package com.contrastsecurity.agent.plugins.security;

import com.contrastsecurity.agent.C0054b;
import com.contrastsecurity.agent.Contrast;
import com.contrastsecurity.agent.Sensor;
import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.config.ContrastProperties;
import com.contrastsecurity.agent.config.enums.TraceMapStrategy;
import com.contrastsecurity.agent.core.ContrastEngine;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.messages.server.features.AssessmentFeatures;
import com.contrastsecurity.agent.messages.server.features.assessment.InputValidatorDTM;
import com.contrastsecurity.agent.messages.server.features.assessment.SanitizerDTM;
import com.contrastsecurity.agent.plugins.ContrastPlugin;
import com.contrastsecurity.agent.plugins.frameworks.C0117p;
import com.contrastsecurity.agent.plugins.frameworks.C0118q;
import com.contrastsecurity.agent.plugins.frameworks.aws.dynamodb.ContrastAWSDynamoDBDispatcherImpl;
import com.contrastsecurity.agent.plugins.frameworks.j2ee.jsp.ContrastJspIncludeDispatcherImpl;
import com.contrastsecurity.agent.plugins.frameworks.jackson.ContrastJacksonDispatcherImpl;
import com.contrastsecurity.agent.plugins.frameworks.jasper.ContrastJasperDispatcherImpl;
import com.contrastsecurity.agent.plugins.frameworks.java.matcher.ContrastMatcherDispatcherImpl;
import com.contrastsecurity.agent.plugins.frameworks.java.string.ContrastStringDispatcherImpl;
import com.contrastsecurity.agent.plugins.frameworks.jersey.ContrastJerseyDispatcherImpl;
import com.contrastsecurity.agent.plugins.frameworks.struts2.actions.ContrastStruts2FrameworkAnnotationDispatcherImpl;
import com.contrastsecurity.agent.plugins.frameworks.tomcat.ContrastTomcatDataFlowRecyclingDispatcherImpl;
import com.contrastsecurity.agent.plugins.frameworks.tomcat.ContrastTomcatSecurityClassLoadDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.Finding;
import com.contrastsecurity.agent.plugins.security.controller.ContrastScopeTrackerDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.controller.ContrastSourceFilterDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.controller.EventContext;
import com.contrastsecurity.agent.plugins.security.controller.EventHelper;
import com.contrastsecurity.agent.plugins.security.controller.EventScope;
import com.contrastsecurity.agent.plugins.security.controller.ScopeTracker;
import com.contrastsecurity.agent.plugins.security.controller.TraceController;
import com.contrastsecurity.agent.plugins.security.controller.a.C0191a;
import com.contrastsecurity.agent.plugins.security.controller.a.C0192b;
import com.contrastsecurity.agent.plugins.security.controller.a.C0193c;
import com.contrastsecurity.agent.plugins.security.controller.a.C0194d;
import com.contrastsecurity.agent.plugins.security.controller.a.C0195e;
import com.contrastsecurity.agent.plugins.security.controller.a.C0196f;
import com.contrastsecurity.agent.plugins.security.controller.propagate.ContrastDataFlowPropagationDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.controller.propagate.ContrastDataFlowTaggingDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.controller.propagate.ContrastFrameworkAnnotationDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.controller.track.ContrastDataFlowSourceDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.controller.track.ContrastDynamicSourceDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.controller.trigger.AgentSuppressionCheck;
import com.contrastsecurity.agent.plugins.security.controller.trigger.ContrastDataFlowTriggerDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.controller.trigger.FrameworkCheck;
import com.contrastsecurity.agent.plugins.security.controller.trigger.ObjectCheck;
import com.contrastsecurity.agent.plugins.security.controller.trigger.QueueFindingListener;
import com.contrastsecurity.agent.plugins.security.pattern.ContrastPatternDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.ApplicationAnalyzer;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.HttpWatcher;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.ProviderUtil;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.RuleProvider;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.autobinding.ContrastSpringAutoBindingDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.crossdomainpolicy.CrossDomainResponseWatcher;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.crossdomainpolicy.OverlyPermissiveCrossDomainRule;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.csrf.ContrastCSRFDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.sessiontimeout.ContrastSessionTimeoutRuleDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.socketfactory.ContrastSocketFactoryDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.xss.ContrastFreemarkerDispatcherImpl;
import com.contrastsecurity.agent.plugins.security.secondorder.ContrastSecondOrderDispatcherImpl;
import com.contrastsecurity.agent.reloadable.AgentChannelHub;
import com.contrastsecurity.agent.services.Purgeable;
import com.contrastsecurity.agent.util.PerfUtil;
import com.contrastsecurity.agent.util.Q;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.apache.http.client.methods.HttpGet;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.io.File;
import java.io.IOException;
import java.lang.ContrastAssessDispatcherLocator;
import java.lang.instrument.Instrumentation;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import java.util.jar.JarFile;

@Sensor
/* loaded from: input_file:com/contrastsecurity/agent/plugins/security/SecurityPlugin.class */
public final class SecurityPlugin extends ContrastPlugin implements com.contrastsecurity.agent.instr.a.c, com.contrastsecurity.agent.plugins.i, K {
    private static SecurityPlugin a;
    private final List<com.contrastsecurity.agent.util.y> b;
    private final EventScope c;
    private final com.contrastsecurity.agent.config.g d;
    private final EventHelper e;
    private final File f;
    private final List<com.contrastsecurity.agent.plugins.d> g;
    private final com.contrastsecurity.agent.plugins.security.policy.rules.providers.c h;
    private final com.contrastsecurity.agent.features.c i;
    private Set<String> j;
    private final List<com.contrastsecurity.agent.http.r> k;
    private final ProviderUtil l;
    private final AssessmentManager m;
    private final ApplicationManager n;
    private final EventContext o;
    private final HttpManager p;
    private final ScopeTracker q;
    private final TraceController r;
    private final com.contrastsecurity.agent.plugins.security.policy.rules.d s;
    private final ContrastScopeTrackerDispatcher t;
    private final com.contrastsecurity.agent.plugins.security.pattern.a.b u;
    private final D v;
    private final C w;
    private final com.contrastsecurity.agent.plugins.security.controller.propagate.a x;
    private static final String y = "cachedCustomRules.jar";
    private static final String z = "Problem loading bootstrap rules from specified JAR. Some custom rules may not be working.";
    private static final String A = "assessment-context";
    private static final Logger B = LoggerFactory.getLogger(SecurityPlugin.class);

    /* loaded from: input_file:com/contrastsecurity/agent/plugins/security/SecurityPlugin$a.class */
    private class a extends com.contrastsecurity.agent.util.y {
        private a() {
            super("load-bootstrap-rules", PerfUtil.a.SUB_SUB_STARTUP_TASK);
        }

        @Override // com.contrastsecurity.agent.util.y
        public void a() {
            try {
                String b = SecurityPlugin.this.d.b(ContrastProperties.CUSTOM_RULES_JAR);
                if (!StringUtils.isEmpty(b)) {
                    SecurityPlugin.B.debug("Loading custom rules jar {} into bootstrap classloader", b);
                    a(b, ContrastEngine.get().getInstrumentation());
                    SecurityPlugin.B.debug("Successfully loaded custom rules jar");
                }
            } catch (Throwable th) {
                com.contrastsecurity.agent.util.D.b(SecurityPlugin.z);
                SecurityPlugin.B.error(SecurityPlugin.z, th);
            }
        }

        private void a(String str, Instrumentation instrumentation) throws URISyntaxException, IOException {
            instrumentation.appendToBootstrapClassLoaderSearch(new JarFile(new Q(SecurityPlugin.this.d).a(str, SecurityPlugin.this.f)));
        }
    }

    /* loaded from: input_file:com/contrastsecurity/agent/plugins/security/SecurityPlugin$b.class */
    private class b extends com.contrastsecurity.agent.util.y {
        private b() {
            super("load-assessment-policy", PerfUtil.a.SUB_SUB_STARTUP_TASK);
        }

        @Override // com.contrastsecurity.agent.util.y
        public void a() throws com.contrastsecurity.agent.plugins.f {
            try {
                SecurityPlugin.this.m.loadPolicy();
            } catch (Throwable th) {
                throw new com.contrastsecurity.agent.plugins.f(th);
            }
        }
    }

    /* loaded from: input_file:com/contrastsecurity/agent/plugins/security/SecurityPlugin$c.class */
    private class c extends com.contrastsecurity.agent.util.y {
        private c() {
            super("register-agent-telemetry", PerfUtil.a.SUB_SUB_STARTUP_TASK);
        }

        @Override // com.contrastsecurity.agent.util.y
        public void a() {
            AgentChannelHub agentChannelHub = AgentChannelHub.get();
            agentChannelHub.listenForMessage("isTracked", new com.contrastsecurity.agent.plugins.security.controller.a.B(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("isTrackedWithTag", new com.contrastsecurity.agent.plugins.security.controller.a.C(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("isTrackedWithoutTag", new com.contrastsecurity.agent.plugins.security.controller.a.E(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("isTrackedWithType", new com.contrastsecurity.agent.plugins.security.controller.a.D(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("printTagRanges", new com.contrastsecurity.agent.plugins.security.controller.a.F(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("hasFinding", new com.contrastsecurity.agent.plugins.security.controller.a.x(SecurityPlugin.this.s));
            agentChannelHub.listenForMessage("hasNoFinding", new com.contrastsecurity.agent.plugins.security.controller.a.z(SecurityPlugin.this.s));
            agentChannelHub.listenForMessage("hasEventSource", new com.contrastsecurity.agent.plugins.security.controller.a.w(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getLastFindingHash", new com.contrastsecurity.agent.plugins.security.controller.a.m(SecurityPlugin.this.s));
            agentChannelHub.listenForMessage("enableRecentFindings", new C0196f(SecurityPlugin.this.s));
            agentChannelHub.listenForMessage("clearRecentFindings", new C0193c(SecurityPlugin.this.s));
            agentChannelHub.listenForMessage("getBitSetForObject", new com.contrastsecurity.agent.plugins.security.controller.a.g(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getEventStringRepresentations", new com.contrastsecurity.agent.plugins.security.controller.a.k(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getEventOperations", new com.contrastsecurity.agent.plugins.security.controller.a.i(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getEventTaintFlags", new com.contrastsecurity.agent.plugins.security.controller.a.l(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("hasTagRange", new com.contrastsecurity.agent.plugins.security.controller.a.A(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("hasFrameworkInfo", new com.contrastsecurity.agent.plugins.security.controller.a.y(SecurityPlugin.this.p));
            agentChannelHub.listenForMessage("getTagRangeCount", new com.contrastsecurity.agent.plugins.security.controller.a.r(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getCurrentRequestInfo", new com.contrastsecurity.agent.plugins.security.controller.a.o(SecurityPlugin.this.p));
            agentChannelHub.listenForMessage("getTagRanges", new com.contrastsecurity.agent.plugins.security.controller.a.s(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("addTags", new C0192b(SecurityPlugin.this.e, SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getTags", new com.contrastsecurity.agent.plugins.security.controller.a.u(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getTagsAt", new com.contrastsecurity.agent.plugins.security.controller.a.t(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("addTagFrom", new C0191a(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getTagRangeBoundaries", new com.contrastsecurity.agent.plugins.security.controller.a.q(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("doesTagCheckPass", new C0195e(new ObjectCheck(SecurityPlugin.this.e, SecurityPlugin.this.r), SecurityPlugin.this.r, SecurityPlugin.this.m));
            agentChannelHub.listenForMessage("clearTagRanges", new C0194d(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getTriggerScope", new com.contrastsecurity.agent.plugins.security.controller.a.v(SecurityPlugin.this.o, SecurityPlugin.this.t));
            agentChannelHub.listenForMessage("getEventIdFor", new com.contrastsecurity.agent.plugins.security.controller.a.h(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getSourceEventReturn", new com.contrastsecurity.agent.plugins.security.controller.a.p(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getParentEventIdFor", new com.contrastsecurity.agent.plugins.security.controller.a.n(SecurityPlugin.this.r));
            agentChannelHub.listenForMessage("getEventStackTrace", new com.contrastsecurity.agent.plugins.security.controller.a.j(SecurityPlugin.this.m, SecurityPlugin.this.r));
            agentChannelHub.subscribe("clearTraceMap", SecurityPlugin.this.o);
        }
    }

    public static SecurityPlugin getGlobal() {
        if (a == null) {
            throw new IllegalStateException("Not yet initialized");
        }
        return a;
    }

    public static K getSecurityServiceProvider() {
        return getGlobal();
    }

    public SecurityPlugin(com.contrastsecurity.agent.services.G g, com.contrastsecurity.agent.features.c cVar, C0117p c0117p, com.contrastsecurity.agent.config.g gVar, com.contrastsecurity.agent.services.q qVar, com.contrastsecurity.agent.services.z zVar, com.contrastsecurity.agent.p pVar, ApplicationManager applicationManager, com.contrastsecurity.agent.o.j jVar, HttpManager httpManager, com.contrastsecurity.agent.plugins.security.c.f fVar, ScopeTracker scopeTracker) {
        this(gVar, Contrast.directories().c(), ContrastEngine.get(), qVar, zVar, c0117p, g, cVar, pVar, applicationManager, jVar, httpManager, fVar, scopeTracker);
    }

    public SecurityPlugin(com.contrastsecurity.agent.config.g gVar, File file, ContrastEngine contrastEngine, com.contrastsecurity.agent.services.q qVar, com.contrastsecurity.agent.services.z zVar, C0117p c0117p, com.contrastsecurity.agent.services.G g, com.contrastsecurity.agent.features.c cVar, com.contrastsecurity.agent.p pVar, ApplicationManager applicationManager, com.contrastsecurity.agent.o.j jVar, HttpManager httpManager, com.contrastsecurity.agent.plugins.security.c.f fVar, ScopeTracker scopeTracker) {
        com.contrastsecurity.agent.commons.l.a(file);
        com.contrastsecurity.agent.commons.l.a(contrastEngine);
        this.d = (com.contrastsecurity.agent.config.g) com.contrastsecurity.agent.commons.l.a(gVar);
        this.i = (com.contrastsecurity.agent.features.c) com.contrastsecurity.agent.commons.l.a(cVar);
        this.n = (ApplicationManager) com.contrastsecurity.agent.commons.l.a(applicationManager);
        com.contrastsecurity.agent.commons.t tVar = new com.contrastsecurity.agent.commons.t();
        this.p = httpManager;
        InterfaceC0189b a2 = C0197d.r().a(new com.contrastsecurity.agent.apps.b(applicationManager)).a(new C0054b(tVar)).a(new com.contrastsecurity.agent.config.j(gVar)).a(contrastEngine.executorServiceModule()).a(new com.contrastsecurity.agent.features.d(cVar)).a(new C0118q(c0117p)).a(new com.contrastsecurity.agent.v(g)).a(new com.contrastsecurity.agent.plugins.security.c.g(fVar)).a(new com.contrastsecurity.agent.http.l(httpManager)).a(new com.contrastsecurity.agent.l(contrastEngine)).a(new com.contrastsecurity.agent.o.k(jVar)).a(new E(scopeTracker)).a(new com.contrastsecurity.agent.services.s(qVar)).a(new com.contrastsecurity.agent.services.A(zVar)).a();
        this.m = a2.f();
        this.o = a2.h();
        com.contrastsecurity.agent.plugins.security.policy.a.a i = a2.i();
        com.contrastsecurity.agent.plugins.security.policy.propagators.a aVar = new com.contrastsecurity.agent.plugins.security.policy.propagators.a(this.m, i, contrastEngine);
        this.m.initialize(i, new com.contrastsecurity.agent.plugins.security.policy.d(this.i, gVar, new com.contrastsecurity.agent.plugins.security.policy.propagators.b(contrastEngine, this.m, i), new com.contrastsecurity.agent.plugins.security.policy.k(), new com.contrastsecurity.agent.plugins.security.policy.h(), new com.contrastsecurity.agent.plugins.security.policy.b.b(), new com.contrastsecurity.agent.plugins.security.policy.v(), new com.contrastsecurity.agent.plugins.security.policy.y(), aVar), aVar);
        com.contrastsecurity.agent.plugins.security.policy.rules.a g2 = a2.g();
        g2.a(this.m, this.o);
        com.contrastsecurity.agent.plugins.security.model.c n = a2.n();
        this.r = a2.k();
        com.contrastsecurity.agent.trace.b l = a2.l();
        Finding.d j = a2.j();
        this.s = a2.o();
        this.l = a2.p();
        this.e = EventHelper.createWithToStringExceptionBreaker(this.m, gVar);
        this.f = new File(file, y);
        this.g = new ArrayList();
        this.g.add(new C0188a(this.l, this.m, g2, this.n, gVar, com.contrastsecurity.agent.instr.i.a(ContrastAssessDispatcherLocator.Singleton.class, ContrastAssessDispatcherLocator.class), pVar, qVar));
        this.h = new com.contrastsecurity.agent.plugins.security.policy.rules.providers.c(this.l, this.n, this.m);
        this.j = null;
        this.q = scopeTracker;
        FrameworkCheck frameworkCheck = new FrameworkCheck(c0117p, httpManager);
        com.contrastsecurity.agent.plugins.security.controller.b bVar = new com.contrastsecurity.agent.plugins.security.controller.b(this.r);
        com.contrastsecurity.agent.plugins.security.controller.propagate.d dVar = new com.contrastsecurity.agent.plugins.security.controller.propagate.d(tVar, gVar, this.o, this.e, this.m, this.r, n, l);
        com.contrastsecurity.agent.plugins.security.controller.j f = com.contrastsecurity.agent.plugins.security.controller.j.f();
        ContrastDataFlowPropagationDispatcherImpl contrastDataFlowPropagationDispatcherImpl = new ContrastDataFlowPropagationDispatcherImpl(dVar, this.m, scopeTracker, c0117p, this.o, bVar, jVar);
        this.u = new com.contrastsecurity.agent.plugins.security.pattern.a.b(Contrast.directories().c());
        this.m.a(this.u);
        this.m.a(contrastDataFlowPropagationDispatcherImpl);
        this.t = new ContrastScopeTrackerDispatcherImpl(scopeTracker);
        this.b = com.contrastsecurity.agent.commons.g.a(new a(), new b(), new c());
        Iterator<com.contrastsecurity.agent.config.m> it = a2.d().iterator();
        while (it.hasNext()) {
            gVar.a(it.next());
        }
        this.w = a2.a();
        this.v = a2.c();
        this.k = com.contrastsecurity.agent.commons.g.a((Collection) a2.e());
        this.n.initialize(this.m, this.l);
        ContrastDataFlowSourceDispatcherImpl contrastDataFlowSourceDispatcherImpl = new ContrastDataFlowSourceDispatcherImpl(this.e, tVar, this.m, this.o, gVar, scopeTracker, this.n, httpManager, c0117p, f, i, l, n, a2.b(), jVar);
        ContrastDataFlowTriggerDispatcherImpl contrastDataFlowTriggerDispatcherImpl = new ContrastDataFlowTriggerDispatcherImpl(this.m, gVar, this.o, this.n, DisabledRulesParsingSupplier.build(), this.e, this.r, n, frameworkCheck, this.t, scopeTracker, jVar, l, new com.contrastsecurity.agent.plugins.security.controller.trigger.l[]{frameworkCheck, new AssessSourceExclusionHandler(httpManager), new AgentSuppressionCheck(), new QueueFindingListener(httpManager, gVar, j, this.s, qVar)}, httpManager);
        ContrastFrameworkAnnotationDispatcherImpl contrastFrameworkAnnotationDispatcherImpl = new ContrastFrameworkAnnotationDispatcherImpl(gVar, httpManager, this.o, jVar);
        this.x = new com.contrastsecurity.agent.plugins.security.controller.propagate.b(this.e, this.r, n, this.o, this.t, this.m, jVar);
        ContrastAssessDispatcherLocator.Singleton.initialize(new ContrastAssessDispatcherLocator.Singleton(new com.contrastsecurity.agent.plugins.frameworks.antlr.f(dVar, bVar, gVar, this.m, this.o, scopeTracker, jVar, contrastEngine, i), new ContrastAWSDynamoDBDispatcherImpl(this.o), new ContrastCSRFDispatcherImpl(httpManager, this.t, gVar, contrastEngine), contrastDataFlowPropagationDispatcherImpl, contrastDataFlowSourceDispatcherImpl, new ContrastDataFlowTaggingDispatcherImpl(this.x), bVar, contrastDataFlowTriggerDispatcherImpl, new ContrastDynamicSourceDispatcherImpl(this.m, this.r, contrastEngine, scopeTracker, this.n), contrastFrameworkAnnotationDispatcherImpl, new ContrastFreemarkerDispatcherImpl(this.r, this.n, this.m, n, contrastDataFlowTriggerDispatcherImpl, this.o, bVar, jVar), new ContrastJacksonDispatcherImpl(gVar), new ContrastJasperDispatcherImpl(gVar, this.o), new ContrastJerseyDispatcherImpl(gVar, n, tVar, this.m, this.o, contrastEngine, i, jVar, l), new ContrastJspIncludeDispatcherImpl(httpManager), new ContrastMatcherDispatcherImpl(gVar, n, tVar, this.m, this.o, contrastEngine, i, jVar, l), new ContrastPatternDispatcherImpl(this.e, this.r, n, this.m, this.u, jVar), new ContrastScopeTrackerDispatcherImpl(scopeTracker), new ContrastSecondOrderDispatcherImpl(contrastDataFlowSourceDispatcherImpl, gVar), new ContrastSessionTimeoutRuleDispatcherImpl(applicationManager, this.l, gVar), new ContrastSocketFactoryDispatcherImpl(this.n, this.m, gVar, httpManager, this.s, l, n, j, jVar, qVar), new ContrastSourceFilterDispatcherImpl(f), new ContrastSpringAutoBindingDispatcherImpl(httpManager, this.l), new ContrastStringDispatcherImpl(gVar, n, tVar, this.m, this.o, contrastEngine, i, jVar, l), new ContrastStruts2FrameworkAnnotationDispatcherImpl(gVar, contrastFrameworkAnnotationDispatcherImpl), new ContrastTomcatDataFlowRecyclingDispatcherImpl(gVar, this.o), new ContrastTomcatSecurityClassLoadDispatcherImpl()));
        this.c = a2.q();
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void initializeGlobalContext() {
        super.initializeGlobalContext();
        if (a != null) {
            throw new IllegalStateException("SecurityPlugin global already initialized");
        }
        a = this;
        EventContext.initialize(this.o);
    }

    public static void setEnabled(EventContext eventContext, ScopeTracker scopeTracker, boolean z2) {
        eventContext.setEnabled(z2);
        scopeTracker.setEnabled(z2);
    }

    @Override // com.contrastsecurity.agent.instr.a.c
    public boolean preventDenylistingOf(String str) {
        if (this.j == null) {
            a(this.i.c());
        }
        return this.j.contains(str);
    }

    void a(AssessmentFeatures assessmentFeatures) {
        this.j = new HashSet();
        if (!this.d.e(ContrastProperties.ASSESS_ENABLED) || assessmentFeatures == null) {
            return;
        }
        Set<SanitizerDTM> sanitizers = assessmentFeatures.getSanitizers();
        if (sanitizers != null) {
            Iterator<SanitizerDTM> it = sanitizers.iterator();
            while (it.hasNext()) {
                String a2 = a(it.next().getApi());
                if (!StringUtils.isEmpty(a2)) {
                    B.debug("Adding {} (sanitizer) to the list of security control class names to prevent denylisting", a2);
                    this.j.add(a2);
                }
            }
        }
        Set<InputValidatorDTM> validators = assessmentFeatures.getValidators();
        if (validators != null) {
            Iterator<InputValidatorDTM> it2 = validators.iterator();
            while (it2.hasNext()) {
                String a3 = a(it2.next().getApi());
                if (!StringUtils.isEmpty(a3)) {
                    B.debug("Adding {} (validator) to the list of security control class names to prevent denylisting", a3);
                    this.j.add(a3);
                }
            }
        }
    }

    private String a(String str) {
        String str2 = null;
        try {
            str2 = com.contrastsecurity.agent.plugins.security.policy.t.a(str, false, true).a();
        } catch (Exception e) {
            B.error("Problem parsing API {} to prevent denylisting new security controls", str, e);
        }
        return str2;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public List<com.contrastsecurity.agent.plugins.d> getNewClassEventListeners() {
        List<com.contrastsecurity.agent.plugins.d> emptyList = Collections.emptyList();
        if (this.d.e(ContrastProperties.ASSESS_ENABLED)) {
            emptyList = this.g;
        }
        return emptyList;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public List<com.contrastsecurity.agent.http.r> getRequestLifecycleListeners() {
        return this.k;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void initialize() throws com.contrastsecurity.agent.plugins.f {
        if (!this.d.e(ContrastProperties.ASSESS_ENABLED)) {
            B.debug("Not assessing, so skipping policy lookup");
            return;
        }
        Iterator<com.contrastsecurity.agent.util.y> it = this.b.iterator();
        while (it.hasNext()) {
            it.next().b();
        }
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onServerActivityReportingFinished() {
        this.u.a();
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onContextChanging(com.contrastsecurity.agent.d.f fVar) {
        AssessmentContext currentContext = this.m.currentContext();
        B.trace("onContextChanging() assessmentContext={}", currentContext);
        if (currentContext != null) {
            fVar.put(A, currentContext);
            currentContext.jumpedContexts();
        }
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onContextChanged(com.contrastsecurity.agent.d.f fVar) {
        AssessmentContext assessmentContext = (AssessmentContext) fVar.get(A);
        B.trace("onContextChanged() assessmentContext={}", assessmentContext);
        this.m.setContext(assessmentContext);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onCrossDomainXmlRead(Application application, String str) {
        if (this.d.e(ContrastProperties.ASSESS_ENABLED)) {
            for (RuleProvider ruleProvider : com.contrastsecurity.agent.plugins.security.policy.c.a.a(this.m.currentPolicy(), com.contrastsecurity.agent.util.L.d(this.d.a(ContrastProperties.ASSESS_DISABLED_RULES), ","), this.l, this.n)) {
                if (ruleProvider instanceof OverlyPermissiveCrossDomainRule) {
                    HttpWatcher responseWatcher = ruleProvider.getResponseWatcher();
                    if (responseWatcher instanceof CrossDomainResponseWatcher) {
                        if (B.isDebugEnabled()) {
                            B.debug("Handing analysis of crossdomain.xml to {}", responseWatcher.getClass().getName());
                        }
                        try {
                            ((CrossDomainResponseWatcher) responseWatcher).analyzeCrossDomainXML(application, str);
                        } catch (Throwable th) {
                            B.error("Problem during crossDomainXmlRead() for {}", ruleProvider.getClass().getName(), th);
                        }
                    } else if (B.isDebugEnabled()) {
                        B.error("Problem finding the cross domain watcher");
                    }
                }
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onWebConfigurationRead(Application application, String str) {
        if (this.d.e(ContrastProperties.ASSESS_ENABLED)) {
            B.debug("Letting rule providers know about new app loaded");
            for (RuleProvider ruleProvider : com.contrastsecurity.agent.plugins.security.policy.c.a.a(this.m.currentPolicy(), com.contrastsecurity.agent.util.L.d(this.d.a(ContrastProperties.ASSESS_DISABLED_RULES), ","), this.l, this.n)) {
                ApplicationAnalyzer applicationAnalyzer = ruleProvider.getApplicationAnalyzer();
                if (applicationAnalyzer != 0) {
                    B.debug("Handing analysis of web root to {}", applicationAnalyzer.getClass().getName());
                    try {
                        if (applicationAnalyzer.supports(application.getClass())) {
                            applicationAnalyzer.onApplicationResolution(application, str);
                        }
                    } catch (Throwable th) {
                        B.error("Problem during onWebXmlLoaded() for {}", ruleProvider.getClass().getName(), th);
                    }
                }
            }
        }
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean requiresPrimordialInstrumentation(Class<?> cls) {
        return this.d.e(ContrastProperties.ASSESS_ENABLED);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean requiresHttpRequestBodyBuffering(HttpRequest httpRequest) {
        return this.d.e(ContrastProperties.ASSESS_ENABLED);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean requiresHttpRequestBodyTotalCapture(HttpRequest httpRequest) {
        return this.d.e(ContrastProperties.ASSESS_ENABLED) && !HttpGet.METHOD_NAME.equals(httpRequest.getMethod());
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public com.contrastsecurity.agent.plugins.a getActivityEventListener() {
        com.contrastsecurity.agent.plugins.security.policy.rules.providers.c cVar = null;
        if (this.d.e(ContrastProperties.ASSESS_ENABLED)) {
            cVar = this.h;
        }
        return cVar;
    }

    @Override // com.contrastsecurity.agent.plugins.i
    public void onEnteringContrastSensor() {
        this.c.turnOffContrast();
    }

    @Override // com.contrastsecurity.agent.plugins.i
    public void onLeavingContrastSensor() {
        this.c.turnOnContrast();
    }

    public void onSecurityControlsChanged() {
        this.j = null;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean isActivated() {
        return super.isActivated() && this.d.e(ContrastProperties.ASSESS_ENABLED);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void activate() {
        super.activate();
        setEnabled(this.o, this.q, true);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void deactivate() {
        super.deactivate();
        setEnabled(this.o, this.q, false);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public List<Purgeable> getPurgeables() {
        LinkedList linkedList = new LinkedList();
        linkedList.add(this.o);
        return linkedList;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onStandaloneApp() {
        B.info("Automatically enabling global trace map mode due to standalone flag");
        this.o.changeStrategy(TraceMapStrategy.GLOBAL);
    }

    @Override // com.contrastsecurity.agent.plugins.security.K
    public com.contrastsecurity.agent.plugins.security.controller.propagate.a getContrastDataFlowTaggingService() {
        return this.x;
    }

    @Override // com.contrastsecurity.agent.plugins.security.K
    public AssessmentManager getAssessmentManager() {
        return this.m;
    }

    @Override // com.contrastsecurity.agent.plugins.security.K
    public ProviderUtil getProviderUtil() {
        return this.l;
    }

    @Override // com.contrastsecurity.agent.plugins.security.K
    public C getRouteDiscoveryListener() {
        return this.w;
    }

    @Override // com.contrastsecurity.agent.plugins.security.K
    public D getRouteObservationListener() {
        return this.v;
    }
}
