package com.predic8.membrane.core.interceptor;

import com.predic8.membrane.annot.MCAttribute;
import com.predic8.membrane.annot.MCElement;
import com.predic8.membrane.core.exceptions.ProblemDetails;
import com.predic8.membrane.core.exchange.AbstractExchange;
import com.predic8.membrane.core.exchange.Exchange;
import com.predic8.membrane.core.http.Header;
import com.predic8.membrane.core.http.Request;
import com.predic8.membrane.core.interceptor.Interceptor;
import com.predic8.membrane.core.rules.AbstractServiceProxy;
import com.predic8.membrane.core.rules.NullRule;
import com.predic8.membrane.core.rules.ProxyRule;
import com.predic8.membrane.core.rules.Rule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@MCElement(name = "ruleMatching")
/* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.5.6.jar:com/predic8/membrane/core/interceptor/RuleMatchingInterceptor.class */
public class RuleMatchingInterceptor extends AbstractInterceptor {
    private static final Logger log = LoggerFactory.getLogger(RuleMatchingInterceptor.class.getName());
    private boolean xForwardedForEnabled = true;
    private int maxXForwardedForHeaders = 20;

    public RuleMatchingInterceptor() {
        this.name = "Rule Matching Interceptor";
        setFlow(Interceptor.Flow.Set.REQUEST);
    }

    @Override // com.predic8.membrane.core.interceptor.AbstractInterceptor, com.predic8.membrane.core.interceptor.Interceptor
    public Outcome handleRequest(Exchange exchange) throws Exception {
        if (exchange.getRule() != null) {
            return Outcome.CONTINUE;
        }
        Rule rule = getRule(exchange);
        assignRule(exchange, rule);
        if (rule instanceof NullRule) {
            exchange.setResponse(ProblemDetails.user(this.router.isProduction()).statusCode(404).title("Wrong path or method").detail("This request was not accepted by Membrane. Please check HTTP method and path.").build());
            return Outcome.ABORT;
        }
        if (this.xForwardedForEnabled && (rule instanceof AbstractServiceProxy)) {
            insertXForwardedFor(exchange);
        }
        return Outcome.CONTINUE;
    }

    public static void assignRule(Exchange exchange, Rule rule) {
        exchange.setRule(rule);
        if (exchange.getRule().getSslOutboundContext() != null) {
            exchange.setProperty(Exchange.SSL_CONTEXT, exchange.getRule().getSslOutboundContext());
        }
    }

    private Rule getRule(Exchange exchange) {
        Rule matchingRule = this.router.getRuleManager().getMatchingRule(exchange);
        return matchingRule != null ? matchingRule : findProxyRule(exchange);
    }

    private Rule findProxyRule(Exchange exchange) {
        for (Rule rule : this.router.getRuleManager().getRules()) {
            if ((rule instanceof ProxyRule) && (rule.getKey().getIp() == null || rule.getKey().getIp().equals(exchange.getHandler().getLocalAddress().toString()))) {
                if (rule.getKey().getPort() == -1 || exchange.getHandler().getLocalPort() == -1 || rule.getKey().getPort() == exchange.getHandler().getLocalPort()) {
                    if (log.isDebugEnabled()) {
                        log.debug("proxy rule found: " + rule);
                    }
                    return rule;
                }
            }
        }
        log.debug("No rule found for incoming request");
        return new NullRule();
    }

    private void insertXForwardedFor(AbstractExchange abstractExchange) {
        Header header = abstractExchange.getRequest().getHeader();
        if (header.getNumberOf("X-Forwarded-For") > this.maxXForwardedForHeaders) {
            Request request = abstractExchange.getRequest();
            throw new RuntimeException("Request caused X-Forwarded-For flood: " + request.getStartLine() + request.getHeader().toString());
        }
        header.setXForwardedFor(getXForwardedForHeaderValue(abstractExchange));
        if (header.getNumberOf("X-Forwarded-Proto") > this.maxXForwardedForHeaders) {
            Request request2 = abstractExchange.getRequest();
            throw new RuntimeException("Request caused X-Forwarded-Proto flood: " + request2.getStartLine() + request2.getHeader().toString());
        }
        header.setXForwardedProto(getXForwardedProtoHeaderValue(abstractExchange));
        if (header.getNumberOf("X-Forwarded-Host") > this.maxXForwardedForHeaders) {
            Request request3 = abstractExchange.getRequest();
            throw new RuntimeException("Request caused X-Forwarded-Host flood: " + request3.getStartLine() + request3.getHeader().toString());
        }
        header.setXForwardedHost(getXForwardedHostHeaderValue(abstractExchange));
    }

    private String getXForwardedHostHeaderValue(AbstractExchange abstractExchange) {
        return getXForwardedHost(abstractExchange) != null ? getXForwardedHost(abstractExchange) + ", " + abstractExchange.getRequest().getHeader().getHost() : abstractExchange.getRequest().getHeader().getHost();
    }

    private String getXForwardedHost(AbstractExchange abstractExchange) {
        return abstractExchange.getRequest().getHeader().getXForwardedHost();
    }

    private String getXForwardedForHeaderValue(AbstractExchange abstractExchange) {
        return getXForwardedFor(abstractExchange) != null ? getXForwardedFor(abstractExchange) + ", " + abstractExchange.getRemoteAddrIp() : abstractExchange.getRemoteAddrIp();
    }

    private String getXForwardedProtoHeaderValue(AbstractExchange abstractExchange) {
        return getXForwardedProto(abstractExchange) != null ? getXForwardedProto(abstractExchange) : abstractExchange.getRule().getSslInboundContext() != null ? "https" : "http";
    }

    private String getXForwardedFor(AbstractExchange abstractExchange) {
        return abstractExchange.getRequest().getHeader().getXForwardedFor();
    }

    private String getXForwardedProto(AbstractExchange abstractExchange) {
        return abstractExchange.getRequest().getHeader().getXForwardedProto();
    }

    public String toString() {
        return "RuleMatchingInterceptor";
    }

    public boolean isxForwardedForEnabled() {
        return this.xForwardedForEnabled;
    }

    @MCAttribute
    public void setxForwardedForEnabled(boolean z) {
        this.xForwardedForEnabled = z;
    }

    public int getMaxXForwardedForHeaders() {
        return this.maxXForwardedForHeaders;
    }

    @MCAttribute
    public void setMaxXForwardedForHeaders(int i) {
        this.maxXForwardedForHeaders = i;
    }
}
