package com.contrastsecurity.agent.plugins.protect.rules.f.b;

import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.commons.Sets;
import com.contrastsecurity.agent.config.ConfigProperty;
import com.contrastsecurity.agent.messages.app.activity.protect.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.protect.details.SQLInjectionDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.details.SQLInjectionSemanticDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.protect.AttackBlockedException;
import com.contrastsecurity.agent.plugins.protect.H;
import com.contrastsecurity.agent.plugins.protect.InterfaceC0319d;
import com.contrastsecurity.agent.plugins.protect.ProtectManager;
import com.contrastsecurity.agent.plugins.protect.ProtectRuleId;
import com.contrastsecurity.agent.plugins.protect.S;
import com.contrastsecurity.agent.telemetry.b.k;
import com.contrastsecurity.agent.util.EnumC0472i;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;
import java.util.Iterator;
import java.util.Set;

/* compiled from: SQLInjectionSemanticProtectRule.java */
@Singleton
/* loaded from: input_file:com/contrastsecurity/agent/plugins/protect/rules/f/b/u.class */
public final class u implements com.contrastsecurity.agent.plugins.protect.rules.f.a {
    private final S b;
    private final x c;
    private final ApplicationManager d;
    private final ProtectManager e;
    private final int f;
    private final com.contrastsecurity.agent.telemetry.b.k g;
    private final InterfaceC0319d h;
    private final com.contrastsecurity.agent.telemetry.b.a i;
    private final com.contrastsecurity.agent.telemetry.b.a j;
    private final com.contrastsecurity.agent.telemetry.b.a k;
    private final com.contrastsecurity.agent.telemetry.b.a l;
    private static final Set<ConfigProperty> m = Sets.of(ConfigProperty.PROTECT_SQL_SEMANTIC_UNIONS, ConfigProperty.PROTECT_SQL_SEMANTIC_TAUTOLOGIES, ConfigProperty.PROTECT_SQL_SEMANTIC_CHAINING, ConfigProperty.PROTECT_SQL_SEMANTIC_DANGEROUS_FUNCTIONS);

    /* JADX INFO: Access modifiers changed from: package-private */
    @Inject
    public u(@com.contrastsecurity.agent.plugins.protect.rules.f.a.t com.contrastsecurity.agent.plugins.protect.rules.f.a aVar, com.contrastsecurity.agent.config.e eVar, x xVar, ApplicationManager applicationManager, ProtectManager protectManager, com.contrastsecurity.agent.telemetry.b.k kVar, InterfaceC0319d interfaceC0319d) {
        this.b = new com.contrastsecurity.agent.plugins.protect.A(eVar, aVar, m);
        this.c = xVar;
        this.d = applicationManager;
        this.e = protectManager;
        this.f = aVar.d() + 1;
        this.g = kVar;
        this.h = interfaceC0319d;
        this.i = a(kVar, com.contrastsecurity.agent.plugins.protect.rules.f.e.b);
        this.j = a(kVar, com.contrastsecurity.agent.plugins.protect.rules.f.e.c);
        this.k = a(kVar, com.contrastsecurity.agent.plugins.protect.rules.f.e.d);
        this.l = a(kVar, com.contrastsecurity.agent.plugins.protect.rules.f.e.e);
    }

    private com.contrastsecurity.agent.telemetry.b.a a(com.contrastsecurity.agent.telemetry.b.k kVar, String str) {
        return kVar.a(str, k.a.PROTECT).a("Counts the number of SQL injection attacks for a certain detector type").i();
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public int d() {
        return this.f;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public ProtectRuleId getRuleId() {
        return ProtectRuleId.SQL_INJECTION_SEMANTIC;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public S getProtectRuleMode() {
        return this.b;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.f.a
    public void a(H h, EnumC0472i enumC0472i, String str) {
        if (this.d.current() == null) {
            return;
        }
        for (SQLInjectionDTM sQLInjectionDTM : this.c.a(h, enumC0472i, str)) {
            if (this.g.a() && (sQLInjectionDTM instanceof SQLInjectionSemanticDTM)) {
                Iterator<SQLInjectionSemanticDTM.Finding> it = ((SQLInjectionSemanticDTM) sQLInjectionDTM).getFindings().iterator();
                while (it.hasNext()) {
                    switch (it.next()) {
                        case TAUTOLOGIES:
                            this.i.a();
                            break;
                        case CHAINING:
                            this.j.a();
                            break;
                        case DANGEROUS_FUNCTIONS:
                            this.l.a();
                            break;
                        case SUSPICIOUS_UNIONS:
                            this.k.a();
                            break;
                    }
                }
            }
            AttackResult attackResult = this.e.canBlock(this) ? AttackResult.BLOCKED : AttackResult.SUSPICIOUS;
            this.h.a(getRuleId(), (ProtectRuleId) sQLInjectionDTM, UserInputDTM.builder().type(UserInputDTM.InputType.UNKNOWN).value(sQLInjectionDTM.getQuery()).build(), attackResult);
            if (attackResult == AttackResult.BLOCKED) {
                throw new AttackBlockedException("SQL injection detected");
            }
        }
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public AttackResult a_() {
        return AttackResult.SUSPICIOUS;
    }
}
