package com.day.cq.wcm.foundation.security.impl;

import com.day.cq.wcm.foundation.List;
import com.day.cq.wcm.foundation.forms.attachments.AttachmentDataSource;
import com.day.cq.wcm.foundation.security.AttachmentTypeBlacklistService;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Service;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service
@Component(label = "%security.defaultattachmenttypeblacklistservice.name", metatype = true, configurationPid = "com.day.cq.wcm.foundation.security.DefaultAttachmentTypeBlacklistService")
/* loaded from: input_file:com/day/cq/wcm/foundation/security/impl/DefaultAttachmentTypeBlacklistService.class */
public class DefaultAttachmentTypeBlacklistService implements AttachmentTypeBlacklistService {
    private static final Logger log = LoggerFactory.getLogger(DefaultAttachmentTypeBlacklistService.class);

    @Property({".ade", ".adp", ".app", ".asa", ".asp", ".bas", ".bat", ".cer", ".chm", ".cmd", ".com", ".cpl", ".crt", ".csh", ".dll", ".exe", ".fxp", ".hlp", ".hta", ".htm", List.URL_EXTENSION, ".htr", ".inf", ".ins", ".isp", ".its", ".js", ".jse", ".ksh", ".lnk", ".mad", ".maf", ".mag", ".mam", ".maq", ".mar", ".mas", ".mat", ".mau", ".mav", ".maw", ".mda", ".mdb", ".mde", ".mdt", ".mdw", ".mdz", ".mht", ".mhtm", ".mhtml", ".msc", ".msi", ".msp", ".mst", ".ocx", ".ops", ".pcd", ".pif", ".prf", ".prg", ".reg", ".scf", ".scr", ".sct", ".shb", ".shs", ".tmp", ".url", ".vb", ".vbe", ".vbs", ".vbx", ".vsmacros", ".vss", ".vst", ".vsw", ".ws", ".wsc", ".wsf", ".wsh", ".xhtml", ".xsl"})
    public static final String PROPERTY_ATTACHMENT_TYPE_BLACKLIST = "default.attachment.type.blacklist";

    @Property({".php", ".shtml", ".svg", ".swf", ".xml", ".xaml"})
    public static final String PROPERTY_ATTACHMENT_TYPE_BASELINE_BLACKLIST = "baseline.attachment.type.blacklist";
    private String[] attachmentTypeBlacklist;
    private java.util.List<String> configuredBaselineAttachmentTypeBlacklist;

    protected void activate(ComponentContext componentContext) {
        String[] strArr = (String[]) componentContext.getProperties().get(PROPERTY_ATTACHMENT_TYPE_BLACKLIST);
        java.util.List asList = strArr != null ? Arrays.asList(strArr) : Collections.emptyList();
        String[] strArr2 = (String[]) componentContext.getProperties().get(PROPERTY_ATTACHMENT_TYPE_BASELINE_BLACKLIST);
        this.configuredBaselineAttachmentTypeBlacklist = strArr2 != null ? Arrays.asList(strArr2) : Collections.emptyList();
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(asList);
        arrayList.addAll(this.configuredBaselineAttachmentTypeBlacklist);
        this.attachmentTypeBlacklist = (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    @Override // com.day.cq.wcm.foundation.security.AttachmentTypeBlacklistService
    public String[] getBlacklist(String[] strArr) {
        if (strArr == null) {
            return this.attachmentTypeBlacklist;
        }
        if (strArr.length == 1 && AttachmentTypeBlacklistService.DEFAULT.equals(strArr[0])) {
            return this.attachmentTypeBlacklist;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList(strArr));
        arrayList.addAll(this.configuredBaselineAttachmentTypeBlacklist);
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    @Override // com.day.cq.wcm.foundation.security.AttachmentTypeBlacklistService
    public boolean reject(AttachmentDataSource attachmentDataSource) {
        String[] blacklist = getBlacklist(null);
        String typeFromFileName = attachmentDataSource.getTypeFromFileName();
        String type = attachmentDataSource.getType();
        if (StringUtils.isNotBlank(typeFromFileName) && !ArrayUtils.contains(blacklist, typeFromFileName)) {
            if (StringUtils.isNotBlank(type) && !ArrayUtils.contains(blacklist, type)) {
                return false;
            }
            if (StringUtils.isNotBlank(type)) {
                log.info("File of type " + type + " is blacklisted for security reasons. To upload edit the servlet's attachment black list");
                return true;
            }
            log.info("Tika couldn't figure out the file type. Not attaching it as it is suspicious");
            return true;
        }
        if (StringUtils.isNotBlank(typeFromFileName)) {
            log.info("File of type " + typeFromFileName + "with name " + attachmentDataSource.getName() + " is blacklisted for security reasons. To upload edit the servlet's attachment black list");
            return true;
        }
        try {
            if ((StringUtils.isEmpty(attachmentDataSource.getName()) && attachmentDataSource.getInputStream() == null) || attachmentDataSource.getSize() == 0) {
                log.debug("Attachment name is empty and the input stream is null or size is zero, allowing");
                return false;
            }
        } catch (IOException e) {
            log.info("Could not examine input stream's size, not attaching.", e);
        }
        log.info("File doesn't have a valid extension. Not attaching it as it is suspicious");
        return true;
    }
}
