package io.gravitee.policy.threatprotection.json;

import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonToken;
import io.gravitee.gateway.api.Request;
import io.gravitee.gateway.api.buffer.Buffer;
import io.gravitee.gateway.api.stream.BufferedReadWriteStream;
import io.gravitee.gateway.api.stream.ReadWriteStream;
import io.gravitee.gateway.api.stream.SimpleReadWriteStream;
import io.gravitee.policy.api.PolicyChain;
import io.gravitee.policy.api.PolicyResult;
import io.gravitee.policy.api.annotations.OnRequestContent;
import java.io.IOException;
import java.util.Collections;

/* loaded from: input_file:io/gravitee/policy/threatprotection/json/JsonThreatProtectionPolicy.class */
public class JsonThreatProtectionPolicy {
    public static final String BAD_REQUEST = "Bad Request";
    public static final String JSON_THREAT_DETECTED_KEY = "JSON_THREAT_DETECTED";
    public static final String JSON_THREAT_MAX_DEPTH_KEY = "JSON_THREAT_MAX_DEPTH";
    public static final String JSON_THREAT_MAX_ENTRIES_KEY = "JSON_THREAT_MAX_ENTRIES";
    public static final String JSON_THREAT_MAX_NAME_LENGTH_KEY = "JSON_THREAT_MAX_NAME_LENGTH";
    public static final String JSON_THREAT_MAX_VALUE_LENGTH_KEY = "JSON_THREAT_MAX_VALUE_LENGTH";
    public static final String JSON_MAX_ARRAY_SIZE_KEY = "JSON_MAX_ARRAY_SIZE";
    private static final JsonFactory jsonFactory = new JsonFactory();
    private JsonThreatProtectionPolicyConfiguration configuration;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.gravitee.policy.threatprotection.json.JsonThreatProtectionPolicy$2, reason: invalid class name */
    /* loaded from: input_file:io/gravitee/policy/threatprotection/json/JsonThreatProtectionPolicy$2.class */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$com$fasterxml$jackson$core$JsonToken = new int[JsonToken.values().length];

        static {
            try {
                $SwitchMap$com$fasterxml$jackson$core$JsonToken[JsonToken.START_OBJECT.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$fasterxml$jackson$core$JsonToken[JsonToken.START_ARRAY.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$fasterxml$jackson$core$JsonToken[JsonToken.FIELD_NAME.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$fasterxml$jackson$core$JsonToken[JsonToken.VALUE_STRING.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public JsonThreatProtectionPolicy(JsonThreatProtectionPolicyConfiguration jsonThreatProtectionPolicyConfiguration) {
        this.configuration = jsonThreatProtectionPolicyConfiguration;
    }

    @OnRequestContent
    public ReadWriteStream<Buffer> onRequestContent(Request request, final PolicyChain policyChain) {
        if (request.headers().getOrDefault("Content-Type", Collections.emptyList()).contains("application/json")) {
            return new BufferedReadWriteStream() { // from class: io.gravitee.policy.threatprotection.json.JsonThreatProtectionPolicy.1
                final Buffer buffer = Buffer.buffer();

                /* renamed from: write, reason: merged with bridge method [inline-methods] */
                public SimpleReadWriteStream<Buffer> m1write(Buffer buffer) {
                    this.buffer.appendBuffer(buffer);
                    return this;
                }

                public void end() {
                    try {
                        JsonThreatProtectionPolicy.this.validateJson(this.buffer.toString());
                        if (this.buffer.length() > 0) {
                            super.write(this.buffer);
                        }
                        super.end();
                    } catch (JsonException e) {
                        policyChain.streamFailWith(PolicyResult.failure(e.getKey(), 400, JsonThreatProtectionPolicy.BAD_REQUEST, "text/plain"));
                    } catch (Exception e2) {
                        policyChain.streamFailWith(PolicyResult.failure(JsonThreatProtectionPolicy.JSON_THREAT_DETECTED_KEY, 400, JsonThreatProtectionPolicy.BAD_REQUEST, "text/plain"));
                    }
                }
            };
        }
        return null;
    }

    public void validateJson(String str) throws JsonException {
        try {
            JsonParser createParser = jsonFactory.createParser(str);
            JsonDepthCounter jsonDepthCounter = new JsonDepthCounter();
            while (true) {
                JsonToken nextToken = createParser.nextToken();
                if (nextToken == null) {
                    return;
                } else {
                    validate(jsonDepthCounter, nextToken, createParser);
                }
            }
        } catch (IOException e) {
            throw new JsonException(JSON_THREAT_DETECTED_KEY, "Invalid json data");
        }
    }

    public void validate(JsonDepthCounter jsonDepthCounter, JsonToken jsonToken, JsonParser jsonParser) throws IOException, JsonException {
        switch (AnonymousClass2.$SwitchMap$com$fasterxml$jackson$core$JsonToken[jsonToken.ordinal()]) {
            case 1:
                validateObject(jsonDepthCounter, jsonParser);
                return;
            case 2:
                validateArray(jsonDepthCounter, jsonParser);
                return;
            case 3:
                validateName(jsonParser.getCurrentName());
                return;
            case 4:
                validateValue(jsonParser.getText());
                return;
            default:
                return;
        }
    }

    public void validateObject(JsonDepthCounter jsonDepthCounter, JsonParser jsonParser) throws JsonException {
        try {
            int i = 0;
            jsonDepthCounter.increment();
            validateDepth(jsonDepthCounter.getDepth());
            while (true) {
                JsonToken nextToken = jsonParser.nextToken();
                if (nextToken == JsonToken.END_OBJECT) {
                    jsonDepthCounter.decrement();
                    return;
                }
                validate(jsonDepthCounter, nextToken, jsonParser);
                if (nextToken == JsonToken.FIELD_NAME) {
                    i++;
                    validateFieldCount(i);
                }
            }
        } catch (IOException e) {
            throw new JsonException(JSON_THREAT_DETECTED_KEY, "Invalid json data");
        }
    }

    public void validateDepth(int i) throws JsonException {
        if (this.configuration.hasMaxDepth() && i > this.configuration.getMaxDepth().intValue()) {
            throw new JsonException(JSON_THREAT_MAX_DEPTH_KEY, "Max depth exceeded for json (max: " + this.configuration.getMaxDepth() + ")");
        }
    }

    public void validateFieldCount(int i) throws JsonException {
        if (this.configuration.hasMaxEntries() && i > this.configuration.getMaxEntries().intValue()) {
            throw new JsonException(JSON_THREAT_MAX_ENTRIES_KEY, "Max number of entries exceeded for json (max: " + this.configuration.getMaxEntries() + ")");
        }
    }

    private void validateName(String str) throws JsonException {
        if (this.configuration.hasMaxNameLength() && str.length() > this.configuration.getMaxNameLength().intValue()) {
            throw new JsonException(JSON_THREAT_MAX_NAME_LENGTH_KEY, "Max length exceeded for field name [" + str + "] (max: " + this.configuration.getMaxNameLength() + ")");
        }
    }

    private void validateValue(String str) throws JsonException {
        if (this.configuration.hasMaxValueLength() && str.length() > this.configuration.getMaxValueLength().intValue()) {
            throw new JsonException(JSON_THREAT_MAX_VALUE_LENGTH_KEY, "Max length exceeded for field value [" + str + "] (max: " + this.configuration.getMaxValueLength() + ")");
        }
    }

    private void validateArray(JsonDepthCounter jsonDepthCounter, JsonParser jsonParser) throws JsonException {
        try {
            jsonDepthCounter.increment();
            validateDepth(jsonDepthCounter.getDepth());
            int i = 0;
            while (true) {
                JsonToken nextToken = jsonParser.nextToken();
                if (nextToken == JsonToken.END_ARRAY) {
                    jsonDepthCounter.decrement();
                    return;
                }
                validate(jsonDepthCounter, nextToken, jsonParser);
                i++;
                if (this.configuration.hasMaxArraySize() && i > this.configuration.getMaxArraySize().intValue()) {
                    throw new JsonException(JSON_MAX_ARRAY_SIZE_KEY, "Max entry count exceeded for array (max: " + this.configuration.getMaxArraySize());
                }
            }
        } catch (IOException e) {
            throw new JsonException(JSON_THREAT_DETECTED_KEY, "Invalid json array.", e);
        }
    }
}
