package com.sap.cloud.yaas.servicesdk.security;

import java.nio.file.Path;
import java.util.Arrays;
import java.util.StringTokenizer;
import java.util.regex.Pattern;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sap/cloud/yaas/servicesdk/security/SecurityUtils.class */
public final class SecurityUtils {
    private static final int FILE_WITH_EXTENSION = 2;
    private static final String DOT = ".";
    private static final Logger LOG = LoggerFactory.getLogger(SecurityUtils.class);
    private static final String[] FILE_EXTESNIONS_WHITE_LIST = {"yaml", "json", "txt", "xml", "raml"};
    private static final String NOT_ALLOWED_CHARS = "[^a-zA-Z\\d\\s_-]";
    private static final Pattern NOT_ALLOWED_CHARS_PATTERN = Pattern.compile(NOT_ALLOWED_CHARS);

    private SecurityUtils() {
    }

    public static Path sanitizePath(Path path, Path path2) throws PathTraversalException {
        if (path2.isAbsolute()) {
            LOG.error("Not allowed to access directly absolute path " + path2);
            throw new PathTraversalException("Not allowed to access directly absolute paths.");
        }
        Path normalize = path.resolve(path2).normalize();
        if (normalize.startsWith(path.normalize())) {
            return normalize;
        }
        LOG.error("Requested resource " + path2 + " is not relatively located inside the allowed web application root folder " + path);
        throw new PathTraversalException("Requested resource is not relatively located inside the allowed web application root folder.");
    }

    public static String sanitizeFileName(Path path) throws PathTraversalException {
        return sanitizeFileName(path.toString());
    }

    public static String sanitizeFileName(String str) throws PathTraversalException {
        StringTokenizer stringTokenizer = new StringTokenizer(str, DOT);
        if (stringTokenizer.countTokens() != FILE_WITH_EXTENSION) {
            LOG.error("Given filename " + str + " contains somehow misleading or none file extension.");
            throw new PathTraversalException("Given filename  contains somehow misleading or none file extension.");
        }
        String nextToken = stringTokenizer.nextToken();
        String nextToken2 = stringTokenizer.nextToken();
        if (!NOT_ALLOWED_CHARS_PATTERN.matcher(nextToken).find()) {
            return String.format("%s.%s", nextToken, validateFileExtension(nextToken2));
        }
        LOG.error("Given path " + nextToken + " contains not allowed characters");
        throw new PathTraversalException("Given path  contains not allowed characters.");
    }

    private static String validateFileExtension(String str) {
        for (String str2 : FILE_EXTESNIONS_WHITE_LIST) {
            if (str2.equalsIgnoreCase(str)) {
                return str;
            }
        }
        LOG.error("Given file.extension " + str + " is not found among allowed file types " + Arrays.toString(FILE_EXTESNIONS_WHITE_LIST));
        throw new PathTraversalException("Given file type is not supported.");
    }
}
