package com.contrastsecurity.agent.plugins.rasp;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.apps.exclusions.f;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.http.HttpResponse;
import com.contrastsecurity.agent.http.MultipartItem;
import com.contrastsecurity.agent.m.InterfaceC0094n;
import com.contrastsecurity.agent.messages.app.activity.defend.details.UserInputDTM;
import com.contrastsecurity.agent.messages.app.settings.ExceptionInputTypeDTM;
import com.contrastsecurity.agent.messages.server.features.DefendFeatures;
import com.contrastsecurity.agent.messages.server.features.defend.IPFilterDTM;
import com.contrastsecurity.agent.plugins.frameworks.C0117p;
import com.contrastsecurity.agent.plugins.rasp.C0123c;
import com.contrastsecurity.thirdparty.com.rabbitmq.client.ConnectionFactoryConfigurator;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.apache.http.client.utils.URLEncodedUtils;
import com.contrastsecurity.thirdparty.org.apache.http.cookie.SM;
import com.contrastsecurity.thirdparty.org.apache.http.protocol.HTTP;
import com.contrastsecurity.thirdparty.org.mvel2.MVEL;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.net.URLDecoder;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;

/* compiled from: AttackListener.java */
/* renamed from: com.contrastsecurity.agent.plugins.rasp.h, reason: case insensitive filesystem */
/* loaded from: input_file:com/contrastsecurity/agent/plugins/rasp/h.class */
public class C0128h extends com.contrastsecurity.agent.http.r implements com.contrastsecurity.agent.plugins.rasp.d.v {
    private final ApplicationManager a;
    private final com.contrastsecurity.agent.features.c b;
    private final HttpManager c;
    private final C0123c d;
    private final Map<String, Boolean> e;
    private final Map<String, com.contrastsecurity.agent.plugins.rasp.l.i> f;
    private final RaspManager g;
    private final D h = new D();
    private final com.contrastsecurity.agent.plugins.rasp.g.c i;
    private final InterfaceC0124d j;
    private final com.contrastsecurity.agent.plugins.rasp.e.f k;
    private final com.contrastsecurity.agent.plugins.rasp.d.w l;
    private final InterfaceC0094n m;
    private static final int n = -1;
    private static final E o = new E(A.DONT_CARE);
    private static final Logger p = LoggerFactory.getLogger(C0128h.class);

    @Inject
    public C0128h(ApplicationManager applicationManager, com.contrastsecurity.agent.features.c cVar, HttpManager httpManager, RaspManager raspManager, C0117p c0117p, com.contrastsecurity.agent.config.g gVar, com.contrastsecurity.agent.plugins.rasp.g.c cVar2, InterfaceC0124d interfaceC0124d, com.contrastsecurity.agent.commons.c cVar3, InterfaceC0094n interfaceC0094n) {
        this.a = applicationManager;
        this.b = cVar;
        this.c = httpManager;
        this.i = cVar2;
        this.j = interfaceC0124d;
        this.l = new com.contrastsecurity.agent.plugins.rasp.d.w(raspManager, this);
        this.d = new C0123c(cVar3, gVar);
        this.g = raspManager;
        this.m = interfaceC0094n;
        this.k = new com.contrastsecurity.agent.plugins.rasp.e.f(c0117p, raspManager, this.l, new com.contrastsecurity.agent.plugins.rasp.e.e(cVar2), cVar2, gVar);
        com.contrastsecurity.agent.plugins.rasp.l.b bVar = new com.contrastsecurity.agent.plugins.rasp.l.b();
        com.contrastsecurity.agent.plugins.rasp.l.a aVar = new com.contrastsecurity.agent.plugins.rasp.l.a();
        com.contrastsecurity.agent.plugins.rasp.l.k kVar = new com.contrastsecurity.agent.plugins.rasp.l.k();
        this.f = new HashMap();
        this.f.put("content-length", new com.contrastsecurity.agent.plugins.rasp.l.g());
        this.f.put("origin", new com.contrastsecurity.agent.plugins.rasp.l.m());
        this.f.put(ConnectionFactoryConfigurator.HOST, new com.contrastsecurity.agent.plugins.rasp.l.j());
        this.f.put("accept-language", bVar);
        this.f.put("content-language", bVar);
        this.f.put("accept-encoding", aVar);
        this.f.put("content-encoding", aVar);
        this.f.put("accept", new com.contrastsecurity.agent.plugins.rasp.l.c());
        this.f.put("authorization", new com.contrastsecurity.agent.plugins.rasp.l.d());
        this.f.put("if-none-match", new com.contrastsecurity.agent.plugins.rasp.l.l());
        this.f.put("if-modified-since", kVar);
        this.f.put("if-unmodified-since", kVar);
        this.f.put("pragma", new com.contrastsecurity.agent.plugins.rasp.l.n());
        this.f.put("connection", new com.contrastsecurity.agent.plugins.rasp.l.f());
        this.f.put("cache-control", new com.contrastsecurity.agent.plugins.rasp.l.e());
        this.e = new HashMap();
        this.e.put(HTTP.CONN_KEEP_ALIVE, true);
        this.e.put("keep-alive", true);
        this.e.put("$Version=1", true);
        this.e.put("gzip,deflate", true);
        this.e.put("gzip, deflate", true);
        this.e.put("gzip, deflate, sdch", true);
        this.e.put(URLEncodedUtils.CONTENT_TYPE, true);
        this.e.put("*/*", true);
        this.e.put("max-age=0", true);
        this.e.put("https", true);
        this.e.put("close", true);
        this.e.put(MVEL.VERSION_SUB, true);
        this.e.put("443", true);
        this.e.put("text/json", true);
        this.e.put("text/xml", true);
        this.e.put("application/json", true);
        this.e.put("application/xml", true);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.contrastsecurity.agent.http.r
    public void a(HttpRequest httpRequest) {
        S newContext = this.g.newContext();
        if (c(httpRequest)) {
            newContext.b();
            return;
        }
        Application current = this.a.current();
        a((C0121a) current.context().a(RaspPlugin.PROTECT_SETTINGS), httpRequest);
        com.contrastsecurity.agent.b.e[] parseCookies = httpRequest.parseCookies();
        final String queryString = httpRequest.getQueryString();
        final String uri = httpRequest.getUri();
        com.contrastsecurity.agent.commons.r a = com.contrastsecurity.agent.commons.s.a((com.contrastsecurity.agent.commons.r) new com.contrastsecurity.agent.commons.r<String>() { // from class: com.contrastsecurity.agent.plugins.rasp.h.1
            @Override // com.contrastsecurity.agent.commons.r
            /* renamed from: b, reason: merged with bridge method [inline-methods] */
            public String a() {
                return queryString == null ? queryString : com.contrastsecurity.agent.plugins.rasp.k.d.a(queryString.trim(), UserInputDTM.InputType.QUERYSTRING);
            }
        });
        com.contrastsecurity.agent.commons.r a2 = com.contrastsecurity.agent.commons.s.a((com.contrastsecurity.agent.commons.r) new com.contrastsecurity.agent.commons.r<String>() { // from class: com.contrastsecurity.agent.plugins.rasp.h.2
            @Override // com.contrastsecurity.agent.commons.r
            /* renamed from: b, reason: merged with bridge method [inline-methods] */
            public String a() {
                return uri == null ? uri : com.contrastsecurity.agent.plugins.rasp.k.d.a(uri.trim(), UserInputDTM.InputType.URI);
            }
        });
        com.contrastsecurity.agent.apps.exclusions.h exclusionProcessor = current.getExclusionProcessor();
        boolean z = exclusionProcessor != null && exclusionProcessor.hasQuerystringExclusions(f.a.DEFEND);
        boolean z2 = exclusionProcessor != null && exclusionProcessor.hasCookieExclusions(f.a.DEFEND);
        boolean z3 = exclusionProcessor != null && exclusionProcessor.hasHeaderExclusions(f.a.DEFEND);
        LinkedList linkedList = new LinkedList();
        Iterator<X<?>> it = this.g.getEnabledRules().iterator();
        while (it.hasNext()) {
            X x = (X) it.next();
            String a3 = x.getRuleId().a();
            if (exclusionProcessor != null && exclusionProcessor.isDisabledByUrl(f.a.DEFEND, a3, uri)) {
                p.debug("Not inspecting {} rule for {}", a3, uri);
                newContext.a(a3);
            } else {
                linkedList.add(x);
                if (x instanceof com.contrastsecurity.agent.plugins.rasp.rules.i) {
                    com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar = (com.contrastsecurity.agent.plugins.rasp.rules.i) x;
                    if (a(iVar, queryString)) {
                        if (z && exclusionProcessor.isInputExclusion(f.a.DEFEND, a3, uri, ExceptionInputTypeDTM.QUERYSTRING)) {
                            p.debug("Ignoring querystring for {} on {} due to exception", a3, uri);
                        } else {
                            a(current, iVar, (String) a.a(), newContext);
                        }
                    }
                    if (iVar.appliesToInputType(UserInputDTM.InputType.URI)) {
                        b(current, iVar, (String) a2.a(), newContext);
                    }
                }
                x.onRequestStart(current, httpRequest);
            }
        }
        for (com.contrastsecurity.agent.b.e eVar : parseCookies) {
            if (!this.m.a(eVar.a())) {
                com.contrastsecurity.agent.commons.r<String> a4 = a(eVar.a(), UserInputDTM.InputType.COOKIE_NAME);
                com.contrastsecurity.agent.commons.r<String> a5 = a(eVar.b(), UserInputDTM.InputType.COOKIE_VALUE);
                for (int i = 0; i < linkedList.size(); i++) {
                    com.contrastsecurity.agent.plugins.rasp.rules.g gVar = (X) linkedList.get(i);
                    String a6 = gVar.getRuleId().a();
                    if (gVar instanceof com.contrastsecurity.agent.plugins.rasp.rules.i) {
                        com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar2 = (com.contrastsecurity.agent.plugins.rasp.rules.i) gVar;
                        if (iVar2.appliesToInputType(UserInputDTM.InputType.COOKIE_NAME) && !StringUtils.isEmpty(eVar.a())) {
                            if (z2 && exclusionProcessor.isInputExclusion(f.a.DEFEND, a6, uri, ExceptionInputTypeDTM.COOKIE, eVar.a())) {
                                p.debug("Ignoring cookie names for {} on {} due to exception", a6, uri);
                            } else {
                                a(current, iVar2, newContext, a4.a(), a5.a(), UserInputDTM.InputType.COOKIE_NAME);
                            }
                        }
                        if (iVar2.appliesToInputType(UserInputDTM.InputType.COOKIE_VALUE) && !StringUtils.isEmpty(eVar.b())) {
                            if (z2 && exclusionProcessor.isInputExclusion(f.a.DEFEND, a6, uri, ExceptionInputTypeDTM.COOKIE, eVar.a())) {
                                p.debug("Ignoring cookie values for {} on {} due to exception", a6, uri);
                            } else {
                                a(current, iVar2, newContext, a4.a(), a5.a(), UserInputDTM.InputType.COOKIE_VALUE);
                            }
                        }
                    }
                }
            }
        }
        Map<String, String[]> headers = httpRequest.getHeaders();
        if (headers != null) {
            for (String str : headers.keySet()) {
                for (String str2 : headers.get(str)) {
                    if (!SM.COOKIE.equalsIgnoreCase(str) && !a(str, str2) && !this.m.b(str)) {
                        com.contrastsecurity.agent.commons.r<String> a7 = a(str2, UserInputDTM.InputType.HEADER);
                        for (int i2 = 0; i2 < linkedList.size(); i2++) {
                            com.contrastsecurity.agent.plugins.rasp.rules.g gVar2 = (X) linkedList.get(i2);
                            String a8 = gVar2.getRuleId().a();
                            if (gVar2 instanceof com.contrastsecurity.agent.plugins.rasp.rules.i) {
                                com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar3 = (com.contrastsecurity.agent.plugins.rasp.rules.i) gVar2;
                                if (iVar3.appliesToInputType(UserInputDTM.InputType.HEADER) && !StringUtils.isEmpty(str2) && (!z3 || !exclusionProcessor.isInputExclusion(f.a.DEFEND, a8, uri, ExceptionInputTypeDTM.HEADER, str))) {
                                    a(current, iVar3, str, a7.a(), newContext);
                                }
                            }
                        }
                    }
                }
            }
        }
    }

    private boolean c(HttpRequest httpRequest) {
        List<IPFilterDTM> ipWhitelists;
        DefendFeatures d = this.b.d();
        if (d == null || (ipWhitelists = d.getIpWhitelists()) == null) {
            return false;
        }
        for (int i = 0; i < ipWhitelists.size(); i++) {
            IPFilterDTM iPFilterDTM = ipWhitelists.get(i);
            if (this.h.a(iPFilterDTM, httpRequest)) {
                p.debug("IP {}/{} disabling analysis, on allowlist {}", httpRequest.getRemoteIp(), httpRequest.getXForwardedForAsString(), iPFilterDTM.getName());
                return true;
            }
        }
        return false;
    }

    private void a(C0121a c0121a, HttpRequest httpRequest) {
        List<com.contrastsecurity.agent.plugins.rasp.m.c> a;
        if (c0121a == null || (a = c0121a.a()) == null) {
            return;
        }
        for (int i = 0; i < a.size(); i++) {
            a.get(i).a(httpRequest);
        }
    }

    private boolean a(com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, String str) {
        return (StringUtils.isEmpty(str) || !iVar.appliesToInputType(UserInputDTM.InputType.QUERYSTRING) || this.g.isScanParameterAsAnything()) ? false : true;
    }

    private boolean a() {
        S currentContext = this.g.currentContext();
        return currentContext == null || !currentContext.c();
    }

    @Override // com.contrastsecurity.agent.http.r
    public void b(HttpRequest httpRequest) {
        if (a()) {
            try {
                b(httpRequest, httpRequest.getParameters());
            } catch (AttackBlockedException e) {
                this.g.currentContext().a(true);
                throw e;
            } catch (Throwable th) {
                p.error("Unexpected error scanning parameters", th);
            }
        }
    }

    @Override // com.contrastsecurity.agent.http.r
    public void a(HttpRequest httpRequest, Map<String, String[]> map) {
        if (a()) {
            try {
                b(httpRequest, map);
            } catch (AttackBlockedException e) {
                this.g.currentContext().a(true);
                throw e;
            } catch (Throwable th) {
                p.error("Unexpected error scanning more parameters", th);
            }
        }
    }

    private void b(HttpRequest httpRequest, Map<String, String[]> map) throws AttackBlockedException {
        Application current = this.a.current();
        C0121a c0121a = (C0121a) current.context().a(RaspPlugin.PROTECT_SETTINGS);
        if (c0121a == null && this.g.c() == null) {
            p.debug("No app when issuing parameter resolution to RASP listeners");
            return;
        }
        try {
            this.k.a(this, httpRequest, current, c0121a, map);
        } catch (AttackBlockedException e) {
            throw e;
        } catch (Exception e2) {
            p.error("Problem handing off parameter resolution to listener", (Throwable) e2);
        }
    }

    @Override // com.contrastsecurity.agent.http.r
    public void a(String str, String str2, com.contrastsecurity.agent.plugins.rasp.d.k kVar) {
        if (a()) {
            try {
                a(str, str2, kVar, this.g.currentContext());
            } catch (AttackBlockedException e) {
                throw e;
            } catch (Throwable th) {
                p.error("Unexpected error scanning body input", th);
            }
        }
    }

    private void a(String str, String str2, com.contrastsecurity.agent.plugins.rasp.d.k kVar, S s) {
        if (StringUtils.isEmpty(str2)) {
            p.trace("Ignoring empty body value");
            return;
        }
        Application current = this.a.current();
        com.contrastsecurity.agent.commons.r<String> a = a(str2, UserInputDTM.InputType.BODY);
        for (com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar : this.g.getInputAwareRules()) {
            String a2 = iVar.getRuleId().a();
            if (iVar.appliesToInputType(UserInputDTM.InputType.BODY)) {
                HttpRequest currentRequest = this.c.getCurrentRequest();
                if (a(current, currentRequest, a2)) {
                    p.trace("Skipping body input scanning for {} for {} due to exception", a2, currentRequest.getUri());
                } else {
                    a(current, str, a.a(), iVar, kVar, s);
                }
            } else if (p.isTraceEnabled()) {
                p.trace("Ignoring body input for {}", a2);
            }
        }
    }

    private boolean a(Application application, HttpRequest httpRequest, String str) {
        com.contrastsecurity.agent.apps.exclusions.h exclusionProcessor = application.getExclusionProcessor();
        if (exclusionProcessor != null) {
            return exclusionProcessor.isDisabledByUrl(f.a.DEFEND, str, httpRequest.getUri()) || exclusionProcessor.isInputExclusion(f.a.DEFEND, str, httpRequest.getUri(), ExceptionInputTypeDTM.BODY);
        }
        return false;
    }

    private void a(Application application, String str, String str2, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, com.contrastsecurity.agent.plugins.rasp.d.k kVar, S s) {
        E a = a(application, UserInputDTM.InputType.BODY, str, str2, iVar, s);
        if (a == null || A.DONT_CARE.equals(a.a())) {
            this.i.c(iVar.getRuleId().a(), "Body input", str, str2);
            return;
        }
        if (A.MATCHED_ATTACK_SIGNATURE.equals(a.a())) {
            this.i.a(iVar.getRuleId().a(), "Body input", str, str2);
            a(application, iVar, new am(b(str, str2, kVar).filters(a.b()).build(), true));
        } else if (A.WORTH_WATCHING.equals(a.a())) {
            this.i.b(iVar.getRuleId().a(), "Body input", str, str2);
            a(application, iVar, new am(b(str, str2, kVar).filters(a.b()).build()));
        }
    }

    private UserInputDTM.Builder b(String str, String str2, com.contrastsecurity.agent.plugins.rasp.d.k kVar) {
        UserInputDTM.Builder name = UserInputDTM.builder().value(str2).name(str);
        if (kVar == null) {
            HttpRequest currentRequest = this.c.getCurrentRequest();
            String header = currentRequest != null ? currentRequest.getHeader("Content-Type") : null;
            if (header == null) {
                name.type(UserInputDTM.InputType.BODY);
            } else if (header.contains("xml")) {
                name.type(UserInputDTM.InputType.XML_VALUE);
            } else if (header.contains("json")) {
                name.type(UserInputDTM.InputType.JSON_VALUE);
            } else {
                name.type(UserInputDTM.InputType.BODY);
            }
        } else if (com.contrastsecurity.agent.plugins.rasp.d.k.JSON.equals(kVar)) {
            name.type(UserInputDTM.InputType.JSON_VALUE);
        } else if (com.contrastsecurity.agent.plugins.rasp.d.k.XML.equals(kVar)) {
            name.type(UserInputDTM.InputType.XML_VALUE);
        } else if (com.contrastsecurity.agent.plugins.rasp.d.k.DWR.equals(kVar)) {
            name.type(UserInputDTM.InputType.DWR_VALUE);
        }
        return name;
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, String str, S s) {
        a(application, iVar, str, s, UserInputDTM.InputType.QUERYSTRING, a(str));
    }

    private void b(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, String str, S s) {
        a(application, iVar, str, s, UserInputDTM.InputType.URI, b(str));
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, String str, S s, UserInputDTM.InputType inputType, UserInputDTM.Builder builder) {
        E a = a(application, inputType, (String) null, str, iVar, s);
        if (a == null || A.DONT_CARE.equals(a.a())) {
            this.i.c(iVar.getRuleId().a(), UserInputDTM.InputType.getStringType(inputType), str, "");
            return;
        }
        if (A.MATCHED_ATTACK_SIGNATURE.equals(a.a())) {
            this.i.a(iVar.getRuleId().a(), UserInputDTM.InputType.getStringType(inputType), str, "");
            a(application, iVar, new am(builder.filters(a.b()).build(), true));
        } else if (A.WORTH_WATCHING.equals(a.a())) {
            this.i.b(iVar.getRuleId().a(), UserInputDTM.InputType.getStringType(inputType), str, "");
            a(application, iVar, new am(builder.filters(a.b()).build()));
        }
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, String str, String str2, S s) {
        E a = a(application, UserInputDTM.InputType.HEADER, str, str2, iVar, s);
        if (a == null || A.DONT_CARE.equals(a.a())) {
            this.i.c(iVar.getRuleId().a(), "Header", str, str2);
            return;
        }
        if (A.MATCHED_ATTACK_SIGNATURE.equals(a.a())) {
            this.i.a(iVar.getRuleId().a(), "Header", str, str2);
            a(application, iVar, new am(f(str, str2).filters(a.b()).build(), true));
        } else if (A.WORTH_WATCHING.equals(a.a())) {
            this.i.b(iVar.getRuleId().a(), "Header", str, str2);
            a(application, iVar, new am(f(str, str2).filters(a.b()).build()));
        }
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, S s, String str, String str2, UserInputDTM.InputType inputType) {
        E a = UserInputDTM.InputType.COOKIE_NAME.equals(inputType) ? a(application, inputType, str, str, iVar, s) : a(application, inputType, str, str2, iVar, s);
        if (a == null || A.DONT_CARE.equals(a.a())) {
            this.i.c(iVar.getRuleId().a(), SM.COOKIE, str, str2);
            return;
        }
        if (A.MATCHED_ATTACK_SIGNATURE.equals(a.a())) {
            this.i.a(iVar.getRuleId().a(), SM.COOKIE, str, str2);
            a(application, iVar, new am(a(str, str2, inputType).filters(a.b()).build(), true));
        } else if (A.WORTH_WATCHING.equals(a.a())) {
            this.i.b(iVar.getRuleId().a(), SM.COOKIE, str, str2);
            a(application, iVar, new am(a(str, str2, inputType).filters(a.b()).build()));
        }
    }

    public E a(Application application, UserInputDTM.InputType inputType, String str, String str2, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, S s) throws AttackBlockedException {
        return a(application, inputType, str, str2, iVar, s, -1);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public E a(Application application, UserInputDTM.InputType inputType, String str, String str2, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, S s, int i) throws AttackBlockedException {
        E e;
        if (str2 == null || str2.length() < iVar.getMinimumAttackInputLength()) {
            e = o;
        } else {
            C0123c.a.AbstractC0025a c = C0123c.a.e().a(iVar.getRuleId().a()).a(inputType).c(str2);
            C0123c.a a = UserInputDTM.InputType.HEADER.equals(inputType) ? c.b(str).a() : c.a();
            e = this.d.a(a);
            if (e == null) {
                e = iVar.evaluateInput(inputType, str, str2, s.g(str2).c(), i != -1 ? i : al.a(str2));
                if (e == null) {
                    e = o;
                }
                this.d.a(a, e);
            }
        }
        if (A.MATCHED_ATTACK_SIGNATURE != e.a() || !this.g.a(iVar, inputType)) {
            return e;
        }
        a(application, (X) iVar, inputType, str, str2, e);
        throw new AttackBlockedException("Attack detected");
    }

    private <T> void a(Application application, X<T> x, UserInputDTM.InputType inputType, String str, String str2, E e) {
        this.j.a(x.getRuleId(), application, UserInputDTM.builder().type(inputType).name(str).value(str2).filters(e.b()).build());
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, S s, String str, String str2) {
        if (str == null || str.length() == 0) {
            p.trace("Ignoring empty multipart name");
            return;
        }
        E a = a(application, UserInputDTM.InputType.MULTIPART_NAME, "filename", str, iVar, s);
        if (a == null || A.DONT_CARE.equals(a.a())) {
            this.i.c(iVar.getRuleId().a(), "Multipart name", str, str2);
            return;
        }
        if (A.MATCHED_ATTACK_SIGNATURE.equals(a.a())) {
            this.i.a(iVar.getRuleId().a(), "Multipart name", str, str2);
            a(application, iVar, new am(d("filename", str).filters(a.b()).build(), true));
        } else if (A.WORTH_WATCHING.equals(a.a())) {
            this.i.b(iVar.getRuleId().a(), "Multipart name", str, str2);
            a(application, iVar, new am(d("filename", str).filters(a.b()).build()));
        }
    }

    private void b(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, S s, String str, String str2) {
        if (str == null || str.length() == 0) {
            p.trace("Ignoring empty multipart name");
            return;
        }
        E a = a(application, UserInputDTM.InputType.MULTIPART_FIELD_NAME, str, str, iVar, s);
        if (a == null || A.DONT_CARE.equals(a.a())) {
            this.i.c(iVar.getRuleId().a(), "Multipart field", str, str2);
            return;
        }
        if (A.MATCHED_ATTACK_SIGNATURE.equals(a.a())) {
            this.i.a(iVar.getRuleId().a(), "Multipart field", str, str2);
            a(application, iVar, new am(c(str, str2).filters(a.b()).build(), true));
        } else if (A.WORTH_WATCHING.equals(a.a())) {
            this.i.b(iVar.getRuleId().a(), "Multipart field", str, str2);
            a(application, iVar, new am(c(str, str2).filters(a.b()).build()));
        }
    }

    private void c(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, S s, String str, String str2) {
        if (str2 == null || str2.length() == 0) {
            p.trace("Ignoring empty multipart value");
            return;
        }
        E a = a(application, UserInputDTM.InputType.MULTIPART_VALUE, str2, str2, iVar, s);
        if (a == null || A.DONT_CARE.equals(a.a())) {
            this.i.c(iVar.getRuleId().a(), "Multipart value", str2, str2);
            return;
        }
        if (A.MATCHED_ATTACK_SIGNATURE.equals(a.a())) {
            this.i.a(iVar.getRuleId().a(), "Multipart value", str2, str2);
            a(application, iVar, new am(e(str, str2).filters(a.b()).build(), true));
        } else if (A.WORTH_WATCHING.equals(a.a())) {
            this.i.b(iVar.getRuleId().a(), "Multipart value", str2, str2);
            a(application, iVar, new am(e(str, str2).filters(a.b()).build()));
        }
    }

    private void d(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, S s, String str, String str2) {
        if (str == null || str.length() == 0) {
            p.trace("Ignoring empty multipart content type");
            return;
        }
        E a = a(application, UserInputDTM.InputType.MULTIPART_CONTENT_TYPE, (String) null, str, iVar, s);
        if (a == null || A.DONT_CARE.equals(a.a())) {
            this.i.c(iVar.getRuleId().a(), "Content-Type of Multipart field", str2, str);
            return;
        }
        if (A.MATCHED_ATTACK_SIGNATURE.equals(a.a())) {
            this.i.a(iVar.getRuleId().a(), "Content-Type of Multipart field", str2, str);
            a(application, iVar, new am(b(str2, str).filters(a.b()).build(), true));
        } else if (A.WORTH_WATCHING.equals(a.a())) {
            this.i.b(iVar.getRuleId().a(), "Content-Type of Multipart field", str2, str);
            a(application, iVar, new am(b(str2, str).filters(a.b()).build()));
        }
    }

    private boolean a(String str, String str2) {
        if (this.e.containsKey(str2) || str2 == null || str2.length() == 0) {
            return true;
        }
        com.contrastsecurity.agent.plugins.rasp.l.i iVar = this.f.get(str.toLowerCase());
        return iVar != null && iVar.a(str2);
    }

    private UserInputDTM.Builder b(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.MULTIPART_CONTENT_TYPE);
    }

    private UserInputDTM.Builder c(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.MULTIPART_FIELD_NAME);
    }

    private UserInputDTM.Builder d(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.MULTIPART_NAME);
    }

    private UserInputDTM.Builder e(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.MULTIPART_VALUE);
    }

    private UserInputDTM.Builder f(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2.trim()).type(UserInputDTM.InputType.HEADER);
    }

    private UserInputDTM.Builder a(String str, String str2, UserInputDTM.InputType inputType) {
        return UserInputDTM.builder().name(str).value(str2.trim()).type(inputType);
    }

    private UserInputDTM.Builder a(String str) {
        return UserInputDTM.builder().value(str).type(UserInputDTM.InputType.QUERYSTRING);
    }

    private UserInputDTM.Builder b(String str) {
        return UserInputDTM.builder().value(str).type(UserInputDTM.InputType.URI);
    }

    @Override // com.contrastsecurity.agent.http.r
    public void b(HttpRequest httpRequest, HttpResponse httpResponse) {
        try {
            c(httpRequest, httpResponse);
        } catch (AttackBlockedException e) {
            throw e;
        } catch (Throwable th) {
            p.error("Unexpected error on request end", th);
        }
    }

    private void c(HttpRequest httpRequest, HttpResponse httpResponse) {
        S currentContext = this.g.currentContext();
        for (X<?> x : this.g.getEnabledRules()) {
            x.onRequestEnd(this.a.current(), httpRequest, httpResponse);
            List<am> c = currentContext.c(x.getRuleId().a());
            if (!c.isEmpty()) {
                a(x, c);
            }
        }
        currentContext.a();
    }

    private void a(X<?> x, List<am> list) {
        boolean z = true;
        boolean z2 = true;
        UserInputDTM userInputDTM = null;
        for (int i = 0; i < list.size(); i++) {
            am amVar = list.get(i);
            if (amVar.d()) {
                UserInputDTM a = amVar.a();
                boolean a2 = a(a);
                boolean z3 = UserInputDTM.InputType.QUERYSTRING == a.getType();
                if (z && a2) {
                    z = false;
                }
                if (amVar.e()) {
                    if (z3) {
                        z2 = false;
                    }
                } else if (z3) {
                    userInputDTM = a;
                } else if (!a2 || z2) {
                    a(x.getRuleId(), a);
                }
            }
        }
        if (!z || userInputDTM == null) {
            return;
        }
        a(x.getRuleId(), userInputDTM);
    }

    private boolean a(UserInputDTM userInputDTM) {
        return UserInputDTM.InputType.PARAMETER_NAME == userInputDTM.getType() || UserInputDTM.InputType.PARAMETER_VALUE == userInputDTM.getType();
    }

    @Override // com.contrastsecurity.agent.http.r
    public void a(HttpRequest httpRequest, MultipartItem multipartItem) {
        if (a()) {
            try {
                c(httpRequest, multipartItem);
            } catch (AttackBlockedException e) {
                throw e;
            } catch (Throwable th) {
                p.error("Unexpected error processing multipart header", th);
            }
        }
    }

    private void c(HttpRequest httpRequest, MultipartItem multipartItem) {
        Application current = this.a.current();
        if (current != null) {
            S currentContext = this.g.currentContext();
            com.contrastsecurity.agent.apps.exclusions.h exclusionProcessor = current.getExclusionProcessor();
            com.contrastsecurity.agent.commons.r<String> a = a(multipartItem.getContentType(), UserInputDTM.InputType.MULTIPART_CONTENT_TYPE);
            com.contrastsecurity.agent.commons.r<String> a2 = a(multipartItem.getName(), UserInputDTM.InputType.MULTIPART_NAME);
            com.contrastsecurity.agent.commons.r<String> a3 = a(multipartItem.getFieldName(), UserInputDTM.InputType.MULTIPART_FIELD_NAME);
            com.contrastsecurity.agent.commons.r<String> a4 = a(multipartItem.getValue(), UserInputDTM.InputType.MULTIPART_VALUE);
            for (com.contrastsecurity.agent.plugins.rasp.rules.g gVar : this.g.getEnabledRules()) {
                String a5 = gVar.getRuleId().a();
                String uri = httpRequest.getUri();
                if (exclusionProcessor != null && exclusionProcessor.isDisabledByUrl(f.a.DEFEND, a5, uri)) {
                    p.trace("Skipping multipart item read event for {} for {} due to exception", a5, uri);
                } else if (gVar instanceof com.contrastsecurity.agent.plugins.rasp.rules.i) {
                    com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar = (com.contrastsecurity.agent.plugins.rasp.rules.i) gVar;
                    if (iVar.appliesToInputType(UserInputDTM.InputType.MULTIPART_CONTENT_TYPE) && !a("Content-Type", multipartItem.getContentType())) {
                        d(current, iVar, currentContext, a.a(), a3.a());
                    }
                    if (iVar.appliesToInputType(UserInputDTM.InputType.MULTIPART_NAME)) {
                        a(current, iVar, currentContext, a2.a(), a4.a());
                    }
                    if (iVar.appliesToInputType(UserInputDTM.InputType.MULTIPART_FIELD_NAME)) {
                        b(current, iVar, currentContext, a3.a(), a4.a());
                    }
                }
            }
        }
    }

    @Override // com.contrastsecurity.agent.http.r
    public void b(HttpRequest httpRequest, MultipartItem multipartItem) {
        if (a()) {
            try {
                a(httpRequest, multipartItem, this.g.currentContext());
            } catch (AttackBlockedException e) {
                throw e;
            } catch (Throwable th) {
                p.error("Unexpected problem scanning multipart body", th);
            }
        }
    }

    private void a(HttpRequest httpRequest, MultipartItem multipartItem, S s) {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(HttpRequest httpRequest, byte[] bArr) {
        try {
            a(httpRequest, new String(bArr));
        } catch (AttackBlockedException e) {
            throw e;
        } catch (Throwable th) {
            com.contrastsecurity.agent.commons.u.a(th);
            p.error("Problem reading body", th);
        }
    }

    private void a(HttpRequest httpRequest, String str) {
        S currentContext = this.g.currentContext();
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        String contentType = httpRequest.getContentType();
        boolean z4 = false;
        if (com.contrastsecurity.agent.plugins.rasp.e.b.a(str)) {
            z = true;
        } else if (this.l.a(str)) {
            z2 = true;
        } else if (d(contentType)) {
            z3 = true;
        } else if (c(contentType)) {
            z4 = true;
        }
        if (z4 || z3) {
            p.debug("Body read successfully param={},multipart={}", Boolean.valueOf(z4), Boolean.valueOf(z3));
            return;
        }
        if (!z && !z2) {
            p.warn("Wanted to scan body but didn't appear to be known protocol {}: {}", contentType, com.contrastsecurity.agent.e.c.a(p, StringUtils.abbreviate(str, 25)));
            return;
        }
        com.contrastsecurity.agent.plugins.rasp.e.a aVar = new com.contrastsecurity.agent.plugins.rasp.e.a();
        aVar.b(str);
        aVar.a((String) null);
        aVar.a(UserInputDTM.InputType.BODY);
        if (z) {
            aVar.a(UserInputDTM.InputDocumentType.JSON);
            this.l.b(aVar, this.g.getInputAwareRules(currentContext, UserInputDTM.InputType.BODY));
        } else {
            aVar.a(UserInputDTM.InputDocumentType.XML);
            this.l.a(aVar, this.g.getInputAwareRules(currentContext, UserInputDTM.InputType.BODY));
        }
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.d.v
    public void a(com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, UserInputDTM.InputType inputType, UserInputDTM.InputDocumentType inputDocumentType, String str, String str2, String str3) {
        Application current = this.a.current();
        E a = a(current, inputType, str2, str3, iVar, this.g.currentContext());
        if (a == null || A.DONT_CARE.equals(a.a())) {
            this.i.c(iVar.getRuleId().a(), str, str2, str3);
            return;
        }
        am amVar = new am(UserInputDTM.builder().name(str2).value(str3.trim()).documentPath(str).documentType(inputDocumentType != null ? inputDocumentType : UserInputDTM.InputDocumentType.NORMAL).type(inputType).filters(a.b()).build(), A.MATCHED_ATTACK_SIGNATURE.equals(a.a()));
        if (A.MATCHED_ATTACK_SIGNATURE.equals(a.a())) {
            this.i.a(iVar.getRuleId().a(), str, str2, str3);
            a(current, iVar, amVar);
        } else if (A.WORTH_WATCHING.equals(a.a())) {
            this.i.b(iVar.getRuleId().a(), str, str2, str3);
            a(current, iVar, amVar);
        }
    }

    private boolean c(String str) {
        return str != null && str.startsWith(URLEncodedUtils.CONTENT_TYPE);
    }

    private boolean d(String str) {
        return str != null && str.startsWith("multipart/form-data");
    }

    public void a(Application application, com.contrastsecurity.agent.plugins.rasp.rules.i<?> iVar, am amVar) {
        UserInputDTM a = amVar.a();
        if (a.getType() == UserInputDTM.InputType.COOKIE_VALUE) {
            String value = a.getValue();
            try {
                String decode = URLDecoder.decode(value, "UTF-8");
                if (!value.equals(decode)) {
                    amVar.a(UserInputDTM.builder(a).value(decode).build());
                }
            } catch (Exception e) {
            }
        }
        if (iVar.requiresSavingInContext(this.c.getCurrentRequest())) {
            this.g.currentContext().a(application, iVar, amVar);
            return;
        }
        p.debug("Not saving context input {} for rule {} because of HTTP request type", amVar.a().getType(), iVar.getRuleId().a());
        if (amVar.d()) {
            a(iVar.getRuleId(), amVar.a());
        }
    }

    private void a(Z<?> z, UserInputDTM userInputDTM) throws IllegalArgumentException {
        com.contrastsecurity.agent.commons.l.a(userInputDTM);
        this.j.a(z, userInputDTM);
    }

    private static com.contrastsecurity.agent.commons.r<String> a(final String str, final UserInputDTM.InputType inputType) {
        return com.contrastsecurity.agent.commons.s.a((com.contrastsecurity.agent.commons.r) new com.contrastsecurity.agent.commons.r<String>() { // from class: com.contrastsecurity.agent.plugins.rasp.h.3
            @Override // com.contrastsecurity.agent.commons.r
            /* renamed from: b, reason: merged with bridge method [inline-methods] */
            public String a() {
                return com.contrastsecurity.agent.plugins.rasp.k.d.a(str, inputType);
            }
        });
    }
}
