package com.baidu.scan.safesdk;

import com.baidu.scan.safesdk.exceptions.InvalidCharacterException;
import com.baidu.scan.safesdk.exceptions.InvalidParamException;
import com.baidu.scan.safesdk.exceptions.URLAccessException;
import com.baidu.scan.safesdk.utils.ConfigValidator;
import com.baidu.swan.apps.alliance.login.DefaultCookieUtils;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.HashSet;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: classes8.dex */
public class SafeRedirect {
    public static final Pattern INVALID_CHARACTER = Pattern.compile("[@#\\\\]+");
    private static String[] globalEndWithWhitelist;
    private static String[] globalFullMatchWhitelist;
    private static boolean globalLimit;

    static {
        loadConfig();
    }

    private static void checkUrl(String str, String[] strArr) throws MalformedURLException, InvalidCharacterException, URLAccessException {
        String host = new URL(str).getHost();
        if (containInvalidChar(host)) {
            throw new InvalidCharacterException(str);
        }
        if (!isInWhitelist(host, strArr)) {
            throw new URLAccessException(str);
        }
    }

    private static boolean containInvalidChar(String str) {
        return INVALID_CHARACTER.matcher(str).find();
    }

    public static ModelAndView getRedirectMV(String str) throws MalformedURLException, InvalidCharacterException, URLAccessException, InvalidParamException {
        if (str == null) {
            throw new InvalidParamException("url cannot be null");
        }
        if (globalLimit) {
            checkUrl(str, null);
        }
        return new ModelAndView("redirect:" + str);
    }

    public static ModelAndView getRedirectMV(String str, boolean z) throws MalformedURLException, InvalidCharacterException, URLAccessException, InvalidParamException {
        if (str == null) {
            throw new InvalidParamException("url cannot be null");
        }
        if (z) {
            checkUrl(str, null);
        }
        return new ModelAndView("redirect:" + str);
    }

    public static ModelAndView getRedirectMV(String str, String[] strArr) throws MalformedURLException, InvalidCharacterException, URLAccessException, InvalidParamException {
        if (str == null) {
            throw new InvalidParamException("url cannot be null");
        }
        if (globalLimit) {
            ConfigValidator.checkRedirectWhitelist(strArr);
            checkUrl(str, strArr);
        }
        return new ModelAndView("redirect:" + str);
    }

    private static boolean isInWhitelist(String str, String[] strArr) {
        if (strArr != null) {
            for (String str2 : strArr) {
                if (str2.startsWith("*")) {
                    if (str.endsWith(str2.substring(1))) {
                        return true;
                    }
                } else if (str.equals(str2)) {
                    return true;
                }
            }
        }
        for (String str3 : globalEndWithWhitelist) {
            if (str.endsWith(str3)) {
                return true;
            }
        }
        for (String str4 : globalFullMatchWhitelist) {
            if (str.equals(str4)) {
                return true;
            }
        }
        return false;
    }

    private static void loadConfig() {
        HashSet hashSet = new HashSet();
        hashSet.add(DefaultCookieUtils.BAIDU_DOMAIN);
        HashSet hashSet2 = new HashSet();
        globalLimit = ConfigManager.getRedirectLimit();
        String[] redirectWhitelist = ConfigManager.getRedirectWhitelist();
        if (redirectWhitelist != null) {
            for (String str : redirectWhitelist) {
                if (str.startsWith("*")) {
                    hashSet.add(str.substring(1));
                } else {
                    hashSet2.add(str);
                }
            }
        }
        globalFullMatchWhitelist = (String[]) hashSet2.toArray(new String[0]);
        globalEndWithWhitelist = (String[]) hashSet.toArray(new String[0]);
    }

    public static void sendRedirect(HttpServletResponse httpServletResponse, String str) throws IOException, InvalidCharacterException, URLAccessException {
        if (httpServletResponse == null) {
            throw new InvalidParamException("response cannot be null");
        }
        if (str == null) {
            throw new InvalidParamException("url cannot be null");
        }
        if (globalLimit) {
            checkUrl(str, null);
        }
        httpServletResponse.sendRedirect(str);
    }

    public static void sendRedirect(HttpServletResponse httpServletResponse, String str, boolean z) throws IOException, InvalidCharacterException, URLAccessException, InvalidParamException {
        if (httpServletResponse == null) {
            throw new InvalidParamException("response cannot be null");
        }
        if (str == null) {
            throw new InvalidParamException("url cannot be null");
        }
        if (z) {
            checkUrl(str, null);
        }
        httpServletResponse.sendRedirect(str);
    }

    public static void sendRedirect(HttpServletResponse httpServletResponse, String str, String[] strArr) throws IOException, InvalidCharacterException, URLAccessException, InvalidParamException {
        if (httpServletResponse == null) {
            throw new InvalidParamException("response cannot be null");
        }
        if (str == null) {
            throw new InvalidParamException("url cannot be null");
        }
        if (globalLimit) {
            ConfigValidator.checkRedirectWhitelist(strArr);
            checkUrl(str, strArr);
        }
        httpServletResponse.sendRedirect(str);
    }
}
