package org.owasp.csrfguard.config;

import java.io.IOException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Properties;
import java.util.Set;
import java.util.regex.Pattern;
import javax.servlet.ServletConfig;
import org.owasp.csrfguard.CsrfGuardServletContextListener;
import org.owasp.csrfguard.action.IAction;
import org.owasp.csrfguard.log.ILogger;
import org.owasp.csrfguard.servlet.JavaScriptServlet;
import org.owasp.csrfguard.util.CsrfGuardUtils;

/* loaded from: input_file:WEB-INF/lib/csrfguard-3.1.0.jar:org/owasp/csrfguard/config/PropertiesConfigurationProvider.class */
public final class PropertiesConfigurationProvider implements ConfigurationProvider {
    private static final String ACTION_PREFIX = "org.owasp.csrfguard.action.";
    private static final String PROTECTED_PAGE_PREFIX = "org.owasp.csrfguard.protected.";
    private static final String UNPROTECTED_PAGE_PREFIX = "org.owasp.csrfguard.unprotected.";
    private final ILogger logger;
    private final String tokenName;
    private final int tokenLength;
    private final boolean rotate;
    private final boolean enabled;
    private final boolean tokenPerPage;
    private final boolean tokenPerPagePrecreate;
    private final boolean printConfig;
    private final SecureRandom prng;
    private final String newTokenLandingPage;
    private final boolean useNewTokenLandingPage;
    private final boolean ajax;
    private final boolean protect;
    private final String sessionKey;
    private final Set<String> protectedPages;
    private final Set<String> unprotectedPages;
    private final Set<String> protectedMethods;
    private final Set<String> unprotectedMethods;
    private final List<IAction> actions;
    private Properties propertiesCache;
    private boolean javascriptParamsInitted = false;
    private final boolean validationWhenNoSessionExists;
    private String javascriptTemplateCode;
    private String javascriptSourceFile;
    private boolean javascriptDomainStrict;
    private String javascriptCacheControl;
    private Pattern javascriptRefererPattern;
    private boolean javascriptInjectIntoForms;
    private boolean javascriptRefererMatchDomain;
    private boolean javascriptInjectIntoAttributes;
    private String javascriptXrequestedWith;
    private boolean javascriptInjectGetForms;
    private boolean javascriptInjectFormAttributes;

    public PropertiesConfigurationProvider(Properties properties) {
        String substring;
        int indexOf;
        try {
            this.propertiesCache = properties;
            this.actions = new ArrayList();
            this.protectedPages = new HashSet();
            this.unprotectedPages = new HashSet();
            this.protectedMethods = new HashSet();
            this.unprotectedMethods = new HashSet();
            this.logger = (ILogger) Class.forName(propertyString(properties, "org.owasp.csrfguard.Logger", "org.owasp.csrfguard.log.ConsoleLogger")).newInstance();
            this.tokenName = propertyString(properties, "org.owasp.csrfguard.TokenName", "OWASP_CSRFGUARD");
            this.tokenLength = Integer.parseInt(propertyString(properties, "org.owasp.csrfguard.TokenLength", "32"));
            this.rotate = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.Rotate", "false")).booleanValue();
            this.tokenPerPage = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.TokenPerPage", "false")).booleanValue();
            this.validationWhenNoSessionExists = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.ValidateWhenNoSessionExists", "true")).booleanValue();
            this.tokenPerPagePrecreate = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.TokenPerPagePrecreate", "false")).booleanValue();
            this.prng = SecureRandom.getInstance(propertyString(properties, "org.owasp.csrfguard.PRNG", "SHA1PRNG"), propertyString(properties, "org.owasp.csrfguard.PRNG.Provider", "SUN"));
            this.newTokenLandingPage = propertyString(properties, "org.owasp.csrfguard.NewTokenLandingPage");
            this.printConfig = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.Config.Print", "false")).booleanValue();
            this.enabled = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.Enabled", "true")).booleanValue();
            if (this.newTokenLandingPage == null) {
                this.useNewTokenLandingPage = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.UseNewTokenLandingPage", "false")).booleanValue();
            } else {
                this.useNewTokenLandingPage = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.UseNewTokenLandingPage", "true")).booleanValue();
            }
            this.sessionKey = propertyString(properties, "org.owasp.csrfguard.SessionKey", "OWASP_CSRFGUARD_KEY");
            this.ajax = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.Ajax", "false")).booleanValue();
            this.protect = Boolean.valueOf(propertyString(properties, "org.owasp.csrfguard.Protect", "false")).booleanValue();
            HashMap hashMap = new HashMap();
            for (String str : properties.keySet()) {
                if (str.startsWith(ACTION_PREFIX)) {
                    String substring2 = str.substring(ACTION_PREFIX.length());
                    if (substring2.indexOf(46) < 0) {
                        IAction iAction = (IAction) Class.forName(propertyString(properties, str)).newInstance();
                        iAction.setName(substring2);
                        hashMap.put(iAction.getName(), iAction);
                        this.actions.add(iAction);
                    }
                }
            }
            for (String str2 : properties.keySet()) {
                if (str2.startsWith(ACTION_PREFIX) && (indexOf = (substring = str2.substring(ACTION_PREFIX.length())).indexOf(46)) >= 0) {
                    String substring3 = substring.substring(0, indexOf);
                    IAction iAction2 = (IAction) hashMap.get(substring3);
                    if (iAction2 == null) {
                        throw new IOException(String.format("action class %s has not yet been specified", substring3));
                    }
                    iAction2.setParameter(substring.substring(indexOf + 1), propertyString(properties, str2));
                }
            }
            if (this.actions.size() <= 0) {
                throw new IOException("failure to define at least one action");
            }
            for (String str3 : properties.keySet()) {
                if (str3.startsWith(PROTECTED_PAGE_PREFIX) && str3.substring(PROTECTED_PAGE_PREFIX.length()).indexOf(46) < 0) {
                    this.protectedPages.add(propertyString(properties, str3));
                }
                if (str3.startsWith(UNPROTECTED_PAGE_PREFIX) && str3.substring(UNPROTECTED_PAGE_PREFIX.length()).indexOf(46) < 0) {
                    this.unprotectedPages.add(propertyString(properties, str3));
                }
            }
            String propertyString = propertyString(properties, "org.owasp.csrfguard.ProtectedMethods");
            if (propertyString != null && propertyString.trim().length() != 0) {
                for (String str4 : propertyString.split(",")) {
                    this.protectedMethods.add(str4.trim());
                }
            }
            String propertyString2 = propertyString(properties, "org.owasp.csrfguard.UnprotectedMethods");
            if (propertyString2 != null && propertyString2.trim().length() != 0) {
                for (String str5 : propertyString2.split(",")) {
                    this.unprotectedMethods.add(str5.trim());
                }
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private void javascriptInitParamsIfNeeded() {
        ServletConfig staticServletConfig;
        if (this.javascriptParamsInitted || (staticServletConfig = JavaScriptServlet.getStaticServletConfig()) == null) {
            return;
        }
        this.javascriptCacheControl = CsrfGuardUtils.getInitParameter(staticServletConfig, "cache-control", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.cacheControl"), "private, maxage=28800");
        this.javascriptDomainStrict = Boolean.valueOf(CsrfGuardUtils.getInitParameter(staticServletConfig, "domain-strict", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.domainStrict"), "true")).booleanValue();
        this.javascriptInjectIntoAttributes = Boolean.valueOf(CsrfGuardUtils.getInitParameter(staticServletConfig, "inject-into-attributes", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.injectIntoAttributes"), "true")).booleanValue();
        this.javascriptInjectGetForms = Boolean.valueOf(CsrfGuardUtils.getInitParameter(staticServletConfig, "inject-get-forms", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.injectGetForms"), "true")).booleanValue();
        this.javascriptInjectFormAttributes = Boolean.valueOf(CsrfGuardUtils.getInitParameter(staticServletConfig, "inject-form-attributes", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.injectFormAttributes"), "true")).booleanValue();
        this.javascriptInjectIntoForms = Boolean.valueOf(CsrfGuardUtils.getInitParameter(staticServletConfig, "inject-into-forms", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.injectIntoForms"), "true")).booleanValue();
        this.javascriptRefererPattern = Pattern.compile(CsrfGuardUtils.getInitParameter(staticServletConfig, "referer-pattern", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.refererPattern"), ".*"));
        this.javascriptRefererMatchDomain = Boolean.valueOf(CsrfGuardUtils.getInitParameter(staticServletConfig, "referer-match-domain", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.refererMatchDomain"), "true")).booleanValue();
        this.javascriptSourceFile = CsrfGuardUtils.getInitParameter(staticServletConfig, "source-file", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.sourceFile"), null);
        this.javascriptXrequestedWith = CsrfGuardUtils.getInitParameter(staticServletConfig, "x-requested-with", propertyString(this.propertiesCache, "org.owasp.csrfguard.JavascriptServlet.xRequestedWith"), "OWASP CSRFGuard Project");
        if (this.javascriptSourceFile == null) {
            this.javascriptTemplateCode = CsrfGuardUtils.readResourceFileContent("META-INF/csrfguard.js", true);
        } else if (this.javascriptSourceFile.startsWith("META-INF/")) {
            this.javascriptTemplateCode = CsrfGuardUtils.readResourceFileContent(this.javascriptSourceFile, true);
        } else {
            this.javascriptTemplateCode = CsrfGuardUtils.readFileContent(staticServletConfig.getServletContext().getRealPath(this.javascriptSourceFile));
        }
        this.javascriptParamsInitted = true;
    }

    public static String propertyString(Properties properties, String str) {
        return commonSubstitutions(properties.getProperty(str));
    }

    public static String propertyString(Properties properties, String str, String str2) {
        return commonSubstitutions(properties.getProperty(str, str2));
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public ILogger getLogger() {
        return this.logger;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public String getTokenName() {
        return this.tokenName;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public int getTokenLength() {
        return this.tokenLength;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isRotateEnabled() {
        return this.rotate;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isValidateWhenNoSessionExists() {
        return this.validationWhenNoSessionExists;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isTokenPerPageEnabled() {
        return this.tokenPerPage;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isTokenPerPagePrecreateEnabled() {
        return this.tokenPerPagePrecreate;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public SecureRandom getPrng() {
        return this.prng;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public String getNewTokenLandingPage() {
        return this.newTokenLandingPage;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isUseNewTokenLandingPage() {
        return this.useNewTokenLandingPage;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isAjaxEnabled() {
        return this.ajax;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isProtectEnabled() {
        return this.protect;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public String getSessionKey() {
        return this.sessionKey;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public Set<String> getProtectedPages() {
        return this.protectedPages;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public Set<String> getUnprotectedPages() {
        return this.unprotectedPages;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public Set<String> getProtectedMethods() {
        return this.protectedMethods;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public Set<String> getUnprotectedMethods() {
        return this.unprotectedMethods;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public List<IAction> getActions() {
        return this.actions;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isPrintConfig() {
        return this.printConfig;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public String getJavascriptSourceFile() {
        javascriptInitParamsIfNeeded();
        return this.javascriptSourceFile;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isJavascriptDomainStrict() {
        javascriptInitParamsIfNeeded();
        return this.javascriptDomainStrict;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public String getJavascriptCacheControl() {
        javascriptInitParamsIfNeeded();
        return this.javascriptCacheControl;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public Pattern getJavascriptRefererPattern() {
        javascriptInitParamsIfNeeded();
        return this.javascriptRefererPattern;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isJavascriptRefererMatchDomain() {
        javascriptInitParamsIfNeeded();
        return this.javascriptRefererMatchDomain;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isJavascriptInjectIntoForms() {
        javascriptInitParamsIfNeeded();
        return this.javascriptInjectIntoForms;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isJavascriptInjectIntoAttributes() {
        javascriptInitParamsIfNeeded();
        return this.javascriptInjectIntoAttributes;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public String getJavascriptXrequestedWith() {
        javascriptInitParamsIfNeeded();
        return this.javascriptXrequestedWith;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public String getJavascriptTemplateCode() {
        javascriptInitParamsIfNeeded();
        return this.javascriptTemplateCode;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isCacheable() {
        return this.javascriptParamsInitted;
    }

    public static String commonSubstitutions(String str) {
        return (str == null || !str.contains("%")) ? str : str.replace("%servletContext%", CsrfGuardUtils.defaultString(CsrfGuardServletContextListener.getServletContext()));
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isEnabled() {
        return this.enabled;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isJavascriptInjectGetForms() {
        javascriptInitParamsIfNeeded();
        return this.javascriptInjectGetForms;
    }

    @Override // org.owasp.csrfguard.config.ConfigurationProvider
    public boolean isJavascriptInjectFormAttributes() {
        javascriptInitParamsIfNeeded();
        return this.javascriptInjectFormAttributes;
    }
}
