package org.geoserver.util;

import java.io.IOException;
import java.io.Serializable;
import java.net.URI;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import org.geoserver.config.GeoServer;
import org.geotools.util.logging.Logging;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.ext.EntityResolver2;

/* loaded from: input_file:org/geoserver/util/AllowListEntityResolver.class */
public class AllowListEntityResolver implements EntityResolver2, Serializable {
    private static final String ERROR_MESSAGE_BASE = "Entity resolution disallowed for ";
    private final Pattern ALLOWED_URIS;
    private final String baseURL;
    private final GeoServer geoServer;
    private static String OGC = "schemas.opengis.net|www.opengis.net";
    private static String INSPIRE = "inspire.ec.europa.eu/schemas";
    private static String W3C = "www.w3.org";
    protected static final Logger LOGGER = Logging.getLogger(AllowListEntityResolver.class);
    private static final Pattern INTERNAL_URIS = Pattern.compile("(?i)(jar:file|vfs)[^?#;]*\\.xsd");

    public AllowListEntityResolver(GeoServer geoServer) {
        this(geoServer, null);
    }

    public AllowListEntityResolver(GeoServer geoServer, String str) {
        this.geoServer = geoServer;
        this.baseURL = str;
        if (EntityResolverProvider.ALLOW_LIST == null || EntityResolverProvider.ALLOW_LIST.length == 0) {
            this.ALLOWED_URIS = Pattern.compile("(?i)(http|https)://(" + W3C + "|" + OGC + "|" + INSPIRE + ")/[^?#;]*\\.xsd");
            return;
        }
        StringBuilder sb = new StringBuilder("(?i)(http|https)://(");
        sb.append(W3C).append('|');
        sb.append(OGC).append('|');
        sb.append(INSPIRE);
        for (String str2 : EntityResolverProvider.ALLOW_LIST) {
            sb.append('|').append(str2);
        }
        sb.append(")/[^?#;]*\\.xsd");
        String sb2 = sb.toString();
        LOGGER.fine("ENTITY_RESOLUTION_ALLOWLIST processed:" + sb2);
        this.ALLOWED_URIS = Pattern.compile(sb2);
    }

    @Override // org.xml.sax.EntityResolver
    public InputSource resolveEntity(String str, String str2) throws SAXException, IOException {
        return resolveEntity(null, str, null, str2);
    }

    @Override // org.xml.sax.ext.EntityResolver2
    public InputSource getExternalSubset(String str, String str2) throws SAXException, IOException {
        return resolveEntity(str, null, str2, null);
    }

    @Override // org.xml.sax.ext.EntityResolver2
    public InputSource resolveEntity(String str, String str2, String str3, String str4) throws SAXException, IOException {
        String str5;
        String proxyBaseUrl;
        if (LOGGER.isLoggable(Level.FINEST)) {
            LOGGER.finest(String.format("resolveEntity request: name=%s, publicId=%s, baseURI=%s, systemId=%s", str, str2, str3, str4));
        }
        try {
            if (URI.create(str4).isAbsolute()) {
                str5 = str4;
            } else {
                if (str3 == null) {
                    throw new SAXException(ERROR_MESSAGE_BASE + str4);
                }
                str5 = ((str3.endsWith(".xsd") || str3.endsWith(".XSD")) && str3.lastIndexOf(47) != -1) ? str3.substring(0, str3.lastIndexOf(47)) + '/' + str4 : str3 + '/' + str4;
            }
        } catch (Exception e) {
        }
        if (INTERNAL_URIS.matcher(str5).matches()) {
            LOGGER.finest("resolveEntity internal: " + str5);
            return null;
        }
        if (this.ALLOWED_URIS.matcher(str5).matches()) {
            LOGGER.finest("resolveEntity allowed: " + str5);
            return null;
        }
        String lowerCase = str5.toLowerCase();
        if (this.geoServer != null && (proxyBaseUrl = this.geoServer.getSettings().getProxyBaseUrl()) != null && lowerCase.startsWith(proxyBaseUrl.toLowerCase())) {
            LOGGER.finest("resolveEntity proxy base: " + str5);
            return null;
        }
        if (this.baseURL != null && lowerCase.startsWith(this.baseURL.toLowerCase())) {
            LOGGER.finest("resolveEntity proxy base: " + str5);
            return null;
        }
        throw new SAXException(ERROR_MESSAGE_BASE + str4);
    }
}
