofpay.rex.security.validation;

import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.Policy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/ofpay/rex/security/validation/ValidationPattern.class */
public class ValidationPattern {
    private static final Logger logger = LoggerFactory.getLogger(ValidationPattern.class);
    private static final String RESOURCE_FILE = "XSS.properties";
    public static final String POLICY_FILE_LOCATION = "antisamy-ebay-1.4.4.xml";
    private static AntiSamy as;
    private static Policy policy;
    private static Map<String, String> map;
    private static final Map<String, Pattern> patternCache;

    private ValidationPattern() {
    }

    public static Pattern getValidationPattern(String str) {
        String str2 = map.get("Validator." + str);
        Pattern pattern = patternCache.get(str2);
        if (pattern != null) {
            return pattern;
        }
        if (str2 == null || str2.equals("")) {
            return null;
        }
        try {
            Pattern compile = Pattern.compile(str2);
            patternCache.put(str2, compile);
            return compile;
        } catch (PatternSyntaxException e) {
            logger.warn("SecurityConfiguration for " + str + " not a valid regex in XSS.properties. Returning null");
            return null;
        }
    }

    public static String getValidInput(String str, String str2, String str3, int i, boolean z) throws ValidationException {
        ValidationRule validationRule = new ValidationRule(str3);
        Pattern validationPattern = getValidationPattern(str3);
        if (validationPattern == null) {
            throw new IllegalArgumentException("The selected type [" + str3 + "] was not set via the validation configuration");
        }
        validationRule.addWhitelistPattern(validationPattern);
        validationRule.setMaximumLength(i);
        validationRule.setAllowNull(z);
        return validationRule.getValid(str, str2);
    }

    public static String rtfXSS(String str) {
        String str2 = str;
        if (StringUtils.isBlank(str)) {
            return str2;
        }
        try {
            try {
                str2 = as.scan(str).getCleanHTML();
                return str2;
            } catch (Exception e) {
                logger.warn("rtfXSS fail:  " + str);
                e.printStackTrace();
                return str2;
            }
        } catch (Throwable th) {
            return str2;
        }
    }

    public static String stripXSS(String str) {
        try {
            try {
                if (StringUtils.isBlank(str)) {
                    return str;
                }
                str = htmlEncode(str.replaceAll("��", ""));
                return str;
            } catch (Exception e) {
                logger.warn("stripXSS fail:  " + str);
                e.printStackTrace();
                return str;
            }
        } catch (Throwable th) {
            return str;
        }
    }

    public static List<Object> stripJsonList(List<Object> list, String[] strArr, String[] strArr2) {
        ArrayList arrayList = new ArrayList();
        for (Object obj : list) {
            if (obj instanceof List) {
                arrayList.add(stripJsonList((List) obj, strArr, strArr2));
            } else if (obj instanceof Map) {
                arrayList.add(stripJsonMap((Map) obj, strArr, strArr2));
            } else {
                arrayList.add(stripXSS(obj.toString()));
            }
        }
        return arrayList;
    }

    public static Map<Object, Object> stripJsonMap(Map<Object, Object> map2, String[] strArr, String[] strArr2) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (Map.Entry<Object, Object> entry : map2.entrySet()) {
            String valueOf = String.valueOf(entry.getKey());
            Object value = entry.getValue();
            if (ArrayUtils.contains(strArr, valueOf)) {
                linkedHashMap.put(valueOf, value.toString());
            } else if (value instanceof Map) {
                linkedHashMap.put(valueOf, stripJsonMap((Map) value, strArr, strArr2));
            } else if (value instanceof List) {
                linkedHashMap.put(valueOf, stripJsonList((List) value, strArr, strArr2));
            } else if (ArrayUtils.contains(strArr2, valueOf)) {
                linkedHashMap.put(valueOf, rtfXSS(value.toString()));
            } else {
                linkedHashMap.put(valueOf, stripXSS(value.toString()));
            }
        }
        return linkedHashMap;
    }

    public static String stripURIXSS(String str) {
        try {
            try {
                if (StringUtils.isBlank(str)) {
                    return str;
                }
                str = uriEncode(str);
                return str;
            } catch (Exception e) {
                logger.warn("stripXSS fail:  " + str);
                e.printStackTrace();
                return str;
            }
        } catch (Throwable th) {
            return str;
        }
    }

    public static String uriEncode(String str) {
        if (str == null) {
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case '\"':
                    stringBuffer.append("&quot;");
                    break;
                case '&':
                    stringBuffer.append("&amp;");
                    break;
                case '\'':
                    stringBuffer.append("&apos;");
                    break;
                case '(':
                    stringBuffer.append("");
                    break;
                case ')':
                    stringBuffer.append("");
                    break;
                case '`':
                    stringBuffer.append("");
                    break;
                default:
                    stringBuffer.append(charAt);
                    break;
            }
        }
        return stringBuffer.toString();
    }

    public static String htmlEncode(String str) {
        if (str == null) {
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case '\n':
                case '\r':
                    break;
                case '\"':
                    stringBuffer.append("&quot;");
                    break;
                case '&':
                    stringBuffer.append("&amp;");
                    break;
                case '\'':
                    stringBuffer.append("&apos;");
                    break;
                case '<':
                    stringBuffer.append("&lt;");
                    break;
                case '>':
                    stringBuffer.append("&gt;");
                    break;
                default:
                    stringBuffer.append(charAt);
                    break;
            }
        }
        return stringBuffer.toString();
    }

    static {
        as = null;
        policy = null;
        map = null;
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        InputStream resourceAsStream = contextClassLoader.getResourceAsStream(RESOURCE_FILE);
        try {
            policy = Policy.getInstance(contextClassLoader.getResourceAsStream(POLICY_FILE_LOCATION));
            as = new AntiSamy(policy);
            Properties properties = new Properties();
            properties.load(resourceAsStream);
            map = new HashMap(properties);
        } catch (Exception e) {
            logger.error("load XSS Filter conf file error:", e);
        }
        patternCache = new HashMap();
    }
}
