package org.primefaces.util;

import com.github.dozermapper.core.util.DozerConstants;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PushbackInputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import javax.faces.FacesException;
import javax.faces.context.FacesContext;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import javax.script.ScriptException;
import org.primefaces.component.fileupload.FileUpload;
import org.primefaces.context.PrimeApplicationContext;
import org.primefaces.shaded.commons.io.FilenameUtils;
import org.primefaces.shaded.commons.io.IOUtils;
import org.primefaces.shaded.owasp.encoder.Encoders;
import org.primefaces.shaded.owasp.esapi.SafeFile;
import org.primefaces.shaded.owasp.esapi.errors.ValidationException;
import org.primefaces.virusscan.VirusException;

/* loaded from: input_file:WEB-INF/lib/org.primefaces-primefaces.jar:org/primefaces/util/FileUploadUtils.class */
public class FileUploadUtils {
    private static final Logger LOGGER = Logger.getLogger(FileUploadUtils.class.getName());
    private static final Pattern INVALID_FILENAME_PATTERN = Pattern.compile("([\\/:*?\"<>|])");

    private FileUploadUtils() {
    }

    public static String getValidFilename(String str) {
        if (LangUtils.isValueBlank(str)) {
            return null;
        }
        if (isSystemWindows()) {
            if (str.contains("\\\\")) {
                throw new FacesException("Invalid filename: " + str);
            }
            for (String str2 : str.substring(FilenameUtils.getPrefixLength(str)).split(Pattern.quote(File.separator))) {
                if (INVALID_FILENAME_PATTERN.matcher(str2).find()) {
                    throw new FacesException("Invalid filename: " + str);
                }
            }
        }
        String name = FilenameUtils.getName(str);
        String str3 = FilenameUtils.EXTENSION_SEPARATOR_STR + FilenameUtils.getExtension(str);
        if (str3.equals(FilenameUtils.EXTENSION_SEPARATOR_STR)) {
            throw new FacesException("File must have an extension");
        }
        if (name.isEmpty() || str3.equals(name)) {
            throw new FacesException("Filename can not be the empty string");
        }
        return name;
    }

    public static String getValidFilePath(String str) throws ValidationException {
        if (str == null || str.trim().equals("")) {
            throw new FacesException("Path can not be the empty string or null");
        }
        try {
            SafeFile safeFile = new SafeFile(str);
            File parentFile = safeFile.getParentFile();
            if (!safeFile.exists()) {
                throw new ValidationException("Invalid directory", "Invalid directory, \"" + safeFile + "\" does not exist.");
            }
            if (!parentFile.exists()) {
                throw new ValidationException("Invalid directory", "Invalid directory, specified parent does not exist.");
            }
            if (!parentFile.isDirectory()) {
                throw new ValidationException("Invalid directory", "Invalid directory, specified parent is not a directory.");
            }
            if (!safeFile.getCanonicalPath().startsWith(parentFile.getCanonicalPath())) {
                throw new ValidationException("Invalid directory", "Invalid directory, \"" + safeFile + "\" does not inside specified parent.");
            }
            if (safeFile.getCanonicalPath().equals(str)) {
                return str;
            }
            throw new ValidationException("Invalid directory", "Invalid directory name does not match the canonical path");
        } catch (IOException e) {
            throw new ValidationException("Invalid directory", "Failure to validate directory path");
        }
    }

    public static boolean isSystemWindows() {
        return File.separatorChar == '\\';
    }

    public static boolean isValidType(FileUpload fileUpload, String str, InputStream inputStream) {
        try {
            boolean z = isValidFileName(fileUpload, str) && isValidFileContent(fileUpload, str, inputStream);
            if (z && LOGGER.isLoggable(Level.FINE)) {
                LOGGER.fine(String.format("The uploaded file %s meets the filename and content type specifications", str));
            }
            return z;
        } catch (IOException | ScriptException e) {
            if (!LOGGER.isLoggable(Level.WARNING)) {
                return false;
            }
            LOGGER.log(Level.WARNING, String.format("The type of the uploaded file %s could not be validated", str), (Throwable) e);
            return false;
        }
    }

    private static boolean isValidFileName(FileUpload fileUpload, String str) throws ScriptException {
        String allowTypes = fileUpload.getAllowTypes();
        if (LangUtils.isValueBlank(allowTypes)) {
            return true;
        }
        ScriptEngine engineByName = new ScriptEngineManager().getEngineByName(Encoders.JAVASCRIPT);
        if (engineByName == null) {
            engineByName = new ScriptEngineManager((ClassLoader) null).getEngineByName(Encoders.JAVASCRIPT);
        }
        if (engineByName == null) {
            throw new ScriptException(new NullPointerException("JavaScript ScriptEngine not available via the context ClassLoader or the extension ClassLoader."));
        }
        if (Boolean.TRUE.equals(engineByName.eval(String.format("%s.test(\"%s\")", allowTypes, EscapeUtils.forJavaScriptAttribute(str))))) {
            return true;
        }
        if (!LOGGER.isLoggable(Level.FINE)) {
            return false;
        }
        LOGGER.fine(String.format("The uploaded filename %s does not match the specified regex %s", str, allowTypes));
        return false;
    }

    private static boolean isValidFileContent(FileUpload fileUpload, String str, InputStream inputStream) throws IOException {
        if (!fileUpload.isValidateContentType()) {
            if (!LOGGER.isLoggable(Level.FINE)) {
                return true;
            }
            LOGGER.fine("Content type checking is disabled");
            return true;
        }
        if (LangUtils.isValueBlank(fileUpload.getAccept())) {
            return true;
        }
        boolean z = LangUtils.tryToLoadClassForName("org.apache.tika.filetypedetector.TikaFileTypeDetector") != null;
        if (!z && LOGGER.isLoggable(Level.WARNING)) {
            LOGGER.warning("Could not find Apache Tika in classpath which is recommended for reliable content type checking");
        }
        Path createTempFile = Files.createTempFile(UUID.randomUUID().toString(), z ? null : DozerConstants.DEEP_FIELD_DELIMITER + FilenameUtils.getExtension(str), new FileAttribute[0]);
        try {
            PushbackInputStream pushbackInputStream = new PushbackInputStream(new BufferedInputStream(inputStream));
            FileOutputStream fileOutputStream = new FileOutputStream(createTempFile.toFile());
            Throwable th = null;
            try {
                try {
                    IOUtils.copyLarge(pushbackInputStream, fileOutputStream);
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                    String probeContentType = Files.probeContentType(createTempFile);
                    if (probeContentType == null) {
                        if (LOGGER.isLoggable(Level.WARNING)) {
                            LOGGER.warning(String.format("Could not determine content type of uploaded file %s, consider plugging in an adequate FileTypeDetector implementation", str));
                        }
                        try {
                            Files.delete(createTempFile);
                        } catch (Exception e) {
                            if (LOGGER.isLoggable(Level.WARNING)) {
                                LOGGER.log(Level.WARNING, String.format("Could not delete temporary file %s, will try to delete on JVM exit", createTempFile.toAbsolutePath()), (Throwable) e);
                                try {
                                    createTempFile.toFile().deleteOnExit();
                                } catch (Exception e2) {
                                    if (LOGGER.isLoggable(Level.WARNING)) {
                                        LOGGER.log(Level.WARNING, String.format("Could not register temporary file %s for deletion on JVM exit", createTempFile.toAbsolutePath()), (Throwable) e2);
                                    }
                                }
                            }
                        }
                        return false;
                    }
                    String[] split = fileUpload.getAccept().split(",");
                    boolean z2 = false;
                    int length = split.length;
                    int i = 0;
                    while (true) {
                        if (i >= length) {
                            break;
                        }
                        String lowerCase = split[i].trim().toLowerCase();
                        if (lowerCase.startsWith(DozerConstants.DEEP_FIELD_DELIMITER) && str.toLowerCase().endsWith(lowerCase)) {
                            z2 = true;
                            if (LOGGER.isLoggable(Level.FINE)) {
                                LOGGER.fine(String.format("The file extension %s of the uploaded file %s is accepted", lowerCase, str));
                            }
                        } else if (FilenameUtils.wildcardMatch(probeContentType.toLowerCase(), lowerCase)) {
                            z2 = true;
                            if (LOGGER.isLoggable(Level.FINE)) {
                                LOGGER.fine(String.format("The content type %s of the uploaded file %s is accepted by %s", probeContentType, str, lowerCase));
                            }
                        } else {
                            i++;
                        }
                    }
                    if (!z2) {
                        if (LOGGER.isLoggable(Level.FINE)) {
                            LOGGER.fine(String.format("The uploaded file %s with content type %s does not match the accept specification %s", str, probeContentType, fileUpload.getAccept()));
                        }
                        try {
                            Files.delete(createTempFile);
                        } catch (Exception e3) {
                            if (LOGGER.isLoggable(Level.WARNING)) {
                                LOGGER.log(Level.WARNING, String.format("Could not delete temporary file %s, will try to delete on JVM exit", createTempFile.toAbsolutePath()), (Throwable) e3);
                                try {
                                    createTempFile.toFile().deleteOnExit();
                                } catch (Exception e4) {
                                    if (LOGGER.isLoggable(Level.WARNING)) {
                                        LOGGER.log(Level.WARNING, String.format("Could not register temporary file %s for deletion on JVM exit", createTempFile.toAbsolutePath()), (Throwable) e4);
                                    }
                                }
                            }
                        }
                        return false;
                    }
                    try {
                        Files.delete(createTempFile);
                        return true;
                    } catch (Exception e5) {
                        if (!LOGGER.isLoggable(Level.WARNING)) {
                            return true;
                        }
                        LOGGER.log(Level.WARNING, String.format("Could not delete temporary file %s, will try to delete on JVM exit", createTempFile.toAbsolutePath()), (Throwable) e5);
                        try {
                            createTempFile.toFile().deleteOnExit();
                            return true;
                        } catch (Exception e6) {
                            if (!LOGGER.isLoggable(Level.WARNING)) {
                                return true;
                            }
                            LOGGER.log(Level.WARNING, String.format("Could not register temporary file %s for deletion on JVM exit", createTempFile.toAbsolutePath()), (Throwable) e6);
                            return true;
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (Throwable th4) {
            try {
                Files.delete(createTempFile);
            } catch (Exception e7) {
                if (LOGGER.isLoggable(Level.WARNING)) {
                    LOGGER.log(Level.WARNING, String.format("Could not delete temporary file %s, will try to delete on JVM exit", createTempFile.toAbsolutePath()), (Throwable) e7);
                    try {
                        createTempFile.toFile().deleteOnExit();
                    } catch (Exception e8) {
                        if (LOGGER.isLoggable(Level.WARNING)) {
                            LOGGER.log(Level.WARNING, String.format("Could not register temporary file %s for deletion on JVM exit", createTempFile.toAbsolutePath()), (Throwable) e8);
                        }
                    }
                }
            }
            throw th4;
        }
    }

    public static void performVirusScan(FacesContext facesContext, FileUpload fileUpload, InputStream inputStream) throws VirusException {
        if (fileUpload.isPerformVirusScan()) {
            PrimeApplicationContext.getCurrentInstance(facesContext).getVirusScannerService().performVirusScan(inputStream);
        }
    }
}
