package com.appiancorp.security.csp;

import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.suite.WebAssetsHelper;
import java.io.IOException;
import java.io.InputStream;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.regex.Pattern;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.json.JSONArray;
import org.json.JSONObject;

/* loaded from: input_file:com/appiancorp/security/csp/CspHeaders.class */
class CspHeaders {
    static final String CONTENT_SECURITY_POLICY = "Content-Security-Policy";
    static final String CONTENT_SECURITY_POLICY_REPORT_ONLY = "Content-Security-Policy-Report-Only";
    private static final String PATTERN = "pattern";
    private static final String ENFORCED_VALUE = "enforcedValue";
    private static final String REPORT_ONLY_VALUE = "reportOnlyValue";
    private static final String REPORT_TO_DIRECTIVE = "report-to";
    private final List<List<ScopedCspDirective>> allDirectiveConfigurations = new ArrayList();
    private String reportUri;
    private WebAssetsHelper webAssetsHelper;
    private static final Pattern ALL_URI_PATTERN = Pattern.compile("^/.*");
    private static final String SCRIPT_SRC_DIRECTIVE = "script-src";
    private static final String STYLE_SRC_DIRECTIVE = "style-src";
    private static final List<String> DIRECTIVES_TO_ADD_STATIC_ASSETS_URL = Arrays.asList(SCRIPT_SRC_DIRECTIVE, STYLE_SRC_DIRECTIVE);

    /* JADX INFO: Access modifiers changed from: package-private */
    public CspHeaders(WebAssetsHelper webAssetsHelper, InputStream inputStream, String str) {
        this.webAssetsHelper = webAssetsHelper;
        this.reportUri = str;
        try {
            loadDirectivesConfiguration(inputStream);
        } catch (IOException | URISyntaxException | ParseException e) {
            throw new RuntimeException("Error! The CSP configuration could not be loaded!", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Map<String, String> getHeaders(String str, String str2) {
        HashMap hashMap = new HashMap(2);
        StringBuilder sb = new StringBuilder();
        StringBuilder sb2 = new StringBuilder();
        if (StringUtils.isEmpty(str2)) {
            return hashMap;
        }
        this.allDirectiveConfigurations.forEach(list -> {
            Iterator it = list.iterator();
            while (it.hasNext()) {
                ScopedCspDirective scopedCspDirective = (ScopedCspDirective) it.next();
                if (scopedCspDirective.applies(str)) {
                    String name = scopedCspDirective.getName();
                    if (name.equals(REPORT_TO_DIRECTIVE) && isSafari(str2)) {
                        return;
                    }
                    addPolicy(sb, name, scopedCspDirective.getEnforcedValue());
                    addPolicy(sb2, name, scopedCspDirective.getReportOnlyValue());
                    return;
                }
            }
        });
        String trim = sb.toString().trim();
        String trim2 = sb2.toString().trim();
        if (!trim.isEmpty()) {
            hashMap.put(CONTENT_SECURITY_POLICY, trim);
        }
        if (!trim2.isEmpty() && !isSafari(str2)) {
            hashMap.put(CONTENT_SECURITY_POLICY_REPORT_ONLY, trim2);
        }
        return hashMap;
    }

    private boolean isSafari(String str) {
        return !str.contains("Chrome") && str.contains("Safari");
    }

    private void addPolicy(StringBuilder sb, String str, Optional<String> optional) {
        String webAssetBaseUrl = this.webAssetsHelper.getWebAssetBaseUrl();
        if (optional.isPresent()) {
            sb.append(str).append(' ').append(optional.get());
            if (!Strings.isNullOrEmpty(webAssetBaseUrl) && DIRECTIVES_TO_ADD_STATIC_ASSETS_URL.contains(str)) {
                sb.append(' ').append(webAssetBaseUrl);
            }
            sb.append(';').append(' ');
        }
    }

    private void loadDirectivesConfiguration(InputStream inputStream) throws ParseException, IOException, URISyntaxException {
        JSONObject jSONObject = new JSONObject(IOUtils.toString(inputStream, StandardCharsets.UTF_8));
        jSONObject.keys().forEachRemaining(str -> {
            ArrayList arrayList = new ArrayList();
            JSONArray jSONArray = jSONObject.getJSONArray(str);
            for (int i = 0; i < jSONArray.length(); i++) {
                JSONObject jSONObject2 = jSONArray.getJSONObject(i);
                arrayList.add(new ScopedCspDirective(str, Optional.ofNullable(jSONObject2.optString(REPORT_ONLY_VALUE, null)), Optional.ofNullable(jSONObject2.optString(ENFORCED_VALUE, null)), Pattern.compile(jSONObject2.getString(PATTERN))));
            }
            this.allDirectiveConfigurations.add(arrayList);
        });
        ArrayList arrayList = new ArrayList();
        Optional of = Optional.of(this.reportUri);
        arrayList.add(new ScopedCspDirective(REPORT_TO_DIRECTIVE, of, of, ALL_URI_PATTERN));
        this.allDirectiveConfigurations.add(arrayList);
    }
}
