package stirling.software.SPDF.controller.api.security;

import io.github.pixee.security.Filenames;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import java.io.IOException;
import java.util.Iterator;
import org.apache.pdfbox.Loader;
import org.apache.pdfbox.cos.COSDictionary;
import org.apache.pdfbox.cos.COSName;
import org.apache.pdfbox.pdmodel.PDDocument;
import org.apache.pdfbox.pdmodel.PDPage;
import org.apache.pdfbox.pdmodel.PDResources;
import org.apache.pdfbox.pdmodel.interactive.action.PDAction;
import org.apache.pdfbox.pdmodel.interactive.action.PDActionJavaScript;
import org.apache.pdfbox.pdmodel.interactive.action.PDActionLaunch;
import org.apache.pdfbox.pdmodel.interactive.action.PDActionURI;
import org.apache.pdfbox.pdmodel.interactive.action.PDFormFieldAdditionalActions;
import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;
import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLink;
import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationWidget;
import org.apache.pdfbox.pdmodel.interactive.form.PDAcroForm;
import org.apache.pdfbox.pdmodel.interactive.form.PDField;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;
import stirling.software.SPDF.model.api.security.SanitizePdfRequest;
import stirling.software.SPDF.utils.WebResponseUtils;

@RequestMapping({"/api/v1/security"})
@RestController
@Tag(name = "Security", description = "Security APIs")
/* loaded from: input_file:BOOT-INF/classes/stirling/software/SPDF/controller/api/security/SanitizeController.class */
public class SanitizeController {
    @PostMapping(consumes = {"multipart/form-data"}, value = {"/sanitize-pdf"})
    @Operation(summary = "Sanitize a PDF file", description = "This endpoint processes a PDF file and removes specific elements based on the provided options. Input:PDF Output:PDF Type:SISO")
    public ResponseEntity<byte[]> sanitizePDF(@ModelAttribute SanitizePdfRequest sanitizePdfRequest) throws IOException {
        MultipartFile fileInput = sanitizePdfRequest.getFileInput();
        boolean isRemoveJavaScript = sanitizePdfRequest.isRemoveJavaScript();
        boolean isRemoveEmbeddedFiles = sanitizePdfRequest.isRemoveEmbeddedFiles();
        boolean isRemoveMetadata = sanitizePdfRequest.isRemoveMetadata();
        boolean isRemoveLinks = sanitizePdfRequest.isRemoveLinks();
        boolean isRemoveFonts = sanitizePdfRequest.isRemoveFonts();
        PDDocument loadPDF = Loader.loadPDF(fileInput.getBytes());
        if (isRemoveJavaScript) {
            sanitizeJavaScript(loadPDF);
        }
        if (isRemoveEmbeddedFiles) {
            sanitizeEmbeddedFiles(loadPDF);
        }
        if (isRemoveMetadata) {
            sanitizeMetadata(loadPDF);
        }
        if (isRemoveLinks) {
            sanitizeLinks(loadPDF);
        }
        if (isRemoveFonts) {
            sanitizeFonts(loadPDF);
        }
        return WebResponseUtils.pdfDocToWebResponse(loadPDF, Filenames.toSimpleFileName(fileInput.getOriginalFilename()).replaceFirst("[.][^.]+$", "") + "_sanitized.pdf");
    }

    private void sanitizeJavaScript(PDDocument pDDocument) throws IOException {
        COSDictionary cOSDictionary = (COSDictionary) pDDocument.getDocumentCatalog().getCOSObject().getDictionaryObject(COSName.NAMES);
        if (cOSDictionary != null && ((COSDictionary) cOSDictionary.getDictionaryObject(COSName.getPDFName(PDActionJavaScript.SUB_TYPE))) != null) {
            cOSDictionary.removeItem(COSName.getPDFName(PDActionJavaScript.SUB_TYPE));
        }
        Iterator<PDPage> it = pDDocument.getPages().iterator();
        while (it.hasNext()) {
            for (PDAnnotation pDAnnotation : it.next().getAnnotations()) {
                if (pDAnnotation instanceof PDAnnotationWidget) {
                    PDAnnotationWidget pDAnnotationWidget = (PDAnnotationWidget) pDAnnotation;
                    if (pDAnnotationWidget.getAction() instanceof PDActionJavaScript) {
                        pDAnnotationWidget.setAction(null);
                    }
                }
            }
            PDAcroForm acroForm = pDDocument.getDocumentCatalog().getAcroForm();
            if (acroForm != null) {
                Iterator<PDField> it2 = acroForm.getFields().iterator();
                while (it2.hasNext()) {
                    PDFormFieldAdditionalActions actions = it2.next().getActions();
                    if (actions != null) {
                        if (actions.getC() instanceof PDActionJavaScript) {
                            actions.setC(null);
                        }
                        if (actions.getF() instanceof PDActionJavaScript) {
                            actions.setF(null);
                        }
                        if (actions.getK() instanceof PDActionJavaScript) {
                            actions.setK(null);
                        }
                        if (actions.getV() instanceof PDActionJavaScript) {
                            actions.setV(null);
                        }
                    }
                }
            }
        }
    }

    private void sanitizeEmbeddedFiles(PDDocument pDDocument) {
        Iterator<PDPage> it = pDDocument.getPages().iterator();
        while (it.hasNext()) {
            PDResources resources = it.next().getResources();
            if (resources != null && resources.getCOSObject() != null) {
                resources.getCOSObject().removeItem(COSName.getPDFName("EmbeddedFiles"));
            }
        }
    }

    private void sanitizeMetadata(PDDocument pDDocument) {
        if (pDDocument.getDocumentCatalog() == null || pDDocument.getDocumentCatalog().getMetadata() == null) {
            return;
        }
        pDDocument.getDocumentCatalog().setMetadata(null);
    }

    private void sanitizeLinks(PDDocument pDDocument) throws IOException {
        PDAction action;
        Iterator<PDPage> it = pDDocument.getPages().iterator();
        while (it.hasNext()) {
            for (PDAnnotation pDAnnotation : it.next().getAnnotations()) {
                if (pDAnnotation != null && (pDAnnotation instanceof PDAnnotationLink) && (action = ((PDAnnotationLink) pDAnnotation).getAction()) != null && ((action instanceof PDActionLaunch) || (action instanceof PDActionURI))) {
                    ((PDAnnotationLink) pDAnnotation).setAction(null);
                }
            }
        }
    }

    private void sanitizeFonts(PDDocument pDDocument) {
        Iterator<PDPage> it = pDDocument.getPages().iterator();
        while (it.hasNext()) {
            PDPage next = it.next();
            if (next != null && next.getResources() != null && next.getResources().getCOSObject() != null) {
                next.getResources().getCOSObject().removeItem(COSName.getPDFName("Font"));
            }
        }
    }
}
