package com.jzt.im.core.util;

import com.jzt.im.core.constants.SymbolEnglishConstants;
import com.jzt.im.core.vo.weixin.MsgTypeEnum;
import java.util.Iterator;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.jsoup.nodes.Element;
import org.jsoup.safety.Whitelist;
import org.jsoup.select.Elements;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/jzt/im/core/util/SecureUtil.class */
public class SecureUtil {
    private static final Logger log = LoggerFactory.getLogger(SecureUtil.class);
    private static Whitelist whiteList = Whitelist.none();
    public static final String BASE64_PREFIX = "^data:[^,.]*;base64,.*";

    public static String html(String str, boolean z) {
        return safeStr(str, z);
    }

    public static String html(String str) {
        return safeStr(str, true);
    }

    public static String htmlToText(String str) {
        return StringUtils.isNotBlank(str) ? Jsoup.parse(str).text().replaceAll("&nbsp;", "") : str;
    }

    public static String sql(String str) {
        return str.replaceAll(SymbolEnglishConstants.SINGLE_QUOTE, "\\'");
    }

    private static void safeImg(Document document, boolean z) {
        String attr;
        Elements select = document.select("img");
        if (select == null || select.size() <= 0) {
            return;
        }
        Iterator it = select.iterator();
        while (it.hasNext()) {
            Element element = (Element) it.next();
            String attr2 = element.attr("src");
            if (attr2 == null) {
                element.remove();
            } else if (attr2.matches(BASE64_PREFIX)) {
                String imgFileType = Image.getImgFileType(BASE64.decodeBuffer(attr2.substring(attr2.indexOf(44) + 1)));
                String[] strArr = null;
                if (imgFileType != Image.TYPE_OTHER) {
                    log.error("SecureUtil 暂时还没有对base64图片的支持");
                    throw new IllegalArgumentException("不支持的图片类型");
                }
                if (0 != 0) {
                    String str = strArr[0];
                    element.attr("src", strArr[1]);
                    element.attr("onclick", "showRaw('" + str + "')");
                } else {
                    element.remove();
                }
            } else if (attr2.trim().equals("")) {
                element.remove();
            } else if (z && ((attr = element.attr("onclick")) == null || attr.trim().equals(""))) {
                element.attr("onclick", "showRaw('" + element.attr("src") + "')");
            }
        }
    }

    private static void safeSpan(Document document) {
        Elements select = document.select("span[style]");
        if (select == null || select.isEmpty()) {
            return;
        }
        Iterator it = select.iterator();
        while (it.hasNext()) {
            Element element = (Element) it.next();
            String[] split = element.attr("style").split(SymbolEnglishConstants.SEMICOLON);
            StringBuilder sb = new StringBuilder();
            for (String str : split) {
                if (str.trim().startsWith("color") || str.trim().startsWith("font-size")) {
                    sb.append(str).append(SymbolEnglishConstants.SEMICOLON);
                }
            }
            String sb2 = sb.toString();
            if (sb2.endsWith(SymbolEnglishConstants.SEMICOLON)) {
                sb2 = sb2.substring(0, sb2.length() - 1);
            }
            element.attr("style", sb2);
        }
    }

    private static String safeStr(String str, boolean z) {
        if (str == null || "".equals(str.trim())) {
            return "";
        }
        Document parse = Jsoup.parse(Jsoup.clean(textToLinks(str), whiteList));
        safeImg(parse, z);
        safeSpan(parse);
        return parse.select("body").html();
    }

    private static String urlToLink(String str) {
        Matcher matcher = Pattern.compile("(http:|https:)//[^[A-Za-z0-9\\._\\?:%&amp;+\\-=/#]]*").matcher(str);
        StringBuffer stringBuffer = new StringBuffer();
        while (matcher.find()) {
            StringBuffer stringBuffer2 = new StringBuffer();
            String group = matcher.group();
            stringBuffer2.append("<a href=\"").append(group);
            stringBuffer2.append("\" target=\"_blank\">").append(group).append("</a>");
            matcher.appendReplacement(stringBuffer, stringBuffer2.toString());
        }
        matcher.appendTail(stringBuffer);
        return stringBuffer.toString();
    }

    private static String textToLinks(String str) {
        int length = str.length();
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < length; i++) {
            char charAt = str.charAt(i);
            if (charAt == '\\' || charAt == '$') {
                stringBuffer.append(SymbolEnglishConstants.BACK_SLASH).append(charAt);
            } else {
                stringBuffer.append(charAt);
            }
        }
        Matcher matcher = Pattern.compile("(?<=/a>|/>).*?(?=<a |<img |<video)", 2).matcher("/a>" + stringBuffer.toString() + "<a ");
        StringBuffer stringBuffer2 = new StringBuffer();
        while (matcher.find()) {
            matcher.appendReplacement(stringBuffer2, urlToLink(matcher.group()));
        }
        matcher.appendTail(stringBuffer2);
        String stringBuffer3 = stringBuffer2.toString();
        return stringBuffer3.substring(3, stringBuffer3.length() - 3);
    }

    static {
        whiteList.addTags(new String[]{"p"});
        whiteList.addTags(new String[]{"br"});
        whiteList.addAttributes("img", new String[]{"src", "onclick", "alt", "style", "data-filename"});
        whiteList.addAttributes("a", new String[]{"href"});
        whiteList.addEnforcedAttribute("a", "target", "_blank");
        whiteList.addAttributes("span", new String[]{"style"});
        whiteList.addAttributes(MsgTypeEnum.VIDEO, new String[]{"src", "controls", "width", "height", "proload", "x5-video-player-type", "x5-video-player-fullscreen", "x5-video-orientation", "webkit-playsinline", "x5-playsinline"});
        whiteList.addAttributes("div", new String[]{"class", "style", "width", "onclick", "data-filename"});
    }
}
