package org.owasp.esapi.waf;

import androidx.work.WorkRequest;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileUploadException;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Logger;
import org.owasp.esapi.waf.actions.Action;
import org.owasp.esapi.waf.actions.BlockAction;
import org.owasp.esapi.waf.actions.DefaultAction;
import org.owasp.esapi.waf.actions.RedirectAction;
import org.owasp.esapi.waf.configuration.AppGuardianConfiguration;
import org.owasp.esapi.waf.configuration.ConfigurationParser;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletRequest;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse;
import org.owasp.esapi.waf.rules.Rule;

/* loaded from: classes.dex */
public class ESAPIWebApplicationFirewallFilter implements Filter {
    private static final String CONFIGURATION_FILE_PARAM = "configuration";
    private static final int DEFAULT_POLLING_TIME = 30000;
    private static final String LOGGING_FILE_PARAM = "log_settings";
    private static final String POLLING_TIME_PARAM = "polling_time";
    private AppGuardianConfiguration appGuardConfig;
    private FilterConfig fc;
    private long lastConfigReadTime;
    private long pollingTime;
    private String configurationFilename = null;
    private final Logger logger = ESAPI.getLogger(ESAPIWebApplicationFirewallFilter.class);

    private void sendRedirect(InterceptingHTTPServletResponse interceptingHTTPServletResponse, HttpServletResponse httpServletResponse) {
        if (interceptingHTTPServletResponse != null) {
            interceptingHTTPServletResponse.reset();
            interceptingHTTPServletResponse.resetBuffer();
            interceptingHTTPServletResponse.sendRedirect(this.appGuardConfig.getDefaultErrorPage());
        } else {
            if (httpServletResponse.isCommitted()) {
                return;
            }
            httpServletResponse.sendRedirect(this.appGuardConfig.getDefaultErrorPage());
        }
    }

    private void sendRedirect(InterceptingHTTPServletResponse interceptingHTTPServletResponse, HttpServletResponse httpServletResponse, String str) {
        if (interceptingHTTPServletResponse == null) {
            httpServletResponse.sendRedirect(str);
            return;
        }
        interceptingHTTPServletResponse.reset();
        interceptingHTTPServletResponse.resetBuffer();
        interceptingHTTPServletResponse.sendRedirect(str);
        interceptingHTTPServletResponse.commit();
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
        if (System.currentTimeMillis() - this.lastConfigReadTime > this.pollingTime && new File(this.configurationFilename).lastModified() > this.lastConfigReadTime) {
            this.logger.debug(Logger.EVENT_SUCCESS, ">> Re-reading WAF policy");
            init(this.fc);
        }
        Logger logger = this.logger;
        Logger.EventType eventType = Logger.EVENT_SUCCESS;
        logger.debug(eventType, ">>In WAF doFilter");
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        InterceptingHTTPServletResponse interceptingHTTPServletResponse = (HttpServletResponse) servletResponse;
        ServletRequest servletRequest2 = null;
        InterceptingHTTPServletResponse interceptingHTTPServletResponse2 = this.appGuardConfig.getCookieRules().size() + this.appGuardConfig.getBeforeResponseRules().size() > 0 ? new InterceptingHTTPServletResponse(interceptingHTTPServletResponse, true, this.appGuardConfig.getCookieRules()) : null;
        this.logger.debug(eventType, ">> Starting stage 1");
        List<Rule> beforeBodyRules = this.appGuardConfig.getBeforeBodyRules();
        for (int i = 0; i < beforeBodyRules.size(); i++) {
            Rule rule = beforeBodyRules.get(i);
            this.logger.debug(Logger.EVENT_SUCCESS, "  Applying BEFORE rule:  " + rule.getClass().getName());
            Action check = rule.check(httpServletRequest, interceptingHTTPServletResponse2, interceptingHTTPServletResponse);
            if (check.isActionNecessary()) {
                if (check instanceof BlockAction) {
                    if (interceptingHTTPServletResponse2 != null) {
                        interceptingHTTPServletResponse2.setStatus(this.appGuardConfig.getDefaultResponseCode());
                        return;
                    } else {
                        interceptingHTTPServletResponse.setStatus(this.appGuardConfig.getDefaultResponseCode());
                        return;
                    }
                }
                if (check instanceof RedirectAction) {
                    sendRedirect(interceptingHTTPServletResponse2, interceptingHTTPServletResponse, ((RedirectAction) check).getRedirectURL());
                    return;
                }
                if (check instanceof DefaultAction) {
                    int i2 = AppGuardianConfiguration.DEFAULT_FAIL_ACTION;
                    if (i2 == 1) {
                        sendRedirect(interceptingHTTPServletResponse2, interceptingHTTPServletResponse);
                        return;
                    } else if (i2 == 2) {
                        if (interceptingHTTPServletResponse2 != null) {
                            interceptingHTTPServletResponse2.setStatus(this.appGuardConfig.getDefaultResponseCode());
                            return;
                        } else {
                            interceptingHTTPServletResponse.setStatus(this.appGuardConfig.getDefaultResponseCode());
                            return;
                        }
                    }
                } else {
                    continue;
                }
            }
        }
        try {
            servletRequest2 = new InterceptingHTTPServletRequest((HttpServletRequest) servletRequest);
        } catch (FileUploadException e) {
            this.logger.error(Logger.EVENT_SUCCESS, "Error Wrapping Request", e);
        }
        this.logger.debug(Logger.EVENT_SUCCESS, ">> Starting Stage 2");
        List<Rule> afterBodyRules = this.appGuardConfig.getAfterBodyRules();
        for (int i3 = 0; i3 < afterBodyRules.size(); i3++) {
            Rule rule2 = afterBodyRules.get(i3);
            this.logger.debug(Logger.EVENT_SUCCESS, "  Applying BEFORE CHAIN rule:  " + rule2.getClass().getName());
            Action check2 = rule2.check(servletRequest2, interceptingHTTPServletResponse2, interceptingHTTPServletResponse);
            if (check2.isActionNecessary()) {
                if (check2 instanceof BlockAction) {
                    if (interceptingHTTPServletResponse2 != null) {
                        interceptingHTTPServletResponse2.setStatus(this.appGuardConfig.getDefaultResponseCode());
                        return;
                    } else {
                        interceptingHTTPServletResponse.setStatus(this.appGuardConfig.getDefaultResponseCode());
                        return;
                    }
                }
                if (check2 instanceof RedirectAction) {
                    sendRedirect(interceptingHTTPServletResponse2, interceptingHTTPServletResponse, ((RedirectAction) check2).getRedirectURL());
                    return;
                }
                if (check2 instanceof DefaultAction) {
                    int i4 = AppGuardianConfiguration.DEFAULT_FAIL_ACTION;
                    if (i4 == 1) {
                        sendRedirect(interceptingHTTPServletResponse2, interceptingHTTPServletResponse);
                        return;
                    } else if (i4 == 2) {
                        if (interceptingHTTPServletResponse2 != null) {
                            interceptingHTTPServletResponse2.setStatus(this.appGuardConfig.getDefaultResponseCode());
                            return;
                        } else {
                            interceptingHTTPServletResponse.setStatus(this.appGuardConfig.getDefaultResponseCode());
                            return;
                        }
                    }
                } else {
                    continue;
                }
            }
        }
        Logger logger2 = this.logger;
        Logger.EventType eventType2 = Logger.EVENT_SUCCESS;
        logger2.debug(eventType2, ">> Calling the FilterChain: " + filterChain);
        filterChain.doFilter(servletRequest2, interceptingHTTPServletResponse2 != null ? interceptingHTTPServletResponse2 : interceptingHTTPServletResponse);
        this.logger.debug(eventType2, ">> Starting Stage 3");
        List<Rule> beforeResponseRules = this.appGuardConfig.getBeforeResponseRules();
        for (int i5 = 0; i5 < beforeResponseRules.size(); i5++) {
            Rule rule3 = beforeResponseRules.get(i5);
            this.logger.debug(Logger.EVENT_SUCCESS, "  Applying AFTER CHAIN rule:  " + rule3.getClass().getName());
            Action check3 = rule3.check(servletRequest2, interceptingHTTPServletResponse2, interceptingHTTPServletResponse);
            if (check3.isActionNecessary()) {
                if (check3 instanceof BlockAction) {
                    if (interceptingHTTPServletResponse2 != null) {
                        interceptingHTTPServletResponse2.setStatus(this.appGuardConfig.getDefaultResponseCode());
                        return;
                    } else {
                        interceptingHTTPServletResponse.setStatus(this.appGuardConfig.getDefaultResponseCode());
                        return;
                    }
                }
                if (check3 instanceof RedirectAction) {
                    sendRedirect(interceptingHTTPServletResponse2, interceptingHTTPServletResponse, ((RedirectAction) check3).getRedirectURL());
                    return;
                }
                if (check3 instanceof DefaultAction) {
                    int i6 = AppGuardianConfiguration.DEFAULT_FAIL_ACTION;
                    if (i6 == 1) {
                        sendRedirect(interceptingHTTPServletResponse2, interceptingHTTPServletResponse);
                        return;
                    } else if (i6 == 2) {
                        if (interceptingHTTPServletResponse2 != null) {
                            interceptingHTTPServletResponse2.setStatus(this.appGuardConfig.getDefaultResponseCode());
                            return;
                        } else {
                            interceptingHTTPServletResponse.setStatus(this.appGuardConfig.getDefaultResponseCode());
                            return;
                        }
                    }
                } else {
                    continue;
                }
            }
        }
        if (interceptingHTTPServletResponse2 != null) {
            this.logger.debug(Logger.EVENT_SUCCESS, ">>> committing reponse");
            interceptingHTTPServletResponse2.commit();
        }
    }

    public AppGuardianConfiguration getConfiguration() {
        return this.appGuardConfig;
    }

    public void init(FilterConfig filterConfig) {
        String realPath;
        FileInputStream fileInputStream;
        this.fc = filterConfig;
        this.logger.debug(Logger.EVENT_SUCCESS, ">> Initializing WAF");
        if (filterConfig.getInitParameter(LOGGING_FILE_PARAM) != null) {
            this.logger.warning(Logger.EVENT_FAILURE, ">> Since ESAPI 2.5.0.0, ESAPI WAF ignoring parameter 'log_settings; for further details, see https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.0.0-release-notes.txt");
        }
        this.configurationFilename = filterConfig.getInitParameter(CONFIGURATION_FILE_PARAM);
        String realPath2 = filterConfig.getServletContext().getRealPath(this.configurationFilename);
        this.configurationFilename = realPath2;
        if (realPath2 == null || !new File(this.configurationFilename).exists()) {
            throw new ServletException("[ESAPI WAF] Could not find configuration file at resolved path: " + this.configurationFilename);
        }
        String initParameter = filterConfig.getInitParameter(POLLING_TIME_PARAM);
        if (initParameter != null) {
            this.pollingTime = Long.parseLong(initParameter);
        } else {
            this.pollingTime = WorkRequest.DEFAULT_BACKOFF_DELAY_MILLIS;
        }
        FileInputStream fileInputStream2 = null;
        try {
            try {
                realPath = filterConfig.getServletContext().getRealPath("/");
                fileInputStream = new FileInputStream(this.configurationFilename);
            } catch (Throwable th) {
                th = th;
            }
        } catch (FileNotFoundException e) {
            e = e;
        } catch (ConfigurationException e2) {
            e = e2;
        }
        try {
            this.appGuardConfig = ConfigurationParser.readConfigurationFile(fileInputStream, realPath);
            this.lastConfigReadTime = System.currentTimeMillis();
            try {
                fileInputStream.close();
            } catch (IOException e3) {
                e3.printStackTrace();
            }
        } catch (FileNotFoundException e4) {
            e = e4;
            throw new ServletException(e);
        } catch (ConfigurationException e5) {
            e = e5;
            throw new ServletException(e);
        } catch (Throwable th2) {
            th = th2;
            fileInputStream2 = fileInputStream;
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e6) {
                    e6.printStackTrace();
                }
            }
            throw th;
        }
    }

    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:33:0x0030 -> B:9:0x0033). Please report as a decompilation issue!!! */
    public void setConfiguration(String str, String str2) {
        FileInputStream fileInputStream;
        FileInputStream fileInputStream2 = null;
        try {
            try {
                try {
                    fileInputStream = new FileInputStream(new File(str));
                } catch (Throwable th) {
                    th = th;
                }
            } catch (ConfigurationException e) {
                e = e;
            }
        } catch (IOException e2) {
            e2.printStackTrace();
        }
        try {
            this.appGuardConfig = ConfigurationParser.readConfigurationFile(fileInputStream, str2);
            this.lastConfigReadTime = System.currentTimeMillis();
            this.configurationFilename = str;
            fileInputStream.close();
        } catch (ConfigurationException e3) {
            e = e3;
            fileInputStream2 = fileInputStream;
            e.printStackTrace();
            if (fileInputStream2 != null) {
                fileInputStream2.close();
            }
        } catch (Throwable th2) {
            th = th2;
            fileInputStream2 = fileInputStream;
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e4) {
                    e4.printStackTrace();
                }
            }
            throw th;
        }
    }
}
