package com.contrastsecurity.agent.plugins.rasp.g;

import com.contrastsecurity.agent.A;
import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.config.ContrastProperties;
import com.contrastsecurity.agent.core.ContrastAgent;
import com.contrastsecurity.agent.features.o;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.messages.app.activity.defend.RaspRuleSampleDTM;
import com.contrastsecurity.agent.messages.app.activity.defend.details.UserInputDTM;
import com.contrastsecurity.agent.messages.server.activity.defend.ServerDefendActivityDTM;
import com.contrastsecurity.agent.messages.server.features.DefendFeatures;
import com.contrastsecurity.agent.messages.server.features.defend.IPFilterDTM;
import com.contrastsecurity.agent.messages.server.features.defend.LogEnhancerDTM;
import com.contrastsecurity.agent.messages.server.features.defend.LogLevel;
import com.contrastsecurity.agent.messages.server.features.defend.LogType;
import com.contrastsecurity.agent.plugins.rasp.aa;
import com.contrastsecurity.agent.plugins.rasp.af;
import com.contrastsecurity.agent.plugins.rasp.ai;
import com.contrastsecurity.agent.util.W;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.lang.ref.WeakReference;
import java.net.InetAddress;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Map;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;

/* compiled from: LogEnhancer.java */
@Singleton
/* loaded from: input_file:lib/contrast-agent-core.jar:com/contrastsecurity/agent/plugins/rasp/g/c.class */
public final class c implements o {
    private final ApplicationManager c;
    private final com.contrastsecurity.agent.config.g d;
    private final HttpManager e;
    private final Logger f;

    @A
    String a;
    private volatile k g;
    private final ScheduledExecutorService h;
    private ScheduledFuture<?> i;
    private static final int j = 200;
    private static final String l = "-";
    private static final String m = "CEF:0|Contrast Security|Contrast Agent Java|";
    private static final char n = '|';
    private static final String o = "bli";
    private static final String p = "vpi";
    private static final String q = "bbi";
    private static final String r = "lei";
    private static final String s = "pri";
    private static final String t = "src";
    private static final String u = "spt";
    private static final String v = "request";
    private static final String w = "requestMethod";
    private static final String x = "app";
    private static final String y = "outcome=";
    private static final String z = "INEFFECTIVE";
    private static final String A = "EXPLOITED";
    private static final String B = "BLOCKED";
    private static final String C = "outcome=success";
    private static final String D = " had a value that successfully exploited ";
    private static final String E = " had a value that matched a signature for, but did not successfully exploit, ";
    private static final String F = " had a value that matched an attack signature for ";
    private static final String G = " had a value worth watching for an attack signature for ";
    private static final String H = " had a safe value that did not match an attack signature for ";
    private static final String I = " - ";
    static final String b = "Coming from Contrast";
    private static final ThreadLocal<DateFormat> k = new ThreadLocal<DateFormat>() { // from class: com.contrastsecurity.agent.plugins.rasp.g.c.1
        /* JADX INFO: Access modifiers changed from: protected */
        @Override // java.lang.ThreadLocal
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public DateFormat initialValue() {
            return new SimpleDateFormat("MMM dd yyyy HH:mm:ss.SSSZ");
        }
    };
    private static final Logger J = LoggerFactory.getLogger(c.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: LogEnhancer.java */
    /* loaded from: input_file:lib/contrast-agent-core.jar:com/contrastsecurity/agent/plugins/rasp/g/c$a.class */
    public static final class a implements Runnable {
        private final WeakReference<k> a;
        private final String b;

        a(WeakReference<k> weakReference, String str) {
            this.a = weakReference;
            this.b = str;
        }

        @Override // java.lang.Runnable
        public void run() {
            k kVar = this.a.get();
            if (kVar == null) {
                return;
            }
            kVar.a(c.a(LogType.HEARTBEAT, c.b, this.b).toString());
        }
    }

    @Inject
    public c(ApplicationManager applicationManager, com.contrastsecurity.agent.config.g gVar, HttpManager httpManager, @j Logger logger, ScheduledExecutorService scheduledExecutorService) {
        this.c = applicationManager;
        this.d = gVar;
        this.e = httpManager;
        this.f = logger;
        this.h = scheduledExecutorService;
        this.g = new l(gVar);
        a(this.g, gVar);
    }

    void a(k kVar, com.contrastsecurity.agent.config.g gVar) {
        boolean f = gVar.f(ContrastProperties.CEF_SYSLOGGER_ENABLE);
        boolean f2 = gVar.f(ContrastProperties.CEF_SYSLOGGER_HEARTBEAT);
        if (!f || !f2) {
            a();
            J.info("Syslog heartbeat disabled");
            return;
        }
        a();
        int c = gVar.c(ContrastProperties.CEF_SYSLOGGER_HEARTBEAT_INTERVAL);
        if (c <= 0) {
            J.error("Syslog heartbeat disabled (interval was <= 0, requires a positive value)");
            return;
        }
        synchronized (this.h) {
            if (this.i == null) {
                J.info("Syslog heartbeat starting");
                this.i = this.h.scheduleAtFixedRate(new a(new WeakReference(kVar), b()), 0L, c, TimeUnit.MILLISECONDS);
            }
        }
    }

    @A
    void a() {
        synchronized (this.h) {
            if (this.i != null) {
                this.i.cancel(true);
                this.i = null;
            }
        }
    }

    @Override // com.contrastsecurity.agent.features.o
    public void a(DefendFeatures defendFeatures, DefendFeatures defendFeatures2) {
        if (this.g == null || this.g.b()) {
            this.g = new l(this.d);
            a(this.g, this.d);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(LogEnhancerDTM logEnhancerDTM, String str, String str2, Object obj, Object[] objArr, String str3, Object obj2) {
        boolean z2 = this.f != null && a(logEnhancerDTM.getLevel());
        LogType type = logEnhancerDTM.getType();
        boolean z3 = this.g.a() && LogType.SECURITY.equals(type);
        if (z2 || z3) {
            StringBuilder a2 = a(type, logEnhancerDTM.getLevel(), af.a(i.a(logEnhancerDTM, str, str2, obj, objArr, str3, obj2)), r, String.valueOf(logEnhancerDTM.getId()));
            a2.append(' ');
            a2.append(C);
            String sb = a2.toString();
            if (z2) {
                a(logEnhancerDTM.getLevel(), sb);
            }
            if (z3) {
                this.g.c(sb);
            }
        }
    }

    private void a(LogLevel logLevel, String str) {
        switch (logLevel) {
            case TRACE:
                this.f.trace(str);
                return;
            case DEBUG:
                this.f.debug(str);
                return;
            case INFO:
                this.f.info(str);
                return;
            case WARN:
                this.f.warn(str);
                return;
            default:
                this.f.error(str);
                return;
        }
    }

    private boolean a(LogLevel logLevel) {
        switch (logLevel) {
            case TRACE:
                return this.f.isTraceEnabled();
            case DEBUG:
                return this.f.isDebugEnabled();
            case INFO:
                return this.f.isInfoEnabled();
            case WARN:
                return this.f.isWarnEnabled();
            default:
                return this.f.isErrorEnabled();
        }
    }

    public <T> void a(aa<T> aaVar, RaspRuleSampleDTM<T> raspRuleSampleDTM) {
        boolean z2 = this.f != null && this.f.isWarnEnabled();
        if (z2 || this.g.a()) {
            UserInputDTM input = raspRuleSampleDTM.getInput();
            StringBuilder sb = new StringBuilder(256);
            if (input != null) {
                UserInputDTM.InputType type = input.getType();
                sb.append(a(type));
                sb.append(' ');
                String name = input.getName();
                if (name == null) {
                    name = type.toString();
                }
                sb.append(af.a(name));
                sb.append(D);
                sb.append(aaVar.a());
                sb.append(I);
                sb.append(af.a(input.getValue()));
            } else {
                sb.append("An effective attack was detected against ");
                sb.append(aaVar.a());
            }
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.WARN, sb.toString(), s, aaVar.a());
            a2.append(' ');
            a2.append(y);
            a2.append(raspRuleSampleDTM.isBlocked() ? B : A);
            String sb2 = a2.toString();
            if (z2) {
                a(LogLevel.WARN, sb2);
            }
            if (raspRuleSampleDTM.isBlocked()) {
                this.g.b(sb2);
            } else {
                this.g.d(sb2);
            }
        }
    }

    public void a(aa<?> aaVar, UserInputDTM userInputDTM) {
        boolean z2 = this.f != null && this.f.isWarnEnabled();
        if (z2 || this.g.a()) {
            StringBuilder sb = new StringBuilder(256);
            if (userInputDTM != null) {
                sb.append(a(userInputDTM.getType()));
                sb.append(' ');
                sb.append(af.a(userInputDTM.getName()));
                sb.append(E);
                sb.append(aaVar.a());
                sb.append(I);
                sb.append(af.a(userInputDTM.getValue()));
            } else {
                sb.append("An unsuccessful attack was detected against ");
                sb.append(aaVar.a());
            }
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.WARN, sb.toString(), s, aaVar.a());
            a2.append(' ');
            a2.append(y);
            a2.append(z);
            String sb2 = a2.toString();
            if (z2) {
                a(LogLevel.WARN, sb2);
            }
            this.g.c(sb2);
        }
    }

    public void a(String str, String str2, String str3, String str4) {
        if (this.f == null || !this.f.isDebugEnabled()) {
            return;
        }
        StringBuilder a2 = a(LogType.SECURITY, LogLevel.DEBUG, str2 + ' ' + af.a(str3) + F + str + I + af.a(str4), s, str);
        a2.append(' ');
        a2.append(C);
        a(LogLevel.DEBUG, a2.toString());
    }

    public void b(String str, String str2, String str3, String str4) {
        if (this.f == null || !this.f.isDebugEnabled()) {
            return;
        }
        StringBuilder a2 = a(LogType.SECURITY, LogLevel.DEBUG, str2 + ' ' + af.a(str3) + G + str + I + af.a(str4), s, str);
        a2.append(' ');
        a2.append(C);
        a(LogLevel.DEBUG, a2.toString());
    }

    public void c(String str, String str2, String str3, String str4) {
        if (this.f == null || !this.f.isTraceEnabled()) {
            return;
        }
        StringBuilder a2 = a(LogType.SECURITY, LogLevel.TRACE, str2 + ' ' + af.a(str3) + H + str + I + af.a(str4), s, str);
        a2.append(' ');
        a2.append(C);
        a(LogLevel.TRACE, a2.toString());
    }

    public void a(IPFilterDTM iPFilterDTM, String str) {
        if (this.f != null && this.f.isWarnEnabled()) {
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.WARN, b(iPFilterDTM, str), o, String.valueOf(iPFilterDTM.getId()));
            a2.append(' ');
            a2.append(C);
            String sb = a2.toString();
            a(LogLevel.WARN, sb);
            if (this.g.a()) {
                this.g.b(sb);
            }
        }
    }

    private String b(IPFilterDTM iPFilterDTM, String str) {
        return "IP Address " + str + " matched the disallowed value " + iPFilterDTM.getIp() + " in the IP Blacklist " + iPFilterDTM.getUuid();
    }

    public void a(String str) {
        boolean z2 = this.f != null && this.f.isWarnEnabled();
        if (z2 || this.g.a()) {
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.WARN, "The Virtual Patch " + str + " was triggered.", p, str);
            a2.append(' ');
            a2.append(C);
            String sb = a2.toString();
            if (z2) {
                a(LogLevel.WARN, sb);
            }
            this.g.b(sb);
        }
    }

    public void a(String str, String str2) {
        boolean z2 = this.f != null && this.f.isWarnEnabled();
        if (z2 || this.g.a()) {
            StringBuilder a2 = a(LogType.SECURITY, LogLevel.WARN, b(str, str2), q, str2);
            a2.append(' ');
            a2.append(C);
            String sb = a2.toString();
            if (z2) {
                a(LogLevel.WARN, sb);
            }
            this.g.b(sb);
        }
    }

    private String b(String str, String str2) {
        return "User Agent " + str + " matched the disallowed value " + str2 + " in the bot blocker";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(long j2, ai aiVar) {
        ServerDefendActivityDTM a2 = aiVar.a();
        if (a2 != null) {
            Map<Long, Integer> logEnhancers = a2.getLogEnhancers();
            Integer num = logEnhancers.get(Long.valueOf(j2));
            logEnhancers.put(Long.valueOf(j2), num == null ? 1 : Integer.valueOf(num.intValue() + 1));
        }
    }

    private String a(UserInputDTM.InputType inputType) {
        switch (inputType) {
            case BODY:
                return "The body segment";
            case COOKIE_NAME:
            case COOKIE_VALUE:
                return "The cookie";
            case HEADER:
                return "The header";
            case PARAMETER_NAME:
            case PARAMETER_VALUE:
                return "The parameter";
            case QUERYSTRING:
                return "The querystring";
            case URI:
                return "The URI";
            case SOCKET:
                return "The socket";
            case JSON_VALUE:
            case JSON_ARRAYED_VALUE:
                return "The JSON";
            case MULTIPART_CONTENT_TYPE:
                return "The content-type of the multipart";
            case MULTIPART_VALUE:
                return "The value of the multipart";
            case DWR_VALUE:
                return "The DWR parameter";
            case MULTIPART_FIELD_NAME:
                return "The multipart field name";
            case MULTIPART_NAME:
                return "The multipart name";
            case XML_VALUE:
                return "The XML";
            default:
                return "The input";
        }
    }

    private StringBuilder a(LogType logType, LogLevel logLevel, String str, String str2, String str3) {
        if (str == null) {
            str = "";
        }
        if (!StringUtils.isEmpty(str)) {
            str = str.replace("\\", "\\\\").replace("|", "\\|").replace("=", "\\=");
        }
        Application current = this.c.current();
        String str4 = l;
        if (current != null) {
            String displayName = current.getDisplayName();
            if (StringUtils.isNotBlank(displayName)) {
                str4 = displayName;
            }
        }
        HttpRequest currentRequest = this.e.getCurrentRequest();
        String str5 = l;
        String str6 = l;
        String str7 = l;
        String str8 = l;
        if (currentRequest != null) {
            str5 = currentRequest.getUri().replace(" ", "<space>");
            String[] xForwardedFor = currentRequest.getXForwardedFor();
            str6 = xForwardedFor != null ? W.b(xForwardedFor) : currentRequest.getRemoteIp();
            str7 = String.valueOf(currentRequest.getPort());
            str8 = currentRequest.getMethod();
        }
        StringBuilder a2 = a(logType, str, b());
        a2.append('|');
        a2.append(logLevel);
        a2.append('|');
        a2.append(str2);
        a2.append('=');
        a2.append(str3);
        a2.append(' ');
        a2.append(t);
        a2.append('=');
        a2.append(str6);
        a2.append(' ');
        a2.append(u);
        a2.append('=');
        a2.append(str7);
        a2.append(' ');
        a2.append(v);
        a2.append('=');
        a2.append(str5);
        a2.append(' ');
        a2.append(w);
        a2.append('=');
        a2.append(str8);
        a2.append(' ');
        a2.append(x);
        a2.append('=');
        a2.append(str4);
        return a2;
    }

    @A
    static StringBuilder a(LogType logType, String str, String str2) {
        return new StringBuilder(200 + str.length()).append(k.get().format(new Date())).append(' ').append(str2).append(' ').append(m).append(ContrastAgent.getBuildVersion()).append('|').append(logType).append('|').append(str);
    }

    private String b() {
        if (this.a == null) {
            try {
                this.a = InetAddress.getLocalHost().getHostAddress();
            } catch (Exception e) {
                this.a = l;
            }
        }
        return this.a;
    }
}
