package com.cisco.argento.methodhandlers;

import com.cisco.argento.core.ArgentoSecurityException;
import com.cisco.argento.core.SecurityEvent;
import com.cisco.argento.events.ExceptionEvent;
import com.cisco.argento.events.learning.LearnedEventExcludeUtils;
import com.cisco.argento.management.AgentPolicy;
import com.cisco.argento.utils.EventUtils;
import com.cisco.argento.utils.HandlerUtils;
import com.cisco.mtagent.tenant.MTAgentTenantAPI;

/* loaded from: input_file:oss-agent-mtagent-extension-deployment.jar:argentoDynamicService/argento-security-extension/tenants/argento/lib/argento-tenant.jar:com/cisco/argento/methodhandlers/SecurityExceptionMethodHandler.class */
public class SecurityExceptionMethodHandler extends MTAgentTenantAPI.TenantMethodHandler {
    private final EventUtils eventUtils;
    private final MTAgentTenantAPI mtAgentTenantAPI;
    private final HandlerUtils handlerUtils;
    private final LearnedEventExcludeUtils learnedEventExcludeUtils;
    private static String[] ignoreTheseForDemo = {"Received fatal alert: certificate_unknown"};

    public SecurityExceptionMethodHandler(EventUtils eventUtils, MTAgentTenantAPI mTAgentTenantAPI, HandlerUtils handlerUtils, LearnedEventExcludeUtils learnedEventExcludeUtils) {
        this.eventUtils = eventUtils;
        this.mtAgentTenantAPI = mTAgentTenantAPI;
        this.handlerUtils = handlerUtils;
        this.learnedEventExcludeUtils = learnedEventExcludeUtils;
    }

    private boolean isAcceptedMatchObject(String str, MTAgentTenantAPI.TenantPolicyMatchObjectWrapper[] tenantPolicyMatchObjectWrapperArr) {
        if (str == null) {
            return false;
        }
        for (MTAgentTenantAPI.TenantPolicyMatchObjectWrapper tenantPolicyMatchObjectWrapper : tenantPolicyMatchObjectWrapperArr) {
            if (tenantPolicyMatchObjectWrapper.doesMatch(str)) {
                return true;
            }
        }
        return false;
    }

    private boolean isAcceptedSecurityException(Object obj) {
        Object obj2 = obj;
        while (true) {
            Exception exc = (Exception) obj2;
            if (isSecurityException(exc)) {
                return true;
            }
            if (exc.getCause() == null || !(exc.getCause() instanceof Exception)) {
                return false;
            }
            obj2 = exc.getCause();
        }
    }

    private String getMessageSafe(Exception exc) {
        try {
            return this.mtAgentTenantAPI.isDoUpperCaseMatch() ? exc.getMessage().toUpperCase() : exc.getMessage();
        } catch (Exception e) {
            return null;
        }
    }

    private boolean isSecurityException(Exception exc) {
        String messageSafe = getMessageSafe(exc);
        if (isAcceptedMatchObject(exc.getClass().getName(), AgentPolicy.getPolicy().getEventIncludeExceptionClassName())) {
            return !excludeSecurityException(exc, messageSafe);
        }
        if (isAcceptedMatchObject(messageSafe, AgentPolicy.getPolicy().getEventIncludeExceptionMsgContains())) {
            return !excludeSecurityException(exc, messageSafe);
        }
        for (Class cls : AgentPolicy.getPolicy().getEventIncludeExceptionClassType()) {
            if (cls.isAssignableFrom(exc.getClass())) {
                return !excludeSecurityException(exc, messageSafe);
            }
        }
        return false;
    }

    private boolean excludeSecurityException(Exception exc, String str) {
        if (isAcceptedMatchObject(str, AgentPolicy.getPolicy().getEventExcludeExceptionMsgContains())) {
            return true;
        }
        for (Class cls : AgentPolicy.getPolicy().getEventExcludeExceptionClassType()) {
            if (cls.isAssignableFrom(exc.getClass())) {
                return true;
            }
        }
        return false;
    }

    @Override // com.cisco.mtagent.boot.registry.MethodHandlerRegistry.LoadHandler, com.cisco.mtagent.boot.registry.MethodHandlerRegistry.MethodHandler
    public void handlerExit(Object obj, Object obj2, Object[] objArr, String str, String str2, String str3, String str4) {
        if (!this.eventUtils.enabledBasedOnTransactionSettings() || this.eventUtils.isThreadExcluded() || this.eventUtils.isEventsDisabledForThread() || objArr.length == 0) {
            return;
        }
        this.eventUtils.disableEventsForThread();
        String str5 = null;
        Throwable th = null;
        for (Object obj3 : objArr) {
            if (obj3 instanceof String) {
                str5 = (String) obj3;
            }
            if (obj3 instanceof Throwable) {
                th = (Throwable) obj3;
            }
        }
        if (!isAcceptedSecurityException(obj2)) {
            this.eventUtils.enableEventsForThread();
            return;
        }
        String stackTraceToString = this.mtAgentTenantAPI.stackTraceToString("Exception", "<init>");
        if (!this.mtAgentTenantAPI.isUnitTesting() && this.eventUtils.isAppDOnStackForExcludeDecision(stackTraceToString)) {
            this.eventUtils.enableEventsForThread();
            return;
        }
        SecurityEvent currentOrCreateNonTransactionSecurityEvent = this.eventUtils.getCurrentOrCreateNonTransactionSecurityEvent();
        if (currentOrCreateNonTransactionSecurityEvent == null) {
            this.eventUtils.enableEventsForThread();
            return;
        }
        boolean z = obj2 instanceof ArgentoSecurityException;
        long j = 0;
        if (AgentPolicy.getPolicy().isEventTrackLearnedEvents()) {
            String[] strArr = new String[2];
            strArr[0] = obj2.getClass().getName();
            strArr[1] = str5 != null ? str5 : "NoMessage";
            j = this.learnedEventExcludeUtils.isLearnedEventExcludedOrSuppressed(z, 1, strArr, getClass().getName(), ((Throwable) obj2).getStackTrace(), str5, AgentPolicy.getPolicy().getSecurityEventFrequencyMs());
            if (j == -1) {
                this.eventUtils.enableEventsForThread();
                return;
            }
        }
        ExceptionEvent.addExceptionEvent(obj2, str5, stackTraceToString, th, currentOrCreateNonTransactionSecurityEvent, j);
        this.eventUtils.enableEventsForThread();
    }

    @Override // com.cisco.mtagent.boot.registry.MethodHandlerRegistry.LoadHandler, com.cisco.mtagent.boot.registry.MethodHandlerRegistry.MethodHandler
    public void handlerEntry(Object obj, Object[] objArr, String str, String str2, String str3, String str4) {
    }
}
