package org.sdase.commons.server.security.validation;

import io.dropwizard.server.AbstractServerFactory;
import io.dropwizard.server.ServerFactory;
import io.dropwizard.setup.Bootstrap;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.sdase.commons.server.security.exception.InsecureConfigurationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/sdase/commons/server/security/validation/CustomErrorHandlerSecurityAdvice.class */
public class CustomErrorHandlerSecurityAdvice {
    private static final Logger LOG = LoggerFactory.getLogger(CustomErrorHandlerSecurityAdvice.class);
    private static final String JACKSON_CONFIGURATION_BUNDLE_CLASS = "JacksonConfigurationBundle";
    private static final String JACKSON_CONFIGURATION_BUNDLE_FQN = "org.sdase.commons.server.jackson.JacksonConfigurationBundle";
    private Bootstrap<?> bootstrap;
    private AbstractServerFactory abstractServerFactory;

    public CustomErrorHandlerSecurityAdvice(ServerFactory serverFactory, Bootstrap<?> bootstrap) {
        this.bootstrap = bootstrap;
        this.abstractServerFactory = ServerFactoryUtil.verifyAbstractServerFactory(serverFactory).orElse(null);
    }

    public void applySecureConfiguration() {
        verifyJacksonConfigurationBundleEnabled();
        forceDefaultExceptionMappersAreNotRegistered();
    }

    private void forceDefaultExceptionMappersAreNotRegistered() {
        if (this.abstractServerFactory.getRegisterDefaultExceptionMappers().booleanValue()) {
            LOG.info("Disabling registerDefaultExceptionHeaders to avoid giving information to possible attackers.");
            this.abstractServerFactory.setRegisterDefaultExceptionMappers(false);
        }
    }

    private void verifyJacksonConfigurationBundleEnabled() {
        Stream<R> map = extractRegisteredBundleTypes(this.bootstrap.getClass()).stream().map((v0) -> {
            return v0.getName();
        });
        String str = JACKSON_CONFIGURATION_BUNDLE_FQN;
        if (map.noneMatch((v1) -> {
            return r1.equals(v1);
        })) {
            throw new InsecureConfigurationException("Missing org.sdase.commons.server.jackson.JacksonConfigurationBundle from sda-commons-server-jackson. The JacksonConfigurationBundle registers custom error mappers that do not expose server specific error messages/pages.");
        }
    }

    private List<Class<?>> extractRegisteredBundleTypes(Class<?> cls) {
        ArrayList arrayList = new ArrayList();
        try {
            for (Field field : (List) Stream.of((Object[]) cls.getDeclaredFields()).filter(field2 -> {
                return "bundles".equals(field2.getName()) || "configuredBundles".equals(field2.getName());
            }).collect(Collectors.toList())) {
                field.setAccessible(true);
                arrayList.addAll((Collection) ((List) field.get(this.bootstrap)).stream().map((v0) -> {
                    return v0.getClass();
                }).collect(Collectors.toList()));
            }
            if (!Object.class.equals(cls)) {
                arrayList.addAll(extractRegisteredBundleTypes(cls.getSuperclass()));
            }
            return arrayList;
        } catch (Exception e) {
            throw new IllegalStateException("Could not verify registered bundles. Added bundles are checked using reflection.", e);
        }
    }
}
