package com.contrastsecurity.agent.plugins.frameworks.j2ee.a.b;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.config.e;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.i.a.O;
import com.contrastsecurity.agent.i.a.au;
import com.contrastsecurity.agent.messages.finding.trace.EventPropertyDTM;
import com.contrastsecurity.agent.messages.finding.trace.PropertyKey;
import com.contrastsecurity.agent.plugins.frameworks.C0278g;
import com.contrastsecurity.agent.plugins.frameworks.L;
import com.contrastsecurity.agent.plugins.frameworks.j2ee.E;
import com.contrastsecurity.agent.plugins.frameworks.j2ee.i;
import com.contrastsecurity.agent.plugins.frameworks.j2ee.jsp.assess.f;
import com.contrastsecurity.agent.plugins.security.J;
import com.contrastsecurity.agent.plugins.security.model.j;
import com.contrastsecurity.agent.plugins.security.policy.SourceNode;
import com.contrastsecurity.agent.plugins.security.policy.rules.Rule;
import com.contrastsecurity.agent.plugins.security.policy.y;
import com.contrastsecurity.agent.trace.Trace;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.org.apache.http.message.BasicHeaderValueParser;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.Arrays;
import java.util.Enumeration;

/* compiled from: ServletTraceListener.java */
/* loaded from: input_file:com/contrastsecurity/agent/plugins/frameworks/j2ee/a/b/a.class */
public final class a implements J {
    private final HttpManager b;
    final e a;
    private final i c;
    private static final char[] d = "javax.faces.ViewState".toCharArray();
    private static final char[] e = "jakarta.faces.ViewState".toCharArray();
    private static final Logger f = LoggerFactory.getLogger((Class<?>) a.class);

    @Inject
    public a(e eVar, HttpManager httpManager, i iVar) {
        this.b = httpManager;
        this.c = iVar;
        this.a = eVar;
    }

    @Override // com.contrastsecurity.agent.plugins.security.J
    public boolean a(com.contrastsecurity.agent.plugins.security.controller.a aVar) {
        String a;
        char[] cArr;
        j c = aVar.c();
        SourceNode j = c.j();
        Object g = aVar.g();
        HttpRequest currentRequest = this.b.getCurrentRequest();
        boolean z = true;
        boolean a2 = com.contrastsecurity.agent.q.a.a(aVar.q(), au.a);
        boolean a3 = com.contrastsecurity.agent.q.a.a(aVar.q(), O.a);
        if (a2 || a3) {
            if (j.isSourceType(y.PARAMETER) && (j.isSourceType(y.VALUE) || j.isSourceType(y.NAME))) {
                char[][] i = c.i();
                if (i != null && i.length > 0 && (cArr = i[0]) != null && (Arrays.equals(d, cArr) || Arrays.equals(e, cArr))) {
                    z = false;
                }
                if (z && !(g instanceof Enumeration) && currentRequest != null && !L.a(currentRequest, c.k(), i) && currentRequest.context().get(f.a) == null) {
                    if (f.isDebugEnabled() && i != null && i.length > 0) {
                        f.debug("Preventing tracking {} parameter because not found in the request", new String(i[0]));
                    }
                    z = false;
                }
            } else if (E.a(j)) {
                if (!L.a(c)) {
                    c.l();
                }
            } else if (j.isSourceType(y.COOKIE) && C0278g.a(g) && (a = this.c.a(g)) != null) {
                c.a(a);
            }
        }
        return z;
    }

    @Override // com.contrastsecurity.agent.plugins.security.J
    public void a(Application application, Trace trace, Rule rule, Object obj, Object[] objArr, Object obj2) {
        if ("cookie-flags-missing".equals(rule.getId())) {
            String str = null;
            if (C0278g.a(obj)) {
                str = this.c.a(obj);
            } else if (a(obj, objArr)) {
                str = BasicHeaderValueParser.parseHeaderElement((String) objArr[1], BasicHeaderValueParser.INSTANCE).getName();
            }
            if (str != null) {
                trace.addProperty(new EventPropertyDTM(PropertyKey.COOKIE_NAME, str));
            } else {
                f.debug("Object for rule cookie-flags-missing has no name!");
            }
        }
    }

    private static boolean a(Object obj, Object[] objArr) {
        if (C0278g.a(obj, objArr, E.a().e().get(E.a.HTTP_SERVLET_RESPONSE))) {
            return true;
        }
        return C0278g.a(obj, objArr, E.b().e().get(E.a.HTTP_SERVLET_RESPONSE));
    }
}
