package com.dcfs.fts.security;

import java.io.File;
import java.util.regex.Pattern;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang3.StringUtils;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.codecs.Codec;
import org.owasp.esapi.codecs.OracleCodec;
import org.owasp.esapi.errors.ValidationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/dcfs/fts/security/ESAPIUtil.class */
public class ESAPIUtil {
    private static final Logger log = LoggerFactory.getLogger(ESAPIUtil.class);
    private static final String DEFAULT_DIRECTORY_PATTERN = "^[a-zA-Z0-9一-龥:/\\\\!@#$%^&{}\\[\\]()_+\\-=,.~'` ]{1,255}$";
    private static final Pattern DIRECTORY_PATTERN = Pattern.compile(DEFAULT_DIRECTORY_PATTERN);
    private static final String DEFAULT_FILENAME_PATTERN = "^[a-zA-Z0-9一-龥!@#$%^&{}\\[\\]()_+\\-=,.~'` ]{1,255}$";
    private static final Pattern FILENAME_PATTERN = Pattern.compile(DEFAULT_FILENAME_PATTERN);

    public static void main(String[] strArr) {
        System.out.println(FilenameUtils.getFullPath("F:\\git-workspace\\settings.xml"));
        System.out.println(FilenameUtils.getName("F:\\git-workspace\\settings.xml"));
    }

    public static boolean isValidRedirectLocation(String str) {
        return ESAPI.validator().isValidRedirectLocation("isValidRedirectLocation", str, true);
    }

    public static String encodeForSQLOracle(String str) {
        return encodeForSQL(new OracleCodec(), str);
    }

    public static String encodeForSQL(Codec codec, String str) {
        return ESAPI.encoder().encodeForSQL(codec, str);
    }

    public static String getSafeFileName(String str) throws ValidationException {
        if (StringUtils.isEmpty(str)) {
            log.error("the inputFileName is empty.");
        }
        if (str.contains("../") || str.contains("..\\") || str.contains("./") || str.contains(".\\")) {
            log.error("the inputFileName is unsafe. inputFileName:{}", str);
        }
        if (isSafeFileNameRregex(str)) {
            return str;
        }
        if (!isSafeFileName(str)) {
            log.error("the inputFileName is invalid. inputFileName:{}", str);
        }
        return str;
    }

    private static boolean isSafeFileNameRregex(String str) {
        return (null == DIRECTORY_PATTERN && null == FILENAME_PATTERN) || DIRECTORY_PATTERN.matcher(str).matches() || FILENAME_PATTERN.matcher(str).matches();
    }

    public static boolean isSafeFileName(String str) throws ValidationException {
        String replace = str.replace("\\\\", File.separator).replace("/", File.separator);
        if (!isSafeFileNameRregex(replace)) {
            log.error("the inputFileName is unsafe. inputFileName:{}", replace);
            throw new ValidationException("the inputFileName is unsafe.", "the inputFileName is unsafe, inputFileName:" + replace);
        }
        File file = new File(replace);
        if (!file.exists()) {
            if (file.isDirectory()) {
                file.mkdirs();
            } else {
                file.getParentFile().mkdirs();
            }
        }
        if (file.isDirectory()) {
            if (replace.endsWith("\\") || replace.endsWith("/")) {
                replace = replace.substring(0, replace.length() - 1);
            }
            return ESAPI.validator().isValidDirectoryPath("isValidDirectoryPath", replace, file.getParentFile(), false);
        }
        boolean isValidFileName = ESAPI.validator().isValidFileName("isValidFileName", FilenameUtils.getName(replace), false);
        String fullPath = FilenameUtils.getFullPath(replace);
        if (fullPath.endsWith("\\") || fullPath.endsWith("/")) {
            fullPath = fullPath.substring(0, fullPath.length() - 1);
        }
        return isValidFileName && ESAPI.validator().isValidDirectoryPath("isValidDirectoryPath", fullPath, new File(fullPath).getParentFile(), false);
    }

    static {
        ESAPI.override(new ESAPIConfiguration());
    }
}
