package com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.socketfactory;

import com.contrastsecurity.agent.ScopedSensor;
import com.contrastsecurity.agent.ScopingSensor;
import com.contrastsecurity.agent.Sensor;
import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.commons.l;
import com.contrastsecurity.agent.config.ContrastProperties;
import com.contrastsecurity.agent.config.g;
import com.contrastsecurity.agent.core.ContrastEngine;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.n.i;
import com.contrastsecurity.agent.n.j;
import com.contrastsecurity.agent.plugins.security.AssessmentContext;
import com.contrastsecurity.agent.plugins.security.AssessmentManager;
import com.contrastsecurity.agent.plugins.security.Finding;
import com.contrastsecurity.agent.plugins.security.controller.EventContext;
import com.contrastsecurity.agent.plugins.security.controller.TraceController;
import com.contrastsecurity.agent.plugins.security.model.TriggerEvent;
import com.contrastsecurity.agent.plugins.security.model.c;
import com.contrastsecurity.agent.plugins.security.policy.rules.Rule;
import com.contrastsecurity.agent.plugins.security.policy.rules.d;
import com.contrastsecurity.agent.plugins.security.u;
import com.contrastsecurity.agent.trace.Trace;
import com.contrastsecurity.agent.trace.UniqueMethod;
import com.contrastsecurity.agent.trace.b;
import com.contrastsecurity.agent.trace.snapshot.ObjectSnapshotFactory;
import com.contrastsecurity.agent.util.A;
import com.contrastsecurity.agent.util.ObjectShare;
import com.contrastsecurity.agent.util.W;
import com.contrastsecurity.agent.util.privileges.SystemAccessPermissions;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.net.Socket;
import javax.net.ssl.SSLSocketFactory;

@Sensor
/* loaded from: input_file:lib/contrast-agent-core.jar:com/contrastsecurity/agent/plugins/security/policy/rules/providers/internal/socketfactory/ContrastSocketFactoryDispatcherImpl.class */
public final class ContrastSocketFactoryDispatcherImpl implements ContrastSocketFactoryDispatcher {
    private final ApplicationManager a;
    private final g b;
    private final AssessmentManager c;
    private final EventContext d;
    private final ObjectSnapshotFactory e;
    private final HttpManager f;
    private final ContrastEngine g;
    private final d h;
    private final b i;
    private final TraceController j;
    private final Finding.d k;
    private final j l;
    private static final String n = "insecure-socket-factory";
    public static final String RULE_NAME = "insecure-socket-factory";
    private static final String o = "ssl.SocketFactory.provider";
    private static final boolean m = b();
    private static final Logger p = LoggerFactory.getLogger(ContrastSocketFactoryDispatcherImpl.class);

    public ContrastSocketFactoryDispatcherImpl(ApplicationManager applicationManager, AssessmentManager assessmentManager, g gVar, EventContext eventContext, ObjectSnapshotFactory objectSnapshotFactory, HttpManager httpManager, ContrastEngine contrastEngine, d dVar, b bVar, TraceController traceController, Finding.d dVar2, j jVar) {
        l.a(applicationManager);
        l.a(assessmentManager);
        l.a(gVar);
        l.a(eventContext);
        l.a(objectSnapshotFactory);
        l.a(httpManager);
        l.a(contrastEngine);
        l.a(dVar);
        l.a(bVar);
        l.a(traceController);
        l.a(dVar2);
        l.a(jVar);
        this.a = applicationManager;
        this.c = assessmentManager;
        this.b = gVar;
        this.d = eventContext;
        this.e = objectSnapshotFactory;
        this.f = httpManager;
        this.g = contrastEngine;
        this.h = dVar;
        this.i = bVar;
        this.j = traceController;
        this.k = dVar2;
        this.l = jVar;
    }

    @Override // java.lang.ContrastSocketFactoryDispatcher
    @ScopedSensor
    public void trackSocketCreate(Object obj, Object obj2) {
        try {
            ScopingSensor.aspectOf().startScope();
            try {
                if (a() && m) {
                    a((SSLSocketFactory) obj, (Socket) obj2, this.k);
                }
            } catch (Throwable th) {
                p.error("Problem checking insecure-socket-factory trigger during socket creation", th);
            }
        } finally {
            ScopingSensor.aspectOf().leaveScope();
        }
    }

    private boolean a() {
        return SystemAccessPermissions.getSystemProperty(o) == null;
    }

    private void a(SSLSocketFactory sSLSocketFactory, Socket socket, Finding.d dVar) {
        Application current = this.a.current();
        if (current == null) {
            return;
        }
        if (W.e(this.b.a(ContrastProperties.ASSESS_DISABLED_RULES), ",").contains("insecure-socket-factory")) {
            p.debug("Suppressed socket connection report in {} for the disabled rule {}", current.getDisplayName(), "insecure-socket-factory");
            return;
        }
        Rule ruleById = this.c.currentPolicy().getRuleById("insecure-socket-factory");
        if (ruleById == null || !ruleById.isEnabled()) {
            return;
        }
        int frameDepth = this.d.getFrameDepth() + 1;
        i a = this.l.a();
        StackTraceElement stackTraceElement = a.b().get(frameDepth);
        TriggerEvent triggerEvent = new TriggerEvent(this.c, this.e, this.j, ruleById, "O", UniqueMethod.getMethod(stackTraceElement.getClassName(), stackTraceElement.getMethodName(), "()Ljava/net/Socket;", 0), sSLSocketFactory, ObjectShare.EMPTY_OBJ_ARRAY, socket);
        triggerEvent.setTimestamp(System.currentTimeMillis());
        triggerEvent.setThreadDesc(Thread.currentThread());
        triggerEvent.setStack(a);
        triggerEvent.overrideStackDepth(frameDepth);
        try {
            Trace a2 = this.i.a();
            a2.addEvent(triggerEvent);
            a2.setRuleId("insecure-socket-factory");
            Finding a3 = dVar.a(current, "insecure-socket-factory", a2, u.h.a("insecure-socket-factory", this.f.getCurrentRequest()));
            HttpRequest cloneCurrentRequest = this.f.cloneCurrentRequest();
            if (cloneCurrentRequest != null) {
                a3.setRequest(cloneCurrentRequest.mo108clone());
            }
            p.info("Added finding for rule ID: insecure-socket-factory");
            if (this.h.e()) {
                this.h.a("insecure-socket-factory", a3.getHash());
            }
            AssessmentContext currentContext = this.c.currentContext();
            if (currentContext != null) {
                currentContext.setLastMethodEvent(triggerEvent);
            }
            this.g.queueReport(a3);
        } catch (c e) {
            p.info("Duplicate event detected for rule ID: insecure-socket-factory");
        }
    }

    private static boolean b() {
        String l = A.l();
        return l == null || l.contains("1.6");
    }
}
