package com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.insecureauth;

import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.DoNothingHttpWatcher;
import com.contrastsecurity.agent.plugins.security.policy.rules.providers.ProviderUtil;
import com.contrastsecurity.agent.plugins.security.u;
import com.contrastsecurity.agent.util.W;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.zip.CRC32;

/* compiled from: HttpAuthWatcher.java */
/* loaded from: input_file:lib/contrast-agent-core.jar:com/contrastsecurity/agent/plugins/security/policy/rules/providers/internal/insecureauth/a.class */
public class a extends DoNothingHttpWatcher {
    private final ProviderUtil a;
    private static final String b = "Basic";
    private static final String c = "Digest";
    private static final String d = "Authorization";
    private static final String e = "insecure-auth-protocol";
    private static final Logger f = LoggerFactory.getLogger(a.class);

    public a(ProviderUtil providerUtil) {
        this.a = providerUtil;
    }

    @Override // com.contrastsecurity.agent.plugins.security.policy.rules.providers.DoNothingHttpWatcher, com.contrastsecurity.agent.plugins.security.policy.rules.providers.HttpWatcher
    public void onRequestStart(HttpRequest httpRequest) {
        String header = httpRequest.getHeader("Authorization");
        if (W.a(header)) {
            return;
        }
        if (header.startsWith("Basic") || header.startsWith("Digest")) {
            f.debug("Found Authorization Basic header - value {}", header);
            this.a.reportFinding(e, "Authorization: " + W.a((CharSequence) header, 20), u.e.a(e, httpRequest));
        }
    }

    @Override // com.contrastsecurity.agent.plugins.security.policy.rules.providers.HttpWatcher
    public long getRuleRequestHash(HttpRequest httpRequest) {
        return u.e.a(e, httpRequest);
    }

    @Override // com.contrastsecurity.agent.plugins.security.policy.rules.providers.HttpWatcher
    public long getRuleRequestHash(HttpRequest httpRequest, CRC32 crc32) {
        return u.e.a(crc32, e, httpRequest);
    }
}
