package com.contrastsecurity.agent.plugins.rasp.i;

import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.http.u;
import com.contrastsecurity.agent.plugins.rasp.ag;
import com.contrastsecurity.agent.util.E;
import com.contrastsecurity.agent.util.ObjectShare;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.lang.ref.WeakReference;
import java.lang.reflect.InvocationTargetException;
import java.security.ProtectionDomain;

/* compiled from: ESAPISessionContext.java */
/* loaded from: input_file:com/contrastsecurity/agent/plugins/rasp/i/a.class */
public class a extends c {
    private WeakReference<Class<?>> b;
    private WeakReference<Class<?>> c;
    private static final String d = "ESAPISessionContext.getUsername";
    private static final String e = "org.owasp.esapi.User";
    private static final String f = "org.owasp.esapi.ESAPI";
    private static final String g = "Anonymous";
    private static final Logger h = LoggerFactory.getLogger(a.class);

    @Override // com.contrastsecurity.agent.plugins.rasp.i.c
    public void a(String str, ClassLoader classLoader, ProtectionDomain protectionDomain) {
        if (this.a || !f.equals(str)) {
            return;
        }
        this.a = true;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.i.c
    public String a(HttpRequest httpRequest, u uVar) {
        Object a;
        String str = null;
        try {
            Class<?> b = b();
            if (b != null && (a = a(b)) != null) {
                String b2 = b(a(a));
                if (!g.equals(b2)) {
                    str = b2;
                }
            }
        } catch (Throwable th) {
            com.contrastsecurity.agent.i.c.a(d, h, "Unable to reflect Session out of ESAPI Authenticator", th);
        }
        return str;
    }

    private Class<?> b() {
        if (this.b == null || this.b.get() == null) {
            try {
                Class<?> a = com.contrastsecurity.agent.u.a(f, true, com.contrastsecurity.agent.u.a(Thread.currentThread()));
                if (a == null) {
                    h.error("Unable to find name for {}", f);
                    return null;
                }
                this.b = new WeakReference<>(a);
            } catch (Throwable th) {
                return null;
            }
        }
        return this.b.get();
    }

    private Class<?> c() {
        if (this.c == null || this.c.get() == null) {
            try {
                Class<?> a = com.contrastsecurity.agent.u.a(e, true, com.contrastsecurity.agent.u.a(Thread.currentThread()));
                if (a == null) {
                    h.error("Unable to find name for {}", e);
                    return null;
                }
                this.c = new WeakReference<>(a);
            } catch (Throwable th) {
                return null;
            }
        }
        return this.c.get();
    }

    private Object a(Class<?> cls) throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
        return E.f(cls, "authenticator").invoke(null, ObjectShare.EMPTY_OBJ_ARRAY);
    }

    private Object a(Object obj) throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
        return E.f(obj.getClass(), "getCurrentUser").invoke(obj, ObjectShare.EMPTY_OBJ_ARRAY);
    }

    private String b(Object obj) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException, ClassNotFoundException {
        Class<?> c = c();
        return (c == null || !c.isInstance(obj)) ? ag.a(obj) : (String) E.f(obj.getClass(), "getName").invoke(obj, ObjectShare.EMPTY_OBJ_ARRAY);
    }
}
