package org.craftercms.commons.validation.validators.impl;

import javax.validation.ConstraintValidator;
import javax.validation.ConstraintValidatorContext;
import org.craftercms.commons.validation.ErrorCodes;
import org.craftercms.commons.validation.ValidationUtils;
import org.craftercms.commons.validation.annotations.param.EsapiValidatedParam;
import org.craftercms.commons.validation.annotations.param.EsapiValidationType;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.StringUtilities;
import org.owasp.esapi.errors.IntrusionException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.NonNull;
import org.springframework.validation.Errors;
import org.springframework.validation.Validator;

/* loaded from: input_file:WEB-INF/lib/crafter-commons-validation-4.1.1.jar:org/craftercms/commons/validation/validators/impl/EsapiValidator.class */
public class EsapiValidator implements ConstraintValidator<EsapiValidatedParam, String>, Validator {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) EsapiValidator.class);
    private final org.owasp.esapi.Validator validator;
    private EsapiValidationType type;

    public EsapiValidator() {
        this.validator = ESAPI.validator();
    }

    public EsapiValidator(EsapiValidationType esapiValidationType) {
        this();
        this.type = esapiValidationType;
    }

    @Override // javax.validation.ConstraintValidator
    public void initialize(EsapiValidatedParam esapiValidatedParam) {
        this.type = esapiValidatedParam.type();
    }

    @Override // javax.validation.ConstraintValidator
    public boolean isValid(String str, ConstraintValidatorContext constraintValidatorContext) {
        boolean z = false;
        String str2 = this.type.typeKey;
        try {
            z = this.validator.isValidInput(str2, str, str2, Integer.MAX_VALUE, true);
        } catch (IntrusionException e) {
            logger.warn("Potential attack attempt detected while validating input", (Throwable) e);
        }
        String defaultConstraintMessageTemplate = constraintValidatorContext.getDefaultConstraintMessageTemplate();
        if (!z && StringUtilities.isEmpty(defaultConstraintMessageTemplate)) {
            constraintValidatorContext.disableDefaultConstraintViolation();
            constraintValidatorContext.buildConstraintViolationWithTemplate(ValidationUtils.getErrorMessage(ValidationUtils.getDefaultErrorMessageBundle(), ErrorCodes.getEsapiErrorMessageKey(str2), new Object[0])).addConstraintViolation();
        }
        return z;
    }

    @Override // org.springframework.validation.Validator
    public boolean supports(@NonNull Class<?> cls) {
        return String.class.equals(cls);
    }

    @Override // org.springframework.validation.Validator
    public void validate(@NonNull Object obj, @NonNull Errors errors) {
        String str = this.type.typeKey;
        if (this.validator.isValidInput(str, (String) obj, str, Integer.MAX_VALUE, true)) {
            return;
        }
        errors.reject(ErrorCodes.getEsapiErrorMessageKey(str));
    }
}
