package P;

import com.synametrics.commons.util.logging.LoggingFW;
import com.synametrics.sradef.servlet.helper.WorkerFactory;
import java.io.IOException;
import java.io.Serializable;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import org.apache.catalina.filters.Constants;
import org.apache.catalina.filters.CsrfPreventionFilter;
import org.apache.catalina.filters.FilterBase;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.dbcp.pool2.impl.BaseObjectPoolConfig;
import x.C0184D;
import x.K;

/* compiled from: SynCsrfPreventionFilter.java */
/* loaded from: input_file:P/b.class */
public class b extends FilterBase {

    /* renamed from: f, reason: collision with root package name */
    private static final Log f363f = LogFactory.getLog(CsrfPreventionFilter.class);

    /* renamed from: b, reason: collision with root package name */
    protected Random f365b;

    /* renamed from: a, reason: collision with root package name */
    protected String f364a = SecureRandom.class.getName();

    /* renamed from: c, reason: collision with root package name */
    protected int f366c = 403;

    /* renamed from: d, reason: collision with root package name */
    protected final Set<String> f367d = new HashSet();

    /* renamed from: e, reason: collision with root package name */
    protected int f368e = 5;

    /* compiled from: SynCsrfPreventionFilter.java */
    /* loaded from: input_file:P/b$a.class */
    protected static class a extends HttpServletResponseWrapper {

        /* renamed from: a, reason: collision with root package name */
        private final String f369a;

        public a(HttpServletResponse httpServletResponse, String str) {
            super(httpServletResponse);
            this.f369a = str;
        }

        private String a(String str) {
            if (str == null || this.f369a == null) {
                return str;
            }
            String str2 = str;
            String str3 = "";
            String str4 = "";
            int indexOf = str2.indexOf(35);
            if (indexOf >= 0) {
                str4 = str2.substring(indexOf);
                str2 = str2.substring(0, indexOf);
            }
            int indexOf2 = str2.indexOf(63);
            if (indexOf2 >= 0) {
                str3 = str2.substring(indexOf2);
                str2 = str2.substring(0, indexOf2);
            }
            StringBuilder sb = new StringBuilder(str2);
            if (str3.length() > 0) {
                sb.append(str3);
                sb.append('&');
            } else {
                sb.append('?');
            }
            sb.append("synametrics.csrf.token");
            sb.append('=');
            sb.append(this.f369a);
            sb.append(str4);
            return sb.toString();
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        @Deprecated
        public String encodeRedirectUrl(String str) {
            return encodeRedirectURL(str);
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public String encodeRedirectURL(String str) {
            return a(super.encodeRedirectURL(str));
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        @Deprecated
        public String encodeUrl(String str) {
            return encodeURL(str);
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public String encodeURL(String str) {
            return a(super.encodeURL(str));
        }
    }

    /* compiled from: SynCsrfPreventionFilter.java */
    /* renamed from: P.b$b, reason: collision with other inner class name */
    /* loaded from: input_file:P/b$b.class */
    protected static class C0001b<T> implements Serializable {

        /* renamed from: a, reason: collision with root package name */
        private final Map<T, T> f370a;

        public C0001b(final int i2) {
            this.f370a = new LinkedHashMap<T, T>() { // from class: P.b.b.1
                @Override // java.util.LinkedHashMap
                protected boolean removeEldestEntry(Map.Entry<T, T> entry) {
                    return size() > i2;
                }
            };
        }

        public void a(T t2) {
            Map<T, T> map = this.f370a;
            synchronized (map) {
                this.f370a.put(t2, null);
                map = map;
            }
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v1, types: [java.util.Map<T, T>] */
        /* JADX WARN: Type inference failed for: r0v2, types: [java.lang.Throwable] */
        /* JADX WARN: Type inference failed for: r0v5, types: [boolean] */
        /* JADX WARN: Type inference failed for: r0v7, types: [boolean] */
        public boolean b(T t2) {
            Map<T, T> map = this.f370a;
            synchronized (map) {
                map = (Map<T, T>) this.f370a.containsKey(t2);
            }
            return map;
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        ServletResponse servletResponse2;
        HttpServletRequest httpServletRequest = null;
        HttpServletResponse httpServletResponse = null;
        boolean z2 = (servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse);
        if (!System.getProperty("enable.CSRF.prevention", "false").equalsIgnoreCase("true")) {
            z2 = false;
        }
        if (z2) {
            httpServletRequest = (HttpServletRequest) servletRequest;
            httpServletResponse = (HttpServletResponse) servletResponse;
            String header = httpServletRequest.getHeader("User-Agent");
            if (header != null && P.a.a().a(header)) {
                z2 = false;
            }
        }
        if (z2 && servletRequest.getParameter("skcsrf") != null) {
            z2 = System.currentTimeMillis() - BaseObjectPoolConfig.DEFAULT_MIN_EVICTABLE_IDLE_TIME_MILLIS > K.f(servletRequest.getParameter("skcsrf"), 0);
        }
        if (z2) {
            String parameter = httpServletRequest.getParameter("operation");
            boolean z3 = false;
            boolean isStrictValidation = WorkerFactory.getInstance().isStrictValidation(parameter);
            if (parameter == null) {
                z3 = true;
            } else {
                int isSkipValidation = WorkerFactory.getInstance().isSkipValidation(parameter);
                if (isSkipValidation == -1 || isSkipValidation == 1) {
                    z3 = true;
                }
            }
            if (!isStrictValidation && Constants.METHOD_GET.equals(httpServletRequest.getMethod())) {
                String servletPath = httpServletRequest.getServletPath();
                if (httpServletRequest.getPathInfo() != null) {
                    servletPath = String.valueOf(servletPath) + httpServletRequest.getPathInfo();
                }
                if (this.f367d.contains(servletPath)) {
                    z3 = true;
                }
            }
            HttpSession session = httpServletRequest.getSession(false);
            C0001b c0001b = session == null ? null : (C0001b) session.getAttribute("org.apache.catalina.filters.CSRF_NONCE");
            if (!z3) {
                String parameter2 = httpServletRequest.getParameter("synametrics.csrf.token");
                if (c0001b == null || parameter2 == null || !c0001b.b(parameter2)) {
                    StringBuffer stringBuffer = new StringBuffer();
                    Enumeration<String> parameterNames = httpServletRequest.getParameterNames();
                    while (parameterNames.hasMoreElements()) {
                        String nextElement = parameterNames.nextElement();
                        stringBuffer.append(nextElement).append(": ").append(httpServletRequest.getParameter(nextElement)).append("\r\n");
                    }
                    httpServletRequest.setAttribute("errorCode", "3000");
                    LoggingFW.log(30000, "PossibleCSRFAttack", "A possible CSRF attack detected from " + C0184D.a((HttpServletRequest) servletRequest) + "\r\nParameter Details:\r\n" + stringBuffer.toString());
                    httpServletResponse.sendError(this.f366c);
                    return;
                }
            }
            if (c0001b == null) {
                c0001b = new C0001b(this.f368e);
                if (session == null) {
                    session = httpServletRequest.getSession(true);
                }
                session.setAttribute("org.apache.catalina.filters.CSRF_NONCE", c0001b);
            }
            String a2 = a();
            c0001b.a(a2);
            servletResponse2 = new a(httpServletResponse, a2);
        } else {
            servletResponse2 = servletResponse;
        }
        filterChain.doFilter(servletRequest, servletResponse2);
    }

    protected String a() {
        byte[] bArr = new byte[16];
        StringBuilder sb = new StringBuilder();
        this.f365b.nextBytes(bArr);
        for (int i2 = 0; i2 < bArr.length; i2++) {
            byte b2 = (byte) ((bArr[i2] & 240) >> 4);
            byte b3 = (byte) (bArr[i2] & 15);
            if (b2 < 10) {
                sb.append((char) (48 + b2));
            } else {
                sb.append((char) (65 + (b2 - 10)));
            }
            if (b3 < 10) {
                sb.append((char) (48 + b3));
            } else {
                sb.append((char) (65 + (b3 - 10)));
            }
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.catalina.filters.FilterBase
    public Log getLogger() {
        return f363f;
    }

    @Override // org.apache.catalina.filters.FilterBase, javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        super.init(filterConfig);
        try {
            this.f365b = (Random) Class.forName(this.f364a).newInstance();
        } catch (ClassNotFoundException e2) {
            throw new ServletException(sm.getString("csrfPrevention.invalidRandomClass", this.f364a), e2);
        } catch (IllegalAccessException e3) {
            throw new ServletException(sm.getString("csrfPrevention.invalidRandomClass", this.f364a), e3);
        } catch (InstantiationException e4) {
            throw new ServletException(sm.getString("csrfPrevention.invalidRandomClass", this.f364a), e4);
        }
    }

    @Override // org.apache.catalina.filters.FilterBase
    protected boolean isConfigProblemFatal() {
        return true;
    }
}
