package com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.csrf;

import com.contrastsecurity.agent.Sensor;
import com.contrastsecurity.agent.apps.java.g;
import com.contrastsecurity.agent.commons.l;
import com.contrastsecurity.agent.config.ContrastProperties;
import com.contrastsecurity.agent.core.ContrastEngine;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.messages.app.activity.assessment.StateChangingActionDTM;
import com.contrastsecurity.agent.util.L;
import com.contrastsecurity.agent.util.ObjectShare;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.io.File;
import java.util.LinkedList;

@Sensor
/* loaded from: input_file:com/contrastsecurity/agent/plugins/security/policy/rules/providers/internal/csrf/ContrastCSRFDispatcherImpl.class */
public class ContrastCSRFDispatcherImpl implements ContrastCSRFDispatcher {
    private String[] a;
    private final HttpManager b;
    private final ContrastScopeTrackerDispatcher c;
    private final ContrastEngine d;
    private static final String[] e = {g.a, ".log.gz", ".classtmp", "_jsp.java", ".java", ".txt", ".log"};
    private static final Logger f = LoggerFactory.getLogger(ContrastCSRFDispatcherImpl.class);

    public ContrastCSRFDispatcherImpl(HttpManager httpManager, ContrastScopeTrackerDispatcher contrastScopeTrackerDispatcher, com.contrastsecurity.agent.config.g gVar, ContrastEngine contrastEngine) {
        l.a(httpManager, "httpManager");
        l.a(contrastScopeTrackerDispatcher, "scopeTrackerDispatcher");
        l.a(contrastEngine, "engine");
        this.b = httpManager;
        this.c = contrastScopeTrackerDispatcher;
        this.d = contrastEngine;
        String b = gVar.b(ContrastProperties.CSRF_ALLOWED_FILEWRITE_SUFFIXES);
        if (StringUtils.isEmpty(b)) {
            return;
        }
        this.a = a(b.split(","));
        f.debug("Using additional suffixes {}", L.a(this.a));
    }

    private String[] a(String[] strArr) {
        LinkedList linkedList = new LinkedList();
        for (String str : strArr) {
            String trim = str.trim();
            if (!StringUtils.isEmpty(trim)) {
                linkedList.add(trim);
            }
        }
        return (String[]) linkedList.toArray(ObjectShare.EMPTY_STRING_ARRAY);
    }

    @Override // java.lang.ContrastCSRFDispatcher
    @Sensor
    public void onTokenChecked() {
        HttpRequest currentRequest = this.b.getCurrentRequest();
        if (currentRequest != null) {
            currentRequest.getProperties().put("csrf.token.checked", 1);
        }
    }

    @Sensor
    public void onFileOpenedForWriting(File file) {
        if (file == null || a()) {
            return;
        }
        try {
        } catch (Exception e2) {
            f.error("Problem registering file open for CSRF rule on file {}", file.getPath(), e2);
        } finally {
            this.d.onLeavingSensor();
        }
        if (a(file)) {
            return;
        }
        this.d.onEnteringSensor();
        b(file);
    }

    private boolean a(File file) {
        String trim = file.getName().trim();
        if (this.a == null || !L.f(this.a, trim)) {
            return L.f(e, trim);
        }
        return true;
    }

    private boolean a() {
        return this.c.isInMasterOrSamplingScope();
    }

    private void b(File file) {
        HttpRequest currentRequest = this.b.getCurrentRequest();
        if (currentRequest != null) {
            b.a(currentRequest, new StateChangingActionDTM(StateChangingActionDTM.Type.FILEWRITE, file.getPath()));
        }
    }
}
