package com.bizunited.nebula.gateway.local.filter;

import com.bizunited.nebula.gateway.sdk.service.GatewayDomainVoService;
import java.net.URI;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

@Component
/* loaded from: input_file:com/bizunited/nebula/gateway/local/filter/RefererFilter.class */
public class RefererFilter extends AbstractFilter implements GlobalFilter, Ordered {
    private static final Logger log = LoggerFactory.getLogger(RefererFilter.class);

    @Autowired
    private GatewayDomainVoService gatewayDomainVoService;

    @Value("${gateway.whitelist.referer:}")
    private String[] refererWhitelist;

    @Value("${gateway.whitelist.ignoreRefererValidate:false}")
    private boolean ignoreRefererValidate;

    public int getOrder() {
        return -5;
    }

    public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
        ServerHttpRequest request = serverWebExchange.getRequest();
        URI uri = request.getURI();
        log.debug("sourceUrl = " + uri);
        String host = uri.getHost();
        if (StringUtils.isNotBlank(super.matchWhitelist(host)) || this.ignoreRefererValidate) {
            return gatewayFilterChain.filter(serverWebExchange);
        }
        if (existInLoadBalancerDomain(host) != null && request.getMethod() != HttpMethod.GET) {
            log.debug("hostName = " + host);
            if (this.gatewayDomainVoService.findByInternalDomain(host) == null) {
                return serverWebExchange.getResponse().writeWith(Flux.just(write403(serverWebExchange)));
            }
            log.debug("正在进行referer信息监测=====");
            List list = request.getHeaders().get("Referer");
            log.debug("referers is empty = " + CollectionUtils.isEmpty(list));
            if (CollectionUtils.isEmpty(list)) {
                return serverWebExchange.getResponse().writeWith(Flux.just(write403(serverWebExchange)));
            }
            String str = (String) list.get(0);
            if (StringUtils.isBlank(str)) {
                return serverWebExchange.getResponse().writeWith(Flux.just(write403(serverWebExchange)));
            }
            if (this.refererWhitelist != null && this.refererWhitelist.length > 0) {
                for (String str2 : this.refererWhitelist) {
                    log.debug("referer = " + str + " ， refererWhiteItem = " + str2);
                    if (StringUtils.indexOf(str, str2) == 0) {
                        return gatewayFilterChain.filter(serverWebExchange);
                    }
                }
            }
            URI create = URI.create(str);
            if (create == null) {
                return serverWebExchange.getResponse().writeWith(Flux.just(write403(serverWebExchange)));
            }
            String host2 = create.getHost();
            if (this.gatewayDomainVoService.findByExternalDomain(host2) != null || this.gatewayDomainVoService.findByInternalDomain(host2) != null) {
                return gatewayFilterChain.filter(serverWebExchange);
            }
            return serverWebExchange.getResponse().writeWith(Flux.just(write403(serverWebExchange)));
        }
        return gatewayFilterChain.filter(serverWebExchange);
    }

    private DataBuffer write403(ServerWebExchange serverWebExchange) {
        serverWebExchange.getResponse().setStatusCode(HttpStatus.FORBIDDEN);
        return serverWebExchange.getResponse().bufferFactory().wrap("".getBytes());
    }
}
