package ru.org.openam.xss;

import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.sso.SSOToken;
import com.sun.identity.authentication.service.AuthD;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.security.AdminTokenAction;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.TreeMap;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.lang3.StringUtils;
import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.CleanResults;
import org.owasp.validator.html.Policy;
import org.owasp.validator.html.PolicyException;
import org.owasp.validator.html.ScanException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.org.openam.crypt.Base64Util;
import ru.org.openam.crypt.HMAC;
import ru.org.openam.httpdump.Dump;

/* loaded from: input_file:ru/org/openam/xss/XSSRequestWrapper.class */
public class XSSRequestWrapper extends HttpServletRequestWrapper {
    static final Logger logger = LoggerFactory.getLogger(XSSRequestWrapper.class.getName());
    static String escapeGtLtParamsPattern = System.getProperty(XSSRequestWrapper.class.getName() + ".escapeGtLtParamsPattern", "");
    static AntiSamy antisamy;
    final XSSFilter filter;
    String queryString;
    Map<String, String[]> paramsMap;
    Boolean csrfPassed;
    public static volatile String trustedSuffix;
    static final Cache<String, Boolean> validDomains;

    public XSSRequestWrapper(XSSFilter xSSFilter, HttpServletRequest httpServletRequest) {
        super(httpServletRequest);
        this.queryString = "";
        this.paramsMap = null;
        this.csrfPassed = null;
        httpServletRequest.getSession(true);
        this.filter = xSSFilter;
    }

    /* JADX WARN: Multi-variable type inference failed */
    void parseParam() {
        try {
            if (this.paramsMap == null || !StringUtils.equals(this.queryString, getQueryString()) || getAttribute("force.reload.param") != null) {
                synchronized (this) {
                    if (this.paramsMap == null || !StringUtils.equals(this.queryString, getQueryString()) || getAttribute("force.reload.param") != null) {
                        if (this.paramsMap == null) {
                            this.paramsMap = new TreeMap(String.CASE_INSENSITIVE_ORDER);
                        }
                        Enumeration parameterNames = getRequest().getParameterNames();
                        while (parameterNames.hasMoreElements()) {
                            String str = (String) parameterNames.nextElement();
                            if (!str.equals(CSRFToken.CSRF_TOKEN_NAME) && !str.equals(CSRFToken.CSRF_TOKEN_TS) && (!Boolean.TRUE.equals(getAttribute("POST2GET")) || getCSRFPassed() || !this.filter.ignoreParamsOnFailCsrf.contains(str))) {
                                ArrayList arrayList = this.paramsMap.containsKey(str) ? new ArrayList(Arrays.asList(this.paramsMap.get(str))) : new ArrayList(5);
                                for (String str2 : getRequest().getParameterValues(str)) {
                                    String checkParameter = checkParameter(str, str2);
                                    if (checkParameter != null && !arrayList.contains(checkParameter)) {
                                        arrayList.add(checkParameter);
                                    }
                                }
                                if (arrayList.size() > 0) {
                                    this.paramsMap.put(str, arrayList.toArray(new String[0]));
                                }
                            }
                        }
                        removeAttribute("force.reload.param");
                        if (logger.isDebugEnabled()) {
                            logger.debug("parseParam", new Object[]{toString()});
                        }
                    }
                }
            }
        } catch (Throwable th) {
            logger.error("parseParam " + toString(), th);
            this.paramsMap = getRequest().getParameterMap();
        }
        this.queryString = getQueryString();
    }

    public Map getParameterMap() {
        try {
            parseParam();
            return this.paramsMap;
        } catch (Throwable th) {
            logger.error("getParameterMap " + this, th);
            return getRequest().getParameterMap();
        }
    }

    public String[] getParameterValues(String str) {
        try {
            parseParam();
            return this.paramsMap.get(str);
        } catch (Throwable th) {
            logger.error("getParameterValues " + this, th);
            return getRequest().getParameterValues(str);
        }
    }

    public Enumeration getParameterNames() {
        try {
            parseParam();
            return Collections.enumeration(this.paramsMap.keySet());
        } catch (Throwable th) {
            logger.error("getParameterNames " + this, th);
            return getRequest().getParameterNames();
        }
    }

    public String getParameter(String str) {
        try {
            parseParam();
            String[] parameterValues = getParameterValues(str);
            if (parameterValues == null || parameterValues.length <= 0) {
                return null;
            }
            return "GET".equals(getMethod()) ? parameterValues[0] : parameterValues[parameterValues.length - 1];
        } catch (Throwable th) {
            logger.error("getParameter " + this, th);
            return getRequest().getParameter(str);
        }
    }

    public String getMethod() {
        String method = getRequest().getMethod();
        if (!"POST".equalsIgnoreCase(method) || ((!StringUtils.containsIgnoreCase(getContentType(), "application/x-www-form-urlencoded") && !StringUtils.containsIgnoreCase(getContentType(), "multipart/form-data")) || getRequest().getParameter("sunamcompositeadvice") != null || getCSRFPassed())) {
            return (("POST".equalsIgnoreCase(method) && StringUtils.equalsIgnoreCase(getHeader("Content-Length"), "0")) || method == null) ? "GET" : method;
        }
        setAttribute("POST2GET", true);
        return "GET";
    }

    public static String HTMLEncode(String str) {
        try {
            return antisamy.scan(str).getCleanHTML();
        } catch (Throwable th) {
            logger.error("HTMLEncode", th);
            return null;
        }
    }

    public String checkParameter(String str, String str2) {
        if (str2 != null) {
            try {
                if (!str2.trim().equals("")) {
                    if ("sunamcompositeadvice".equalsIgnoreCase(str)) {
                        return str2;
                    }
                    String str3 = str2;
                    CleanResults cleanResults = null;
                    try {
                        cleanResults = antisamy.scan(str3);
                    } catch (ScanException e) {
                        logger.error("ScanException {}", e.getMessage());
                    } catch (PolicyException e2) {
                        logger.error("PolicyException {}", e2.getMessage());
                    }
                    if (cleanResults.getNumberOfErrors() > 0) {
                        String cleanHTML = cleanResults.getCleanHTML();
                        if (!"".equals(escapeGtLtParamsPattern) && str.matches(escapeGtLtParamsPattern) && "".equals(cleanHTML) && (str2.contains("<") || str2.contains(">"))) {
                            return checkParameter(str, str2.replace("<", "&lt;").replace(">", "&gt;"));
                        }
                        logger.warn("{}: ({})->({}): {}", new Object[]{str, str2, cleanHTML, cleanResults.getErrorMessages()});
                        return cleanHTML;
                    }
                    if (this.filter.skipFormatControlFields.contains(str)) {
                        return str3;
                    }
                    if (!str.startsWith("goto") && !str.equalsIgnoreCase("ProviderID") && !str.equalsIgnoreCase("redirect") && !str.equalsIgnoreCase("TARGET") && !str.equalsIgnoreCase("urlLogin") && !str.equalsIgnoreCase("loginURL") && !StringUtils.startsWith(str3, "http")) {
                        if (cleanResults != null && cleanResults.getNumberOfErrors() == 0) {
                            str3 = cleanResults.getCleanHTML();
                            if (!str2.equals(str3) && !StringUtils.isBlank(str3)) {
                                logger.warn("{}: ({})->({}): {}", new Object[]{str, str2, str3, "safe encoding to HTML"});
                            } else if (!str2.equals(str3)) {
                                logger.error("{}: ({})->({}): {}", new Object[]{str, str2, str3, "safe encoding to HTML"});
                                return str2;
                            }
                        }
                        return str3;
                    }
                    try {
                        if (str.equalsIgnoreCase("goto") && "true".equals(getRequest().getParameter("encoded"))) {
                            str3 = new String(Base64Util.decode(str3.getBytes()), "UTF-8");
                        }
                    } catch (Exception e3) {
                        logger.warn("Base64Util.decode {}: ({}): {}", new Object[]{str, str3, e3});
                    }
                    String safeURL = getSafeURL(this, str, str3);
                    if (safeURL != null) {
                        try {
                            if (str.equalsIgnoreCase("goto") && "true".equals(getRequest().getParameter("encoded"))) {
                                safeURL = new String(Base64Util.encode(safeURL.getBytes()), "UTF-8");
                            }
                        } catch (Exception e4) {
                            logger.warn("Base64Util.encode {}: ({}): {}", new Object[]{str, safeURL, e4});
                        }
                    }
                    return safeURL;
                }
            } catch (Throwable th) {
                logger.error("checkParameter " + toString(), th);
                return str2;
            }
        }
        return str2;
    }

    public static String getSafeURL(HttpServletRequest httpServletRequest, String str, String str2) {
        URI uri;
        URI uri2;
        if (str2 == null || "".equals(str2) || httpServletRequest.getAttribute("SafeURL.ignore") != null) {
            return str2;
        }
        String str3 = null;
        try {
            try {
                uri = new URI(httpServletRequest.getRequestURL() == null ? "https://" + httpServletRequest.getServerName() : httpServletRequest.getRequestURL().toString());
                if (uri.getHost() != null) {
                    if (validDomains.getIfPresent(uri.getHost().toLowerCase()) == null) {
                        validDomains.put(uri.getHost().toLowerCase(), true);
                    }
                    if (trustedSuffix == null) {
                        String[] split = uri.getHost().toLowerCase().split("\\.");
                        if (split.length > 1) {
                            trustedSuffix = split[split.length - 2] + "." + split[split.length - 1];
                        }
                    }
                }
                uri2 = new URI(str2);
                if (!uri2.isAbsolute()) {
                    uri2 = uri.resolve(uri2);
                }
                uri2.normalize();
            } catch (URISyntaxException e) {
                str3 = null;
                logger.warn("{}: ({})->({}): {}", new Object[]{str, str2, null, e.toString()});
            }
        } catch (Throwable th) {
            logger.error("getSafeURL " + httpServletRequest.toString(), th);
        }
        if (!"http".equals(uri2.getScheme()) && !"https".equals(uri2.getScheme())) {
            throw new URISyntaxException(uri2.getScheme(), "unknown getScheme");
        }
        if (uri2.getHost() == null) {
            throw new URISyntaxException(str2, "getHost==null");
        }
        if (!uri2.getHost().equalsIgnoreCase(trustedSuffix) && !uri2.getHost().toLowerCase().endsWith("." + trustedSuffix) && validDomains.getIfPresent(uri2.getHost().toLowerCase()) == null) {
            boolean z = false;
            try {
                if ("true".equalsIgnoreCase(SystemProperties.get("com.iplanet.am.serverMode"))) {
                    z = AuthD.getAuth().isGotoUrlValid(uri2.toString(), IdUtils.getOrganization((SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance()), uri.getHost()));
                    if (!z) {
                        throw new URISyntaxException(uri2.toString(), "unknown isGotoUrlValid");
                    }
                }
            } catch (Throwable th2) {
            }
            if (!z) {
                throw new URISyntaxException(uri2.getHost(), "unknown getHost");
            }
        }
        str3 = uri2.toString();
        return str3;
    }

    public String toString() {
        return Dump.toString(getRequest());
    }

    public boolean getCSRFPassed() {
        if (getAttribute("csrf.ignore") != null) {
            return true;
        }
        if (this.csrfPassed == null) {
            Iterator<Map<String, String>> it = XSSFilter.CSRF$ignore.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Map<String, String> next = it.next();
                if (super.getParameterMap().keySet().containsAll(next.keySet())) {
                    boolean z = true;
                    Iterator<Map.Entry<String, String>> it2 = next.entrySet().iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        Map.Entry<String, String> next2 = it2.next();
                        if (!StringUtils.equalsIgnoreCase(super.getParameter(next2.getKey()), next2.getValue())) {
                            z = false;
                            break;
                        }
                    }
                    if (z) {
                        this.csrfPassed = true;
                        break;
                    }
                }
            }
        }
        if (this.csrfPassed == null) {
            try {
                String parameter = getRequest().getParameter(CSRFToken.CSRF_TOKEN_TS);
                if (StringUtils.isBlank(parameter) || System.currentTimeMillis() - 1800000 > Long.parseLong(parameter)) {
                    logger.error("Expired {}={}: {}", new Object[]{CSRFToken.CSRF_TOKEN_TS, parameter, toString()});
                    this.csrfPassed = false;
                } else {
                    String parameter2 = getRequest().getParameter(CSRFToken.CSRF_TOKEN_NAME);
                    if (parameter2 == null) {
                        logger.error("Request doesnot contain csrf token: " + toString());
                        this.csrfPassed = false;
                    } else {
                        this.csrfPassed = Boolean.valueOf(parameter2.equals(HMAC.getHMac(parameter + getSession().getId().toLowerCase() + CSRFToken.normalizeRequestUri(this, CSRFToken.getRequestUri(this)).getRawPath(), CSRFToken.getEncryptionKey())));
                        if (!this.csrfPassed.booleanValue()) {
                            logger.error("CSRF attak detected! " + toString());
                        }
                    }
                }
            } catch (Throwable th) {
                logger.error("CSRF check error! " + toString(), th);
            }
        }
        return this.csrfPassed.booleanValue();
    }

    static {
        System.setProperty("javax.xml.transform.TransformerFactory", "com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl");
        InputStream resourceAsStream = XSSRequestWrapper.class.getResourceAsStream("/antisamy-anythinggoes-1.4.4.xml");
        Policy policy = null;
        try {
            policy = Policy.getInstance(resourceAsStream);
        } catch (PolicyException e) {
            logger.error("Failed to initialise Antisamy Policy", e);
        }
        if (policy != null) {
            antisamy = new AntiSamy(policy);
        }
        try {
            resourceAsStream.close();
        } catch (IOException e2) {
        }
        trustedSuffix = null;
        validDomains = CacheBuilder.newBuilder().maximumSize(64000L).expireAfterAccess(1L, TimeUnit.HOURS).build();
    }
}
