package com.contrastsecurity.agent.plugins.protect;

import com.contrastsecurity.agent.Sensor;
import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.apps.exclusions.c;
import com.contrastsecurity.agent.config.ConfigProperty;
import com.contrastsecurity.agent.contrastapi_v1_0.settings.server.ServerSettingsProtectDTM;
import com.contrastsecurity.agent.contrastapi_v1_0.telemetry.SilentTelemetryDTM;
import com.contrastsecurity.agent.core.ContrastEngine;
import com.contrastsecurity.agent.e.e;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.http.HttpResponse;
import com.contrastsecurity.agent.messages.app.activity.protect.ApplicationProtectActivityDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.protect.AttackerActivityDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.ProtectRuleSampleDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.ProtectionRuleActivityDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.RuleEventsDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.SourceDTM;
import com.contrastsecurity.agent.messages.server.activity.protect.ServerProtectActivityDTM;
import com.contrastsecurity.agent.o.C0068q;
import com.contrastsecurity.agent.o.C0070s;
import com.contrastsecurity.agent.plugins.ContrastPlugin;
import com.contrastsecurity.agent.plugins.frameworks.C0155p;
import com.contrastsecurity.agent.reloadable.ReloadableBeanManager;
import com.contrastsecurity.agent.services.a.as;
import com.contrastsecurity.agent.util.C0313q;
import com.contrastsecurity.agent.util.PerfUtil;
import com.contrastsecurity.thirdparty.org.apache.http.client.methods.HttpGet;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;

@Sensor
/* loaded from: input_file:com/contrastsecurity/agent/plugins/protect/ProtectPlugin.class */
public class ProtectPlugin extends ContrastPlugin implements com.contrastsecurity.agent.instr.a.c {
    private final com.contrastsecurity.agent.config.g a;
    private final K b;
    private final com.contrastsecurity.agent.plugins.a.k c;
    private final ApplicationManager d;
    private final com.contrastsecurity.agent.plugins.protect.d.g e;
    private final L f;
    private final C0186h g;
    private final List<com.contrastsecurity.agent.http.o> h;
    private final com.contrastsecurity.agent.plugins.b i;
    private final ae j;
    private final ProtectManager k;
    private final boolean l;
    private final com.contrastsecurity.agent.plugins.protect.i.o m;
    private final com.contrastsecurity.agent.plugins.protect.c.e n;
    private final O o;
    public static final String APP_PROTECT_KEY = "defend";
    public static final e.b<C0180b> PROTECT_SETTINGS = e.b.a(C0180b.class);
    public static final e.b<com.contrastsecurity.agent.plugins.protect.i.g> APP_SOURCE_REPORTS = e.b.a(com.contrastsecurity.agent.plugins.protect.i.g.class);
    private static final Logger p = LoggerFactory.getLogger((Class<?>) ProtectPlugin.class);

    public ProtectPlugin(com.contrastsecurity.agent.commons.d dVar, ProtectManager protectManager, com.contrastsecurity.agent.features.c cVar, C0155p c0155p, com.contrastsecurity.agent.config.g gVar, ApplicationManager applicationManager, com.contrastsecurity.agent.plugins.a.k kVar, C0070s c0070s, com.contrastsecurity.agent.p.k kVar2, ContrastEngine contrastEngine, HttpManager httpManager, com.contrastsecurity.agent.telemetry.e eVar, com.contrastsecurity.agent.logging.b bVar, as<SilentTelemetryDTM> asVar) {
        this(gVar, protectManager, cVar, c0155p, httpManager, new com.contrastsecurity.agent.instr.f(), ReloadableBeanManager.get(), kVar2, dVar, applicationManager, kVar, c0070s, contrastEngine, eVar.d(), eVar.g(), bVar, asVar);
    }

    @com.contrastsecurity.agent.z
    public ProtectPlugin(com.contrastsecurity.agent.config.g gVar, ProtectManager protectManager, com.contrastsecurity.agent.features.c cVar, C0155p c0155p, HttpManager httpManager, com.contrastsecurity.agent.instr.j jVar, ReloadableBeanManager reloadableBeanManager, com.contrastsecurity.agent.p.k kVar, com.contrastsecurity.agent.commons.d dVar, ApplicationManager applicationManager, com.contrastsecurity.agent.plugins.a.k kVar2, C0070s c0070s, ContrastEngine contrastEngine, com.contrastsecurity.agent.telemetry.b.i iVar, com.contrastsecurity.agent.telemetry.errors.o oVar, com.contrastsecurity.agent.logging.b bVar, as<SilentTelemetryDTM> asVar) {
        Objects.requireNonNull(dVar);
        Objects.requireNonNull(jVar);
        Objects.requireNonNull(oVar);
        Objects.requireNonNull(contrastEngine);
        Objects.requireNonNull(cVar);
        Objects.requireNonNull(c0155p);
        Objects.requireNonNull(httpManager);
        Objects.requireNonNull(bVar);
        Objects.requireNonNull(iVar);
        Objects.requireNonNull(reloadableBeanManager);
        Objects.requireNonNull(asVar);
        Objects.requireNonNull(c0070s);
        Objects.requireNonNull(kVar);
        this.a = (com.contrastsecurity.agent.config.g) Objects.requireNonNull(gVar);
        this.k = (ProtectManager) Objects.requireNonNull(protectManager);
        this.l = gVar.f(ConfigProperty.PROTECT_API_BODY_READ);
        this.b = new K();
        this.m = new com.contrastsecurity.agent.plugins.protect.i.o(gVar);
        this.d = (ApplicationManager) Objects.requireNonNull(applicationManager);
        this.c = (com.contrastsecurity.agent.plugins.a.k) Objects.requireNonNull(kVar2);
        com.contrastsecurity.agent.util.L b = com.contrastsecurity.agent.util.M.b();
        this.o = C0247v.a().b(applicationManager).b(gVar).b(contrastEngine.executorServiceModule()).b(contrastEngine).b(cVar).b(dVar).b(c0155p).b(httpManager).b(new com.contrastsecurity.agent.instr.s(jVar)).b(bVar).b(protectManager).b(kVar).b(c0070s).b(reloadableBeanManager).b(new C0068q(c0070s)).b(iVar).b(oVar).b(asVar).a();
        this.n = this.o.c();
        b.b();
        PerfUtil.printStartupTimingMessage(PerfUtil.a.SUB_SUB_SUB_SUB_STARTUP_TASK, "protect-wire-dependencies", b);
        b.c();
        b.a();
        protectManager.a(this.o.c());
        protectManager.a(this.o.h());
        b.b();
        PerfUtil.printStartupTimingMessage(PerfUtil.a.SUB_SUB_SUB_SUB_STARTUP_TASK, "protectmanager-init", b);
        b.c();
        b.a();
        com.contrastsecurity.agent.plugins.protect.g.c e = this.o.e();
        cVar.a("SyslogManager", e);
        cVar.a("ProtectStateChangeListener", this.o.r());
        e.a((ServerSettingsProtectDTM) null, cVar.c());
        protectManager.onServerFeatureUpdate(cVar.c());
        this.i = this.o.b();
        this.e = this.o.d();
        this.f = this.o.g();
        this.h = com.contrastsecurity.agent.commons.h.a((Collection) this.o.i());
        this.g = this.o.a();
        this.j = this.o.j();
        b.b();
        PerfUtil.printStartupTimingMessage(PerfUtil.a.SUB_SUB_SUB_STARTUP_TASK, "protectfeatures-init", b);
    }

    @Override // com.contrastsecurity.agent.instr.a.c
    public boolean preventDenylistingOf(String str) {
        boolean z = false;
        Set<String> a = a();
        if (a != null) {
            z = a.contains(str);
        }
        return z;
    }

    Set<String> a() {
        Set<String> set = null;
        if (this.k != null) {
            set = this.k.getUserTargetedClasses();
        }
        return set;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public List<com.contrastsecurity.agent.plugins.a> getClassTransformationListeners() {
        List<com.contrastsecurity.agent.plugins.a> emptyList = Collections.emptyList();
        if (this.a.f(ConfigProperty.PROTECT_ENABLED)) {
            emptyList = new ArrayList();
            emptyList.add(this.f);
        }
        return emptyList;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public com.contrastsecurity.agent.plugins.b getActivityEventListener() {
        com.contrastsecurity.agent.plugins.b bVar = null;
        if (this.a.f(ConfigProperty.PROTECT_ENABLED)) {
            bVar = this.i;
        }
        return bVar;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public int limitRequestBodySizeCapturing() {
        return this.a.d(ConfigProperty.MAX_REQUEST_BODY_BYTES_CAPTURED);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public List<com.contrastsecurity.agent.http.o> getRequestLifecycleListeners() {
        return this.h;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean requiresPrimordialInstrumentation(Class<?> cls) {
        if (PrintWriter.class.equals(cls) || this.f.a(cls) || this.n.a(cls)) {
            return true;
        }
        Iterator<com.contrastsecurity.agent.plugins.protect.rules.l<?, ?>> it = this.k.b().iterator();
        while (it.hasNext()) {
            if (it.next().requiresPrimordialInstrumentation(cls)) {
                return true;
            }
        }
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin, com.contrastsecurity.agent.plugins.a.f
    public void onApplicationInventoried(Application application) {
        Iterator<T<?>> it = this.k.a().iterator();
        while (it.hasNext()) {
            it.next().onApplicationProfiled(application);
        }
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onAppActivityReportingStarting(com.contrastsecurity.agent.services.ngreporting.a aVar, Application application, Map<String, Object> map) {
        Map<SourceDTM, List<InterfaceC0246u<?>>> b = ((com.contrastsecurity.agent.plugins.protect.i.g) application.context().a((e.b) APP_SOURCE_REPORTS, (com.contrastsecurity.agent.commons.r) com.contrastsecurity.agent.plugins.protect.i.g.a)).b();
        if (b.isEmpty()) {
            return;
        }
        a(aVar, map, b);
    }

    private void a(com.contrastsecurity.agent.services.ngreporting.a aVar, Map<String, Object> map, Map<SourceDTM, List<InterfaceC0246u<?>>> map2) {
        long currentTimeMillis = System.currentTimeMillis();
        ArrayList arrayList = new ArrayList();
        for (SourceDTM sourceDTM : map2.keySet()) {
            HashMap hashMap = new HashMap();
            HashMap hashMap2 = new HashMap();
            for (InterfaceC0246u<?> interfaceC0246u : map2.get(sourceDTM)) {
                String b = interfaceC0246u.b();
                ProtectRuleSampleDTM<?> a = interfaceC0246u.a();
                if (b != null && a != null) {
                    ((List) ((Map) hashMap2.computeIfAbsent(b, str -> {
                        return new HashMap();
                    })).computeIfAbsent(a.getResult(), attackResult -> {
                        return new ArrayList();
                    })).add(a);
                }
            }
            for (String str2 : hashMap2.keySet()) {
                Map map3 = (Map) hashMap2.get(str2);
                ProtectionRuleActivityDTM.Builder startTime = ProtectionRuleActivityDTM.builder().startTime(currentTimeMillis);
                List list = (List) map3.get(AttackResult.BLOCKED);
                if (list != null) {
                    startTime.blocked(new RuleEventsDTM(list.subList(0, Math.min(list.size(), this.m.c())), list.size(), currentTimeMillis));
                }
                List list2 = (List) map3.get(AttackResult.BLOCKED_AT_PERIMETER);
                if (list2 != null) {
                    startTime.blockedAtPerimeter(new RuleEventsDTM(list2.subList(0, Math.min(list2.size(), this.m.d())), list2.size(), currentTimeMillis));
                }
                List list3 = (List) map3.get(AttackResult.EXPLOITED);
                if (list3 != null) {
                    startTime.exploited(new RuleEventsDTM(list3.subList(0, Math.min(list3.size(), this.m.b())), list3.size(), currentTimeMillis));
                }
                List list4 = (List) map3.get(AttackResult.PROBED);
                if (list4 != null) {
                    startTime.ineffective(new RuleEventsDTM(list4.subList(0, Math.min(list4.size(), this.m.a())), list4.size(), currentTimeMillis));
                }
                List list5 = (List) map3.get(AttackResult.SUSPICIOUS);
                if (list5 != null) {
                    startTime.suspicious(new RuleEventsDTM(list5.subList(0, Math.min(list5.size(), this.m.e())), list5.size(), currentTimeMillis));
                }
                hashMap.put(str2, startTime.build());
            }
            arrayList.add(new AttackerActivityDTM(hashMap, sourceDTM));
        }
        aVar.a();
        map.put(APP_PROTECT_KEY, new ApplicationProtectActivityDTM(arrayList, currentTimeMillis));
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onServerActivityReportingStarting(com.contrastsecurity.agent.services.ngreporting.a aVar, Map<String, Object> map) {
        ServerProtectActivityDTM a;
        if (!this.a.f(ConfigProperty.PROTECT_ENABLED) || (a = this.j.a()) == null || a(a)) {
            return;
        }
        map.put(APP_PROTECT_KEY, a);
        aVar.a();
    }

    private boolean a(ServerProtectActivityDTM serverProtectActivityDTM) {
        return serverProtectActivityDTM.getIpBlacklists().isEmpty() && serverProtectActivityDTM.getLogEnhancers().isEmpty();
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onServerActivityReportingFinished() {
        ServerProtectActivityDTM a = this.j.a();
        if (a != null) {
            a.getIpBlacklists().clear();
            a.getLogEnhancers().clear();
        }
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void activate() {
        super.activate();
        this.k.activate();
        b();
        this.c.a(this.b);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void deactivate() {
        this.k.deactivate();
        b();
        this.c.b(this.b);
        super.deactivate();
    }

    private void b() {
        if (this.c == null) {
            throw new IllegalStateException("Plugin lifecycle violation: expected onApplicationServiceProviderReady to be called before activate");
        }
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean requiresHttpResponseBuffering(HttpRequest httpRequest, HttpResponse httpResponse) {
        return isActivated() && !C0313q.b(httpRequest);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean requiresHttpRequestBodyBuffering(HttpRequest httpRequest) {
        boolean z = false;
        if (isDisabledUri(httpRequest, this.d.current(), this.a)) {
            p.debug("Uri {} is skipped from request body buffering.", httpRequest.getUri());
            return false;
        }
        if (isActivated() && !HttpGet.METHOD_NAME.equals(httpRequest.getMethod())) {
            z = true;
        }
        return z;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean requiresHttpRequestBodyTotalCapture(HttpRequest httpRequest) {
        boolean z = false;
        if (isDisabledUri(httpRequest, this.d.current(), this.a)) {
            p.debug("Uri {} is skipped from request body total capturing.", httpRequest.getUri());
            return false;
        }
        if (this.l && isActivated() && !HttpGet.METHOD_NAME.equals(httpRequest.getMethod()) && httpRequest.getContentLength() > 0) {
            z = httpRequest.getContentType().c();
        }
        return z;
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onRequestBodyChunkRead(HttpRequest httpRequest, int i, byte[] bArr, int i2, int i3) {
        if (isActivated()) {
            if (!httpRequest.isCheckedForDeserializer()) {
                this.e.a();
                httpRequest.setCheckedForDeserializer(true);
            }
            if (this.e.c()) {
                return;
            }
            if (a(httpRequest, i != -1 ? i : 0)) {
                a(httpRequest);
            }
        }
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public void onRequestBodyChunkRead(HttpRequest httpRequest, int i) {
        if (isActivated()) {
            if (!httpRequest.isCheckedForDeserializer()) {
                httpRequest.setCheckedForDeserializer(true);
                this.e.a();
            }
            if (this.e.c()) {
                return;
            }
            if (a(httpRequest, i != -1 ? 1 : 0)) {
                a(httpRequest);
            }
        }
    }

    private void a(HttpRequest httpRequest) {
        if (this.g != null) {
            this.g.a(httpRequest, httpRequest.getMemoryBuffer().a(httpRequest.getCharset()));
        }
    }

    private boolean a(HttpRequest httpRequest, int i) {
        return httpRequest.getMemoryBuffer().b() == httpRequest.getContentLength();
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean isActivated() {
        return this.a.f(ConfigProperty.PROTECT_ENABLED) && super.isActivated();
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    public boolean isActivatedForUri(Application application, HttpRequest httpRequest) {
        return isActivated() && !isDisabledUri(httpRequest, application, this.a);
    }

    public O getComponent() {
        return this.o;
    }

    @com.contrastsecurity.agent.z
    public T<?> getRule(String str) {
        return this.k.getRuleById(str);
    }

    @Override // com.contrastsecurity.agent.plugins.ContrastPlugin
    protected boolean isDisabledUri(HttpRequest httpRequest, Application application, com.contrastsecurity.agent.config.g gVar) {
        if (application == null) {
            return false;
        }
        com.contrastsecurity.agent.apps.exclusions.g exclusionProcessor = application.getExclusionProcessor();
        boolean isDisabledByUrl = exclusionProcessor.isDisabledByUrl(c.a.PROTECT, com.contrastsecurity.agent.apps.exclusions.c.a, httpRequest.getUri());
        if (!isDisabledByUrl) {
            isDisabledByUrl = exclusionProcessor.isDisabledByUrl(c.a.PROTECT, com.contrastsecurity.agent.apps.exclusions.c.c, httpRequest.getUri());
        }
        return isDisabledByUrl;
    }
}
