package org.owasp.appsensor.filters;

import java.io.IOException;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.owasp.appsensor.errors.AppSensorException;

/* loaded from: input_file:org/owasp/appsensor/filters/UserAgentChangeDetectionFilter.class */
public class UserAgentChangeDetectionFilter implements Filter {
    private static ConcurrentMap<String, String> sessionUserAgentMap = new ConcurrentHashMap();

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpSession session = httpServletRequest.getSession(false);
        String header = httpServletRequest.getHeader("user-agent");
        if (session != null && session.getId() != null && header != null) {
            String id = session.getId();
            if (sessionUserAgentMap.containsKey(id)) {
                String str = sessionUserAgentMap.get(id);
                if (!header.equals(str)) {
                    new AppSensorException("SE6", "AppSensorUser Message SE6", "User agent for session has changed - original user agent [" + str + "] / new user agent [" + header + "] for session id [" + id + "]");
                }
            } else {
                sessionUserAgentMap.putIfAbsent(id, header);
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
