package com.newrelic.agent.security.instrumentation.servlet24;

import com.newrelic.api.agent.security.NewRelicSecurity;
import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper;
import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper;
import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper;
import com.newrelic.api.agent.security.schema.AgentMetaData;
import com.newrelic.api.agent.security.schema.ApplicationURLMapping;
import com.newrelic.api.agent.security.schema.HttpRequest;
import com.newrelic.api.agent.security.schema.policy.AgentPolicy;
import com.newrelic.api.agent.security.utils.logging.LogLevel;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.ServletRegistration;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:newrelic/newrelic-agent.jar:newrelic-security-agent.jar:instrumentation-security/servlet-2.4-1.0.jar:com/newrelic/agent/security/instrumentation/servlet24/HttpServletHelper.class */
public class HttpServletHelper {
    private static final String X_FORWARDED_FOR = "x-forwarded-for";
    private static final String EMPTY = "";
    public static final String QUESTION_MARK = "?";
    public static final String SERVICE_METHOD_NAME = "service";
    public static final String NR_SEC_CUSTOM_ATTRIB_NAME = "SERVLET_LOCK-";
    private static final String WILDCARD = "*";
    private static final String SEPARATOR = "/";
    public static final String SERVLET_2_4 = "SERVLET-2.4";

    public static void processHttpRequestHeader(HttpServletRequest httpServletRequest, HttpRequest httpRequest) {
        Enumeration<String> headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            boolean z = false;
            String nextElement = headerNames.nextElement();
            if (nextElement != null) {
                nextElement = nextElement.toLowerCase();
            }
            AgentPolicy currentPolicy = NewRelicSecurity.getAgent().getCurrentPolicy();
            AgentMetaData metaData = NewRelicSecurity.getAgent().getSecurityMetaData().getMetaData();
            if (currentPolicy != null && currentPolicy.getProtectionMode().getEnabled().booleanValue() && currentPolicy.getProtectionMode().getIpBlocking().getEnabled().booleanValue() && currentPolicy.getProtectionMode().getIpBlocking().getIpDetectViaXFF().booleanValue() && X_FORWARDED_FOR.equals(nextElement)) {
                z = true;
            } else if (ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID.equals(nextElement)) {
                NewRelicSecurity.getAgent().getSecurityMetaData().setFuzzRequestIdentifier(ServletHelper.parseFuzzRequestIdentifierHeader(httpServletRequest.getHeader(nextElement)));
            } else if (GenericHelper.CSEC_PARENT_ID.equals(nextElement)) {
                NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(GenericHelper.CSEC_PARENT_ID, httpServletRequest.getHeader(nextElement));
            }
            String str = "";
            Enumeration<String> headers = httpServletRequest.getHeaders(nextElement);
            while (headers.hasMoreElements()) {
                String nextElement2 = headers.nextElement();
                if (nextElement2 != null && !nextElement2.trim().isEmpty()) {
                    if (z) {
                        metaData.setClientDetectedFromXFF(true);
                        httpRequest.setClientIP(nextElement2);
                        metaData.getIps().add(httpRequest.getClientIP());
                        httpRequest.setClientPort("");
                        z = false;
                    }
                    str = str.trim().isEmpty() ? nextElement2 : String.join(";", str, nextElement2);
                }
            }
            httpRequest.getHeaders().put(nextElement, str);
        }
    }

    public static String getTraceHeader(Map<String, String> map) {
        String str = "";
        if (map.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER) || map.containsKey(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase())) {
            str = map.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER);
            if (str == null || str.trim().isEmpty()) {
                str = map.get(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER.toLowerCase());
            }
        }
        return str;
    }

    public static boolean isServletLockAcquired() {
        try {
            if (NewRelicSecurity.isHookProcessingActive()) {
                if (Boolean.TRUE.equals(NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(getNrSecCustomAttribName(), Boolean.class))) {
                    return true;
                }
            }
            return false;
        } catch (Throwable th) {
            return false;
        }
    }

    public static boolean acquireServletLockIfPossible() {
        try {
            if (!NewRelicSecurity.isHookProcessingActive() || isServletLockAcquired()) {
                return false;
            }
            NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(getNrSecCustomAttribName(), true);
            return true;
        } catch (Throwable th) {
            return false;
        }
    }

    public static void releaseServletLock() {
        try {
            if (NewRelicSecurity.isHookProcessingActive()) {
                NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(getNrSecCustomAttribName(), null);
            }
        } catch (Throwable th) {
        }
    }

    private static String getNrSecCustomAttribName() {
        return "SERVLET_LOCK-" + Thread.currentThread().getId();
    }

    public static void gatherURLMappings(ServletContext servletContext) {
        try {
            Map<String, ? extends ServletRegistration> servletRegistrations = servletContext.getServletRegistrations();
            getJSPMappings(servletContext, "/");
            Iterator<? extends ServletRegistration> it = servletRegistrations.values().iterator();
            while (it.hasNext()) {
                Iterator<String> it2 = it.next().getMappings().iterator();
                while (it2.hasNext()) {
                    URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping("*", it2.next()));
                }
            }
        } catch (Exception e) {
            NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format("Instrumentation library: %s , error while getting app endpoints : %s", SERVLET_2_4, e.getMessage()), e, HttpServletHelper.class.getName());
        }
    }

    public static void getJSPMappings(ServletContext servletContext, String str) {
        try {
            if (str.endsWith("/")) {
                for (String str2 : servletContext.getResourcePaths(str)) {
                    if (str2.endsWith("/")) {
                        getJSPMappings(servletContext, str2);
                    } else if (str2.endsWith(".jsp") || str2.endsWith(".jspx") || str2.endsWith(".JSP") || str2.endsWith(".JSPX")) {
                        URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping("*", str2));
                    }
                }
            }
        } catch (Exception e) {
            NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format("Instrumentation library: %s , error while getting app endpoints : %s", SERVLET_2_4, e.getMessage()), e, HttpServletHelper.class.getName());
        }
    }
}
