package com.securenative.agent.middlewares;

import com.securenative.agent.SecureNative;
import com.securenative.agent.utils.SignatureUtils;
import com.securenative.agent.utils.Utils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/securenative/agent/middlewares/VerifyWebhookMiddleware.class */
public class VerifyWebhookMiddleware implements Filter {
    private static final Logger logger = Logger.getLogger(VerifyWebhookMiddleware.class.getName());
    private SecureNative secureNative;
    private final String SIGNATURE_KEY = "x-securenative";

    public VerifyWebhookMiddleware(SecureNative secureNative) {
        this.secureNative = secureNative;
    }

    public void init(FilterConfig filterConfig) {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest == null) {
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (SignatureUtils.isValidSignature(getBody(servletRequest), Utils.isNullOrEmpty(httpServletRequest.getHeader("x-securenative")) ? "" : httpServletRequest.getHeader("x-securenative"), this.secureNative.getApiKey())) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        logger.fine("Request have been blocked due to incompatible signature");
        httpServletResponse.sendError(401, "Unauthorized");
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }

    private String getBody(ServletRequest servletRequest) throws IOException {
        StringBuilder sb = new StringBuilder();
        BufferedReader bufferedReader = null;
        try {
            ServletInputStream inputStream = servletRequest.getInputStream();
            if (inputStream != null) {
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                char[] cArr = new char[128];
                while (true) {
                    int read = bufferedReader.read(cArr);
                    if (read <= 0) {
                        break;
                    }
                    sb.append(cArr, 0, read);
                }
            }
            return sb.toString();
        } finally {
            if (bufferedReader != null) {
                bufferedReader.close();
            }
        }
    }
}
