package com.contrastsecurity.agent.plugins.protect;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.apps.exclusions.c;
import com.contrastsecurity.agent.config.ConfigProperty;
import com.contrastsecurity.agent.contrastapi_v1_0.settings.server.ServerSettingsProtectDTM;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.http.HttpResponse;
import com.contrastsecurity.agent.http.MultipartItem;
import com.contrastsecurity.agent.messages.app.activity.protect.details.UserInputDTM;
import com.contrastsecurity.agent.messages.app.settings.ExceptionInputTypeDTM;
import com.contrastsecurity.agent.messages.server.features.protect.IPFilterDTM;
import com.contrastsecurity.agent.o.InterfaceC0067p;
import com.contrastsecurity.agent.plugins.frameworks.C0155p;
import com.contrastsecurity.agent.plugins.protect.C0181c;
import com.contrastsecurity.agent.telemetry.b.i;
import com.contrastsecurity.agent.util.ObjectShare;
import com.contrastsecurity.thirdparty.com.googlecode.concurrentlinkedhashmap.ConcurrentLinkedHashMap;
import com.contrastsecurity.thirdparty.com.rabbitmq.client.ConnectionFactoryConfigurator;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.apache.http.client.utils.URLEncodedUtils;
import com.contrastsecurity.thirdparty.org.apache.http.cookie.SM;
import com.contrastsecurity.thirdparty.org.apache.http.protocol.HTTP;
import com.contrastsecurity.thirdparty.org.mvel2.MVEL;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.net.URLDecoder;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;

/* compiled from: AttackListener.java */
@Singleton
/* renamed from: com.contrastsecurity.agent.plugins.protect.h, reason: case insensitive filesystem */
/* loaded from: input_file:com/contrastsecurity/agent/plugins/protect/h.class */
public class C0186h extends com.contrastsecurity.agent.http.o implements com.contrastsecurity.agent.plugins.protect.d.v {
    private final com.contrastsecurity.agent.config.g e;
    private final ApplicationManager f;
    private final com.contrastsecurity.agent.features.c g;
    private final HttpManager h;
    private final C0181c i;
    private final Map<String, Boolean> j;
    private final Map<String, com.contrastsecurity.agent.plugins.protect.l.i> k;
    private final ProtectManager l;
    private final C0251z m;
    private final com.contrastsecurity.agent.plugins.protect.g.c n;
    private final InterfaceC0182d o;
    private final com.contrastsecurity.agent.plugins.protect.e.f p;
    private final ab q;
    private final InterfaceC0067p r;
    private static final String s = "undefined";
    private final Map<String, com.contrastsecurity.agent.b.d[]> t;
    private final com.contrastsecurity.agent.telemetry.b.a u;
    private final com.contrastsecurity.agent.telemetry.b.a v;
    private final com.contrastsecurity.agent.telemetry.b.a w;
    private final com.contrastsecurity.agent.telemetry.b.a x;

    @com.contrastsecurity.agent.z
    static final String a = "ignoredInputCount";

    @com.contrastsecurity.agent.z
    static final String b = "analysisCacheUsedCount";

    @com.contrastsecurity.agent.z
    static final String c = "analysisCacheUnusedCount";

    @com.contrastsecurity.agent.z
    static final String d = "requestsHandledCount";
    private static final int y = -1;
    private static final A z = new A(EnumC0250y.DONT_CARE);
    private static final Logger A = LoggerFactory.getLogger((Class<?>) C0186h.class);

    @Inject
    public C0186h(ApplicationManager applicationManager, com.contrastsecurity.agent.features.c cVar, HttpManager httpManager, ProtectManager protectManager, C0155p c0155p, com.contrastsecurity.agent.config.g gVar, com.contrastsecurity.agent.plugins.protect.g.c cVar2, InterfaceC0182d interfaceC0182d, com.contrastsecurity.agent.commons.d dVar, InterfaceC0067p interfaceC0067p, com.contrastsecurity.agent.telemetry.b.i iVar) {
        this.e = gVar;
        this.f = applicationManager;
        this.g = cVar;
        this.h = httpManager;
        this.n = cVar2;
        this.o = interfaceC0182d;
        com.contrastsecurity.agent.plugins.protect.d.w wVar = new com.contrastsecurity.agent.plugins.protect.d.w(protectManager, this);
        this.q = new ab(protectManager, wVar);
        this.i = new C0181c(dVar, gVar);
        this.m = new C0251z();
        this.l = protectManager;
        this.r = interfaceC0067p;
        int d2 = gVar.d(ConfigProperty.CONCURRENT_REQUESTS);
        this.t = new ConcurrentLinkedHashMap.Builder().initialCapacity(d2 / 2).maximumWeightedCapacity(d2).build();
        this.p = new com.contrastsecurity.agent.plugins.protect.e.f(c0155p, protectManager, wVar, new com.contrastsecurity.agent.plugins.protect.e.e(cVar2), gVar);
        this.u = iVar.a(a, i.a.PROTECT).a("The number of times the evaluate() method was called and the EvaluationResult was IGNORED").f();
        this.v = iVar.a(b, i.a.PROTECT).a("The number of times the AnalysisCache was used").f();
        this.w = iVar.a(c, i.a.PROTECT).a("The number of times the AnalysisCache was empty and was not used").f();
        this.x = iVar.a(d, i.a.PROTECT).a("The number of requests handled by Protect").f();
        com.contrastsecurity.agent.plugins.protect.l.b bVar = new com.contrastsecurity.agent.plugins.protect.l.b();
        com.contrastsecurity.agent.plugins.protect.l.a aVar = new com.contrastsecurity.agent.plugins.protect.l.a();
        com.contrastsecurity.agent.plugins.protect.l.k kVar = new com.contrastsecurity.agent.plugins.protect.l.k();
        this.k = new HashMap();
        this.k.put("content-length", new com.contrastsecurity.agent.plugins.protect.l.g());
        this.k.put("origin", new com.contrastsecurity.agent.plugins.protect.l.m());
        this.k.put(ConnectionFactoryConfigurator.HOST, new com.contrastsecurity.agent.plugins.protect.l.j());
        this.k.put("accept-language", bVar);
        this.k.put("content-language", bVar);
        this.k.put("accept-encoding", aVar);
        this.k.put("content-encoding", aVar);
        this.k.put("accept", new com.contrastsecurity.agent.plugins.protect.l.c());
        this.k.put("authorization", new com.contrastsecurity.agent.plugins.protect.l.d());
        this.k.put("if-none-match", new com.contrastsecurity.agent.plugins.protect.l.l());
        this.k.put("if-modified-since", kVar);
        this.k.put("if-unmodified-since", kVar);
        this.k.put("pragma", new com.contrastsecurity.agent.plugins.protect.l.n());
        this.k.put("connection", new com.contrastsecurity.agent.plugins.protect.l.f());
        this.k.put("cache-control", new com.contrastsecurity.agent.plugins.protect.l.e());
        this.j = new HashMap();
        this.j.put(HTTP.CONN_KEEP_ALIVE, true);
        this.j.put("keep-alive", true);
        this.j.put("$Version=1", true);
        this.j.put("gzip,deflate", true);
        this.j.put("gzip, deflate", true);
        this.j.put("gzip, deflate, sdch", true);
        this.j.put(URLEncodedUtils.CONTENT_TYPE, true);
        this.j.put("*/*", true);
        this.j.put("max-age=0", true);
        this.j.put("https", true);
        this.j.put("close", true);
        this.j.put(MVEL.VERSION_SUB, true);
        this.j.put("443", true);
        this.j.put("text/json", true);
        this.j.put("text/xml", true);
        this.j.put("application/json", true);
        this.j.put("application/xml", true);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.contrastsecurity.agent.http.o
    public void a(HttpRequest httpRequest) {
        P newContext = this.l.newContext();
        if (d(httpRequest)) {
            newContext.d();
            return;
        }
        this.x.a();
        Application current = this.f.current();
        if (current == null) {
            return;
        }
        a((C0180b) current.context().a(ProtectPlugin.PROTECT_SETTINGS), httpRequest);
        com.contrastsecurity.agent.b.d[] c2 = c(httpRequest);
        String queryString = httpRequest.getQueryString();
        String uri = httpRequest.getUri();
        com.contrastsecurity.agent.commons.r a2 = com.contrastsecurity.agent.commons.s.a(() -> {
            return queryString == null ? queryString : com.contrastsecurity.agent.plugins.protect.k.d.a(queryString.trim(), UserInputDTM.InputType.QUERYSTRING);
        });
        com.contrastsecurity.agent.commons.r a3 = com.contrastsecurity.agent.commons.s.a(() -> {
            return uri == null ? uri : com.contrastsecurity.agent.plugins.protect.k.d.a(uri.trim(), UserInputDTM.InputType.URI);
        });
        com.contrastsecurity.agent.apps.exclusions.g exclusionProcessor = current.getExclusionProcessor();
        boolean z2 = exclusionProcessor != null && exclusionProcessor.hasQuerystringExclusions(c.a.PROTECT);
        boolean z3 = exclusionProcessor != null && exclusionProcessor.hasCookieExclusions(c.a.PROTECT);
        boolean z4 = exclusionProcessor != null && exclusionProcessor.hasHeaderExclusions(c.a.PROTECT);
        LinkedList linkedList = new LinkedList();
        Iterator<T<?>> it = this.l.getEnabledRules().iterator();
        while (it.hasNext()) {
            T t = (T) it.next();
            String a4 = t.getRuleId().a();
            if (exclusionProcessor != null && exclusionProcessor.isDisabledByUrl(c.a.PROTECT, a4, uri)) {
                A.debug("Not inspecting {} rule for {}", a4, uri);
                newContext.a(a4);
            } else {
                linkedList.add(t);
                if (t instanceof com.contrastsecurity.agent.plugins.protect.rules.k) {
                    com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar = (com.contrastsecurity.agent.plugins.protect.rules.k) t;
                    if (a(kVar, queryString)) {
                        if (z2 && exclusionProcessor.isInputExclusion(c.a.PROTECT, a4, uri, ExceptionInputTypeDTM.QUERYSTRING)) {
                            A.debug("Ignoring querystring for {} on {} due to exception", a4, uri);
                        } else {
                            a(current, kVar, (String) a2.get(), newContext);
                        }
                    }
                    if (kVar.appliesToInputType(UserInputDTM.InputType.URI)) {
                        b(current, kVar, (String) a3.get(), newContext);
                    }
                }
                t.onRequestStart(current, httpRequest);
            }
        }
        for (com.contrastsecurity.agent.b.d dVar : c2) {
            if (!this.r.a(dVar.a())) {
                com.contrastsecurity.agent.commons.r<String> a5 = a(dVar.a(), UserInputDTM.InputType.COOKIE_NAME);
                com.contrastsecurity.agent.commons.r<String> a6 = a(dVar.b(), UserInputDTM.InputType.COOKIE_VALUE);
                for (int i = 0; i < linkedList.size(); i++) {
                    com.contrastsecurity.agent.plugins.protect.rules.i iVar = (T) linkedList.get(i);
                    String a7 = iVar.getRuleId().a();
                    if (iVar instanceof com.contrastsecurity.agent.plugins.protect.rules.k) {
                        com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar2 = (com.contrastsecurity.agent.plugins.protect.rules.k) iVar;
                        if (kVar2.appliesToInputType(UserInputDTM.InputType.COOKIE_NAME) && !StringUtils.isEmpty(dVar.a())) {
                            if (z3 && exclusionProcessor.isInputExclusion(c.a.PROTECT, a7, uri, ExceptionInputTypeDTM.COOKIE, dVar.a())) {
                                A.debug("Ignoring cookie names for {} on {} due to exception", a7, uri);
                            } else {
                                a(current, kVar2, newContext, a5.get(), a6.get(), UserInputDTM.InputType.COOKIE_NAME);
                            }
                        }
                        if (kVar2.appliesToInputType(UserInputDTM.InputType.COOKIE_VALUE) && !StringUtils.isEmpty(dVar.b())) {
                            if (z3 && exclusionProcessor.isInputExclusion(c.a.PROTECT, a7, uri, ExceptionInputTypeDTM.COOKIE, dVar.a())) {
                                A.debug("Ignoring cookie values for {} on {} due to exception", a7, uri);
                            } else {
                                a(current, kVar2, newContext, a5.get(), a6.get(), UserInputDTM.InputType.COOKIE_VALUE);
                            }
                        }
                    }
                }
            }
        }
        Map<String, String[]> headers = httpRequest.getHeaders();
        if (headers != null) {
            for (String str : headers.keySet()) {
                for (String str2 : headers.get(str)) {
                    if (!SM.COOKIE.equalsIgnoreCase(str) && !a(str, str2) && !this.r.b(str)) {
                        com.contrastsecurity.agent.commons.r<String> a8 = a(str2, UserInputDTM.InputType.HEADER);
                        for (int i2 = 0; i2 < linkedList.size(); i2++) {
                            com.contrastsecurity.agent.plugins.protect.rules.i iVar2 = (T) linkedList.get(i2);
                            String a9 = iVar2.getRuleId().a();
                            if (iVar2 instanceof com.contrastsecurity.agent.plugins.protect.rules.k) {
                                com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar3 = (com.contrastsecurity.agent.plugins.protect.rules.k) iVar2;
                                if (kVar3.appliesToInputType(UserInputDTM.InputType.HEADER) && !StringUtils.isEmpty(str2) && (!z4 || !exclusionProcessor.isInputExclusion(c.a.PROTECT, a9, uri, ExceptionInputTypeDTM.HEADER, str))) {
                                    a(current, kVar3, str, a8.get(), newContext);
                                }
                            }
                        }
                    }
                }
            }
        }
    }

    @Override // com.contrastsecurity.agent.http.o
    public void a() {
        this.l.newContext().a();
    }

    private com.contrastsecurity.agent.b.d[] c(HttpRequest httpRequest) {
        String cookie = httpRequest.getCookie();
        if (cookie == null || cookie.length() == 0) {
            return ObjectShare.NO_COOKIES;
        }
        com.contrastsecurity.agent.b.d[] dVarArr = this.t.get(cookie);
        if (dVarArr == null) {
            dVarArr = com.contrastsecurity.agent.http.e.a(cookie);
            this.t.put(cookie, dVarArr);
        }
        return dVarArr;
    }

    private boolean d(HttpRequest httpRequest) {
        List<IPFilterDTM> ipAllowlist;
        ServerSettingsProtectDTM c2 = this.g.c();
        if (c2 == null || c2.getRules() == null || (ipAllowlist = c2.getRules().getIpAllowlist()) == null) {
            return false;
        }
        for (int i = 0; i < ipAllowlist.size(); i++) {
            IPFilterDTM iPFilterDTM = ipAllowlist.get(i);
            if (this.m.a(iPFilterDTM, httpRequest)) {
                A.debug("IP {}/{} disabling analysis, on allowlist {}", httpRequest.getRemoteIp(), httpRequest.getXForwardedForAsString(), iPFilterDTM.getName());
                return true;
            }
        }
        return false;
    }

    private void a(C0180b c0180b, HttpRequest httpRequest) {
        List<com.contrastsecurity.agent.plugins.protect.m.b> a2;
        if (c0180b == null || (a2 = c0180b.a()) == null) {
            return;
        }
        for (int i = 0; i < a2.size(); i++) {
            a2.get(i).a(httpRequest);
        }
    }

    private boolean a(com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, String str) {
        return (StringUtils.isEmpty(str) || !kVar.appliesToInputType(UserInputDTM.InputType.QUERYSTRING) || this.l.isScanParameterAsAnything()) ? false : true;
    }

    private boolean c() {
        P currentContext = this.l.currentContext();
        return currentContext == null || !currentContext.e();
    }

    @Override // com.contrastsecurity.agent.http.o
    public void b(HttpRequest httpRequest) {
        if (c()) {
            try {
                b(httpRequest, a(httpRequest.getParameters()));
            } catch (AttackBlockedException e) {
                this.l.currentContext().a(true);
                throw e;
            } catch (Throwable th) {
                A.error("Unexpected error scanning parameters", th);
            }
        }
    }

    private Map<String, String[]> a(Map<String, String[]> map) {
        if (map == null) {
            return map;
        }
        int size = map.size() + 1;
        HashMap hashMap = new HashMap();
        for (String str : map.keySet()) {
            String[] strArr = map.get(str);
            if (strArr == null || strArr.length == 0 || "".equals(strArr[0])) {
                hashMap.put(s + size, new String[]{str});
                size++;
            } else {
                hashMap.put(str, strArr);
            }
        }
        return hashMap;
    }

    @Override // com.contrastsecurity.agent.http.o
    public void a(HttpRequest httpRequest, Map<String, String[]> map) {
        if (c()) {
            try {
                b(httpRequest, map);
            } catch (AttackBlockedException e) {
                this.l.currentContext().a(true);
                throw e;
            } catch (Throwable th) {
                A.error("Unexpected error scanning more parameters", th);
            }
        }
    }

    private void b(HttpRequest httpRequest, Map<String, String[]> map) throws AttackBlockedException {
        Application current = this.f.current();
        if (current == null) {
            return;
        }
        C0180b c0180b = (C0180b) current.context().a(ProtectPlugin.PROTECT_SETTINGS);
        if (c0180b == null && this.l.getGlobalModeOverride() == null) {
            A.debug("No app when issuing parameter resolution to PROTECT listeners");
            return;
        }
        try {
            this.p.a(this, httpRequest, current, c0180b, map);
        } catch (AttackBlockedException e) {
            throw e;
        } catch (Exception e2) {
            A.error("Problem handing off parameter resolution to listener", (Throwable) e2);
        }
    }

    @Override // com.contrastsecurity.agent.http.o
    public void a(String str, String str2, com.contrastsecurity.agent.plugins.protect.d.k kVar) {
        if (c()) {
            try {
                a(str, str2, kVar, this.l.currentContext());
            } catch (AttackBlockedException e) {
                throw e;
            } catch (Throwable th) {
                A.error("Unexpected error scanning body input", th);
            }
        }
    }

    private void a(String str, String str2, com.contrastsecurity.agent.plugins.protect.d.k kVar, P p) {
        if (StringUtils.isEmpty(str2)) {
            A.trace("Ignoring empty body value");
            return;
        }
        Application current = this.f.current();
        if (current == null) {
            return;
        }
        HttpRequest currentRequest = this.h.getCurrentRequest();
        com.contrastsecurity.agent.commons.r<String> a2 = a(str2, UserInputDTM.InputType.BODY);
        Iterator<com.contrastsecurity.agent.plugins.protect.rules.k<?>> it = this.l.getInputAwareRules(p, UserInputDTM.InputType.BODY, ExceptionInputTypeDTM.BODY, currentRequest.getUri()).iterator();
        while (it.hasNext()) {
            a(current, str, a2.get(), it.next(), kVar, p);
        }
    }

    private void a(Application application, String str, String str2, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, com.contrastsecurity.agent.plugins.protect.d.k kVar2, P p) {
        A a2 = a(application, UserInputDTM.InputType.BODY, str, str2, kVar, p);
        if (a2 == null || EnumC0250y.DONT_CARE.equals(a2.a())) {
            this.n.c(kVar.getRuleId().a(), "Body input", str, str2);
            return;
        }
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a())) {
            this.n.a(kVar.getRuleId().a(), "Body input", str, str2);
            a(application, kVar, new aj(b(str, str2, kVar2).filters(a2.b()).build(), true));
        } else if (EnumC0250y.WORTH_WATCHING.equals(a2.a())) {
            this.n.b(kVar.getRuleId().a(), "Body input", str, str2);
            a(application, kVar, new aj(b(str, str2, kVar2).filters(a2.b()).build()));
        }
    }

    @com.contrastsecurity.agent.z
    public UserInputDTM.Builder b(String str, String str2, com.contrastsecurity.agent.plugins.protect.d.k kVar) {
        UserInputDTM.Builder name = UserInputDTM.builder().value(str2).name(str);
        if (kVar == null) {
            HttpRequest currentRequest = this.h.getCurrentRequest();
            String header = currentRequest != null ? currentRequest.getHeader("Content-Type") : null;
            if (header == null) {
                name.type(UserInputDTM.InputType.BODY);
                name.documentType(UserInputDTM.InputDocumentType.NORMAL);
            } else if (header.contains("xml")) {
                name.type(UserInputDTM.InputType.XML_VALUE);
                name.documentType(UserInputDTM.InputDocumentType.XML);
            } else if (header.contains("json")) {
                name.type(UserInputDTM.InputType.JSON_VALUE);
                name.documentType(UserInputDTM.InputDocumentType.JSON);
            } else {
                name.type(UserInputDTM.InputType.BODY);
                name.documentType(UserInputDTM.InputDocumentType.NORMAL);
            }
        } else if (com.contrastsecurity.agent.plugins.protect.d.k.JSON.equals(kVar)) {
            name.type(UserInputDTM.InputType.JSON_VALUE);
            name.documentType(UserInputDTM.InputDocumentType.JSON);
        } else if (com.contrastsecurity.agent.plugins.protect.d.k.XML.equals(kVar)) {
            name.type(UserInputDTM.InputType.XML_VALUE);
            name.documentType(UserInputDTM.InputDocumentType.XML);
        } else if (com.contrastsecurity.agent.plugins.protect.d.k.DWR.equals(kVar)) {
            name.type(UserInputDTM.InputType.DWR_VALUE);
            name.documentType(UserInputDTM.InputDocumentType.XML);
        }
        return name;
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, String str, P p) {
        a(application, kVar, str, p, UserInputDTM.InputType.QUERYSTRING, a(str));
    }

    private void b(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, String str, P p) {
        a(application, kVar, str, p, UserInputDTM.InputType.URI, b(str));
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, String str, P p, UserInputDTM.InputType inputType, UserInputDTM.Builder builder) {
        A a2 = a(application, inputType, (String) null, str, kVar, p);
        if (a2 == null || EnumC0250y.DONT_CARE.equals(a2.a())) {
            this.n.c(kVar.getRuleId().a(), UserInputDTM.InputType.getStringType(inputType), str, "");
            return;
        }
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a())) {
            this.n.a(kVar.getRuleId().a(), UserInputDTM.InputType.getStringType(inputType), str, "");
            a(application, kVar, new aj(builder.filters(a2.b()).build(), true));
        } else if (EnumC0250y.WORTH_WATCHING.equals(a2.a())) {
            this.n.b(kVar.getRuleId().a(), UserInputDTM.InputType.getStringType(inputType), str, "");
            a(application, kVar, new aj(builder.filters(a2.b()).build()));
        }
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, String str, String str2, P p) {
        A a2 = a(application, UserInputDTM.InputType.HEADER, str, str2, kVar, p);
        if (a2 == null || EnumC0250y.DONT_CARE.equals(a2.a())) {
            this.n.c(kVar.getRuleId().a(), "Header", str, str2);
            return;
        }
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a())) {
            this.n.a(kVar.getRuleId().a(), "Header", str, str2);
            a(application, kVar, new aj(f(str, str2).filters(a2.b()).build(), true));
        } else if (EnumC0250y.WORTH_WATCHING.equals(a2.a())) {
            this.n.b(kVar.getRuleId().a(), "Header", str, str2);
            a(application, kVar, new aj(f(str, str2).filters(a2.b()).build()));
        }
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, P p, String str, String str2, UserInputDTM.InputType inputType) {
        A a2 = UserInputDTM.InputType.COOKIE_NAME.equals(inputType) ? a(application, inputType, str, str, kVar, p) : a(application, inputType, str, str2, kVar, p);
        if (a2 == null || EnumC0250y.DONT_CARE.equals(a2.a())) {
            this.n.c(kVar.getRuleId().a(), SM.COOKIE, str, str2);
            return;
        }
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a())) {
            this.n.a(kVar.getRuleId().a(), SM.COOKIE, str, str2);
            a(application, kVar, new aj(a(str, str2, inputType).filters(a2.b()).build(), true));
        } else if (EnumC0250y.WORTH_WATCHING.equals(a2.a())) {
            this.n.b(kVar.getRuleId().a(), SM.COOKIE, str, str2);
            a(application, kVar, new aj(a(str, str2, inputType).filters(a2.b()).build()));
        }
    }

    public A a(Application application, UserInputDTM.InputType inputType, String str, String str2, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, P p) throws AttackBlockedException {
        return a(application, inputType, str, str2, kVar, p, -1);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public A a(Application application, UserInputDTM.InputType inputType, String str, String str2, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, P p, int i) throws AttackBlockedException {
        A a2;
        if (str2 == null || str2.length() < kVar.getMinimumAttackInputLength()) {
            a2 = z;
            this.u.a();
        } else {
            C0181c.a.AbstractC0025a c2 = C0181c.a.e().a(kVar.getRuleId().a()).a(inputType).c(str2);
            C0181c.a a3 = UserInputDTM.InputType.HEADER.equals(inputType) ? c2.b(str).a() : c2.a();
            a2 = this.i.a(a3);
            if (a2 == null) {
                this.w.a();
                a2 = kVar.evaluateInput(inputType, str, str2, p.g(str2).c(), i != -1 ? i : ai.a(str2));
                if (a2 == null) {
                    a2 = z;
                }
                this.i.a(a3, a2);
            } else {
                this.v.a();
            }
        }
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE != a2.a() || !this.l.a(kVar, inputType)) {
            return a2;
        }
        a(application, (T) kVar, inputType, str, str2, a2);
        throw new AttackBlockedException("Attack detected");
    }

    private <T> void a(Application application, T<T> t, UserInputDTM.InputType inputType, String str, String str2, A a2) {
        this.o.a(t.getRuleId(), application, UserInputDTM.builder().type(inputType).name(str).value(str2).filters(a2.b()).build());
    }

    private void a(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, P p, String str, String str2) {
        if (str == null || str.length() == 0) {
            A.trace("Ignoring empty multipart name");
            return;
        }
        A a2 = a(application, UserInputDTM.InputType.MULTIPART_NAME, "filename", str, kVar, p);
        if (a2 == null || EnumC0250y.DONT_CARE.equals(a2.a())) {
            this.n.c(kVar.getRuleId().a(), "Multipart name", str, str2);
            return;
        }
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a())) {
            this.n.a(kVar.getRuleId().a(), "Multipart name", str, str2);
            a(application, kVar, new aj(d("filename", str).filters(a2.b()).build(), true));
        } else if (EnumC0250y.WORTH_WATCHING.equals(a2.a())) {
            this.n.b(kVar.getRuleId().a(), "Multipart name", str, str2);
            a(application, kVar, new aj(d("filename", str).filters(a2.b()).build()));
        }
    }

    private void b(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, P p, String str, String str2) {
        if (str == null || str.length() == 0) {
            A.trace("Ignoring empty multipart name");
            return;
        }
        A a2 = a(application, UserInputDTM.InputType.MULTIPART_FIELD_NAME, str, str, kVar, p);
        if (a2 == null || EnumC0250y.DONT_CARE.equals(a2.a())) {
            this.n.c(kVar.getRuleId().a(), "Multipart field", str, str2);
            return;
        }
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a())) {
            this.n.a(kVar.getRuleId().a(), "Multipart field", str, str2);
            a(application, kVar, new aj(c(str, str2).filters(a2.b()).build(), true));
        } else if (EnumC0250y.WORTH_WATCHING.equals(a2.a())) {
            this.n.b(kVar.getRuleId().a(), "Multipart field", str, str2);
            a(application, kVar, new aj(c(str, str2).filters(a2.b()).build()));
        }
    }

    private void c(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, P p, String str, String str2) {
        if (str2 == null || str2.length() == 0) {
            A.trace("Ignoring empty multipart value");
            return;
        }
        A a2 = a(application, UserInputDTM.InputType.MULTIPART_VALUE, str2, str2, kVar, p);
        if (a2 == null || EnumC0250y.DONT_CARE.equals(a2.a())) {
            this.n.c(kVar.getRuleId().a(), "Multipart value", str2, str2);
            return;
        }
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a())) {
            this.n.a(kVar.getRuleId().a(), "Multipart value", str2, str2);
            a(application, kVar, new aj(e(str, str2).filters(a2.b()).build(), true));
        } else if (EnumC0250y.WORTH_WATCHING.equals(a2.a())) {
            this.n.b(kVar.getRuleId().a(), "Multipart value", str2, str2);
            a(application, kVar, new aj(e(str, str2).filters(a2.b()).build()));
        }
    }

    private void d(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, P p, String str, String str2) {
        if (str == null || str.length() == 0) {
            A.trace("Ignoring empty multipart content type");
            return;
        }
        A a2 = a(application, UserInputDTM.InputType.MULTIPART_CONTENT_TYPE, (String) null, str, kVar, p);
        if (a2 == null || EnumC0250y.DONT_CARE.equals(a2.a())) {
            this.n.c(kVar.getRuleId().a(), "Content-Type of Multipart field", str2, str);
            return;
        }
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a())) {
            this.n.a(kVar.getRuleId().a(), "Content-Type of Multipart field", str2, str);
            a(application, kVar, new aj(b(str2, str).filters(a2.b()).build(), true));
        } else if (EnumC0250y.WORTH_WATCHING.equals(a2.a())) {
            this.n.b(kVar.getRuleId().a(), "Content-Type of Multipart field", str2, str);
            a(application, kVar, new aj(b(str2, str).filters(a2.b()).build()));
        }
    }

    private boolean a(String str, String str2) {
        if (this.j.containsKey(str2) || str2 == null || str2.length() == 0) {
            return true;
        }
        com.contrastsecurity.agent.plugins.protect.l.i iVar = this.k.get(str.toLowerCase());
        return iVar != null && iVar.a(str2);
    }

    private UserInputDTM.Builder b(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.MULTIPART_CONTENT_TYPE);
    }

    private UserInputDTM.Builder c(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.MULTIPART_FIELD_NAME);
    }

    private UserInputDTM.Builder d(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.MULTIPART_NAME);
    }

    private UserInputDTM.Builder e(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.MULTIPART_VALUE);
    }

    private UserInputDTM.Builder f(String str, String str2) {
        return UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.HEADER);
    }

    private UserInputDTM.Builder a(String str, String str2, UserInputDTM.InputType inputType) {
        return UserInputDTM.builder().name(str).value(str2).type(inputType);
    }

    private UserInputDTM.Builder a(String str) {
        return UserInputDTM.builder().value(str).type(UserInputDTM.InputType.QUERYSTRING);
    }

    private UserInputDTM.Builder b(String str) {
        return UserInputDTM.builder().value(str).type(UserInputDTM.InputType.URI);
    }

    @Override // com.contrastsecurity.agent.http.o
    public void b(HttpRequest httpRequest, HttpResponse httpResponse) {
        try {
            c(httpRequest, httpResponse);
        } catch (AttackBlockedException e) {
            throw e;
        } catch (Throwable th) {
            A.error("Unexpected error on request end", th);
        }
    }

    @Override // com.contrastsecurity.agent.http.o
    public void b() {
        this.l.currentContext().c();
    }

    private void c(HttpRequest httpRequest, HttpResponse httpResponse) {
        P currentContext = this.l.currentContext();
        for (T<?> t : this.l.getEnabledRules()) {
            t.onRequestEnd(httpRequest, httpResponse);
            List<aj> c2 = currentContext.c(t.getRuleId().a());
            if (!c2.isEmpty()) {
                a(t, c2);
            }
        }
        currentContext.c();
    }

    private void a(T<?> t, List<aj> list) {
        boolean z2 = true;
        boolean z3 = true;
        UserInputDTM userInputDTM = null;
        for (int i = 0; i < list.size(); i++) {
            aj ajVar = list.get(i);
            if (ajVar.d()) {
                UserInputDTM a2 = ajVar.a();
                boolean a3 = a(a2);
                boolean z4 = UserInputDTM.InputType.QUERYSTRING == a2.getType();
                if (z2 && a3) {
                    z2 = false;
                }
                if (ajVar.e()) {
                    if (z4) {
                        z3 = false;
                    }
                } else if (z4) {
                    userInputDTM = a2;
                } else if (!a3 || z3) {
                    this.o.a(t.getRuleId(), a2, t.b());
                }
            }
        }
        if (!z2 || userInputDTM == null) {
            return;
        }
        this.o.a(t.getRuleId(), userInputDTM, t.b());
    }

    private boolean a(UserInputDTM userInputDTM) {
        return UserInputDTM.InputType.PARAMETER_NAME == userInputDTM.getType() || UserInputDTM.InputType.PARAMETER_VALUE == userInputDTM.getType();
    }

    @Override // com.contrastsecurity.agent.http.o
    public void a(HttpRequest httpRequest, MultipartItem multipartItem) {
        if (c()) {
            try {
                c(httpRequest, multipartItem);
            } catch (AttackBlockedException e) {
                throw e;
            } catch (Throwable th) {
                A.error("Unexpected error processing multipart header", th);
            }
        }
    }

    private void c(HttpRequest httpRequest, MultipartItem multipartItem) {
        Application current = this.f.current();
        if (current == null) {
            return;
        }
        P currentContext = this.l.currentContext();
        com.contrastsecurity.agent.apps.exclusions.g exclusionProcessor = current.getExclusionProcessor();
        com.contrastsecurity.agent.commons.r<String> a2 = a(multipartItem.getContentType(), UserInputDTM.InputType.MULTIPART_CONTENT_TYPE);
        com.contrastsecurity.agent.commons.r<String> a3 = a(multipartItem.getName(), UserInputDTM.InputType.MULTIPART_NAME);
        com.contrastsecurity.agent.commons.r<String> a4 = a(multipartItem.getFieldName(), UserInputDTM.InputType.MULTIPART_FIELD_NAME);
        com.contrastsecurity.agent.commons.r<String> a5 = a(multipartItem.getValue(), UserInputDTM.InputType.MULTIPART_VALUE);
        for (com.contrastsecurity.agent.plugins.protect.rules.i iVar : this.l.getEnabledRules()) {
            String a6 = iVar.getRuleId().a();
            String uri = httpRequest.getUri();
            if (exclusionProcessor != null && exclusionProcessor.isDisabledByUrl(c.a.PROTECT, a6, uri)) {
                A.trace("Skipping multipart item read event for {} for {} due to exception", a6, uri);
            } else if (iVar instanceof com.contrastsecurity.agent.plugins.protect.rules.k) {
                com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar = (com.contrastsecurity.agent.plugins.protect.rules.k) iVar;
                if (kVar.appliesToInputType(UserInputDTM.InputType.MULTIPART_CONTENT_TYPE) && !a("Content-Type", multipartItem.getContentType())) {
                    d(current, kVar, currentContext, a2.get(), a4.get());
                }
                if (kVar.appliesToInputType(UserInputDTM.InputType.MULTIPART_NAME)) {
                    a(current, kVar, currentContext, a3.get(), a5.get());
                }
                if (kVar.appliesToInputType(UserInputDTM.InputType.MULTIPART_FIELD_NAME)) {
                    b(current, kVar, currentContext, a4.get(), a5.get());
                }
            }
        }
    }

    @Override // com.contrastsecurity.agent.http.o
    public void b(HttpRequest httpRequest, MultipartItem multipartItem) {
        if (c()) {
            try {
                a(httpRequest, multipartItem, this.l.currentContext());
            } catch (AttackBlockedException e) {
                throw e;
            } catch (Throwable th) {
                A.error("Unexpected problem scanning multipart body", th);
            }
        }
    }

    private void a(HttpRequest httpRequest, MultipartItem multipartItem, P p) {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(HttpRequest httpRequest, com.contrastsecurity.agent.util.F f) {
        try {
            this.q.a(httpRequest, f.b());
        } catch (AttackBlockedException e) {
            throw e;
        } catch (Throwable th) {
            com.contrastsecurity.agent.commons.u.a(th);
            A.error("Problem reading body", th);
        }
    }

    @Override // com.contrastsecurity.agent.plugins.protect.d.v
    public void a(com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, UserInputDTM.InputType inputType, UserInputDTM.InputDocumentType inputDocumentType, String str, String str2, String str3) {
        Application current = this.f.current();
        if (current == null) {
            return;
        }
        A a2 = a(current, inputType, str2, str3, kVar, this.l.currentContext());
        if (a2 == null || EnumC0250y.DONT_CARE.equals(a2.a())) {
            this.n.c(kVar.getRuleId().a(), str, str2, str3);
            return;
        }
        aj ajVar = new aj(UserInputDTM.builder().name(str2).value(str3).documentPath(str).documentType(inputDocumentType != null ? inputDocumentType : UserInputDTM.InputDocumentType.NORMAL).type(inputType).filters(a2.b()).build(), EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a()));
        if (EnumC0250y.MATCHED_ATTACK_SIGNATURE.equals(a2.a())) {
            this.n.a(kVar.getRuleId().a(), str, str2, str3);
            a(current, kVar, ajVar);
        } else if (EnumC0250y.WORTH_WATCHING.equals(a2.a())) {
            this.n.b(kVar.getRuleId().a(), str, str2, str3);
            a(current, kVar, ajVar);
        }
    }

    public void a(Application application, com.contrastsecurity.agent.plugins.protect.rules.k<?> kVar, aj ajVar) {
        UserInputDTM a2 = ajVar.a();
        if (a2.getType() == UserInputDTM.InputType.COOKIE_VALUE) {
            String value = a2.getValue();
            try {
                String decode = URLDecoder.decode(value, "UTF-8");
                if (!value.equals(decode)) {
                    ajVar.a(UserInputDTM.builder(a2).value(decode).build());
                }
            } catch (Exception e) {
            }
        }
        if (kVar.requiresSavingInContext(this.h.getCurrentRequest())) {
            this.l.currentContext().a(this.e, application, kVar, ajVar);
            return;
        }
        A.debug("Not saving context input {} for rule {} because of HTTP request type", ajVar.a().getType(), kVar.getRuleId().a());
        if (ajVar.d()) {
            this.o.a(kVar.getRuleId(), ajVar.a(), kVar.b());
        }
    }

    private static com.contrastsecurity.agent.commons.r<String> a(String str, UserInputDTM.InputType inputType) {
        return com.contrastsecurity.agent.commons.s.a(() -> {
            return com.contrastsecurity.agent.plugins.protect.k.d.a(str, inputType);
        });
    }
}
