package com.contrastsecurity.agent.http;

import com.contrastsecurity.agent.B;
import com.contrastsecurity.agent.ScopedSensor;
import com.contrastsecurity.agent.ScopingSensor;
import com.contrastsecurity.agent.Sensor;
import com.contrastsecurity.agent.messages.HTTPRequestID;
import com.contrastsecurity.agent.messages.HttpVersion;
import com.contrastsecurity.agent.messages.Protocol;
import com.contrastsecurity.agent.messages.mq.MqHttpRequestDTM;
import com.contrastsecurity.agent.plugins.ContrastPlugin;
import com.contrastsecurity.agent.plugins.rasp.AttackBlockedException;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.RuleProvider;
import com.contrastsecurity.agent.util.C0228i;
import com.contrastsecurity.thirdparty.jregex.WildcardPattern;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.ArrayUtils;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.apache.http.client.utils.URLEncodedUtils;
import com.contrastsecurity.thirdparty.org.apache.http.cookie.SM;
import com.contrastsecurity.thirdparty.org.mvel2.MVEL;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;

@Sensor
/* loaded from: input_file:com/contrastsecurity/agent/http/HttpRequest.class */
public abstract class HttpRequest extends b {
    protected Protocol protocol;
    protected HttpVersion version;
    protected String method;
    protected String uri;
    protected String normalizedUri;
    protected String queryString;
    protected String remoteIp;
    protected int port;
    protected Map<String, String[]> parameters;
    protected Map<String, String[]> headers;
    protected String contextPath;
    protected String serverVersionInfo;
    protected boolean parsedParameters;
    protected boolean parsedMultipartParameters;
    protected Collection<RuleProvider> responseProviders;
    protected boolean analyzing;
    protected g frameworkInfo;
    private int scope;
    protected byte[] cachedBody;
    protected String cachedBodyStr;
    protected HashMap<String, Object> properties;
    private Set<MultipartItem> multipartItems;
    private String cachedContentType;
    protected Integer cachedContentLength;
    private boolean cachedXForwardedFor;
    private String[] cachedXForwardedForHeaders;
    private boolean cachedXForwardedForAsString;
    private String cachedXForwardedForHeadersAsString;
    private final com.contrastsecurity.agent.commons.c clock;
    private final HTTPRequestID requestID;
    private boolean checkedForDeserializer;
    private final long startTime;
    private long elapsedTimeMs;
    private final com.contrastsecurity.agent.d.h context;
    private static final int TARGET_SCOPE = 1;
    private static final int MAX_REQUEST_SIZE = 4096;
    private static final char[] ALLOWED_BODY_SPECIAL_CHARS = {'<', '>', '\"', '\'', '&', ';', '[', ']', '{', '}', '!', '@', '#', '$', '%', '^', '_', '-', '+', '=', ':', ';', '.', ',', '(', ')', '?', '|', '\\', '/'};
    private static final com.contrastsecurity.agent.b.e[] NO_COOKIES = new com.contrastsecurity.agent.b.e[0];
    private static final o BUFFER = new s();
    private static final f FILE_BUFFER = new f("request");
    private static final Logger logger = LoggerFactory.getLogger(HttpRequest.class);

    public HTTPRequestID getRequestID() {
        return this.requestID;
    }

    public HttpRequest(byte[] bArr) {
        this(bArr, new com.contrastsecurity.agent.d.h());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HttpRequest(byte[] bArr, com.contrastsecurity.agent.d.h hVar) {
        this(new h().generate(), bArr, hVar, new com.contrastsecurity.agent.commons.t());
    }

    @B
    HttpRequest(HTTPRequestID hTTPRequestID, byte[] bArr, com.contrastsecurity.agent.d.h hVar, com.contrastsecurity.agent.commons.c cVar) {
        super("request");
        this.protocol = Protocol.FALLBACK_VALUE;
        this.version = HttpVersion.DEFAULT;
        this.properties = new HashMap<>();
        this.multipartItems = new HashSet();
        this.parsedParameters = false;
        this.parsedMultipartParameters = false;
        this.scope = 0;
        this.checkedForDeserializer = false;
        this.cachedXForwardedFor = false;
        this.clock = cVar;
        this.startTime = cVar.b();
        this.elapsedTimeMs = -1L;
        this.requestID = hTTPRequestID;
        this.cachedBody = bArr;
        this.cachedBodyStr = bArr != null ? new String(bArr) : null;
        this.context = hVar;
    }

    public final com.contrastsecurity.agent.d.g context() {
        return this.context;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final com.contrastsecurity.agent.d.h contextImplementation() {
        return this.context;
    }

    public String getContextPath() {
        return this.contextPath;
    }

    public void setContextPath(String str) {
        this.contextPath = str;
    }

    public String[] getXForwardedFor() {
        if (!this.cachedXForwardedFor) {
            this.cachedXForwardedForHeaders = getHeaders("X-Forwarded-For");
            this.cachedXForwardedFor = true;
        }
        return this.cachedXForwardedForHeaders;
    }

    public String getXForwardedForAsString() {
        if (!this.cachedXForwardedForAsString) {
            StringBuilder sb = new StringBuilder(64);
            String[] xForwardedFor = getXForwardedFor();
            if (xForwardedFor != null) {
                for (String str : xForwardedFor) {
                    for (int i = 0; i < str.length(); i++) {
                        char charAt = str.charAt(i);
                        if (charAt != ' ') {
                            sb.append(charAt);
                        }
                    }
                    sb.append(',');
                }
            }
            if (sb.length() > 0) {
                sb.deleteCharAt(sb.length() - 1);
            }
            this.cachedXForwardedForHeadersAsString = sb.toString();
            this.cachedXForwardedForAsString = true;
        }
        return this.cachedXForwardedForHeadersAsString;
    }

    public String getContentType() {
        if (this.cachedContentType != null) {
            return this.cachedContentType;
        }
        this.cachedContentType = getHeader("Content-Type");
        return this.cachedContentType;
    }

    public int getContentLength() {
        if (this.cachedContentLength != null) {
            return this.cachedContentLength.intValue();
        }
        this.cachedContentLength = 0;
        String header = getHeader("Content-Length");
        if (header == null || MVEL.VERSION_SUB.equals(header)) {
            return 0;
        }
        try {
            this.cachedContentLength = Integer.valueOf(Integer.parseInt(header.trim()));
        } catch (NumberFormatException e) {
            logger.error("Invalid content length header value detected: {}", header, e);
        }
        return this.cachedContentLength.intValue();
    }

    public boolean isFormSubmission() {
        String header = getHeader("Content-Type");
        return header != null && header.startsWith(URLEncodedUtils.CONTENT_TYPE);
    }

    public final Protocol getProtocol() {
        return this.protocol;
    }

    public void setProtocol(Protocol protocol) {
        if (protocol != null) {
            this.protocol = protocol;
        }
    }

    public String getMethod() {
        return this.method;
    }

    public void setMethod(String str) {
        this.method = str;
    }

    public String getUri() {
        return this.uri;
    }

    public void setUri(String str) {
        this.uri = str;
    }

    public String getQueryString() {
        return this.queryString;
    }

    public void setQueryString(String str) {
        this.queryString = str;
    }

    public void addMultipartItem(MultipartItem multipartItem) {
        this.multipartItems.add(multipartItem);
    }

    public void setMultipartItems(Set<MultipartItem> set) {
        this.multipartItems = set;
    }

    public Set<MultipartItem> getMultipartItems() {
        return this.multipartItems;
    }

    public Map<String, String[]> getParameters() {
        return this.parameters;
    }

    public void setParameters(Map<String, String[]> map) {
        this.parameters = map;
    }

    public void setHeaders(Map<String, String[]> map) {
        this.headers = map;
    }

    public Map<String, String[]> getHeaders() {
        return this.headers;
    }

    public String[] getHeaders(String str) {
        if (this.headers == null) {
            return null;
        }
        String[] strArr = this.headers.get(str.toLowerCase());
        if (strArr != null && strArr.length > 0) {
            return strArr;
        }
        String[] strArr2 = this.headers.get(str);
        if (strArr2 == null || strArr2.length <= 0) {
            return null;
        }
        return strArr2;
    }

    public String getHeader(String str) {
        if (this.headers == null) {
            return null;
        }
        String[] strArr = this.headers.get(str.toLowerCase());
        if (strArr != null && strArr.length > 0) {
            return strArr[0];
        }
        String[] strArr2 = this.headers.get(str);
        if (strArr2 == null || strArr2.length <= 0) {
            return null;
        }
        return strArr2[0];
    }

    public boolean isParametersResolved() {
        return this.parsedParameters;
    }

    public void resolvedParameters() {
        this.parsedParameters = true;
    }

    public void markParametersUnresolved() {
        this.parsedParameters = false;
    }

    public boolean isMultipartParametersResolved() {
        return this.parsedMultipartParameters;
    }

    public void resolvedMultipartParameters() {
        this.parsedMultipartParameters = true;
    }

    public String getCookie() {
        return getHeader(SM.COOKIE);
    }

    public com.contrastsecurity.agent.b.e[] parseCookies() {
        String cookie = getCookie();
        return (cookie == null || cookie.length() == 0) ? NO_COOKIES : c.a(cookie);
    }

    public final HttpVersion getVersion() {
        return this.version;
    }

    public void setVersion(HttpVersion httpVersion) {
        if (httpVersion != null) {
            this.version = httpVersion;
        }
    }

    public int getPort() {
        return this.port;
    }

    public void setPort(int i) {
        this.port = i;
    }

    public String getNormalizedUri() {
        return this.normalizedUri;
    }

    public void setNormalizedUri(String str) {
        this.normalizedUri = str;
    }

    public String getRemoteIp() {
        return this.remoteIp;
    }

    public void setRemoteIp(String str) {
        this.remoteIp = str;
    }

    @Override // 
    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public abstract HttpRequest mo104clone();

    public byte[] getBody() {
        cacheBody();
        return this.cachedBody;
    }

    void setBodyCache(byte[] bArr) {
        this.cachedBody = bArr;
    }

    void clearBodyCache() {
        this.cachedBody = null;
        this.cachedBodyStr = null;
    }

    public void reset() {
        BUFFER.a();
        this.cachedContentLength = null;
        this.cachedContentType = null;
    }

    public Collection<RuleProvider> getResponseProviders() {
        return this.responseProviders;
    }

    public void setResponseProviders(Collection<RuleProvider> collection) {
        this.responseProviders = collection;
    }

    public void setAnalyzing(boolean z) {
        this.analyzing = z;
    }

    public boolean isAnalyzing() {
        return this.analyzing;
    }

    public String getServerVersionInfo() {
        return this.serverVersionInfo;
    }

    public void setServerVersionInfo(String str) {
        this.serverVersionInfo = str;
    }

    public Map<String, Object> getProperties() {
        return this.properties;
    }

    public void setProperties(HashMap<String, Object> hashMap) {
        this.properties = hashMap;
    }

    public boolean isScanningResponse() {
        return (this.responseProviders == null || this.responseProviders.isEmpty()) ? false : true;
    }

    @ScopedSensor
    public void onBytesRead(int i) {
        try {
            ScopingSensor.aspectOf().startScope();
            if (this.scope == 1 && i != -1) {
                if (this.capturingInMemory) {
                    ByteArrayOutputStream b = BUFFER.b();
                    if (b.size() < 4096) {
                        b.write(i);
                    }
                }
                if (this.bufferToPlugins) {
                    Iterator<ContrastPlugin> it = this.bufferingPlugins.iterator();
                    while (it.hasNext()) {
                        it.next().onRequestBodyChunkRead(this, i);
                    }
                }
                if (this.capturingInFile) {
                    try {
                        FileOutputStream openFile = openFile();
                        if (openFile != null) {
                            openFile.write(i);
                        }
                    } catch (Exception e) {
                        logger.error("Problem writing file", (Throwable) e);
                    }
                }
            }
        } finally {
            ScopingSensor.aspectOf().leaveScope();
        }
    }

    @ScopedSensor
    public void onBytesRead(int i, byte[] bArr) {
        try {
            ScopingSensor.aspectOf().startScope();
            if (this.scope == 1 && i != -1 && bArr != null) {
                onBytesRead(i, bArr, 0, bArr.length);
            }
        } finally {
            ScopingSensor.aspectOf().leaveScope();
        }
    }

    @ScopedSensor
    public void onBytesRead(int i, byte[] bArr, int i2, int i3) {
        FileOutputStream openFile;
        try {
            ScopingSensor.aspectOf().startScope();
            if (this.scope == 1 && bArr != null && i2 >= 0 && (i3 >= 0 || i == -1)) {
                try {
                    if (this.capturingInMemory) {
                        BUFFER.b().write(bArr, i2, i);
                    }
                    if (this.bufferToPlugins) {
                        Iterator<ContrastPlugin> it = this.bufferingPlugins.iterator();
                        while (it.hasNext()) {
                            it.next().onRequestBodyChunkRead(this, i, bArr, i2, i3);
                        }
                    }
                    if (this.capturingInFile && (openFile = openFile()) != null) {
                        openFile.write(bArr, i2, i);
                    }
                } catch (AttackBlockedException e) {
                    throw e;
                } catch (IndexOutOfBoundsException e2) {
                    logger.error("Response write with bad indices", (Throwable) e2);
                } catch (Throwable th) {
                    logger.error("Unknown problem capturing response", th);
                }
            }
        } finally {
            ScopingSensor.aspectOf().leaveScope();
        }
    }

    public abstract u getSession(boolean z);

    public void cacheBody() {
        if (this.cachedBody == null) {
            if (getContentLength() > 0 || !BUFFER.e()) {
                this.cachedBody = BUFFER.c();
                this.cachedBodyStr = new String(this.cachedBody);
            }
        }
    }

    @Override // com.contrastsecurity.agent.http.b
    public File getFile() throws IOException {
        return FILE_BUFFER.b();
    }

    @Override // com.contrastsecurity.agent.http.b
    public o getMemoryBuffer() {
        return BUFFER;
    }

    @Override // com.contrastsecurity.agent.http.b
    public f getFileBuffer() {
        return FILE_BUFFER;
    }

    @ScopedSensor
    public void enterReadingScope() {
        try {
            ScopingSensor.aspectOf().startScope();
            this.scope++;
        } finally {
            ScopingSensor.aspectOf().leaveScope();
        }
    }

    @ScopedSensor
    public void leaveReadingScope() {
        try {
            ScopingSensor.aspectOf().startScope();
            this.scope--;
        } finally {
            ScopingSensor.aspectOf().leaveScope();
        }
    }

    public boolean isCheckedForDeserializer() {
        return this.checkedForDeserializer;
    }

    public void setCheckedForDeserializer(boolean z) {
        this.checkedForDeserializer = z;
    }

    @Override // com.contrastsecurity.agent.http.b
    protected String getAdditionalBreadCrumbInfo() {
        return this.uri;
    }

    public void markEndTime() {
        this.elapsedTimeMs = TimeUnit.NANOSECONDS.toMillis(this.clock.b() - this.startTime);
    }

    public long elapsedTimeMs() {
        return this.elapsedTimeMs;
    }

    public boolean isFormEncodedContentType() {
        String contentType = getContentType();
        if (contentType == null) {
            return false;
        }
        return contentType.contains(URLEncodedUtils.CONTENT_TYPE) || contentType.contains("multipart/form-data");
    }

    public String getEncodedBodyAsString() {
        String str = null;
        byte[] body = getBody();
        if (body != null && body.length > 0) {
            StringBuilder sb = new StringBuilder(body.length);
            appendTranslatedBody(sb, body);
            str = sb.toString();
        }
        return str;
    }

    public String getBodyAsString() {
        cacheBody();
        return this.cachedBodyStr;
    }

    public String headersToString() {
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<String, String[]> entry : this.headers.entrySet()) {
            arrayList.add(entry.getKey() + "= " + Arrays.toString(entry.getValue()));
        }
        return "Headers{" + StringUtils.join(arrayList, ", ") + "}";
    }

    public String toString() {
        return "HttpRequest{protocol=" + this.protocol + ", version=" + this.version + ", method='" + this.method + "', uri='" + this.uri + "', normalizedUri='" + this.normalizedUri + "', queryString='" + this.queryString + "', remoteIp='" + this.remoteIp + "', port=" + this.port + ", parameters=" + this.parameters + ", headers=" + headersToString() + ", contextPath='" + this.contextPath + "', serverVersionInfo='" + this.serverVersionInfo + "', parsedParameters=" + this.parsedParameters + ", parsedMultipartParameters=" + this.parsedMultipartParameters + ", responseProviders=" + this.responseProviders + ", analyzing=" + this.analyzing + ", frameworkInfo=" + this.frameworkInfo + ", scope=" + this.scope + ", cachedBody=" + Arrays.toString(this.cachedBody) + ", cachedBodyStr='" + this.cachedBodyStr + "', properties=" + this.properties + ", multipartItems=" + this.multipartItems + ", cachedContentType='" + this.cachedContentType + "', cachedContentLength=" + this.cachedContentLength + ", cachedXForwardedFor=" + this.cachedXForwardedFor + ", cachedXForwardedForHeaders=" + Arrays.toString(this.cachedXForwardedForHeaders) + ", cachedXForwardedForAsString=" + this.cachedXForwardedForAsString + ", cachedXForwardedForHeadersAsString='" + this.cachedXForwardedForHeadersAsString + "', requestID=" + this.requestID + ", checkedForDeserializer=" + this.checkedForDeserializer + ", startTime=" + this.startTime + ", elapsed=" + this.elapsedTimeMs + '}';
    }

    private void appendTranslatedBody(StringBuilder sb, byte[] bArr) {
        if (bArr == null || bArr.length <= 0) {
            return;
        }
        String str = new String(bArr);
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (Character.isWhitespace(charAt) || Character.isLetterOrDigit(charAt)) {
                sb.append(charAt);
            } else if (ArrayUtils.contains(ALLOWED_BODY_SPECIAL_CHARS, charAt)) {
                C0228i.a(sb, charAt);
            } else {
                sb.append(WildcardPattern.ANY_CHAR);
            }
        }
    }

    public void setFrameworkInfo(g gVar) {
        this.frameworkInfo = gVar;
    }

    public g getFrameworkInfo() {
        return this.frameworkInfo;
    }

    public abstract MqHttpRequestDTM toMqHttpRequestDTM();
}
