package org.owasp.esapi.waf.rules;

import bsh.EvalError;
import bsh.x0;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.waf.actions.Action;
import org.owasp.esapi.waf.actions.DoNothingAction;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse;

/* loaded from: classes.dex */
public class BeanShellRule extends Rule {
    private x0 i;
    private Pattern path;
    private String script;

    public BeanShellRule(String str, String str2, Pattern pattern) {
        x0 x0Var = new x0();
        this.i = x0Var;
        x0Var.x("logger", Rule.logger);
        this.script = getFileContents(ESAPI.securityConfiguration().getResourceFile(str));
        this.id = str2;
        this.path = pattern;
    }

    private String getFileContents(File file) {
        StringBuffer stringBuffer = new StringBuffer();
        BufferedReader bufferedReader = null;
        try {
            BufferedReader bufferedReader2 = new BufferedReader(new FileReader(file));
            while (true) {
                try {
                    String readLine = bufferedReader2.readLine();
                    if (readLine == null) {
                        bufferedReader2.close();
                        return stringBuffer.toString();
                    }
                    stringBuffer.append(readLine + System.getProperty("line.separator"));
                } catch (Throwable th) {
                    th = th;
                    bufferedReader = bufferedReader2;
                    if (bufferedReader != null) {
                        bufferedReader.close();
                    }
                    throw th;
                }
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    @Override // org.owasp.esapi.waf.rules.Rule
    public Action check(HttpServletRequest httpServletRequest, InterceptingHTTPServletResponse interceptingHTTPServletResponse, HttpServletResponse httpServletResponse) {
        Pattern pattern = this.path;
        if (pattern != null && !pattern.matcher(httpServletRequest.getRequestURI()).matches()) {
            return new DoNothingAction();
        }
        try {
            this.i.x("action", null);
            this.i.x("request", httpServletRequest);
            if (interceptingHTTPServletResponse != null) {
                this.i.x("response", interceptingHTTPServletResponse);
            } else {
                this.i.x("response", httpServletResponse);
            }
            this.i.x("session", httpServletRequest.getSession());
            this.i.h(this.script);
            Action action = (Action) this.i.j("action");
            if (action != null) {
                return action;
            }
        } catch (EvalError e) {
            log(httpServletRequest, "Error running custom beanshell rule (" + this.id + ") - " + e.getMessage());
        }
        return new DoNothingAction();
    }
}
