package org.owasp.stinger.rules;

import java.io.File;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.servlet.ServletContext;
import javax.xml.parsers.DocumentBuilderFactory;
import org.owasp.stinger.Category;
import org.owasp.stinger.Severity;
import org.owasp.stinger.actions.AbstractAction;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/owasp/stinger/rules/RuleSet.class */
public class RuleSet {
    public static final String STINGER_DEFAULT = "STINGER_DEFAULT";
    public static final String STINGER_ALL = "STINGER_ALL";
    private ServletContext context;
    private List<Pattern> excludeSet;
    private Map<Pattern, Map<String, Rule>> pRules;
    private Map<String, CookieRule> cRules;
    private Map<String, String> regexs;

    private Document parseXmlFile(String str) {
        Document document = null;
        try {
            document = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new File(str));
        } catch (Exception e) {
            this.context.log("[Stinger-Filter] (Error): exception while paring xml file", e);
        }
        return document;
    }

    private RuleSet() {
        this.context = null;
        this.excludeSet = new LinkedList();
        this.pRules = new HashMap();
        this.cRules = new HashMap();
        this.regexs = new HashMap();
    }

    public RuleSet(String str, ServletContext servletContext) {
        this.context = null;
        this.excludeSet = new LinkedList();
        this.pRules = new HashMap();
        this.cRules = new HashMap();
        this.regexs = new HashMap();
        this.context = servletContext;
        parseRules(str);
    }

    private String getField(Element element, String str) {
        String str2 = null;
        if (element != null) {
            NodeList elementsByTagName = element.getElementsByTagName(str);
            if (elementsByTagName == null || elementsByTagName.getLength() <= 0) {
                this.context.log("[Stinger-Filter] (Error): getField() element " + getValue(element) + " has no child element " + str);
            } else {
                Node item = elementsByTagName.item(0);
                if (item.getNodeType() == 1) {
                    str2 = getValue((Element) item);
                }
            }
        }
        return str2;
    }

    private String getValue(Element element) {
        return element.getFirstChild().getNodeValue().trim();
    }

    private void parseParameters(Element element, AbstractAction abstractAction) {
        NodeList elementsByTagName = element.getElementsByTagName("parameter");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item.getNodeType() == 1) {
                Element element2 = (Element) item;
                abstractAction.setParameter(getField(element2, "name"), getField(element2, "value"));
            }
        }
    }

    private void parseActions(Element element, Rule rule, Category category) {
        NodeList elementsByTagName = element.getElementsByTagName("action");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item.getNodeType() == 1) {
                Element element2 = (Element) item;
                try {
                    Object newInstance = Class.forName(element2.getAttribute("class")).newInstance();
                    if (newInstance instanceof AbstractAction) {
                        AbstractAction abstractAction = (AbstractAction) newInstance;
                        parseParameters(element2, abstractAction);
                        abstractAction.init(this.context);
                        category.addAction(abstractAction);
                    }
                } catch (ClassNotFoundException e) {
                    this.context.log("[Stinger-Filter] (Error): exception while instantiating action", e);
                } catch (IllegalAccessException e2) {
                    this.context.log("[Stinger-Filter] (Error): exception while instantiating action", e2);
                } catch (InstantiationException e3) {
                    this.context.log("[Stinger-Filter] (Error): exception while instantiating action", e3);
                }
            }
        }
    }

    private void parseMissing(Element element, Rule rule) {
        NodeList elementsByTagName = element.getElementsByTagName("missing");
        if (elementsByTagName == null || elementsByTagName.getLength() <= 0) {
            this.context.log("[Stinger-Filter] (Error): the \"missing\" element not found for rule " + rule.getName());
            return;
        }
        Element element2 = (Element) elementsByTagName.item(0);
        Category category = new Category(Category.MISSING, Severity.valueOf(getField(element2, "severity")));
        parseActions(element2, rule, category);
        rule.setMissing(category);
    }

    private void parseMalformed(Element element, Rule rule) {
        NodeList elementsByTagName = element.getElementsByTagName("malformed");
        if (elementsByTagName == null || elementsByTagName.getLength() <= 0) {
            this.context.log("[Stinger-Filter] (Error): the \"malformed\" element not found for rule " + rule.getName());
            return;
        }
        Element element2 = (Element) elementsByTagName.item(0);
        Category category = new Category(Category.MALFORMED, Severity.valueOf(getField(element2, "severity")));
        parseActions(element2, rule, category);
        rule.setMalformed(category);
    }

    private Pattern getPath(Element element) {
        String field = getField(element, "path");
        Pattern pattern = null;
        try {
            pattern = Pattern.compile(field);
        } catch (PatternSyntaxException e) {
            this.context.log("[Stinger-Filter] (Error): the following path pattern does not compile - " + field);
        }
        return pattern;
    }

    private void parseExcludeSet(Element element) {
        if (element.getElementsByTagName("exclude-set").getLength() > 0) {
            NodeList elementsByTagName = ((Element) element.getElementsByTagName("exclude-set").item(0)).getElementsByTagName("exclude");
            for (int i = 0; i < elementsByTagName.getLength(); i++) {
                Node item = elementsByTagName.item(i);
                if (item.getNodeType() == 1) {
                    this.excludeSet.add(Pattern.compile(getValue((Element) item)));
                }
            }
        }
    }

    private void parseRegexSet(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("regexset");
        if (elementsByTagName == null || elementsByTagName.getLength() <= 0) {
            this.context.log("[Stinger-Filter] (Error): there are no regular expressions defined in the regexset element");
            return;
        }
        NodeList elementsByTagName2 = ((Element) elementsByTagName.item(0)).getElementsByTagName("regex");
        for (int i = 0; i < elementsByTagName2.getLength(); i++) {
            Node item = elementsByTagName2.item(i);
            if (item.getNodeType() == 1) {
                Element element2 = (Element) item;
                this.regexs.put(getField(element2, "name"), getField(element2, "pattern"));
            }
        }
    }

    private void parseCookies(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("cookie");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item.getNodeType() == 1) {
                Element element2 = (Element) item;
                CookieRule cookieRule = new CookieRule();
                cookieRule.setName(getField(element2, "name"));
                cookieRule.setPattern(this.regexs.get(getField(element2, "regex")));
                cookieRule.setCreated(getField(element2, "created"));
                cookieRule.setEnforced(getField(element2, "enforce"));
                parseMissing(element2, cookieRule);
                parseMalformed(element2, cookieRule);
                this.cRules.put(cookieRule.getName(), cookieRule);
            }
        }
    }

    private void parseRuleSets(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("ruleset");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item.getNodeType() == 1) {
                Element element2 = (Element) item;
                Pattern path = getPath(element2);
                HashMap hashMap = new HashMap();
                NodeList elementsByTagName2 = element2.getElementsByTagName("rule");
                for (int i2 = 0; i2 < elementsByTagName2.getLength(); i2++) {
                    Node item2 = elementsByTagName2.item(i2);
                    if (item2.getNodeType() == 1) {
                        Element element3 = (Element) item2;
                        Rule rule = new Rule();
                        rule.setName(getField(element3, "name"));
                        String str = this.regexs.get(getField(element3, "regex"));
                        if (str == null) {
                            str = getField(element3, "regex");
                        }
                        rule.setPattern(str);
                        parseExclude(element3, rule);
                        parseMissing(element3, rule);
                        parseMalformed(element3, rule);
                        hashMap.put(rule.getName(), rule);
                    }
                }
                this.pRules.put(path, hashMap);
            }
        }
    }

    private void parseRules(String str) {
        Element documentElement = parseXmlFile(str).getDocumentElement();
        parseExcludeSet(documentElement);
        parseRegexSet(documentElement);
        parseCookies(documentElement);
        parseRuleSets(documentElement);
    }

    private void parseExclude(Element element, Rule rule) {
        NodeList elementsByTagName = element.getElementsByTagName("exclude");
        if (elementsByTagName == null || elementsByTagName.getLength() <= 0) {
            return;
        }
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Node item = elementsByTagName.item(i);
            if (item.getNodeType() == 1) {
                rule.addExclude(getValue((Element) item));
            }
        }
    }

    public Rule getParameterRule(String str, String str2) {
        Rule rule;
        Map<String, Rule> rules = getRules(str);
        if (rules == null) {
            this.context.log("[Stinger-Filter](Warning): using default parameter rule for parameter " + str2);
            rule = getRules(STINGER_DEFAULT).get(STINGER_ALL);
        } else {
            rule = rules.get(str2);
            if (rule == null) {
                rule = rules.get(STINGER_ALL);
                if (rule == null) {
                    rule = getRules(STINGER_DEFAULT).get(STINGER_ALL);
                }
            }
        }
        return rule;
    }

    public Map<String, Rule> getRules(String str) {
        Map<String, Rule> map = null;
        Enumeration enumeration = Collections.enumeration(this.pRules.keySet());
        while (enumeration.hasMoreElements()) {
            Pattern pattern = (Pattern) enumeration.nextElement();
            if (pattern.matcher(str).matches()) {
                map = this.pRules.get(pattern);
            }
        }
        return map;
    }

    public List<Rule> getParameterRules(String str) {
        Map<String, Rule> rules = getRules(str);
        LinkedList linkedList = new LinkedList();
        if (rules != null) {
            Iterator<String> it = rules.keySet().iterator();
            while (it.hasNext()) {
                linkedList.add(rules.get(it.next()));
            }
        } else {
            this.context.log("[Stinger-Filter](WARNING): using default rules for uri " + str);
            linkedList.add(getRules(STINGER_DEFAULT).get(STINGER_ALL));
        }
        return linkedList;
    }

    public CookieRule getCookieRule(String str) {
        return this.cRules.get(str);
    }

    public LinkedList<CookieRule> getCookieRules() {
        LinkedList<CookieRule> linkedList = new LinkedList<>();
        Iterator<String> it = this.cRules.keySet().iterator();
        while (it.hasNext()) {
            linkedList.add(this.cRules.get(it.next()));
        }
        return linkedList;
    }

    public Map<String, String> getRegexs() {
        return this.regexs;
    }

    public void addParameterRule(String str, Rule rule) {
        Enumeration enumeration = Collections.enumeration(this.pRules.keySet());
        boolean z = false;
        while (enumeration.hasMoreElements()) {
            Pattern pattern = (Pattern) enumeration.nextElement();
            if (pattern.matcher(str).matches()) {
                this.pRules.get(pattern).put(rule.getName(), rule);
                z = true;
            }
        }
        if (z) {
            return;
        }
        HashMap hashMap = new HashMap();
        hashMap.put(rule.getName(), rule);
        this.pRules.put(Pattern.compile(str), hashMap);
    }

    public Map<Pattern, Map<String, Rule>> getParameterRules() {
        return this.pRules;
    }

    public boolean isExcluded(String str) {
        Iterator<Pattern> it = this.excludeSet.iterator();
        boolean z = false;
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (it.next().matcher(str).matches()) {
                z = true;
                break;
            }
        }
        return z;
    }
}
