package com.newrelic.agent.security.intcodeagent.utils;

import com.newrelic.agent.security.deps.com.fasterxml.jackson.core.JsonProcessingException;
import com.newrelic.agent.security.deps.com.fasterxml.jackson.databind.JsonNode;
import com.newrelic.agent.security.deps.com.fasterxml.jackson.databind.ObjectMapper;
import com.newrelic.agent.security.deps.com.fasterxml.jackson.databind.node.ArrayNode;
import com.newrelic.agent.security.deps.org.apache.commons.lang3.StringUtils;
import com.newrelic.agent.security.deps.org.jetbrains.annotations.NotNull;
import com.newrelic.agent.security.intcodeagent.exceptions.RestrictionModeException;
import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper;
import com.newrelic.api.agent.security.schema.HttpRequest;
import com.newrelic.api.agent.security.schema.policy.RestrictionCriteria;
import com.newrelic.api.agent.security.schema.policy.SkipScan;
import com.newrelic.api.agent.security.utils.logging.LogLevel;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:newrelic/newrelic-agent.jar:newrelic-security-agent.jar:com/newrelic/agent/security/intcodeagent/utils/RestrictionUtility.class */
public class RestrictionUtility {
    public static final String SEPARATOR_CHARS_QUESTION_MARK = "?";
    public static final String SEPARATOR_CHARS_SEMICOLON = ";";
    public static final String FORWARD_SLASH = "/";
    public static final String AND = "&";
    public static final String SEPARATOR_EQUALS = "=";
    public static final String EQUAL = "=";
    public static final String CONTENT_TYPE_TEXT_JSON = "text/json";
    public static final String CONTENT_TYPE_TEXT_XML = "text/xml";
    public static final String CONTENT_TYPE_APPLICATION_JSON = "application/json";
    public static final String CONTENT_TYPE_APPLICATION_XML = "application/xml";
    public static final String CONTENT_TYPE_APPLICATION_X_WWW_FORM_URLENCODED = "application/x-www-form-urlencoded";
    private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance();

    public static boolean skippedApiDetected(SkipScan skipScan, HttpRequest httpRequest) {
        if (skipScan == null || httpRequest == null || skipScan.getApiRoutes().isEmpty()) {
            return false;
        }
        Iterator<Pattern> it = skipScan.getApiRoutes().iterator();
        while (it.hasNext()) {
            if (it.next().matcher(httpRequest.getUrl()).matches()) {
                return true;
            }
        }
        return false;
    }

    public static boolean hasValidAccountId(RestrictionCriteria restrictionCriteria, HttpRequest httpRequest) {
        List<String> accountIds = restrictionCriteria.getAccountInfo().getAccountIds();
        if (httpRequest == null) {
            return false;
        }
        if (!httpRequest.isRequestParametersParsed()) {
            parseHttpRequestParameters(httpRequest);
        }
        if (restrictionCriteria.getMappingParameters().getHeader().isEnabled() && matcher(accountIds, getHeaderParameters(restrictionCriteria.getMappingParameters().getHeader().getLocations(), httpRequest.getRequestHeaderParameters()))) {
            return true;
        }
        if (restrictionCriteria.getMappingParameters().getQuery().isEnabled() && matcher(accountIds, getQueryString(restrictionCriteria.getMappingParameters().getHeader().getLocations(), httpRequest.getQueryParameters()))) {
            return true;
        }
        if (restrictionCriteria.getMappingParameters().getPath().isEnabled() && matcher(accountIds, httpRequest.getPathParameters())) {
            return true;
        }
        if (restrictionCriteria.getMappingParameters().getBody().isEnabled()) {
            return matcher(accountIds, getBodyParameters(restrictionCriteria.getMappingParameters().getBody().getLocations(), httpRequest.getRequestBodyParameters()));
        }
        return false;
    }

    private static List<String> getBodyParameters(List<String> list, Map<String, List<String>> map) {
        if (map == null || map.isEmpty()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String lowerCase = it.next().toLowerCase();
            if (map.containsKey(lowerCase)) {
                arrayList.addAll(map.get(lowerCase));
            }
        }
        return arrayList;
    }

    private static List<String> getHeaderParameters(List<String> list, Map<String, List<String>> map) {
        if (map == null || map.isEmpty()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String lowerCase = it.next().toLowerCase();
            if (map.containsKey(lowerCase)) {
                arrayList.addAll(map.get(lowerCase));
            }
        }
        return arrayList;
    }

    private static List<String> getQueryString(List<String> list, Map<String, List<String>> map) {
        if (map == null || map.isEmpty()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String lowerCase = it.next().toLowerCase();
            if (map.containsKey(lowerCase)) {
                arrayList.addAll(map.get(lowerCase));
            }
        }
        return arrayList;
    }

    private static boolean matcher(List<String> list, List<String> list2) {
        for (String str : list) {
            if (list2 != null && !list2.isEmpty() && !StringUtils.isBlank(str) && list2.contains(str.toLowerCase())) {
                return true;
            }
        }
        return false;
    }

    private static void parseHttpRequestParameters(HttpRequest httpRequest) {
        httpRequest.setPathParameters(parsePathParameters(StringUtils.substringBefore(httpRequest.getUrl(), "?")));
        httpRequest.setQueryParameters(parseQueryParameters(httpRequest.getUrl()));
        httpRequest.setRequestHeaderParameters(parseRequestHeaders(httpRequest.getHeaders()));
        try {
            httpRequest.setRequestBodyParameters(parseRequestBody(httpRequest.getBody(), httpRequest.getContentType(), httpRequest.getRequestBodyParameters()));
        } catch (RestrictionModeException e) {
            logger.log(LogLevel.WARNING, String.format("Request Body parsing failed reason %s", e.getMessage()), RestrictionUtility.class.getName());
        }
        httpRequest.setRequestBodyParameters(parseRequestParameterMap(httpRequest.getParameterMap(), httpRequest.getRequestBodyParameters()));
        httpRequest.setRequestParsed(true);
    }

    private static Map<String, List<String>> parseRequestParameterMap(Map<String, String[]> map, Map<String, List<String>> map2) {
        if (map == null) {
            return map2;
        }
        if (map2 == null) {
            map2 = new HashMap();
        }
        for (Map.Entry<String, String[]> entry : map.entrySet()) {
            String key = entry.getKey();
            String[] value = entry.getValue();
            ArrayList arrayList = new ArrayList();
            for (String str : value) {
                arrayList.add(StringUtils.lowerCase(str));
            }
            if (map2.containsKey(key)) {
                map2.get(key).addAll(arrayList);
            } else {
                map2.put(key, arrayList);
            }
        }
        return map2;
    }

    private static Map<String, List<String>> parseRequestBody(StringBuilder sb, String str, Map<String, List<String>> map) throws RestrictionModeException {
        if (StringUtils.isBlank(sb.toString())) {
            return map;
        }
        if (map == null) {
            map = new HashMap();
        }
        boolean z = -1;
        switch (str.hashCode()) {
            case -1485569826:
                if (str.equals("application/x-www-form-urlencoded")) {
                    z = 4;
                    break;
                }
                break;
            case -1248326952:
                if (str.equals("application/xml")) {
                    z = 2;
                    break;
                }
                break;
            case -1082184566:
                if (str.equals(CONTENT_TYPE_TEXT_JSON)) {
                    z = true;
                    break;
                }
                break;
            case -1004727243:
                if (str.equals("text/xml")) {
                    z = 3;
                    break;
                }
                break;
            case -43840953:
                if (str.equals("application/json")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
                map.putAll(parseJsonRequestBody(sb.toString()));
                break;
            case true:
            case true:
                map.putAll(parseXmlRequestBody(sb.toString()));
                break;
            case true:
                map.putAll(queryParamKeyValueGenerator(sb.toString(), new HashMap()));
                break;
        }
        return map;
    }

    private static Map<String, ? extends List<String>> parseXmlRequestBody(String str) throws RestrictionModeException {
        HashMap hashMap = new HashMap();
        try {
            Document parse = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(new StringReader(str)));
            parse.getDocumentElement().normalize();
            parseXmlNode(parse.getDocumentElement(), "", hashMap);
            return hashMap;
        } catch (Exception e) {
            logger.log(LogLevel.FINER, String.format("JSON Request Body parsing failed for %s : reason %s", str, e.getMessage()), RestrictionUtility.class.getName());
            throw new RestrictionModeException(String.format("XML Request Body parsing failed : reason %s", e.getMessage()), e);
        }
    }

    private static void parseXmlNode(Node node, String str, Map<String, List<String>> map) {
        if (node.getNodeType() == 1) {
            Element element = (Element) node;
            NodeList childNodes = element.getChildNodes();
            String tagName = str.isEmpty() ? element.getTagName() : str + "." + element.getTagName();
            if (childNodes.getLength() == 1 && childNodes.item(0).getNodeType() == 3) {
                String trim = childNodes.item(0).getTextContent().trim();
                if (trim.isEmpty()) {
                    return;
                }
                map.computeIfAbsent(tagName, str2 -> {
                    return new ArrayList();
                }).add(trim);
                return;
            }
            for (int i = 0; i < childNodes.getLength(); i++) {
                parseXmlNode(childNodes.item(i), tagName, map);
            }
        }
    }

    private static Map<String, ? extends List<String>> parseJsonRequestBody(String str) throws RestrictionModeException {
        try {
            return parseJsonNode((JsonNode) new ObjectMapper().readValue(str, JsonNode.class), "", new HashMap());
        } catch (JsonProcessingException e) {
            logger.log(LogLevel.FINER, String.format("JSON Request Body parsing failed for %s : reason %s", str, e.getMessage()), RestrictionUtility.class.getName());
            throw new RestrictionModeException(String.format("JSON Request Body parsing failed : reason %s", e.getMessage()) + e.getMessage(), e);
        }
    }

    private static Map<String, List<String>> parseJsonNode(JsonNode jsonNode, String str, Map<String, List<String>> map) {
        if (jsonNode.isObject()) {
            Iterator<Map.Entry<String, JsonNode>> fields = jsonNode.fields();
            while (fields.hasNext()) {
                Map.Entry<String, JsonNode> next = fields.next();
                String base = getBase(str, next.getKey());
                JsonNode value = next.getValue();
                if (value.isContainerNode()) {
                    parseJsonNode(value, base, map);
                } else if (StringUtils.isNotBlank(value.asText())) {
                    if (!map.containsKey(base)) {
                        map.put(base, new ArrayList());
                    }
                    map.get(base).add(value.asText());
                }
            }
        } else if (jsonNode.isArray()) {
            ArrayNode arrayNode = (ArrayNode) jsonNode;
            for (int i = 0; i < arrayNode.size(); i++) {
                JsonNode jsonNode2 = arrayNode.get(i);
                String base2 = getBase(str, i);
                if (jsonNode2.isContainerNode()) {
                    parseJsonNode(jsonNode2, base2, map);
                } else if (StringUtils.isNotBlank(jsonNode2.asText())) {
                    if (!map.containsKey(base2)) {
                        map.put(base2, new ArrayList());
                    }
                    map.get(base2).add(jsonNode2.asText());
                }
            }
        }
        return map;
    }

    @NotNull
    private static String getBase(String str, String str2) {
        return StringUtils.isBlank(str) ? str2 : str + "." + str2;
    }

    @NotNull
    private static String getBase(String str, int i) {
        return StringUtils.isBlank(str) ? "[]" : String.format("%s[]", str);
    }

    private static Map<String, List<String>> parseRequestHeaders(Map<String, String> map) {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            String key = entry.getKey();
            String value = entry.getValue();
            putHeaderParameter(key, value, hashMap);
            if (StringUtils.containsAny(value, ";", "=")) {
                String[] split = value.split(";");
                for (int i = 0; i < split.length; i++) {
                    if (!StringUtils.contains(split[i], "=") || StringUtils.endsWith(split[i], "=")) {
                        putHeaderParameter(key, split[i], hashMap);
                    } else {
                        putHeaderParameter(StringUtils.substringBefore(split[i], "=").trim(), StringUtils.substringAfter(split[i], "=").trim(), hashMap);
                    }
                }
            }
        }
        return hashMap;
    }

    private static void putHeaderParameter(String str, String str2, Map<String, List<String>> map) {
        List<String> list = map.get(str);
        if (list == null) {
            list = new ArrayList();
        }
        list.add(StringUtils.lowerCase(str2));
        list.add(StringUtils.lowerCase(ServletHelper.urlDecode(str2)));
        map.put(StringUtils.lowerCase(str), list);
    }

    private static Map<String, List<String>> parseQueryParameters(String str) {
        HashMap hashMap = new HashMap();
        String substringAfter = StringUtils.substringAfter(str, "?");
        if (StringUtils.isNotBlank(substringAfter)) {
            queryParamKeyValueGenerator(substringAfter, hashMap);
        } else {
            String substringAfter2 = StringUtils.substringAfter(str, ";");
            if (StringUtils.isNotBlank(substringAfter2)) {
                queryParamKeyValueGenerator(substringAfter2, hashMap);
            }
        }
        return hashMap;
    }

    private static Map<String, List<String>> queryParamKeyValueGenerator(String str, Map<String, List<String>> map) {
        for (String str2 : StringUtils.split(str, "&")) {
            String substringBefore = StringUtils.substringBefore(str2, "=");
            String substringAfter = StringUtils.substringAfter(str2, "=");
            ArrayList arrayList = new ArrayList();
            arrayList.add(StringUtils.lowerCase(substringAfter));
            arrayList.add(StringUtils.lowerCase(ServletHelper.urlDecode(substringAfter)));
            map.put(StringUtils.lowerCase(substringBefore), arrayList);
        }
        return map;
    }

    private static List<String> parsePathParameters(String str) {
        ArrayList arrayList = new ArrayList();
        String substringBefore = StringUtils.substringBefore(str, ";");
        if (StringUtils.isNotBlank(substringBefore)) {
            for (String str2 : StringUtils.split(substringBefore, "/")) {
                arrayList.add(StringUtils.lowerCase(str2));
                arrayList.add(StringUtils.lowerCase(ServletHelper.urlDecode(str2)));
            }
        }
        return arrayList;
    }
}
