package com.contrastsecurity.agent.plugins.frameworks.j2ee.a.b;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.config.e;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.i.a.O;
import com.contrastsecurity.agent.i.a.au;
import com.contrastsecurity.agent.messages.finding.trace.EventPropertyDTM;
import com.contrastsecurity.agent.messages.finding.trace.PropertyKey;
import com.contrastsecurity.agent.plugins.frameworks.C0285g;
import com.contrastsecurity.agent.plugins.frameworks.M;
import com.contrastsecurity.agent.plugins.frameworks.j2ee.E;
import com.contrastsecurity.agent.plugins.frameworks.j2ee.i;
import com.contrastsecurity.agent.plugins.frameworks.j2ee.jsp.assess.f;
import com.contrastsecurity.agent.plugins.security.I;
import com.contrastsecurity.agent.plugins.security.policy.SourceNode;
import com.contrastsecurity.agent.plugins.security.policy.rules.Rule;
import com.contrastsecurity.agent.plugins.security.policy.y;
import com.contrastsecurity.agent.trace.Trace;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.org.apache.http.message.BasicHeaderValueParser;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.Enumeration;

/* compiled from: ServletTraceListener.java */
/* loaded from: input_file:com/contrastsecurity/agent/plugins/frameworks/j2ee/a/b/a.class */
public final class a implements I {
    private final HttpManager b;
    final e a;
    private final i c;
    private static final char[] d = "javax.faces.ViewState".toCharArray();
    private static final char[] e = "jakarta.faces.ViewState".toCharArray();
    private static final Logger f = LoggerFactory.getLogger((Class<?>) a.class);

    @Inject
    public a(e eVar, HttpManager httpManager, i iVar) {
        this.b = httpManager;
        this.c = iVar;
        this.a = eVar;
    }

    @Override // com.contrastsecurity.agent.plugins.security.I
    public boolean a(com.contrastsecurity.agent.plugins.security.controller.a aVar) {
        String a;
        HttpRequest currentRequest;
        SourceNode a2 = aVar.a();
        Object c = aVar.c();
        if (!c(aVar)) {
            return true;
        }
        if (!a(a2)) {
            if (E.a(a2)) {
                aVar.v();
                return true;
            }
            if (!a(a2, c) || (a = this.c.a(c)) == null) {
                return true;
            }
            aVar.b(a);
            return true;
        }
        Object[] e2 = aVar.e();
        if (e2.length > 0) {
            Object obj = e2[0];
            if (obj instanceof CharSequence) {
                CharSequence charSequence = (CharSequence) obj;
                if ("javax.faces.ViewState".contentEquals(charSequence) || "jakarta.faces.ViewState".contentEquals(charSequence)) {
                    return false;
                }
            }
        }
        if ((c instanceof Enumeration) || (currentRequest = this.b.getCurrentRequest()) == null || currentRequest.context().get(f.a) != null || M.a(currentRequest, aVar.p(), e2)) {
            return true;
        }
        if (!f.isDebugEnabled() || e2.length <= 0) {
            return false;
        }
        f.debug("Preventing tracking {} parameter because not found in the request", e2[0]);
        return false;
    }

    private static boolean c(com.contrastsecurity.agent.plugins.security.controller.a aVar) {
        SourceNode a = aVar.a();
        return com.contrastsecurity.agent.q.a.a(a, au.a) || com.contrastsecurity.agent.q.a.a(a, O.a);
    }

    private static boolean a(SourceNode sourceNode) {
        return sourceNode.isSourceType(y.PARAMETER) && (sourceNode.isSourceType(y.VALUE) || sourceNode.isSourceType(y.NAME));
    }

    private static boolean a(SourceNode sourceNode, Object obj) {
        return sourceNode.isSourceType(y.COOKIE) && C0285g.a(obj);
    }

    @Override // com.contrastsecurity.agent.plugins.security.I
    public void a(Application application, Trace trace, Rule rule, Object obj, Object[] objArr, Object obj2) {
        if ("cookie-flags-missing".equals(rule.getId())) {
            String str = null;
            if (C0285g.a(obj)) {
                str = this.c.a(obj);
            } else if (a(obj, objArr)) {
                str = BasicHeaderValueParser.parseHeaderElement((String) objArr[1], BasicHeaderValueParser.INSTANCE).getName();
            }
            if (str != null) {
                trace.addProperty(new EventPropertyDTM(PropertyKey.COOKIE_NAME, str));
            } else {
                f.debug("Object for rule cookie-flags-missing has no name!");
            }
        }
    }

    private static boolean a(Object obj, Object[] objArr) {
        if (C0285g.a(obj, objArr, E.a().e().get(E.a.HTTP_SERVLET_RESPONSE))) {
            return true;
        }
        return C0285g.a(obj, objArr, E.b().e().get(E.a.HTTP_SERVLET_RESPONSE));
    }
}
