package com.contrastsecurity.agent.plugins.frameworks.g;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.exclusions.h;
import com.contrastsecurity.agent.commons.f;
import com.contrastsecurity.agent.commons.l;
import com.contrastsecurity.agent.commons.o;
import com.contrastsecurity.agent.config.ContrastProperties;
import com.contrastsecurity.agent.config.g;
import com.contrastsecurity.agent.h.e;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.instr.InstrumentationContext;
import com.contrastsecurity.agent.messages.app.info.HTTPRoute;
import com.contrastsecurity.agent.plugins.frameworks.L;
import com.contrastsecurity.agent.plugins.frameworks.M;
import com.contrastsecurity.agent.plugins.frameworks.N;
import com.contrastsecurity.agent.plugins.frameworks.P;
import com.contrastsecurity.agent.plugins.frameworks.Q;
import com.contrastsecurity.agent.plugins.frameworks.R;
import com.contrastsecurity.agent.plugins.frameworks.T;
import com.contrastsecurity.agent.plugins.frameworks.u;
import com.contrastsecurity.agent.plugins.frameworks.w;
import com.contrastsecurity.agent.plugins.http.k;
import com.contrastsecurity.agent.plugins.http.n;
import com.contrastsecurity.agent.plugins.http.q;
import com.contrastsecurity.agent.plugins.http.r;
import com.contrastsecurity.agent.plugins.http.s;
import com.contrastsecurity.agent.plugins.http.t;
import com.contrastsecurity.agent.plugins.http.u;
import com.contrastsecurity.agent.plugins.security.controller.b;
import com.contrastsecurity.agent.plugins.security.model.SourceEvent;
import com.contrastsecurity.agent.plugins.security.policy.InheritancePreference;
import com.contrastsecurity.agent.plugins.security.policy.rules.Rule;
import com.contrastsecurity.agent.plugins.security.policy.v;
import com.contrastsecurity.agent.trace.CodeEvent;
import com.contrastsecurity.agent.trace.Trace;
import com.contrastsecurity.thirdparty.com.rabbitmq.client.ConnectionFactory;
import com.contrastsecurity.thirdparty.org.objectweb.asm.ClassVisitor;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.lang.reflect.Method;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

/* compiled from: JerseySupporter.java */
/* loaded from: input_file:lib/contrast-agent-core.jar:com/contrastsecurity/agent/plugins/frameworks/g/a.class */
public final class a extends u implements L, Q, T, w {
    private final g d;
    private static final Set<String> e = new HashSet();
    static final Set<String> b;
    public static final String c = "/policies/jersey.xml";
    private static final int f;
    private static final Logger g;

    public a(g gVar) {
        l.a(gVar, "config");
        this.d = gVar;
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.Q
    public boolean a(b bVar) {
        return true;
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.Q
    public boolean b(b bVar) {
        SourceEvent sourceEvent = (SourceEvent) bVar.d();
        v source = sourceEvent.getSource();
        if (!M.a(bVar.p(), this) || !R.a(e, source) || P.a(sourceEvent)) {
            return true;
        }
        P.b(sourceEvent);
        return true;
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.u
    public ClassVisitor onClassTransform(ClassVisitor classVisitor, InstrumentationContext instrumentationContext) {
        return classVisitor;
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.Q
    public boolean a(Application application, Rule rule, Object obj, Object[] objArr, Object obj2) {
        return true;
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.Q
    public void a(Application application, Trace trace, Rule rule, Object obj, Object[] objArr, Object obj2) {
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.Q
    public boolean a(Trace trace, Rule rule) {
        boolean z = false;
        if (a(rule)) {
            z = a(trace);
        }
        return z;
    }

    private boolean a(Trace trace) {
        boolean z = false;
        if (trace.getEvents().size() > 1) {
            CodeEvent firstEvent = trace.getFirstEvent();
            CodeEvent lastEvent = trace.getLastEvent();
            if (b(firstEvent)) {
                z = !a(lastEvent);
            }
        }
        return z;
    }

    private boolean a(CodeEvent codeEvent) {
        return codeEvent.getMethodName().startsWith("com.github.mustachejava");
    }

    private boolean b(CodeEvent codeEvent) {
        return codeEvent.getMethodName().startsWith("org.glassfish.jersey.server.internal");
    }

    private boolean a(Rule rule) {
        return rule.getId().equals("reflected-xss");
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.w
    public String a() {
        return "/hierarchies/jersey-hierarchy.xml";
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.Q
    public boolean a(Application application, Trace trace, Rule rule, SourceEvent sourceEvent, int i, HttpRequest httpRequest, h hVar) {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.L
    public String getPolicyLocation() {
        String str = null;
        if (this.d.f(ContrastProperties.SUPPORTER_JERSEY)) {
            str = c;
        }
        return str;
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.L
    public boolean isMatchingPolicyLocation(N n) {
        return M.a(n, this);
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.L
    public int getPolicyId() {
        return f;
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.T
    public Collection<k> provideLifecycleWatchers() {
        return f.a();
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.T
    public Collection<q> provideHeaderWatchers() {
        return f.a();
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.T
    public n provideParameterWatcher() {
        return null;
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.T
    public Collection<s> provideRouteObservationWatchers() {
        return f.a(new s.a().a(a.class).a(s.b.ON_METHOD_EXIT).b("org.glassfish.jersey.server.ServerRuntime").a("void process(org.glassfish.jersey.server.ContainerRequest)").a(new r() { // from class: com.contrastsecurity.agent.plugins.frameworks.g.a.1
            @Override // com.contrastsecurity.agent.plugins.http.r
            public HTTPRoute a(Object obj, Object[] objArr, Object obj2, HttpRequest httpRequest) {
                Object obj3 = objArr[0];
                if (obj3 == null) {
                    e.a("JERSEY_ROUTE_OBSERVATION_INVALID_PARAMS", a.g, "Cannot observe route since the Jersey ContainerRequest is null.");
                    return null;
                }
                Object a = com.contrastsecurity.agent.plugins.g.a(obj3, "getUriRoutingContext");
                if (a == null) {
                    return null;
                }
                Object a2 = com.contrastsecurity.agent.plugins.g.a(a, "getMatchedResourceMethod");
                return a.this.a(a.this.a((String) com.contrastsecurity.agent.plugins.g.a(a, "getPath")), a2);
            }

            @Override // com.contrastsecurity.agent.plugins.http.r
            public boolean a() {
                return false;
            }
        }));
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.T
    public Collection<com.contrastsecurity.agent.plugins.http.u> provideRouteRegistrationWatchers() {
        t tVar = new t() { // from class: com.contrastsecurity.agent.plugins.frameworks.g.a.2
            @Override // com.contrastsecurity.agent.plugins.http.t
            public Collection<HTTPRoute> a(Object obj, Object[] objArr, Object obj2) {
                if (obj2 == null) {
                    e.a("JERSEY_ROUTE_DISCOVERY_INVALID_PARAMS", a.g, "Cannot discover route since the Jersey ResourceModel is null.");
                    return null;
                }
                List list = (List) com.contrastsecurity.agent.plugins.g.a(obj2, "getResources");
                if (list == null) {
                    return null;
                }
                HashSet hashSet = new HashSet();
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    hashSet.addAll(a.this.a(it.next(), ""));
                }
                return hashSet;
            }
        };
        return f.a(new u.a().a(a.class).a(InheritancePreference.NONE).b("org.glassfish.jersey.server.ApplicationHandler").a("org.glassfish.jersey.server.model.ResourceModel processResourceModel(org.glassfish.jersey.server.model.ResourceModel)").a(tVar), new u.a().a("Jersey2.6AndAfter").a(InheritancePreference.NONE).b("org.glassfish.jersey.server.ResourceModelConfigurator").a("org.glassfish.jersey.server.model.ResourceModel processResourceModel(java.util.Collection,org.glassfish.jersey.server.model.ResourceModel,org.glassfish.jersey.server.ResourceConfig)").a(tVar));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Collection<HTTPRoute> a(Object obj, String str) {
        if (obj == null) {
            return Collections.emptyList();
        }
        String a = a(str + com.contrastsecurity.agent.plugins.g.a(obj, "getPath"));
        int indexOf = a.indexOf(ConnectionFactory.DEFAULT_VHOST, 1);
        if (b.contains(indexOf != -1 ? a.substring(0, indexOf) : a)) {
            return Collections.emptyList();
        }
        HashSet hashSet = new HashSet();
        List list = (List) com.contrastsecurity.agent.plugins.g.a(obj, "getResourceMethods");
        if (list != null) {
            Iterator it = list.iterator();
            while (it.hasNext()) {
                HTTPRoute a2 = a(a, it.next());
                if (a2 != null) {
                    hashSet.add(a2);
                }
            }
        }
        List list2 = (List) com.contrastsecurity.agent.plugins.g.a(obj, "getChildResources");
        if (list2 != null) {
            Iterator it2 = list2.iterator();
            while (it2.hasNext()) {
                hashSet.addAll(a(it2.next(), a));
            }
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String a(String str) {
        if (str != null) {
            return str.startsWith(ConnectionFactory.DEFAULT_VHOST) ? str : ConnectionFactory.DEFAULT_VHOST + str;
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public HTTPRoute a(String str, Object obj) {
        if (obj == null) {
            return null;
        }
        return HTTPRoute.of((String) com.contrastsecurity.agent.plugins.g.a(obj, "getHttpMethod"), str, com.contrastsecurity.agent.plugins.http.w.a((Method) com.contrastsecurity.agent.plugins.g.a(com.contrastsecurity.agent.plugins.g.a(obj, "getInvocable"), "getHandlingMethod")));
    }

    @Override // com.contrastsecurity.agent.plugins.frameworks.T
    public List<String> getViewstateParameterNames() {
        return Collections.emptyList();
    }

    static {
        e.add("jersey-message-1");
        b = o.b("/lifecycle", "/tenant-monitoring", "/elasticity-monitoring", "/weblogic", "/wls");
        f = c.hashCode();
        g = LoggerFactory.getLogger(a.class);
    }
}
