package com.contrastsecurity.agent.plugins.security.policy.rules.providers;

import com.contrastsecurity.agent.DontObfuscate;
import com.contrastsecurity.agent.commons.Throwables;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.http.HttpResponse;
import com.contrastsecurity.agent.messages.finding.trace.PropertyKey;
import com.contrastsecurity.agent.plugins.security.x;
import com.contrastsecurity.agent.util.C0488r;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.ArrayUtils;
import com.contrastsecurity.thirdparty.org.apache.http.HttpStatus;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.EnumMap;
import java.util.zip.CRC32;

@DontObfuscate
/* loaded from: input_file:com/contrastsecurity/agent/plugins/security/policy/rules/providers/HeaderHttpWatcher.class */
public abstract class HeaderHttpWatcher extends DoNothingHttpWatcher {
    protected final ProviderUtil providerUtil;
    private final x.e requestHasher;
    private static final int[] UNDESIRED_RESPONSE_CODES = {HttpStatus.SC_MOVED_PERMANENTLY, HttpStatus.SC_MOVED_TEMPORARILY, HttpStatus.SC_TEMPORARY_REDIRECT, 404, HttpStatus.SC_GONE, HttpStatus.SC_INTERNAL_SERVER_ERROR};
    protected static final Logger logger = LoggerFactory.getLogger((Class<?>) HeaderHttpWatcher.class);

    public HeaderHttpWatcher(ProviderUtil providerUtil, x xVar) {
        this.providerUtil = providerUtil;
        this.requestHasher = xVar.g();
    }

    @Override // com.contrastsecurity.agent.plugins.security.policy.rules.providers.DoNothingHttpWatcher, com.contrastsecurity.agent.plugins.security.policy.rules.providers.HttpWatcher
    public boolean supports(HttpRequest httpRequest) {
        return !C0488r.b(httpRequest);
    }

    @Override // com.contrastsecurity.agent.plugins.security.policy.rules.providers.HttpWatcher
    public void onResponseEnd(HttpRequest httpRequest, HttpResponse httpResponse) {
        if (httpResponse == null || isSafe(httpRequest.context())) {
            return;
        }
        if (undesiredResponseCode(httpResponse)) {
            if (logger.isDebugEnabled()) {
                logger.debug("suppressing finding for {} rule, response code is: {}", getRuleName(), Integer.valueOf(httpResponse.getStatus()));
            }
        } else {
            if (isUndesiredContentType(httpResponse.getContentType())) {
                return;
            }
            long a = this.requestHasher.a(getRuleName(), httpRequest);
            EnumMap enumMap = new EnumMap(PropertyKey.class);
            enumMap.put((EnumMap) PropertyKey.DATA, (PropertyKey) getData(httpRequest.context()));
            this.providerUtil.reportFinding(getRuleName(), (String) null, a, enumMap);
        }
    }

    @Override // com.contrastsecurity.agent.plugins.security.policy.rules.providers.HttpWatcher
    public long getRuleRequestHash(HttpRequest httpRequest, CRC32 crc32) {
        return this.requestHasher.a(crc32, getRuleName(), httpRequest);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract boolean isSafe(com.contrastsecurity.agent.context.f fVar);

    protected abstract String getRuleName();

    protected abstract String getData(com.contrastsecurity.agent.context.f fVar);

    protected boolean isUndesiredContentType(String str) {
        return false;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v2, types: [com.contrastsecurity.thirdparty.org.slf4j.Logger] */
    /* JADX WARN: Type inference failed for: r8v0, types: [java.lang.Throwable] */
    private boolean undesiredResponseCode(HttpResponse httpResponse) {
        boolean z = false;
        boolean z2 = false;
        try {
            z = ArrayUtils.contains(UNDESIRED_RESPONSE_CODES, httpResponse.getStatus());
            if (z) {
                z2 = true;
            }
        } catch (Throwable th) {
            Throwables.throwIfCritical(th);
            logger.debug("Problem catching response code for HTTP Header check", z);
        }
        return z2;
    }
}
