package com.ebaiyihui.gateway.filter;

import com.alibaba.fastjson.JSON;
import com.ebaiyihui.gateway.common.Constants;
import com.ebaiyihui.gateway.config.AuthorityConfig;
import com.ebaiyihui.gateway.config.RequestWrapper;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.cloud.netflix.zuul.filters.support.FilterConstants;
import org.springframework.stereotype.Component;

@RefreshScope
@Component
/* loaded from: input_file:BOOT-INF/classes/com/ebaiyihui/gateway/filter/IllegalParamFilter.class */
public class IllegalParamFilter extends ZuulFilter {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) IllegalParamFilter.class);

    @Autowired
    private AuthorityConfig authorityConfig;

    @Override // com.netflix.zuul.IZuulFilter
    public boolean shouldFilter() {
        return this.authorityConfig.isEnabled() && !this.authorityConfig.getIllegalParamList().isEmpty();
    }

    @Override // com.netflix.zuul.IZuulFilter
    public Object run() {
        RequestContext currentContext = RequestContext.getCurrentContext();
        HttpServletRequest request = currentContext.getRequest();
        if (StringUtils.isNotBlank(request.getContentType()) && request.getContentType().contains("multipart")) {
            log.info("请求类型multipart,不做校验");
            return null;
        }
        Map<String, Object> parseObject = (StringUtils.isNotBlank(request.getContentType()) && request.getContentType().contains("application/json")) ? JSON.parseObject(new RequestWrapper(request).getBody()) : convertDataMap(request);
        log.info("参数{}", parseObject);
        if (parseObject.isEmpty()) {
            log.info("参数为空,无需校验");
            return null;
        }
        for (String str : parseObject.keySet()) {
            String obj = parseObject.get(str).toString();
            for (String str2 : this.authorityConfig.getIllegalParamList()) {
                if (StringUtils.isNotBlank(obj) && obj.contains(str2)) {
                    log.error("非法请求：参数{}的值{}包含非法字符{}", str, obj, str2);
                    currentContext.getResponse().setContentType("text/html;charset=utf-8");
                    currentContext.setSendZuulResponse(false);
                    currentContext.setResponseStatusCode(200);
                    currentContext.setResponseBody("{\"data\":\"unauthorized\",\"code\":1110002, \"msg\":\"请求参数'" + ((Object) str) + "'的值'" + obj + "'包含非法字符'" + str2 + "'\"}");
                    currentContext.set(Constants.ILLEGAL_PARAM_FILTER_FLAG, true);
                    return null;
                }
            }
        }
        log.info("参数{}通过校验", parseObject);
        return null;
    }

    @Override // com.netflix.zuul.ZuulFilter
    public String filterType() {
        return FilterConstants.PRE_TYPE;
    }

    @Override // com.netflix.zuul.ZuulFilter
    public int filterOrder() {
        return -1;
    }

    private Map<String, Object> convertDataMap(HttpServletRequest httpServletRequest) {
        String obj;
        Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
        HashMap hashMap = new HashMap();
        String str = "";
        for (Map.Entry<String, String[]> entry : parameterMap.entrySet()) {
            String key = entry.getKey();
            String[] value = entry.getValue();
            if (null == value) {
                obj = "";
            } else if (value instanceof String[]) {
                for (String str2 : value) {
                    str = str2 + ",";
                }
                obj = str.substring(0, str.length() - 1);
            } else {
                obj = value.toString();
            }
            str = obj;
            hashMap.put(key, str);
        }
        return hashMap;
    }
}
