package org.apache.nifi.web.security.requests;

import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ReadListener;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import org.apache.nifi.util.FormatUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/nifi/web/security/requests/ContentLengthFilter.class */
public class ContentLengthFilter implements Filter {
    public static final String MAX_LENGTH_INIT_PARAM = "maxContentLength";
    public static final int MAX_LENGTH_DEFAULT = 10000000;
    private int maxContentLength;
    private static final Logger logger = LoggerFactory.getLogger(ContentLengthFilter.class);
    private static final List<String> BYPASS_URI_PREFIXES = Arrays.asList("/nifi-api/data-transfer", "/nifi-api/site-to-site");

    /* loaded from: input_file:org/apache/nifi/web/security/requests/ContentLengthFilter$LimitedContentLengthRequest.class */
    private static class LimitedContentLengthRequest extends HttpServletRequestWrapper {
        private int maxRequestLength;

        public LimitedContentLengthRequest(HttpServletRequest httpServletRequest, int i) {
            super(httpServletRequest);
            this.maxRequestLength = i;
        }

        public ServletInputStream getInputStream() throws IOException {
            final ServletInputStream inputStream = super.getInputStream();
            return new ServletInputStream() { // from class: org.apache.nifi.web.security.requests.ContentLengthFilter.LimitedContentLengthRequest.1
                private int inputStreamByteCounter = 0;

                public boolean isFinished() {
                    return inputStream.isFinished();
                }

                public boolean isReady() {
                    return inputStream.isReady();
                }

                public void setReadListener(ReadListener readListener) {
                    inputStream.setReadListener(readListener);
                }

                public int read() throws IOException {
                    int read = inputStream.read();
                    if (read == -1) {
                        return read;
                    }
                    this.inputStreamByteCounter++;
                    if (this.inputStreamByteCounter > LimitedContentLengthRequest.this.maxRequestLength) {
                        throw new IOException(String.format("Request input stream longer than %d B.", Integer.valueOf(LimitedContentLengthRequest.this.maxRequestLength)));
                    }
                    return read;
                }
            };
        }
    }

    public void init() {
        this.maxContentLength = MAX_LENGTH_DEFAULT;
        logger.debug("Filter initialized without configuration and set max content length: " + formatSize(this.maxContentLength));
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        String initParameter = filterConfig.getInitParameter(MAX_LENGTH_INIT_PARAM);
        int parseInt = initParameter == null ? MAX_LENGTH_DEFAULT : Integer.parseInt(initParameter);
        if (parseInt < 0) {
            throw new ServletException("Invalid max request length.");
        }
        this.maxContentLength = parseInt;
        logger.debug("Filter initialized and set max content length: " + formatSize(this.maxContentLength));
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String method = httpServletRequest.getMethod();
        if (!isSubjectToFilter(httpServletRequest)) {
            logger.trace("Request {} is not subject to content length checks", httpServletRequest.getRequestURI());
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!(this.maxContentLength > 0 && (method.equalsIgnoreCase("POST") || method.equalsIgnoreCase("PUT")))) {
            logger.debug("No length check of request with method {} and maximum {}", method, formatSize(this.maxContentLength));
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        int contentLength = servletRequest.getContentLength();
        if (contentLength <= this.maxContentLength) {
            logger.debug("Content length check allowed request with content-length {} less than maximum {}", formatSize(contentLength), formatSize(this.maxContentLength));
            filterChain.doFilter(new LimitedContentLengthRequest(httpServletRequest, this.maxContentLength), servletResponse);
        } else {
            httpServletResponse.setContentType("text/plain");
            httpServletResponse.getOutputStream().write(("Payload Too Large - limit is " + formatSize(this.maxContentLength)).getBytes());
            httpServletResponse.setStatus(413);
            logger.warn("Content length check rejected request with content-length {} greater than maximum {}", formatSize(contentLength), formatSize(this.maxContentLength));
        }
    }

    public void destroy() {
    }

    public int getMaxContentLength() {
        return this.maxContentLength;
    }

    private boolean isSubjectToFilter(HttpServletRequest httpServletRequest) {
        for (String str : BYPASS_URI_PREFIXES) {
            if (httpServletRequest.getRequestURI().startsWith(str)) {
                logger.debug("Incoming request {} matches filter bypass prefix {}; content length filter is not applied", httpServletRequest.getRequestURI(), str);
                return false;
            }
        }
        return true;
    }

    private static String formatSize(int i) {
        return FormatUtils.formatDataSize(i);
    }
}
