package de.muenchen.oss.digiwf.gateway.filter;

import de.muenchen.oss.digiwf.gateway.exception.ParameterPollutionException;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

@Component
/* loaded from: input_file:BOOT-INF/classes/de/muenchen/oss/digiwf/gateway/filter/GlobalRequestParameterPollutionFilter.class */
public class GlobalRequestParameterPollutionFilter implements GlobalFilter, Ordered {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) GlobalRequestParameterPollutionFilter.class);

    @Override // org.springframework.core.Ordered
    public int getOrder() {
        return -3;
    }

    @Override // org.springframework.cloud.gateway.filter.GlobalFilter
    public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) throws ParameterPollutionException {
        log.debug("Check for parameter pollution attack.");
        ServerHttpRequest request = serverWebExchange.getRequest();
        if (!CollectionUtils.isEmpty(request.getQueryParams())) {
            for (Map.Entry<String, String> entry : request.getQueryParams().entrySet()) {
                String key = entry.getKey();
                List list = (List) entry.getValue();
                if (!CollectionUtils.isEmpty(list) && list.size() > 1) {
                    log.warn("Possible parameter pollution attack detected: Parameter \"{}\" detected more than once in the request!", key);
                    throw new ParameterPollutionException();
                }
            }
        }
        return gatewayFilterChain.filter(serverWebExchange);
    }
}
