package org.owasp.esapi.reference.validation;

import java.util.ArrayList;
import java.util.List;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Encoder;
import org.owasp.esapi.EncoderConstants;
import org.owasp.esapi.Logger;
import org.owasp.esapi.StringUtilities;
import org.owasp.esapi.errors.ValidationException;
import org.owasp.esapi.util.NullSafe;

/* loaded from: input_file:WEB-INF/lib/esapi-2.6.2.0.jar:org/owasp/esapi/reference/validation/StringValidationRule.class */
public class StringValidationRule extends BaseValidationRule {
    private static final Logger LOGGER = ESAPI.getLogger(StringValidationRule.class);
    protected List<Pattern> whitelistPatterns;
    protected List<Pattern> blacklistPatterns;
    protected int minLength;
    protected int maxLength;
    private boolean canonicalizeInput;

    public StringValidationRule(String str) {
        super(str);
        this.whitelistPatterns = new ArrayList();
        this.blacklistPatterns = new ArrayList();
        this.minLength = 0;
        this.maxLength = Integer.MAX_VALUE;
        this.canonicalizeInput = true;
    }

    public StringValidationRule(String str, Encoder encoder) {
        super(str, encoder);
        this.whitelistPatterns = new ArrayList();
        this.blacklistPatterns = new ArrayList();
        this.minLength = 0;
        this.maxLength = Integer.MAX_VALUE;
        this.canonicalizeInput = true;
    }

    public StringValidationRule(String str, Encoder encoder, String str2) {
        super(str, encoder);
        this.whitelistPatterns = new ArrayList();
        this.blacklistPatterns = new ArrayList();
        this.minLength = 0;
        this.maxLength = Integer.MAX_VALUE;
        this.canonicalizeInput = true;
        addWhitelistPattern(str2);
    }

    public void addWhitelistPattern(String str) {
        if (str == null) {
            throw new IllegalArgumentException("Pattern cannot be null");
        }
        try {
            this.whitelistPatterns.add(Pattern.compile(str));
        } catch (PatternSyntaxException e) {
            throw new IllegalArgumentException("Validation misconfiguration, problem with specified pattern: " + str, e);
        }
    }

    public void addWhitelistPattern(Pattern pattern) {
        if (pattern == null) {
            throw new IllegalArgumentException("Pattern cannot be null");
        }
        this.whitelistPatterns.add(pattern);
    }

    public void addBlacklistPattern(String str) {
        if (str == null) {
            throw new IllegalArgumentException("Pattern cannot be null");
        }
        try {
            this.blacklistPatterns.add(Pattern.compile(str));
        } catch (PatternSyntaxException e) {
            throw new IllegalArgumentException("Validation misconfiguration, problem with specified pattern: " + str, e);
        }
    }

    public void addBlacklistPattern(Pattern pattern) {
        if (pattern == null) {
            throw new IllegalArgumentException("Pattern cannot be null");
        }
        this.blacklistPatterns.add(pattern);
    }

    public void setMinimumLength(int i) {
        this.minLength = i;
    }

    public void setMaximumLength(int i) {
        this.maxLength = i;
    }

    public void setCanonicalize(boolean z) {
        this.canonicalizeInput = z;
    }

    private String checkWhitelist(String str, String str2, String str3) throws ValidationException {
        for (Pattern pattern : this.whitelistPatterns) {
            if (!pattern.matcher(str2).matches()) {
                throw new ValidationException(str + ": Invalid input. Please conform to regex " + pattern.pattern() + (this.maxLength == Integer.MAX_VALUE ? "" : " with a maximum length of " + this.maxLength), "Invalid input: context=" + str + ", type(" + getTypeName() + ")=" + pattern.pattern() + ", input=" + str2 + (NullSafe.equals(str3, str2) ? "" : ", orig=" + str3), str);
            }
        }
        return str2;
    }

    private String checkWhitelist(String str, String str2) throws ValidationException {
        return checkWhitelist(str, str2, str2);
    }

    private String checkBlacklist(String str, String str2, String str3) throws ValidationException {
        for (Pattern pattern : this.blacklistPatterns) {
            if (pattern.matcher(str2).matches()) {
                throw new ValidationException(str + ": Invalid input. Dangerous input matching " + pattern.pattern() + " detected.", "Dangerous input: context=" + str + ", type(" + getTypeName() + ")=" + pattern.pattern() + ", input=" + str2 + (NullSafe.equals(str3, str2) ? "" : ", orig=" + str3), str);
            }
        }
        return str2;
    }

    private String checkBlacklist(String str, String str2) throws ValidationException {
        return checkBlacklist(str, str2, str2);
    }

    private String checkLength(String str, String str2, String str3) throws ValidationException {
        if (str2.length() < this.minLength) {
            throw new ValidationException(str + ": Invalid input. The minimum length of " + this.minLength + " characters was not met.", "Input does not meet the minimum length of " + this.minLength + " by " + (this.minLength - str2.length()) + " characters: context=" + str + ", type=" + getTypeName() + "), input=" + str2 + (NullSafe.equals(str2, str3) ? "" : ", orig=" + str3), str);
        }
        if (str2.length() > this.maxLength) {
            throw new ValidationException(str + ": Invalid input. The maximum length of " + this.maxLength + " characters was exceeded.", "Input exceeds maximum allowed length of " + this.maxLength + " by " + (str2.length() - this.maxLength) + " characters: context=" + str + ", type=" + getTypeName() + ", orig=" + str3 + ", input=" + str2, str);
        }
        return str2;
    }

    private String checkLength(String str, String str2) throws ValidationException {
        return checkLength(str, str2, str2);
    }

    private String checkEmpty(String str, String str2, String str3) throws ValidationException {
        if (!StringUtilities.isEmpty(str2)) {
            return str2;
        }
        if (this.allowNull) {
            return null;
        }
        throw new ValidationException(str + ": Input required.", "Input required: context=" + str + "), input=" + str2 + (NullSafe.equals(str2, str3) ? "" : ", orig=" + str3), str);
    }

    private String checkEmpty(String str, String str2) throws ValidationException {
        return checkEmpty(str, str2, str2);
    }

    @Override // org.owasp.esapi.ValidationRule
    public String getValid(String str, String str2) throws ValidationException {
        String str3;
        if (checkEmpty(str, str2) == null) {
            return null;
        }
        checkLength(str, str2);
        if (this.canonicalizeInput) {
            str3 = this.encoder.canonicalize(str2);
        } else {
            LOGGER.warning(Logger.SECURITY_AUDIT, String.format("Input validation excludes canonicalization.  Context: %s   Input: %s", str, str2));
            str3 = str2;
        }
        checkWhitelist(str, str3, str2);
        checkBlacklist(str, str3, str2);
        return str3;
    }

    @Override // org.owasp.esapi.reference.validation.BaseValidationRule
    public String sanitize(String str, String str2) {
        return whitelist(str2, EncoderConstants.CHAR_ALPHANUMERICS);
    }
}
