package com.contrastsecurity.agent.plugins.protect.g;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.config.ConfigProperty;
import com.contrastsecurity.agent.contrastapi_v1_0.settings.server.ServerSettingsProtectDTM;
import com.contrastsecurity.agent.core.ContrastAgent;
import com.contrastsecurity.agent.features.m;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.messages.app.activity.protect.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.protect.ProtectRuleSampleDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.details.UserInputDTM;
import com.contrastsecurity.agent.messages.server.activity.protect.ServerProtectActivityDTM;
import com.contrastsecurity.agent.messages.server.features.protect.IPFilterDTM;
import com.contrastsecurity.agent.messages.server.features.protect.LogEnhancerDTM;
import com.contrastsecurity.agent.messages.server.features.protect.LogLevel;
import com.contrastsecurity.agent.messages.server.features.protect.LogType;
import com.contrastsecurity.agent.plugins.protect.V;
import com.contrastsecurity.agent.plugins.protect.aa;
import com.contrastsecurity.agent.plugins.protect.ae;
import com.contrastsecurity.agent.util.N;
import com.contrastsecurity.agent.z;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.time.FastDateFormat;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.lang.ref.WeakReference;
import java.net.InetAddress;
import java.util.Date;
import java.util.Map;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;

/* compiled from: LogEnhancer.java */
@Singleton
/* loaded from: input_file:com/contrastsecurity/agent/plugins/protect/g/c.class */
public final class c implements m {
    private final ApplicationManager k;
    private final com.contrastsecurity.agent.config.g l;
    private final HttpManager m;

    @z
    public String a;
    private final l n;
    private final ScheduledExecutorService o;
    private ScheduledFuture<?> p;
    private boolean q;
    private boolean r;
    private boolean s = true;
    private static final int t = 200;
    private static final String u = "-";
    private static final String v = "CEF:0|Contrast Security|Contrast Agent Java|";
    private static final char w = '|';
    private static final String x = "bli";
    private static final String y = "vpi";
    private static final String z = "bbi";
    private static final String A = "lei";
    private static final String B = "pri";
    private static final String C = "src";
    private static final String D = "spt";
    private static final String E = "request";
    private static final String F = "requestMethod";
    private static final String G = "app";
    private static final String H = "outcome=";
    private static final String I = "INEFFECTIVE";
    private static final String J = "EXPLOITED";
    private static final String K = "SUSPICIOUS";
    private static final String L = "BLOCKED";
    private static final String M = "outcome=success";
    private static final String N = " - ";
    static final String b = " had a value that successfully exploited ";
    static final String c = " had a value that that was marked suspicious ";
    static final String d = " had a value that matched a signature for, but did not successfully exploit, ";
    static final String e = " had a value that matched an attack signature for ";
    static final String f = " had a value worth watching for an attack signature for ";
    static final String g = " had a safe value that did not match an attack signature for ";
    static final String h = "An effective attack was detected against ";
    static final String i = "An unsuccessful attack was detected against ";
    static final String j = "Coming from Contrast";
    private static final Logger O = LoggerFactory.getLogger((Class<?>) c.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: LogEnhancer.java */
    /* loaded from: input_file:com/contrastsecurity/agent/plugins/protect/g/c$a.class */
    public static final class a implements Runnable {
        private final WeakReference<l> a;
        private final String b;

        a(WeakReference<l> weakReference, String str) {
            this.a = weakReference;
            this.b = str;
        }

        @Override // java.lang.Runnable
        public void run() {
            l lVar = this.a.get();
            if (lVar == null) {
                return;
            }
            lVar.d(c.a(LogType.HEARTBEAT, c.j, this.b).toString());
        }
    }

    @Inject
    public c(ApplicationManager applicationManager, com.contrastsecurity.agent.config.g gVar, HttpManager httpManager, l lVar, ScheduledExecutorService scheduledExecutorService) {
        this.k = applicationManager;
        this.l = gVar;
        this.m = httpManager;
        this.o = scheduledExecutorService;
        this.n = lVar;
        a(this.n, gVar);
    }

    void a(l lVar, com.contrastsecurity.agent.config.g gVar) {
        boolean f2 = gVar.f(ConfigProperty.CEF_SYSLOGGER_ENABLE);
        boolean f3 = gVar.f(ConfigProperty.CEF_SYSLOGGER_HEARTBEAT);
        if (this.s) {
            this.s = false;
        } else if (this.q != f2 || this.r != f3) {
            O.info("The syslog and/or heartbeat configuration has changed.  Syslog enabled: previous: {} new: {}  Heartbeat enabled: previous: {} new: {}", Boolean.valueOf(this.q), Boolean.valueOf(f2), Boolean.valueOf(this.r), Boolean.valueOf(f3));
        }
        this.q = f2;
        this.r = f3;
        a();
        if (f2 && f3) {
            int d2 = gVar.d(ConfigProperty.CEF_SYSLOGGER_HEARTBEAT_INTERVAL);
            if (d2 <= 0) {
                O.error("Syslog heartbeat disabled (interval was <= 0, requires a positive value)");
                return;
            }
            synchronized (this.o) {
                if (this.p == null) {
                    O.info("Syslog heartbeat starting");
                    this.p = this.o.scheduleAtFixedRate(new a(new WeakReference(lVar), b()), 0L, d2, TimeUnit.MILLISECONDS);
                }
            }
        }
    }

    @z
    void a() {
        synchronized (this.o) {
            if (this.p != null) {
                this.p.cancel(true);
                this.p = null;
                O.info("Syslog heartbeat disabled");
            }
        }
    }

    @Override // com.contrastsecurity.agent.features.m
    public void a(ServerSettingsProtectDTM serverSettingsProtectDTM, ServerSettingsProtectDTM serverSettingsProtectDTM2) {
        if (this.n.a(this.l)) {
            a(this.n, this.l);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(LogEnhancerDTM logEnhancerDTM, String str, String str2, Object obj, Object[] objArr, String str3, Object obj2) {
        LogLevel level = logEnhancerDTM.getLevel();
        LogType type = logEnhancerDTM.getType();
        if (this.n.a(level, type)) {
            this.n.a(level, type, b(logEnhancerDTM, str, str2, obj, objArr, str3, obj2));
        }
    }

    public <T> void a(V<T> v2, ProtectRuleSampleDTM<T> protectRuleSampleDTM) {
        if (this.n.a()) {
            String a2 = a((V) v2, protectRuleSampleDTM.getResult(), protectRuleSampleDTM.getInput(), true);
            if (protectRuleSampleDTM.isBlocked()) {
                this.n.b(a2);
            } else {
                this.n.a(a2);
            }
        }
    }

    public void a(V<?> v2, UserInputDTM userInputDTM, AttackResult attackResult) {
        if (this.n.a()) {
            this.n.c(a((V) v2, attackResult, userInputDTM, false));
        }
    }

    public void a(String str, String str2, String str3, String str4) {
        if (this.n.a(LogLevel.DEBUG, LogType.AUDIT)) {
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.DEBUG, str2 + ' ' + aa.a(str3) + e + str + N + aa.a(str4), B, str);
            a2.append(' ');
            a2.append(M);
            this.n.a(LogLevel.DEBUG, LogType.AUDIT, a2.toString());
        }
    }

    public void b(String str, String str2, String str3, String str4) {
        if (this.n.a(LogLevel.DEBUG, LogType.AUDIT)) {
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.DEBUG, str2 + ' ' + aa.a(str3) + f + str + N + aa.a(str4), B, str);
            a2.append(' ');
            a2.append(M);
            this.n.a(LogLevel.DEBUG, LogType.AUDIT, a2.toString());
        }
    }

    public void c(String str, String str2, String str3, String str4) {
        if (this.n.a(LogLevel.TRACE, LogType.AUDIT)) {
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.TRACE, str2 + ' ' + aa.a(str3) + g + str + N + aa.a(str4), B, str);
            a2.append(' ');
            a2.append(M);
            this.n.a(LogLevel.TRACE, LogType.AUDIT, a2.toString());
        }
    }

    public void a(IPFilterDTM iPFilterDTM, String str) {
        if (this.n.a()) {
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.WARN, b(iPFilterDTM, str), x, String.valueOf(iPFilterDTM.getId()));
            a2.append(' ');
            a2.append(M);
            this.n.b(a2.toString());
        }
    }

    private String b(IPFilterDTM iPFilterDTM, String str) {
        return "IP Address " + str + " matched the disallowed value " + iPFilterDTM.getIp() + " in the IP Denylist " + iPFilterDTM.getUuid();
    }

    public void a(String str) {
        if (this.n.a()) {
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.WARN, "The Virtual Patch " + str + " was triggered.", y, str);
            a2.append(' ');
            a2.append(M);
            this.n.b(a2.toString());
        }
    }

    public void a(String str, String str2) {
        if (this.n.a()) {
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.WARN, b(str, str2), z, str2);
            a2.append(' ');
            a2.append(M);
            this.n.b(a2.toString());
        }
    }

    private String b(String str, String str2) {
        return "User Agent " + str + " matched the disallowed value " + str2 + " in the bot blocker";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(long j2, ae aeVar) {
        ServerProtectActivityDTM a2 = aeVar.a();
        if (a2 != null) {
            Map<Long, Integer> logEnhancers = a2.getLogEnhancers();
            Integer num = logEnhancers.get(Long.valueOf(j2));
            logEnhancers.put(Long.valueOf(j2), num == null ? 1 : Integer.valueOf(num.intValue() + 1));
        }
    }

    @z
    static String a(UserInputDTM.InputType inputType) {
        switch (inputType) {
            case BODY:
                return "The body segment";
            case COOKIE_NAME:
            case COOKIE_VALUE:
                return "The cookie";
            case HEADER:
                return "The header";
            case PARAMETER_NAME:
            case PARAMETER_VALUE:
                return "The parameter";
            case QUERYSTRING:
                return "The querystring";
            case URI:
                return "The URI";
            case SOCKET:
                return "The socket";
            case JSON_VALUE:
            case JSON_ARRAYED_VALUE:
                return "The JSON";
            case MULTIPART_CONTENT_TYPE:
                return "The content-type of the multipart";
            case MULTIPART_VALUE:
                return "The value of the multipart";
            case DWR_VALUE:
                return "The DWR parameter";
            case MULTIPART_FIELD_NAME:
                return "The multipart field name";
            case MULTIPART_NAME:
                return "The multipart name";
            case XML_VALUE:
                return "The XML";
            default:
                return "The input";
        }
    }

    @z
    <T> String a(V<T> v2, AttackResult attackResult, UserInputDTM userInputDTM, boolean z2) {
        StringBuilder sb = new StringBuilder(256);
        if (userInputDTM != null) {
            sb.append(a(userInputDTM.getType()));
            sb.append(' ');
            String name = userInputDTM.getName();
            if (name == null) {
                name = userInputDTM.getType().toString();
            }
            sb.append(aa.a(name));
            if (attackResult == AttackResult.SUSPICIOUS) {
                sb.append(c);
            } else if (attackResult == AttackResult.PROBED) {
                sb.append(d);
            } else {
                sb.append(b);
            }
            sb.append(v2.a());
            sb.append(N);
            sb.append(aa.a(userInputDTM.getValue()));
        } else if (z2) {
            sb.append(h);
            sb.append(v2.a());
        } else {
            sb.append(i);
            sb.append(v2.a());
        }
        StringBuilder a2 = a(LogType.SECURITY, LogLevel.WARN, sb.toString(), B, v2.a());
        a2.append(' ');
        a2.append(H);
        if (attackResult == AttackResult.SUSPICIOUS) {
            a2.append(K);
        } else if (attackResult == AttackResult.PROBED) {
            a2.append(I);
        } else if (attackResult == AttackResult.EXPLOITED) {
            a2.append(J);
        } else {
            a2.append(L);
        }
        return a2.toString();
    }

    @z
    String b(LogEnhancerDTM logEnhancerDTM, String str, String str2, Object obj, Object[] objArr, String str3, Object obj2) {
        StringBuilder a2 = a(logEnhancerDTM.getType(), logEnhancerDTM.getLevel(), aa.a(k.a(logEnhancerDTM, str, str2, obj, objArr, str3, obj2)), A, String.valueOf(logEnhancerDTM.getId()));
        a2.append(' ');
        a2.append(M);
        return a2.toString();
    }

    @z
    public StringBuilder a(LogType logType, LogLevel logLevel, String str, String str2, String str3) {
        if (str == null) {
            str = "";
        }
        if (!StringUtils.isEmpty(str)) {
            str = str.replace("\\", "\\\\").replace("|", "\\|").replace("=", "\\=");
        }
        Application current = this.k.current();
        String str4 = "-";
        if (current != null) {
            String name = current.getName();
            if (StringUtils.isNotBlank(name)) {
                str4 = name;
            }
        }
        HttpRequest currentRequest = this.m.getCurrentRequest();
        String str5 = "-";
        String str6 = "-";
        String str7 = "-";
        String str8 = "-";
        if (currentRequest != null) {
            str5 = currentRequest.getUri().replace(" ", "<space>");
            String[] xForwardedFor = currentRequest.getXForwardedFor();
            str6 = xForwardedFor != null ? N.a(xForwardedFor) : currentRequest.getRemoteIp();
            str7 = String.valueOf(currentRequest.getPort());
            str8 = currentRequest.getMethod();
        }
        StringBuilder a2 = a(logType, str, b());
        a2.append('|');
        a2.append(logLevel);
        a2.append('|');
        a2.append(str2);
        a2.append('=');
        a2.append(str3);
        a2.append(' ');
        a2.append(C);
        a2.append('=');
        a2.append(str6);
        a2.append(' ');
        a2.append(D);
        a2.append('=');
        a2.append(str7);
        a2.append(' ');
        a2.append(E);
        a2.append('=');
        a2.append(str5);
        a2.append(' ');
        a2.append(F);
        a2.append('=');
        a2.append(str8);
        a2.append(' ');
        a2.append(G);
        a2.append('=');
        a2.append(str4);
        return a2;
    }

    @z
    static StringBuilder a(LogType logType, String str, String str2) {
        return new StringBuilder(200 + str.length()).append(FastDateFormat.getInstance("MMM dd yyyy HH:mm:ss.SSSZ").format(new Date())).append(' ').append(str2).append(' ').append(v).append(ContrastAgent.getBuildVersion()).append('|').append(logType).append('|').append(str);
    }

    private String b() {
        if (this.a == null) {
            try {
                this.a = InetAddress.getLocalHost().getHostAddress();
            } catch (Exception e2) {
                this.a = "-";
            }
        }
        return this.a;
    }
}
