package de.valtech.avs.core.filter;

import com.adobe.granite.security.user.UserProperties;
import de.valtech.avs.api.service.AvsException;
import de.valtech.avs.api.service.AvsService;
import de.valtech.avs.api.service.scanner.ScanResult;
import de.valtech.avs.core.history.HistoryService;
import de.valtech.avs.core.mail.AvsNotificationMailer;
import de.valtech.avs.core.serviceuser.ServiceResourceResolverService;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.SequenceInputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.StandardCopyOption;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Part;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.sling.api.SlingHttpServletRequest;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.metatype.annotations.Designate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Designate(ocd = AvsPostFilterConfig.class)
@Component(service = {Filter.class}, property = {"sling.filter.scope=REQUEST", "service.ranking:Integer=50000"})
/* loaded from: input_file:de/valtech/avs/core/filter/AvsPostFilter.class */
public class AvsPostFilter implements Filter {
    private static final String REQUEST_PARTS = "request-parts-iterator";
    private static final Logger LOG = LoggerFactory.getLogger(AvsPostFilter.class);

    @Reference
    private AvsService avsService;

    @Reference
    private HistoryService historyService;

    @Reference
    private ServiceResourceResolverService serviceResolverService;

    @Reference
    private AvsNotificationMailer mailer;
    private List<Pattern> includePatterns = new ArrayList();
    private List<Pattern> excludePatterns = new ArrayList();

    @Activate
    public void activate(AvsPostFilterConfig avsPostFilterConfig) {
        this.excludePatterns = new ArrayList();
        if (avsPostFilterConfig.excludePatterns() != null) {
            for (String str : avsPostFilterConfig.excludePatterns()) {
                this.excludePatterns.add(Pattern.compile(str));
            }
        }
        this.includePatterns = new ArrayList();
        if (avsPostFilterConfig.includePatterns() != null) {
            for (String str2 : avsPostFilterConfig.includePatterns()) {
                this.includePatterns.add(Pattern.compile(str2));
            }
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        ScanResult scan;
        SlingHttpServletRequest slingHttpServletRequest = (SlingHttpServletRequest) servletRequest;
        String contentType = slingHttpServletRequest.getContentType();
        if (!"POST".equals(slingHttpServletRequest.getMethod()) || !isMultipartRequest(contentType) || isUrlToIgnore(slingHttpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        Iterator it = (Iterator) servletRequest.getAttribute(REQUEST_PARTS);
        if (it == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        ArrayList<File> arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        while (it.hasNext()) {
            Part part = (Part) it.next();
            if (StringUtils.isEmpty(part.getContentType())) {
                arrayList2.add(new PartWrapper(part, IOUtils.toString(part.getInputStream(), StandardCharsets.UTF_8.name()).getBytes()));
            } else {
                if (StringUtils.isNotEmpty(part.getSubmittedFileName())) {
                    arrayList3.add(part.getSubmittedFileName());
                }
                InputStream inputStream = part.getInputStream();
                File createTempFile = File.createTempFile("valtech-avs", ".tmp");
                Files.copy(inputStream, createTempFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
                inputStream.close();
                arrayList.add(createTempFile);
                arrayList2.add(new PartWrapper(part, createTempFile));
            }
        }
        servletRequest.setAttribute(REQUEST_PARTS, arrayList2.iterator());
        ArrayList arrayList4 = new ArrayList();
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            arrayList4.add(new FileInputStream((File) it2.next()));
        }
        if (arrayList4.isEmpty()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        SequenceInputStream sequenceInputStream = new SequenceInputStream(Collections.enumeration(arrayList4));
        try {
            Session session = (Session) slingHttpServletRequest.getResourceResolver().adaptTo(Session.class);
            scan = this.avsService.scan(sequenceInputStream, session != null ? session.getUserID() : "");
        } catch (AvsException e) {
            LOG.error("Virus scan failed", e);
        }
        if (scan.isClean()) {
            sequenceInputStream.close();
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        for (File file : arrayList) {
            if (!file.delete()) {
                LOG.warn("Unable to remove temp file {}", file.getPath());
            }
        }
        sendEmail(slingHttpServletRequest, scan, arrayList3);
        throw new ServletException("Uploaded file contains a virus");
    }

    private boolean isMultipartRequest(String str) {
        if (StringUtils.isEmpty(str)) {
            return false;
        }
        return str.contains("multipart/form-data");
    }

    protected boolean isUrlToIgnore(SlingHttpServletRequest slingHttpServletRequest) {
        String requestURI = slingHttpServletRequest.getRequestURI();
        Iterator<Pattern> it = this.excludePatterns.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(requestURI).matches()) {
                return true;
            }
        }
        if (this.includePatterns.isEmpty()) {
            return false;
        }
        Iterator<Pattern> it2 = this.includePatterns.iterator();
        while (it2.hasNext()) {
            if (it2.next().matcher(requestURI).matches()) {
                return false;
            }
        }
        return true;
    }

    private void sendEmail(SlingHttpServletRequest slingHttpServletRequest, ScanResult scanResult, List<String> list) {
        UserProperties userProperties = (UserProperties) slingHttpServletRequest.adaptTo(UserProperties.class);
        ArrayList arrayList = new ArrayList();
        if (userProperties != null) {
            try {
                if (StringUtils.isNotEmpty(userProperties.getProperty("email"))) {
                    arrayList.add(userProperties.getProperty("email"));
                }
            } catch (RepositoryException e) {
                LOG.error("Cannot read email of user", e);
            }
        }
        if (arrayList.isEmpty()) {
            return;
        }
        this.mailer.sendEmail(arrayList, String.join(", ", list), scanResult);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }
}
