package com.cisco.argento.utils;

import com.cisco.argento.core.ArgentoPicoContainer;
import com.cisco.argento.core.ArgentoSecurityException;
import com.cisco.argento.events.process.EventProcessor;
import com.cisco.argento.management.AgentPolicy;
import com.cisco.mtagent.boot.utils.BootUtils;
import com.cisco.mtagent.instrumentation.InstrumentMethod;
import com.cisco.mtagent.tenant.MTAgentTenantAPI;
import com.cisco.mtagent.utils.GeneralUtils;
import java.io.File;
import java.lang.reflect.Field;
import java.net.Inet4Address;
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import lombok.Generated;
import org.apache.http.cookie.SM;

/* loaded from: input_file:oss-agent-mtagent-extension-deployment.jar:argentoDynamicService/argento-security-extension/tenants/argento/lib/argento-tenant.jar:com/cisco/argento/utils/ServletUtils.class */
public class ServletUtils {
    private final MTAgentTenantAPI mtAgentTenantAPI;
    private final EventUtils eventUtils;
    List<ApplicationServerProfile> applicationServerProfiles;
    ApplicationServerProfile thisApplicationServerProfile;
    public static final String UNKNOWN_APPLICATION_PROFILE = "Unknown";
    private Field stackTraceField = null;
    private final int MAX_LEVELS = 5;
    private boolean alreadyReportedError = false;
    private String ERROR_URL = "https://unknown:443/argentoErrorGettingURL";
    private boolean oneTime = false;
    private final Map<String, SecurityHeaderStats> securityHeaderStatsMap = new ConcurrentHashMap();
    private long addedSecurityHeaders = 0;
    private boolean logBadCookieOneTime = false;
    private final String EUM_INSECURE_COOKIE_STARTS_WITH = "ADRUM";
    private final String SAME_SITE_INSECURE_COOKIE_STARTS_WITH = "SameSite";

    /* loaded from: input_file:oss-agent-mtagent-extension-deployment.jar:argentoDynamicService/argento-security-extension/tenants/argento/lib/argento-tenant.jar:com/cisco/argento/utils/ServletUtils$ApplicationServerProfile.class */
    public static class ApplicationServerProfile {
        private String name;
        private String id;
        private boolean headersOnRequest;
        private String path;
        private String rootPath;

        ApplicationServerProfile(String str, String str2, boolean z) {
            this.name = str;
            this.id = str2;
            this.headersOnRequest = z;
        }

        public String toString() {
            StringBuilder sb = new StringBuilder();
            sb.append("<br>Server Name: " + this.name);
            sb.append("<br>Id: " + this.id);
            sb.append("<br>Headers on Request: " + this.headersOnRequest);
            return sb.toString();
        }

        @Generated
        public String getName() {
            return this.name;
        }

        @Generated
        public String getId() {
            return this.id;
        }

        @Generated
        public boolean isHeadersOnRequest() {
            return this.headersOnRequest;
        }

        @Generated
        public String getPath() {
            return this.path;
        }

        @Generated
        public String getRootPath() {
            return this.rootPath;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:oss-agent-mtagent-extension-deployment.jar:argentoDynamicService/argento-security-extension/tenants/argento/lib/argento-tenant.jar:com/cisco/argento/utils/ServletUtils$SecurityHeaderStats.class */
    public static class SecurityHeaderStats {
        final String name;
        volatile long noSecurityHeader;
        volatile long securityHeader;

        SecurityHeaderStats(String str) {
            this.name = str;
        }

        public void update(boolean z) {
            if (z) {
                this.securityHeader++;
            } else {
                this.noSecurityHeader++;
            }
        }

        public void clear() {
            this.noSecurityHeader = 0L;
            this.securityHeader = 0L;
        }
    }

    public ServletUtils(MTAgentTenantAPI mTAgentTenantAPI, EventUtils eventUtils) {
        this.mtAgentTenantAPI = mTAgentTenantAPI;
        this.eventUtils = eventUtils;
    }

    public Object getInsertedHeaderOrParameter(Object obj, String str) {
        if (obj == null || str == null) {
            return null;
        }
        return this.mtAgentTenantAPI.getMethodValueNoException("getHeader", obj.getClass(), obj, new Class[]{String.class}, new Object[]{str});
    }

    public String getWebAppPathFromServlet(String str) {
        File file = new File(str);
        int i = 0;
        while (true) {
            int i2 = i;
            i++;
            if (i2 >= 5 || file == null) {
                return null;
            }
            if (file.exists()) {
                if (file.getName().equals("webapps")) {
                    return file.getParent();
                }
                file = file.getParentFile();
            }
        }
    }

    public void addApplicationServerProfile(String str, String str2, boolean z) {
        if (this.applicationServerProfiles == null) {
            this.applicationServerProfiles = new ArrayList();
        }
        this.applicationServerProfiles.add(new ApplicationServerProfile(str, str2, z));
    }

    public ApplicationServerProfile getApplicationServerProfile() {
        return this.thisApplicationServerProfile != null ? this.thisApplicationServerProfile : setApplicationServerProfile();
    }

    public ApplicationServerProfile setApplicationServerProfile() {
        for (ApplicationServerProfile applicationServerProfile : this.applicationServerProfiles) {
            String _getAppPathFromPropertyOrVariable = _getAppPathFromPropertyOrVariable(applicationServerProfile.id);
            if (_getAppPathFromPropertyOrVariable != null) {
                applicationServerProfile.path = _getAppPathFromPropertyOrVariable;
                applicationServerProfile.rootPath = new File(_getAppPathFromPropertyOrVariable).getParent();
                this.thisApplicationServerProfile = applicationServerProfile;
                this.mtAgentTenantAPI.log("Setting the Application Server Profile to: " + this.thisApplicationServerProfile.id);
                return this.thisApplicationServerProfile;
            }
        }
        this.mtAgentTenantAPI.logError("Setting the Application Server Profile to Unknown...do not know this Server...");
        return new ApplicationServerProfile("Unknown", null, false);
    }

    public String getApplicationServerType() {
        for (ApplicationServerProfile applicationServerProfile : this.applicationServerProfiles) {
            if (_getAppPathFromPropertyOrVariable(applicationServerProfile.id) != null) {
                return applicationServerProfile.getName();
            }
        }
        return "Unknown";
    }

    private String _getAppPathFromPropertyOrVariable(String str) {
        return BootUtils.getPropertyOrEnv(str);
    }

    public boolean doSetHeadersOnRequest() {
        return getApplicationServerProfile().headersOnRequest;
    }

    public Object getServletContext(Object obj) {
        return this.mtAgentTenantAPI.getMethodValueNoException("getServletContext", obj);
    }

    public Object getServletContextName(Object obj) {
        if (obj == null) {
            return null;
        }
        return this.mtAgentTenantAPI.getMethodValueNoException("getServletContextName", obj);
    }

    public String getFullURL(Object obj) {
        try {
            Object methodValueNoException = this.mtAgentTenantAPI.getMethodValueNoException("getRequestURL", obj);
            Object methodValueNoException2 = this.mtAgentTenantAPI.getMethodValueNoException("getQueryString", obj);
            return methodValueNoException2 != null ? methodValueNoException.toString() + "?" + methodValueNoException2 : methodValueNoException.toString();
        } catch (Exception e) {
            if (!this.alreadyReportedError) {
                this.mtAgentTenantAPI.logWarning("Error getting request URL information: " + this.mtAgentTenantAPI.getStackTrace(e));
                this.alreadyReportedError = true;
            }
            return this.ERROR_URL;
        }
    }

    public Enumeration getHeaderNames(Object obj) throws Exception {
        return (Enumeration) this.mtAgentTenantAPI.executeMethod("getHeaderNames", obj.getClass(), obj);
    }

    public Enumeration getParameterNames(Object obj) throws Exception {
        return (Enumeration) this.mtAgentTenantAPI.executeMethod("getParameterNames", obj.getClass(), obj);
    }

    public void setHeader(Object obj, String str, String str2) {
        this.mtAgentTenantAPI.getMethodValueNoException("setHeader", obj.getClass(), obj, new Class[]{String.class, String.class}, new Object[]{str, str2});
    }

    public Set<String> getResponseHeaderNames(Object obj) throws Exception {
        return (Set) this.mtAgentTenantAPI.executeMethod("getHeaderNames", obj.getClass(), obj);
    }

    public String getHeader(Object obj, String str) {
        return (String) this.mtAgentTenantAPI.getMethodValueNoException("getHeader", obj.getClass(), obj, new Class[]{String.class}, new Object[]{str});
    }

    public Collection<String> getResponseCookies(Object obj) {
        return getHeaders(obj, SM.SET_COOKIE);
    }

    public Collection<String> getHeaders(Object obj, String str) {
        return (Collection) this.mtAgentTenantAPI.getMethodValueNoException("getHeaders", obj.getClass(), obj, new Class[]{String.class}, new Object[]{str});
    }

    public String getParameter(Object obj, String str) {
        return (String) this.mtAgentTenantAPI.getMethodValueNoException("getParameter", obj.getClass(), obj, new Class[]{String.class}, new Object[]{str});
    }

    public String getContentType(Object obj) {
        return (String) this.mtAgentTenantAPI.getMethodValueNoException("getContentType", obj.getClass(), obj);
    }

    public InetAddress getHostIp() {
        try {
            Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
            while (networkInterfaces.hasMoreElements()) {
                NetworkInterface nextElement = networkInterfaces.nextElement();
                if (!nextElement.isVirtual() && !nextElement.isPointToPoint() && nextElement.isUp()) {
                    Enumeration<InetAddress> inetAddresses = nextElement.getInetAddresses();
                    while (inetAddresses.hasMoreElements()) {
                        InetAddress nextElement2 = inetAddresses.nextElement();
                        if (!nextElement2.isLinkLocalAddress() && !nextElement2.isLoopbackAddress() && (nextElement2 instanceof Inet4Address)) {
                            return nextElement2;
                        }
                    }
                }
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    public String getXForwardedHeaderClientIP(String str) {
        try {
            int indexOf = str.indexOf(",");
            return indexOf < 0 ? str : str.substring(0, indexOf).trim();
        } catch (Exception e) {
            if (this.oneTime) {
                return null;
            }
            this.oneTime = true;
            this.mtAgentTenantAPI.logWarning("Bad X-Forwarded-For header: " + str);
            return null;
        }
    }

    public String getClientAddressUsingHeaders(Object obj) {
        String header = getHeader(obj, "X-Forwarded-For");
        if (header != null) {
            return getXForwardedHeaderClientIP(header);
        }
        String header2 = getHeader(obj, "X-Real-IP");
        return header2 != null ? header2 : "";
    }

    public String getClientAddress(Object obj) {
        return (String) this.mtAgentTenantAPI.getMethodValueNoException("getRemoteAddr", obj);
    }

    public String getWebPath(Object obj) {
        if (obj == null) {
            return null;
        }
        return (String) this.mtAgentTenantAPI.getMethodValueNoException("getRealPath", obj.getClass(), obj, new Class[]{String.class}, new Object[]{File.separator});
    }

    public String getServerName(Object obj) {
        if (obj == null) {
            return null;
        }
        return (String) this.mtAgentTenantAPI.getMethodValueNoException("getServerInfo", obj);
    }

    public Object getUserPrincipal(Object obj) {
        return this.mtAgentTenantAPI.getMethodValueNoException("getUserPrincipal", obj);
    }

    public String getLocalAddress(Object obj) {
        return (String) this.mtAgentTenantAPI.getMethodValueNoException("getLocalAddr", obj);
    }

    public String getAuthType(Object obj) {
        Object methodValueNoException = this.mtAgentTenantAPI.getMethodValueNoException("getAuthType", obj);
        if (methodValueNoException == null) {
            return null;
        }
        return methodValueNoException.toString();
    }

    public boolean isUnauthenticatedUser(Object obj) {
        return getAuthType(obj) == null;
    }

    public boolean isSecure(Object obj) {
        Boolean bool = (Boolean) this.mtAgentTenantAPI.getMethodValueNoException("isSecure", obj);
        return bool != null && bool.booleanValue();
    }

    public int getLocalPort(Object obj) {
        return ((Integer) this.mtAgentTenantAPI.getMethodValueNoException("getLocalPort", obj)).intValue();
    }

    public int getRemotePort(Object obj) {
        return ((Integer) this.mtAgentTenantAPI.getMethodValueNoException("getRemotePort", obj)).intValue();
    }

    public Object getSessionObject(Object obj) {
        return this.mtAgentTenantAPI.getMethodValueNoException("getSession", obj.getClass(), obj, new Class[]{Boolean.TYPE}, new Object[]{false});
    }

    public boolean isUserInRole(Object obj, String str) {
        return ((Boolean) this.mtAgentTenantAPI.getMethodValueNoException("isUserInRole", obj.getClass(), obj, new Class[]{String.class}, new Object[]{str})).booleanValue();
    }

    public boolean isResponseCommitted(Object obj) {
        Boolean bool = (Boolean) this.mtAgentTenantAPI.getMethodValueNoException("isCommitted", obj);
        return bool != null && bool.booleanValue();
    }

    public Object getCookieObject(Object obj) {
        return this.mtAgentTenantAPI.getMethodValueNoException("getCookies", obj.getClass(), obj);
    }

    public String dumpHttpRequest(Object obj) {
        StringBuilder sb = new StringBuilder();
        try {
            Object servletContext = getServletContext(obj);
            sb.append(">>>>>>>>> Inbound HTTP Request " + getFullURL(obj) + "\n");
            sb.append("Server Name: " + getServerName(servletContext) + "\n");
            sb.append("Host IP: " + getHostIp() + "\n");
            sb.append("Servlet Context Name: " + getServletContextName(servletContext) + "\n");
            sb.append("Web Path: " + getWebPath(servletContext) + "\n");
            sb.append("Content: " + getContentType(obj) + "\n");
            sb.append("User: " + getUserPrincipal(obj) + "\n");
            sb.append("AuthType: " + getAuthType(obj) + "\n");
            sb.append("Local Port: " + getLocalPort(obj) + "\n");
            sb.append("Remote Port: " + getLocalPort(obj) + "\n");
            sb.append("Local Address: " + getLocalAddress(obj) + "\n");
            sb.append("Remote Client Address: " + getClientAddressUsingHeaders(obj) + "\n");
            sb.append("Local Client Address: " + getClientAddress(obj) + "\n");
            sb.append("Session Object: " + getSessionObject(obj) + "\n");
            if (this.mtAgentTenantAPI.isAllowDetailedLogging()) {
                sb.append("\nHeaders===> \n\n");
                Enumeration headerNames = getHeaderNames(obj);
                while (headerNames.hasMoreElements()) {
                    String str = (String) headerNames.nextElement();
                    sb.append(str + " : " + getHeader(obj, str) + "\n");
                }
                sb.append("\nParameters===> \n\n");
                Enumeration parameterNames = getParameterNames(obj);
                while (parameterNames.hasMoreElements()) {
                    String str2 = (String) parameterNames.nextElement();
                    sb.append(str2 + " : " + getParameter(obj, str2) + "\n");
                }
            }
        } catch (Exception e) {
            sb.append(e.toString());
        }
        return sb.toString();
    }

    public String dumpHttpResponse(Object obj, Object obj2) {
        StringBuilder sb = new StringBuilder();
        try {
            sb.append(">>>>>>>>> Outbound HTTP Response " + getFullURL(obj) + "\n");
            sb.append("Content: " + getContentType(obj2) + "\n");
            for (String str : getResponseHeaderNames(obj2)) {
                sb.append("<br>" + str + " : " + getHeader(obj2, str) + "\n");
            }
        } catch (Exception e) {
            sb.append(e.toString());
        }
        return sb.toString();
    }

    public void checkSecurityHeaders(Object obj) {
        for (String str : AgentPolicy.getPolicy().getCheckHeaders()) {
            String header = getHeader(obj, str);
            SecurityHeaderStats securityHeaderStats = this.securityHeaderStatsMap.get(str);
            if (securityHeaderStats == null) {
                securityHeaderStats = new SecurityHeaderStats(str);
                this.securityHeaderStatsMap.put(str, securityHeaderStats);
            }
            securityHeaderStats.update(header != null);
        }
    }

    public void addSecurityHeaders(Object obj) {
        for (String str : AgentPolicy.getPolicy().getAddHeaderMap().keySet()) {
            this.addedSecurityHeaders++;
            setHeader(obj, str, AgentPolicy.getPolicy().getAddHeaderMap().get(str));
        }
    }

    public String clearSecurityHeaderStats() {
        Iterator<String> it = this.securityHeaderStatsMap.keySet().iterator();
        while (it.hasNext()) {
            this.securityHeaderStatsMap.get(it.next()).clear();
        }
        return "Cleared Security Header Stats....";
    }

    public String getSecurityHeaderStats() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<br>Summary=><br>");
        stringBuffer.append("<br>Added Headers: " + this.addedSecurityHeaders);
        stringBuffer.append("<br><br>These headers added=><br>");
        for (String str : AgentPolicy.getPolicy().getAddHeaderMap().keySet()) {
            stringBuffer.append("<br>Header " + str + GeneralUtils.ID_DELIMITER + AgentPolicy.getPolicy().getAddHeaderMap().get(str));
        }
        stringBuffer.append("<br><br>These headers checked=><br>");
        for (String str2 : this.securityHeaderStatsMap.keySet()) {
            SecurityHeaderStats securityHeaderStats = this.securityHeaderStatsMap.get(str2);
            stringBuffer.append("<br>Header " + str2 + "==>  Found: " + securityHeaderStats.securityHeader + ",  NotFound: " + securityHeaderStats.noSecurityHeader);
        }
        return stringBuffer.toString();
    }

    public void loadSecurityHeaderStats(String str, Map<String, String> map) {
        for (String str2 : AgentPolicy.getPolicy().getCheckHeaders()) {
            SecurityHeaderStats securityHeaderStats = this.securityHeaderStatsMap.get(str2);
            if (securityHeaderStats != null) {
                map.put(str + str2, securityHeaderStats.securityHeader + GeneralUtils.ID_DELIMITER + securityHeaderStats.noSecurityHeader);
            } else {
                map.put(str + str2, "0:0");
            }
        }
    }

    public void addHeadersToMap(Object obj, Map<String, String> map) throws Exception {
        Enumeration headerNames = getHeaderNames(obj);
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            map.put("header." + str, this.eventUtils.checkAndAdjustContentSize(this.eventUtils.maskPIIInKeyValuePairsUsingDefaultMasking(str, getHeader(obj, str))));
        }
    }

    public void addParametersToMap(Object obj, Map<String, String> map) throws Exception {
        Enumeration parameterNames = getParameterNames(obj);
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            map.put("parameter." + str, this.eventUtils.checkAndAdjustContentSize(this.eventUtils.maskPIIInKeyValuePairsUsingDefaultMasking(str, getParameter(obj, str))));
        }
    }

    public String getCookieName(String str) {
        try {
            int indexOf = str.indexOf(InstrumentMethod.RULE_ARG_SEPARATOR);
            if (indexOf >= 0) {
                return str.substring(0, indexOf).trim().split("=")[0];
            }
            return null;
        } catch (Exception e) {
            if (this.logBadCookieOneTime) {
                return null;
            }
            this.mtAgentTenantAPI.logWarning("Could not parse cookie " + str + " , Error: " + e.toString());
            return null;
        }
    }

    public boolean isUnsafeCookie(String str) {
        if (str == null || str.startsWith("ADRUM") || str.startsWith("SameSite")) {
            return false;
        }
        String upperCase = str.replace(" ", "").toUpperCase();
        return (upperCase.contains(";SECURE") && upperCase.contains(";HTTPONLY")) ? false : true;
    }

    public boolean blockTransactionBasedOnSocketConnectionOrTalosPolicy(String str) {
        boolean doesMatchObjectWrappers = this.mtAgentTenantAPI.doesMatchObjectWrappers(false, AgentPolicy.getPolicy().getEventBlockClientIPs(), str);
        if (!doesMatchObjectWrappers) {
            doesMatchObjectWrappers = AgentPolicy.getPolicy().getEventBlockTalosIPsFromPolicyHash().get(str) != null;
        }
        if (doesMatchObjectWrappers) {
            ((EventProcessor) ArgentoPicoContainer.getInstance(EventProcessor.class)).incrementBlockedTransactionBasedOnSocketConnectionPolicy();
        }
        return doesMatchObjectWrappers;
    }

    public void blockServletBasedOnClientPolicy(Object obj) throws ArgentoSecurityException {
        MTAgentTenantAPI.TenantPolicyMatchObjectWrapper[] eventBlockInboundURLs = AgentPolicy.getPolicy().getEventBlockInboundURLs();
        if (eventBlockInboundURLs.length > 0) {
            if (this.mtAgentTenantAPI.doesMatchObjectWrappers(false, eventBlockInboundURLs, getFullURL(obj))) {
                executeBlockingAction();
            }
        }
        if (AgentPolicy.getPolicy().isBlockIPs()) {
            String clientAddressUsingHeaders = getClientAddressUsingHeaders(obj);
            if (clientAddressUsingHeaders.isEmpty()) {
                return;
            }
            if (this.mtAgentTenantAPI.doesMatchObjectWrappers(false, AgentPolicy.getPolicy().getEventBlockClientIPs(), clientAddressUsingHeaders)) {
                executeBlockingAction();
            }
            if (AgentPolicy.getPolicy().getEventBlockTalosIPsFromPolicyHash().get(clientAddressUsingHeaders) != null) {
                executeBlockingAction();
            }
        }
    }

    public void executeBlockingAction() throws SecurityException {
        AgentPolicy.getPolicy();
        if (AgentPolicy.isArgentoAllowBlockingRuntime()) {
            EventProcessor eventProcessor = (EventProcessor) ArgentoPicoContainer.getInstance(EventProcessor.class);
            eventProcessor.setBlockedTransactionsBasedOnCiscoCommand(eventProcessor.getBlockedTransactionsBasedOnCiscoCommand() + 1);
            this.eventUtils.enableEventsForThread();
            throw new ArgentoSecurityException("Argento Security Event -- Unauthorized Access Detected - Transaction Blocked - please contact security@cisco.com for assistance");
        }
    }

    @Generated
    public MTAgentTenantAPI getMtAgentTenantAPI() {
        return this.mtAgentTenantAPI;
    }

    @Generated
    public EventUtils getEventUtils() {
        return this.eventUtils;
    }

    @Generated
    public Field getStackTraceField() {
        return this.stackTraceField;
    }

    @Generated
    public int getMAX_LEVELS() {
        Objects.requireNonNull(this);
        return 5;
    }

    @Generated
    public List<ApplicationServerProfile> getApplicationServerProfiles() {
        return this.applicationServerProfiles;
    }

    @Generated
    public boolean isAlreadyReportedError() {
        return this.alreadyReportedError;
    }

    @Generated
    public String getERROR_URL() {
        return this.ERROR_URL;
    }

    @Generated
    public boolean isOneTime() {
        return this.oneTime;
    }

    @Generated
    public Map<String, SecurityHeaderStats> getSecurityHeaderStatsMap() {
        return this.securityHeaderStatsMap;
    }

    @Generated
    public long getAddedSecurityHeaders() {
        return this.addedSecurityHeaders;
    }

    @Generated
    public boolean isLogBadCookieOneTime() {
        return this.logBadCookieOneTime;
    }

    @Generated
    public String getEUM_INSECURE_COOKIE_STARTS_WITH() {
        Objects.requireNonNull(this);
        return "ADRUM";
    }

    @Generated
    public String getSAME_SITE_INSECURE_COOKIE_STARTS_WITH() {
        Objects.requireNonNull(this);
        return "SameSite";
    }

    @Generated
    public ApplicationServerProfile getThisApplicationServerProfile() {
        return this.thisApplicationServerProfile;
    }
}
