package org.owasp.appsensor;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import org.owasp.esapi.EncryptedProperties;
import org.owasp.esapi.SecurityConfiguration;
import org.owasp.esapi.errors.EncryptionException;
import org.owasp.esapi.reference.DefaultSecurityConfiguration;
import org.owasp.esapi.reference.crypto.DefaultEncryptedProperties;

/* loaded from: input_file:org/owasp/appsensor/AppSensorSecurityConfiguration.class */
public class AppSensorSecurityConfiguration extends DefaultSecurityConfiguration {
    private static volatile SecurityConfiguration singletonInstance;
    private static Properties combinedProperties = null;
    private static final String RESPONSE_ACTION_IMPLEMENTATION = "AppSensor.responseAction";
    private static final String INTRUSION_STORE_IMPLEMENTATION = "AppSensor.intrusionStore";
    private static final String SERVICE_STORE_IMPLEMENTATION = "AppSensor.serviceStore";
    private static final String ASUTILITIES_IMPLEMENTATION = "AppSensor.asUtilities";
    private static final String TREND_LOGGER_IMPLEMENTATION = "AppSensor.trendLogger";
    private static final String DEFAULT_RESPONSE_ACTION_IMPLEMENTATION = "org.owasp.appsensor.intrusiondetection.DefaultResponseAction";
    private static final String DEFAULT_INTRUSION_STORE_IMPLEMENTATION = "org.owasp.appsensor.intrusiondetection.DefaultIntrusionStore";
    private static final String DEFAULT_SERVICE_STORE_IMPLEMENTATION = "org.owasp.appsensor.reference.DefaultServiceStore";
    private static final String DEFAULT_ASUTILITIES_IMPLEMENTATION = "org.owasp.appsensor.reference.DefaultASUtilities";
    private static final String DEFAULT_TREND_LOGGER_IMPLEMENTATION = "org.owasp.appsensor.trendmonitoring.reference.InMemoryTrendLogger";
    public static final String APPSENSOR_ENCRYPTED_PROPERTIES_FILE_LOOKUP_KEY = "appsensor.encrypted.properties.file";

    public static SecurityConfiguration getInstance() {
        if (singletonInstance == null) {
            synchronized (AppSensorSecurityConfiguration.class) {
                if (singletonInstance == null) {
                    singletonInstance = new AppSensorSecurityConfiguration();
                }
            }
        }
        return singletonInstance;
    }

    public AppSensorSecurityConfiguration() {
        if (combinedProperties == null) {
            loadAppSensorConfiguration();
        }
    }

    public SecurityConfiguration.Threshold getQuota(String str) {
        throw new UnsupportedOperationException("This method is not implemented in this class.");
    }

    public AppSensorThreshold getAppSensorQuota(String str) {
        int property = getProperty("IntrusionDetector." + str + ".count", 0);
        int property2 = getProperty("IntrusionDetector." + str + ".interval", 0);
        List<String> property3 = getProperty("IntrusionDetector." + str + ".actions", new ArrayList());
        int property4 = getProperty("IntrusionDetector." + str + ".disableComponent.duration", 0);
        String property5 = getProperty("IntrusionDetector." + str + ".disableComponent.timeScale", "s");
        int property6 = getProperty("IntrusionDetector." + str + ".disableComponentForUser.duration", 0);
        String property7 = getProperty("IntrusionDetector." + str + ".disableComponentForUser.timeScale", "s");
        if (!AppSensorServiceMonitor.acceptableTimeScales.contains(property5)) {
            throw new IllegalArgumentException("There has been a request for an timeScale that is not supported by this service monitor.  The requested timeScale is: " + property5);
        }
        if (property <= 0 || property2 <= 0 || property3.size() <= 0) {
            return null;
        }
        return new AppSensorThreshold(str, property, property2, property3, property4, property5, property6, property7);
    }

    public List<String> getDisableComponentExceptionsList() {
        return getProperty("disable.component.exceptions", new ArrayList());
    }

    public List<String> getXSSAttackPatternsList() {
        return getProperty("xss.attack.patterns", new ArrayList());
    }

    public List<String> getSQLInjectionAttackPatternsList() {
        return getProperty("sql.injection.attack.patterns", new ArrayList());
    }

    public List<String> getAllHttpMethods() {
        return getProperty("all.http.methods", new ArrayList());
    }

    public List<String> getValidHttpMethods() {
        return getProperty("valid.http.methods", new ArrayList());
    }

    public List<String> getDisableComponentExtensionsToCheckList() {
        return getProperty("disable.component.extensionsToCheck", new ArrayList());
    }

    public String getResponseActionImplementation() {
        return getProperty(RESPONSE_ACTION_IMPLEMENTATION, DEFAULT_RESPONSE_ACTION_IMPLEMENTATION);
    }

    public String getIntrusionStoreImplementation() {
        return getProperty(INTRUSION_STORE_IMPLEMENTATION, DEFAULT_INTRUSION_STORE_IMPLEMENTATION);
    }

    public String getServiceStoreImplementation() {
        return getProperty(SERVICE_STORE_IMPLEMENTATION, DEFAULT_SERVICE_STORE_IMPLEMENTATION);
    }

    public String getASUtilitiesImplementation() {
        return getProperty(ASUTILITIES_IMPLEMENTATION, DEFAULT_ASUTILITIES_IMPLEMENTATION);
    }

    public String getTrendLoggerImplementation() {
        return getProperty(TREND_LOGGER_IMPLEMENTATION, DEFAULT_TREND_LOGGER_IMPLEMENTATION);
    }

    public String getSMSEmailProtocol() {
        return getProperty("smsAdmin.protocol", "smtp");
    }

    public String getSMSEmailHost() {
        return getProperty("smsAdmin.host", "");
    }

    public int getSMSEmailPort() {
        return getProperty("smsAdmin.port", 25);
    }

    public boolean getSMSEmailAuthenticationRequired() {
        return getProperty("smsAdmin.mail.host.authentication.required", false);
    }

    public String getSMSEmailAuthenticationUser() {
        return getProperty("smsAdmin.send.user", "");
    }

    public String getSMSEmailAuthenticationPassword() {
        return getProperty("smsAdmin.send.password", "");
    }

    public String getSMSEmailFromAccount() {
        return getProperty("smsAdmin.from", "");
    }

    public List<String> getSMSEmailToAccounts() {
        return getProperty("smsAdmin.to", new ArrayList());
    }

    public String getEmailProtocol() {
        return getProperty("emailAdmin.protocol", "smtp");
    }

    public String getEmailHost() {
        return getProperty("emailAdmin.host", "");
    }

    public int getEmailPort() {
        return getProperty("emailAdmin.port", 25);
    }

    public boolean getEmailAuthenticationRequired() {
        return getProperty("emailAdmin.mail.host.authentication.required", false);
    }

    public String getEmailAuthenticationUser() {
        return getProperty("emailAdmin.send.user", "");
    }

    public String getEmailAuthenticationPassword() {
        return getProperty("emailAdmin.send.password", "");
    }

    public String getEmailFromAccount() {
        return getProperty("emailAdmin.from", "");
    }

    public List<String> getEmailToAccounts() {
        return getProperty("emailAdmin.to", new ArrayList());
    }

    private void loadAppSensorConfiguration() {
        try {
            combinedProperties = loadPropertiesFromStream(getResourceStream("ESAPI.properties"));
        } catch (IOException e) {
            try {
                combinedProperties = loadConfigurationFromClasspath("ESAPI.properties");
            } catch (Exception e2) {
            }
        }
        Properties properties = null;
        try {
            properties = loadPropertiesFromStream(getResourceStream("appsensor.properties"));
        } catch (IOException e3) {
            try {
                properties = loadConfigurationFromClasspath("appsensor.properties");
            } catch (Exception e4) {
            }
        }
        if (properties != null) {
            for (String str : properties.keySet()) {
                combinedProperties.put(str, properties.getProperty(str));
            }
        }
        String property = combinedProperties.getProperty(APPSENSOR_ENCRYPTED_PROPERTIES_FILE_LOOKUP_KEY);
        if (property == null || property.trim().length() <= 0) {
            return;
        }
        EncryptedProperties encryptedProperties = null;
        try {
            encryptedProperties = loadEncryptedPropertiesFromStream(getResourceStream(property));
        } catch (IOException e5) {
            try {
                encryptedProperties = loadEncryptedConfigurationFromClasspath(property);
            } catch (Exception e6) {
            }
        }
        if (encryptedProperties != null) {
            for (Object obj : encryptedProperties.keySet()) {
                try {
                    String str2 = (String) obj;
                    combinedProperties.put(str2, encryptedProperties.getProperty(str2));
                } catch (EncryptionException e7) {
                    throw new IllegalArgumentException("Failed to load key '" + obj + "' as a from encrypted properties file: " + property);
                }
            }
        }
    }

    private Properties loadPropertiesFromStream(InputStream inputStream) throws IOException {
        Properties properties = new Properties();
        try {
            properties.load(inputStream);
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Exception e) {
                }
            }
            return properties;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Exception e2) {
                }
            }
            throw th;
        }
    }

    private EncryptedProperties loadEncryptedPropertiesFromStream(InputStream inputStream) throws IOException {
        DefaultEncryptedProperties defaultEncryptedProperties = new DefaultEncryptedProperties();
        try {
            defaultEncryptedProperties.load(inputStream);
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Exception e) {
                }
            }
            return defaultEncryptedProperties;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Exception e2) {
                }
            }
            throw th;
        }
    }

    private Properties loadConfigurationFromClasspath(String str) throws IllegalArgumentException {
        Properties properties = null;
        InputStream inputStream = null;
        ClassLoader[] classLoaderArr = {Thread.currentThread().getContextClassLoader(), ClassLoader.getSystemClassLoader(), getClass().getClassLoader()};
        for (int i = 0; i < classLoaderArr.length; i++) {
            if (classLoaderArr[i] != null) {
                ClassLoader classLoader = classLoaderArr[i];
                try {
                    inputStream = classLoaderArr[i].getResourceAsStream(str);
                    if (inputStream == null) {
                        inputStream = classLoader.getResourceAsStream(".esapi/" + str);
                    }
                    if (inputStream == null) {
                        inputStream = classLoader.getResourceAsStream("resources/" + str);
                    }
                    if (inputStream != null) {
                        properties = new Properties();
                        properties.load(inputStream);
                    }
                    try {
                        inputStream.close();
                    } catch (Exception e) {
                    }
                } catch (Exception e2) {
                    properties = null;
                    try {
                        inputStream.close();
                    } catch (Exception e3) {
                    }
                } catch (Throwable th) {
                    try {
                        inputStream.close();
                    } catch (Exception e4) {
                    }
                    throw th;
                }
            }
        }
        if (properties == null) {
            throw new IllegalArgumentException("Failed to load " + str + " as a classloader resource.");
        }
        return properties;
    }

    private EncryptedProperties loadEncryptedConfigurationFromClasspath(String str) throws IllegalArgumentException {
        EncryptedProperties encryptedProperties = null;
        InputStream inputStream = null;
        ClassLoader[] classLoaderArr = {Thread.currentThread().getContextClassLoader(), ClassLoader.getSystemClassLoader(), getClass().getClassLoader()};
        for (int i = 0; i < classLoaderArr.length; i++) {
            if (classLoaderArr[i] != null) {
                ClassLoader classLoader = classLoaderArr[i];
                try {
                    inputStream = classLoaderArr[i].getResourceAsStream(str);
                    if (inputStream == null) {
                        inputStream = classLoader.getResourceAsStream(".esapi/" + str);
                    }
                    if (inputStream == null) {
                        inputStream = classLoader.getResourceAsStream("resources/" + str);
                    }
                    if (inputStream != null) {
                        encryptedProperties = new DefaultEncryptedProperties();
                        encryptedProperties.load(inputStream);
                    }
                    try {
                        inputStream.close();
                    } catch (Exception e) {
                    }
                } catch (Exception e2) {
                    encryptedProperties = null;
                    try {
                        inputStream.close();
                    } catch (Exception e3) {
                    }
                } catch (Throwable th) {
                    try {
                        inputStream.close();
                    } catch (Exception e4) {
                    }
                    throw th;
                }
            }
        }
        if (encryptedProperties == null) {
            throw new IllegalArgumentException("Failed to load " + str + " as a classloader resource.");
        }
        return encryptedProperties;
    }

    public String getProperty(String str, String str2) {
        String property = combinedProperties.getProperty(str);
        return property == null ? str2 : property.trim();
    }

    public boolean getProperty(String str, boolean z) {
        String property = combinedProperties.getProperty(str);
        if (property == null) {
            return z;
        }
        try {
            return Boolean.parseBoolean(property);
        } catch (NumberFormatException e) {
            return z;
        }
    }

    private int getProperty(String str, int i) {
        String property = combinedProperties.getProperty(str);
        if (property == null) {
            return i;
        }
        try {
            return Integer.parseInt(property);
        } catch (NumberFormatException e) {
            return i;
        }
    }

    private List<String> getProperty(String str, List<String> list) {
        String property = combinedProperties.getProperty(str);
        if (property == null) {
            return list;
        }
        String[] split = property.split(",");
        ArrayList arrayList = new ArrayList();
        for (String str2 : split) {
            arrayList.add(str2.trim());
        }
        return arrayList;
    }
}
