package com.atlassian.security.auth.trustedapps;

import com.google.common.net.HttpHeaders;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/atlassian-trusted-apps-core-6.0.0.jar:com/atlassian/security/auth/trustedapps/DefaultRequestValidator.class
 */
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-refapp-trusted-apps-plugin-6.2.0-m01.jar:META-INF/lib/atlassian-trusted-apps-core-6.0.0.jar:com/atlassian/security/auth/trustedapps/DefaultRequestValidator.class */
public class DefaultRequestValidator implements RequestValidator {
    private final IPMatcher ipMatcher;
    private final URLMatcher urlMatcher;

    public DefaultRequestValidator(IPMatcher iPMatcher, URLMatcher uRLMatcher) {
        Null.not("ipMatcher", iPMatcher);
        Null.not("urlMatcher", uRLMatcher);
        this.ipMatcher = iPMatcher;
        this.urlMatcher = uRLMatcher;
    }

    @Override // com.atlassian.security.auth.trustedapps.RequestValidator
    public void validate(HttpServletRequest httpServletRequest) throws InvalidRequestException {
        validateRemoteRequestIP(httpServletRequest);
        validateXForwardedFor(httpServletRequest);
        validateRequestURL(httpServletRequest);
    }

    private void validateRemoteRequestIP(HttpServletRequest httpServletRequest) throws InvalidIPAddressException {
        String remoteAddr = httpServletRequest.getRemoteAddr();
        if (!this.ipMatcher.match(remoteAddr)) {
            throw new InvalidRemoteAddressException(remoteAddr);
        }
    }

    private void validateXForwardedFor(HttpServletRequest httpServletRequest) throws InvalidXForwardedForAddressException {
        String header = httpServletRequest.getHeader(HttpHeaders.X_FORWARDED_FOR);
        if (header != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(header, ",");
            while (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (nextToken.trim().length() > 0 && !this.ipMatcher.match(nextToken.trim())) {
                    throw new InvalidXForwardedForAddressException(nextToken);
                }
            }
        }
    }

    private void validateRequestURL(HttpServletRequest httpServletRequest) throws InvalidRequestUrlException {
        String pathInfo = getPathInfo(httpServletRequest);
        if (!this.urlMatcher.match(pathInfo)) {
            throw new InvalidRequestUrlException(pathInfo);
        }
    }

    private String getPathInfo(HttpServletRequest httpServletRequest) {
        String contextPath = httpServletRequest.getContextPath();
        String requestURI = httpServletRequest.getRequestURI();
        return (contextPath == null || contextPath.length() <= 0) ? requestURI : requestURI.substring(contextPath.length());
    }
}
