package com.navercorp.lucy.security.xss.servletfilter;

import com.navercorp.lucy.security.xss.servletfilter.defender.Defender;
import java.util.HashMap;
import java.util.Map;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/navercorp/lucy/security/xss/servletfilter/XssEscapeFilterConfig.class */
public class XssEscapeFilterConfig {
    private static final String DEFAULT_FILTER_RULE_FILENAME = "lucy-xss-servlet-filter-rule.xml";
    private static final Log LOG = LogFactory.getLog(XssEscapeFilterConfig.class);
    private Map<String, Map<String, XssEscapeFilterRule>> urlRuleSetMap;
    private Map<String, XssEscapeFilterRule> globalParamRuleMap;
    private Map<String, Defender> defenderMap;
    private Defender defaultDefender;

    public XssEscapeFilterConfig() throws IllegalStateException {
        this(DEFAULT_FILTER_RULE_FILENAME);
    }

    public XssEscapeFilterConfig(String str) throws IllegalStateException {
        this.urlRuleSetMap = new HashMap();
        this.globalParamRuleMap = new HashMap();
        this.defenderMap = new HashMap();
        this.defaultDefender = null;
        try {
            Element documentElement = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(Thread.currentThread().getContextClassLoader().getResourceAsStream(str)).getDocumentElement();
            addDefenders(documentElement);
            addDefaultInfo(documentElement);
            addGlobalParams(documentElement);
            addUrlRuleSet(documentElement);
        } catch (Exception e) {
            throw new IllegalStateException(String.format("Cannot parse the RequestParam configuration file [%s].", str), e);
        }
    }

    private void addDefaultInfo(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("default");
        if (elementsByTagName.getLength() > 0) {
            addDefaultInfoItems((Element) elementsByTagName.item(0));
        }
    }

    private void addDefaultInfoItems(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("defender");
        if (elementsByTagName.getLength() > 0) {
            this.defaultDefender = this.defenderMap.get(elementsByTagName.item(0).getTextContent());
            if (this.defaultDefender == null) {
                LOG.error("Error config 'Default defender': Not found '" + elementsByTagName.item(0).getTextContent() + "'");
            }
        }
    }

    private void addGlobalParams(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("global");
        if (elementsByTagName.getLength() <= 0 || ((Element) elementsByTagName.item(0)).getElementsByTagName("params").getLength() <= 0) {
            return;
        }
        this.globalParamRuleMap = createRequestParamRuleMap((Element) elementsByTagName.item(0));
    }

    private void addUrlRuleSet(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("url-rule");
        for (int i = 0; elementsByTagName.getLength() > 0 && i < elementsByTagName.getLength(); i++) {
            addUrlRule((Element) elementsByTagName.item(i));
        }
    }

    private void addUrlRule(Element element) {
        Map<String, XssEscapeFilterRule> map = null;
        String str = null;
        NodeList elementsByTagName = element.getElementsByTagName("url");
        if (elementsByTagName.getLength() > 0) {
            str = elementsByTagName.item(0).getTextContent();
            if (addUrlDisableRule(str, elementsByTagName)) {
                return;
            }
        }
        NodeList elementsByTagName2 = element.getElementsByTagName("params");
        if (elementsByTagName2.getLength() > 0) {
            map = createRequestParamRuleMap((Element) elementsByTagName2.item(0));
        }
        this.urlRuleSetMap.put(str, map);
    }

    private boolean addUrlDisableRule(String str, NodeList nodeList) {
        boolean z = false;
        if (!str.isEmpty()) {
            Map<String, XssEscapeFilterRule> createRequestParamRuleMap = createRequestParamRuleMap(str, StringUtils.equalsIgnoreCase(((Element) nodeList.item(0)).getAttribute("disable"), "true"));
            if (createRequestParamRuleMap != null) {
                this.urlRuleSetMap.put(str, createRequestParamRuleMap);
                z = true;
            }
        }
        return z;
    }

    private Map<String, XssEscapeFilterRule> createRequestParamRuleMap(Element element) {
        Defender defender;
        HashMap hashMap = new HashMap();
        NodeList elementsByTagName = element.getElementsByTagName("param");
        for (int i = 0; elementsByTagName.getLength() > 0 && i < elementsByTagName.getLength(); i++) {
            Element element2 = (Element) elementsByTagName.item(i);
            String attribute = element2.getAttribute("name");
            boolean z = !StringUtils.equalsIgnoreCase(element2.getAttribute("useDefender"), "false");
            boolean z2 = StringUtils.equalsIgnoreCase(element2.getAttribute("usePrefix"), "true");
            NodeList elementsByTagName2 = element2.getElementsByTagName("defender");
            if (elementsByTagName2.getLength() > 0) {
                defender = this.defenderMap.get(elementsByTagName2.item(0).getTextContent());
                if (defender == null) {
                    LOG.error("Error config 'param defender': Not found '" + elementsByTagName.item(0).getTextContent() + "'");
                }
            } else {
                defender = this.defaultDefender;
            }
            XssEscapeFilterRule xssEscapeFilterRule = new XssEscapeFilterRule();
            xssEscapeFilterRule.setName(attribute);
            xssEscapeFilterRule.setUseDefender(z);
            xssEscapeFilterRule.setDefender(defender);
            xssEscapeFilterRule.setUsePrefix(z2);
            hashMap.put(attribute, xssEscapeFilterRule);
        }
        return hashMap;
    }

    private Map<String, XssEscapeFilterRule> createRequestParamRuleMap(String str, boolean z) {
        if (!z) {
            return null;
        }
        HashMap hashMap = new HashMap();
        XssEscapeFilterRule xssEscapeFilterRule = new XssEscapeFilterRule();
        xssEscapeFilterRule.setName(str);
        xssEscapeFilterRule.setUseDefender(false);
        hashMap.put(str, xssEscapeFilterRule);
        return hashMap;
    }

    private void addDefenders(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("defenders");
        if (elementsByTagName.getLength() > 0) {
            addDefender((Element) elementsByTagName.item(0));
        }
    }

    private void addDefender(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("defender");
        for (int i = 0; elementsByTagName.getLength() > 0 && i < elementsByTagName.getLength(); i++) {
            Element element2 = (Element) elementsByTagName.item(i);
            addDefender(getTagContent(element2, "name"), getTagContent(element2, "class"), getInitParams(element2));
        }
    }

    private void addDefender(String str, String str2, String[] strArr) {
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2)) {
            LOG.warn(String.format("The defender's name('%s') or clazz('%s') is empty. This defender is ignored", str, str2));
            return;
        }
        try {
            Defender defender = (Defender) Class.forName(str2.trim()).newInstance();
            defender.init(strArr);
            this.defenderMap.put(str, defender);
        } catch (ClassNotFoundException e) {
            rethrow(str, str2, e);
        } catch (IllegalAccessException e2) {
            rethrow(str, str2, e2);
        } catch (InstantiationException e3) {
            rethrow(str, str2, e3);
        }
    }

    private void rethrow(String str, String str2, Exception exc) {
        throw new IllegalStateException(String.format("Fail to add defender: name=%s, class=%s", str, str2), exc);
    }

    private String[] getInitParams(Element element) {
        NodeList elementsByTagName = element.getElementsByTagName("init-param");
        if (elementsByTagName.getLength() == 0) {
            return new String[0];
        }
        NodeList elementsByTagName2 = ((Element) elementsByTagName.item(0)).getElementsByTagName("param-value");
        String[] strArr = new String[elementsByTagName2.getLength()];
        for (int i = 0; elementsByTagName2.getLength() > 0 && i < elementsByTagName2.getLength(); i++) {
            strArr[i] = elementsByTagName2.item(i).getTextContent();
        }
        return strArr;
    }

    private String getTagContent(Element element, String str) {
        NodeList elementsByTagName = element.getElementsByTagName(str);
        return elementsByTagName.getLength() > 0 ? elementsByTagName.item(0).getTextContent() : "";
    }

    public XssEscapeFilterRule getUrlParamRule(String str, String str2) {
        Map<String, XssEscapeFilterRule> map = this.urlRuleSetMap.get(str);
        return map == null ? checkGlobalParamRule(str2) : checkParamRule(map, str, str2);
    }

    private XssEscapeFilterRule checkGlobalParamRule(String str) {
        XssEscapeFilterRule xssEscapeFilterRule = this.globalParamRuleMap.get(str);
        if (xssEscapeFilterRule == null) {
            xssEscapeFilterRule = checkPrefixParameter(str, null, this.globalParamRuleMap);
        }
        return xssEscapeFilterRule;
    }

    private XssEscapeFilterRule checkParamRule(Map<String, XssEscapeFilterRule> map, String str, String str2) {
        XssEscapeFilterRule xssEscapeFilterRule = map.get(str2);
        if (xssEscapeFilterRule == null) {
            xssEscapeFilterRule = checkPrefixParameter(str2, checkDisableUrl(str, xssEscapeFilterRule, map), map);
            if (xssEscapeFilterRule == null) {
                xssEscapeFilterRule = this.globalParamRuleMap.get(str2);
            }
        }
        return xssEscapeFilterRule;
    }

    private XssEscapeFilterRule checkDisableUrl(String str, XssEscapeFilterRule xssEscapeFilterRule, Map<String, XssEscapeFilterRule> map) {
        return xssEscapeFilterRule != null ? xssEscapeFilterRule : (!map.containsKey(str) || map.get(str).isUseDefender()) ? xssEscapeFilterRule : map.get(str);
    }

    private XssEscapeFilterRule checkPrefixParameter(String str, XssEscapeFilterRule xssEscapeFilterRule, Map<String, XssEscapeFilterRule> map) {
        if (xssEscapeFilterRule != null || str == null) {
            return xssEscapeFilterRule;
        }
        for (Map.Entry<String, XssEscapeFilterRule> entry : map.entrySet()) {
            if (entry.getValue().isUsePrefix() && str.startsWith(entry.getKey())) {
                return map.get(entry.getKey());
            }
        }
        return xssEscapeFilterRule;
    }

    public Map<String, Defender> getDefenderMap() {
        return this.defenderMap;
    }

    public Defender getDefaultDefender() {
        return this.defaultDefender;
    }
}
