package cn.flydiy.cloud.common.codec;

import cn.flydiy.cloud.common.collection.ListUtils;
import cn.flydiy.cloud.common.lang.ExceptionUtils;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.text.StringEscapeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/flydiy/cloud/common/codec/EncodeUtils.class */
public class EncodeUtils {
    public static final String UTF_8 = "UTF-8";
    private static final Logger logger = LoggerFactory.getLogger(EncodeUtils.class);
    private static final char[] BASE62 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz".toCharArray();
    private static List<Pattern> xssPatterns = ListUtils.newArrayList(Pattern.compile("(<\\s*(script|link|style|iframe)([\\s\\S]*?)(>|<\\/\\s*\\1\\s*>))|(</\\s*(script|link|style|iframe)\\s*>)", 2), Pattern.compile("\\s*(href|src)\\s*=\\s*(\"\\s*(javascript|vbscript):[^\"]+\"|'\\s*(javascript|vbscript):[^']+'|(javascript|vbscript):[^\\s]+)\\s*(?=>)", 2), Pattern.compile("\\s*on[a-z]+\\s*=\\s*(\"[^\"]+\"|'[^']+'|[^\\s]+)\\s*(?=>)", 2), Pattern.compile("(eval\\((.*?)\\)|xpression\\((.*?)\\))", 2), Pattern.compile("^(javascript:|vbscript:)", 2));
    private static Pattern sqlPattern = Pattern.compile("(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|((extractvalue|updatexml|if|mid|database|rand|user)([\\s]*?)\\()|(\\b(select|update|and|or|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute|case when|sleep|union|load_file)\\b)", 2);
    private static Pattern orderByPattern = Pattern.compile("[a-z0-9_\\.\\, ]*", 2);

    public static String encodeHex(byte[] bArr) {
        return new String(Hex.encodeHex(bArr));
    }

    public static byte[] decodeHex(String str) {
        try {
            return Hex.decodeHex(str.toCharArray());
        } catch (DecoderException e) {
            throw ExceptionUtils.unchecked(e);
        }
    }

    public static String encodeBase64(byte[] bArr) {
        return new String(Base64.encodeBase64(bArr));
    }

    public static String encodeBase64(String str) {
        if (StringUtils.isBlank(str)) {
            return "";
        }
        try {
            return new String(Base64.encodeBase64(str.getBytes(UTF_8)));
        } catch (UnsupportedEncodingException e) {
            return "";
        }
    }

    public static byte[] decodeBase64(String str) {
        try {
            return Base64.decodeBase64(str.getBytes(UTF_8));
        } catch (UnsupportedEncodingException e) {
            throw ExceptionUtils.unchecked(e);
        }
    }

    public static String decodeBase64String(String str) {
        if (StringUtils.isBlank(str)) {
            return "";
        }
        try {
            return new String(Base64.decodeBase64(str.getBytes(UTF_8)), UTF_8);
        } catch (UnsupportedEncodingException e) {
            return "";
        }
    }

    public static String encodeBase62(byte[] bArr) {
        char[] cArr = new char[bArr.length];
        for (int i = 0; i < bArr.length; i++) {
            cArr[i] = BASE62[(bArr[i] & 255) % BASE62.length];
        }
        return new String(cArr);
    }

    public static String encodeHtml(String str) {
        return StringEscapeUtils.escapeHtml4(str);
    }

    public static String decodeHtml(String str) {
        return StringEscapeUtils.unescapeHtml4(str);
    }

    public static String encodeXml(String str) {
        return StringEscapeUtils.escapeXml10(str);
    }

    public static String decodeXml(String str) {
        return StringEscapeUtils.unescapeXml(str);
    }

    public static String encodeUrl(String str) {
        return encodeUrl(str, UTF_8);
    }

    public static String encodeUrl(String str, String str2) {
        if (str == null) {
            return null;
        }
        try {
            return URLEncoder.encode(str, str2);
        } catch (UnsupportedEncodingException e) {
            throw ExceptionUtils.unchecked(e);
        }
    }

    public static String decodeUrl(String str) {
        return decodeUrl(str, UTF_8);
    }

    public static String decodeUrl(String str, String str2) {
        if (str == null) {
            return null;
        }
        try {
            return URLDecoder.decode(str, str2);
        } catch (UnsupportedEncodingException e) {
            throw ExceptionUtils.unchecked(e);
        }
    }

    public static String decodeUrl2(String str) {
        return decodeUrl(decodeUrl(str));
    }

    public static String xssFilter(String str) {
        return xssFilter(str, null);
    }

    public static String xssFilter(String str, HttpServletRequest httpServletRequest) {
        Object trim = StringUtils.trim(str);
        if (str == null) {
            return null;
        }
        String str2 = trim;
        Iterator<Pattern> it = xssPatterns.iterator();
        while (it.hasNext()) {
            Matcher matcher = it.next().matcher(str2);
            if (matcher.find()) {
                str2 = matcher.replaceAll("");
            }
        }
        if (!StringUtils.startsWithIgnoreCase(str2, "<!--HTML-->") && !StringUtils.startsWithIgnoreCase(str2, "<?xml ") && !StringUtils.contains(str2, "id=\"FormHtml\"") && ((!StringUtils.startsWith(str2, "{") || !StringUtils.endsWith(str2, "}")) && ((!StringUtils.startsWith(str2, "[") || !StringUtils.endsWith(str2, "]")) && (httpServletRequest == null || !StringUtils.contains(httpServletRequest.getRequestURI(), "/ureport/"))))) {
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < str2.length(); i++) {
                char charAt = str2.charAt(i);
                switch (charAt) {
                    case '\"':
                        sb.append("＂");
                        break;
                    case '\'':
                        sb.append("＇");
                        break;
                    case '<':
                        sb.append("＜");
                        break;
                    case '>':
                        sb.append("＞");
                        break;
                    default:
                        sb.append(charAt);
                        break;
                }
            }
            str2 = sb.toString();
        }
        if (logger.isInfoEnabled() && !str2.equals(trim)) {
            Logger logger2 = logger;
            Object[] objArr = new Object[3];
            objArr[0] = str2;
            objArr[1] = str;
            objArr[2] = httpServletRequest != null ? httpServletRequest.getRequestURL() : "common";
            logger2.info("xssFilter: {}   <=<=<=   {}   source: {}", objArr);
        }
        return str2;
    }

    public static String sqlFilter(String str) {
        return sqlFilter(str, "common");
    }

    public static String sqlFilter(String str, String str2) {
        if (str == null) {
            return null;
        }
        String str3 = str;
        if (!"orderBy".equals(str2)) {
            Matcher matcher = sqlPattern.matcher(str3);
            if (matcher.find()) {
                str3 = matcher.replaceAll("");
            }
        } else if (!orderByPattern.matcher(str3).matches()) {
            str3 = "";
        }
        if (!logger.isWarnEnabled() || str3.equals(str)) {
            return str3;
        }
        logger.info("sqlFilter: {}   <=<=<=   {}   source: {}", new Object[]{str3, str, str2});
        return "";
    }
}
