package cn.dev33.satoken.strategy.hooks;

import cn.dev33.satoken.context.model.SaRequest;
import cn.dev33.satoken.context.model.SaResponse;
import cn.dev33.satoken.exception.RequestPathInvalidException;

/* loaded from: input_file:cn/dev33/satoken/strategy/hooks/SaFirewallCheckHookForDirectoryTraversal.class */
public class SaFirewallCheckHookForDirectoryTraversal implements SaFirewallCheckHook {
    public static SaFirewallCheckHookForDirectoryTraversal instance = new SaFirewallCheckHookForDirectoryTraversal();

    @Override // cn.dev33.satoken.strategy.hooks.SaFirewallCheckHook
    public void execute(SaRequest saRequest, SaResponse saResponse, Object obj) {
        String requestPath = saRequest.getRequestPath();
        if (!isPathValid(requestPath)) {
            throw new RequestPathInvalidException("非法请求：" + requestPath, requestPath);
        }
    }

    public static boolean isPathValid(String str) {
        if (str == null || str.isEmpty() || str.charAt(0) != '/') {
            return false;
        }
        if (str.equals("/")) {
            return true;
        }
        String[] split = str.split("/");
        for (int i = 0; i < split.length; i++) {
            String str2 = split[i];
            if (str2.isEmpty()) {
                if (i != 0) {
                    return false;
                }
            } else if (str2.equals(".") || str2.equals("..")) {
                return false;
            }
        }
        return true;
    }
}
