package com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.socketfactory;

import com.contrastsecurity.agent.DontObfuscate;
import com.contrastsecurity.agent.ScopedSensor;
import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.commons.Throwables;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.plugins.security.AssessmentContext;
import com.contrastsecurity.agent.plugins.security.AssessmentManager;
import com.contrastsecurity.agent.plugins.security.Finding;
import com.contrastsecurity.agent.plugins.security.model.TriggerEvent;
import com.contrastsecurity.agent.plugins.security.n;
import com.contrastsecurity.agent.plugins.security.policy.rules.Rule;
import com.contrastsecurity.agent.plugins.security.y;
import com.contrastsecurity.agent.s;
import com.contrastsecurity.agent.scope.GlobalScopeProvider;
import com.contrastsecurity.agent.services.ngreporting.h;
import com.contrastsecurity.agent.trace.MethodDescription;
import com.contrastsecurity.agent.trace.Trace;
import com.contrastsecurity.agent.util.JVMUtils;
import com.contrastsecurity.agent.v.l;
import com.contrastsecurity.agent.v.m;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.net.Socket;
import javax.net.ssl.SSLSocketFactory;

@Singleton
@DontObfuscate
/* loaded from: input_file:com/contrastsecurity/agent/plugins/security/policy/rules/providers/internal/socketfactory/ContrastSocketFactoryDispatcherImpl.class */
public final class ContrastSocketFactoryDispatcherImpl implements ContrastSocketFactoryDispatcher {
    private final ApplicationManager applicationManager;
    private final com.contrastsecurity.agent.config.e config;
    private final AssessmentManager assessmentManager;
    private final HttpManager httpManager;
    private final com.contrastsecurity.agent.trace.e traceFactory;
    private final com.contrastsecurity.agent.plugins.security.model.c codeEventFactory;
    private final Finding.d findingFactory;
    private final m stackCaptureFactory;
    private final h legacyReportingService;
    private final com.contrastsecurity.agent.trace.a methodDescriptionCache;
    private final y.h triggerHasher;
    private final com.contrastsecurity.agent.plugins.security.policy.d policyManager;
    private final n disabledRulesFilter;
    private static final String MASQUERADE_NAME = "insecure-socket-factory";
    public static final String RULE_NAME = "insecure-socket-factory";
    private static final String DEFAULT_SOCKET_FACTORY_PROPERTY = "ssl.SocketFactory.provider";
    private static final boolean IS_SUSCEPTIBLE = isSusceptibleJavaVersion();
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) ContrastSocketFactoryDispatcherImpl.class);

    @Inject
    public ContrastSocketFactoryDispatcherImpl(ApplicationManager applicationManager, AssessmentManager assessmentManager, com.contrastsecurity.agent.config.e eVar, HttpManager httpManager, com.contrastsecurity.agent.trace.e eVar2, com.contrastsecurity.agent.plugins.security.model.c cVar, Finding.d dVar, m mVar, h hVar, com.contrastsecurity.agent.trace.a aVar, y yVar, com.contrastsecurity.agent.plugins.security.policy.d dVar2, n nVar) {
        this.applicationManager = applicationManager;
        this.assessmentManager = assessmentManager;
        this.config = eVar;
        this.httpManager = httpManager;
        this.traceFactory = eVar2;
        this.codeEventFactory = cVar;
        this.findingFactory = dVar;
        this.stackCaptureFactory = mVar;
        this.legacyReportingService = hVar;
        this.methodDescriptionCache = aVar;
        this.triggerHasher = yVar.d();
        this.policyManager = dVar2;
        this.disabledRulesFilter = nVar;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [com.contrastsecurity.agent.scope.ScopeAggregator] */
    /* JADX WARN: Type inference failed for: r0v1 */
    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v4, types: [com.contrastsecurity.agent.scope.ScopeAggregator] */
    /* JADX WARN: Type inference failed for: r0v8, types: [com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.socketfactory.ContrastSocketFactoryDispatcherImpl] */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable, com.contrastsecurity.agent.scope.ScopeAggregator] */
    @Override // java.lang.ContrastSocketFactoryDispatcher
    @ScopedSensor
    public void trackSocketCreate(Object obj, Object obj2) {
        Throwable enterScope = GlobalScopeProvider.enterScope();
        try {
            try {
                if (isDefaultSocketFactory() && IS_SUSCEPTIBLE) {
                    enterScope = this;
                    enterScope.reportInsecureSocket((SSLSocketFactory) obj, (Socket) obj2, this.findingFactory);
                }
            } catch (Throwable th) {
                Throwables.throwIfCritical(th);
                logger.error("Problem checking insecure-socket-factory trigger during socket creation", enterScope);
            }
            enterScope = enterScope;
            enterScope.leaveScope();
        } catch (Throwable th2) {
            th2.leaveScope();
            throw enterScope;
        }
    }

    private boolean isDefaultSocketFactory() {
        return s.b(DEFAULT_SOCKET_FACTORY_PROPERTY) == null;
    }

    private void reportInsecureSocket(SSLSocketFactory sSLSocketFactory, Socket socket, Finding.d dVar) {
        Application current = this.applicationManager.current();
        if (current == null) {
            return;
        }
        if (this.disabledRulesFilter.a(current).test("insecure-socket-factory")) {
            logger.debug("Suppressed socket connection report in {} for the disabled rule {}", current, "insecure-socket-factory");
            return;
        }
        Rule ruleById = this.policyManager.e().getRuleById("insecure-socket-factory");
        if (ruleById == null || !ruleById.isEnabled()) {
            return;
        }
        l a = this.stackCaptureFactory.a(m.a.TRIGGER);
        StackTraceElement stackTraceElement = a.a().get(0);
        TriggerEvent e = ((com.contrastsecurity.agent.plugins.security.model.n) ((com.contrastsecurity.agent.plugins.security.model.n) ((com.contrastsecurity.agent.plugins.security.model.n) ((com.contrastsecurity.agent.plugins.security.model.n) ((com.contrastsecurity.agent.plugins.security.model.n) this.codeEventFactory.b().a(MethodDescription.getMethod(this.methodDescriptionCache, stackTraceElement.getClassName(), stackTraceElement.getMethodName(), "()Ljava/net/Socket;", 0))).a(ruleById).e("O")).a(sSLSocketFactory)).b(socket)).a(a)).e();
        try {
            Trace a2 = this.traceFactory.a();
            a2.addEvent(e);
            a2.setRuleId("insecure-socket-factory");
            Finding a3 = dVar.a(current, "insecure-socket-factory", a2, this.triggerHasher.a("insecure-socket-factory", this.httpManager.getCurrentRequest()));
            HttpRequest cloneCurrentRequest = this.httpManager.cloneCurrentRequest();
            if (cloneCurrentRequest != null) {
                a3.setRequest(cloneCurrentRequest);
            }
            logger.info("Added finding for rule ID: insecure-socket-factory");
            AssessmentContext currentContext = this.assessmentManager.currentContext();
            if (currentContext != null) {
                currentContext.onFindingOccurred("insecure-socket-factory", a3.getHash());
            }
            if (currentContext != null) {
                currentContext.setLastTriggerEvent(e);
            }
            this.legacyReportingService.a(a3);
        } catch (com.contrastsecurity.agent.plugins.security.model.f e2) {
            logger.info("Duplicate event detected for rule ID: insecure-socket-factory");
        }
    }

    private static boolean isSusceptibleJavaVersion() {
        String javaVersion = JVMUtils.getJavaVersion();
        return javaVersion == null || javaVersion.contains("1.6");
    }
}
