package com.networknt.sanitizer;

import com.networknt.body.BodyHandler;
import com.networknt.config.Config;
import com.networknt.handler.Handler;
import com.networknt.handler.MiddlewareHandler;
import com.networknt.utility.ModuleRegistry;
import io.undertow.Handlers;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.util.HeaderMap;
import io.undertow.util.HeaderValues;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.Map;
import org.owasp.encoder.Encode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/networknt/sanitizer/SanitizerHandler.class */
public class SanitizerHandler implements MiddlewareHandler {
    private volatile HttpHandler next;
    static final Logger logger = LoggerFactory.getLogger(SanitizerHandler.class);
    public static final String CONFIG_NAME = "sanitizer";
    static SanitizerConfig config = (SanitizerConfig) Config.getInstance().getJsonObjectConfig(CONFIG_NAME, SanitizerConfig.class);

    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        Object attachment;
        HeaderMap requestHeaders;
        String httpString = httpServerExchange.getRequestMethod().toString();
        if (config.isSanitizeHeader() && (requestHeaders = httpServerExchange.getRequestHeaders()) != null) {
            Iterator it = requestHeaders.iterator();
            while (it.hasNext()) {
                HeaderValues headerValues = (HeaderValues) it.next();
                if (headerValues != null) {
                    ListIterator listIterator = headerValues.listIterator();
                    while (listIterator.hasNext()) {
                        listIterator.set(Encode.forJavaScriptSource((String) listIterator.next()));
                    }
                }
            }
        }
        if (config.isSanitizeBody() && (("POST".equalsIgnoreCase(httpString) || "PUT".equalsIgnoreCase(httpString) || "PATCH".equalsIgnoreCase(httpString)) && (attachment = httpServerExchange.getAttachment(BodyHandler.REQUEST_BODY)) != null)) {
            if (attachment instanceof List) {
                encodeList((List) attachment);
            } else {
                encodeNode((Map) attachment);
            }
        }
        Handler.next(httpServerExchange, this.next);
    }

    public HttpHandler getNext() {
        return this.next;
    }

    public MiddlewareHandler setNext(HttpHandler httpHandler) {
        Handlers.handlerNotNull(httpHandler);
        this.next = httpHandler;
        return this;
    }

    public boolean isEnabled() {
        return config.isEnabled();
    }

    public void register() {
        ModuleRegistry.registerModule(SanitizerHandler.class.getName(), Config.getInstance().getJsonMapConfigNoCache(CONFIG_NAME), (List) null);
    }

    public void encodeNode(Map<String, Object> map) {
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            String key = entry.getKey();
            Object value = entry.getValue();
            if (value instanceof String) {
                map.put(key, Encode.forJavaScriptSource((String) value));
            } else if (value instanceof Map) {
                encodeNode((Map) value);
            } else if (value instanceof List) {
                encodeList((List) value);
            }
        }
    }

    public void encodeList(List list) {
        for (int i = 0; i < list.size(); i++) {
            if (list.get(i) instanceof String) {
                list.set(i, Encode.forJavaScriptSource((String) list.get(i)));
            } else if (list.get(i) instanceof Map) {
                encodeNode((Map) list.get(i));
            } else if (list.get(i) instanceof List) {
                encodeList((List) list.get(i));
            }
        }
    }
}
