package com.ibm.mm.proxy;

import com.ibm.mm.framework.log.Log;
import com.ibm.mm.framework.log.LogMgr;
import com.ibm.mm.proxy.parser.Constants;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import org.apache.commons.httpclient.HttpState;
import org.eclipse.osgi.framework.internal.core.BundleLoader;

/* loaded from: input_file:mum/WEB-INF/lib/mmproxy.jar:com/ibm/mm/proxy/Policy.class */
public class Policy {
    private static final String COPYRIGHT = "Licensed Materials - Property of IBM, , (C) 5724-U69 Copyright IBM Corp. 2008 - All Rights reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    public static final String PAF_POL_ACF_NONE = "none";
    public static final String PAF_POL_ACF_INBOUND = "inbound";
    public static final String PAF_POL_ACF_OUTBOUND = "outbound";
    public static final String PAF_POL_ACF_BOTH = "both";
    private static final String HDR_COOKIE = "Cookie";
    private static final String HDR_AUTHORIZATION = "Authorization";
    private static final int BUFFER_SIZE = 4096;
    private static final int MAX_ACF_SIZE = 1048576;
    private String url;
    private String acf;
    private List actions;
    private List cookies;
    private List headers;
    private List mimeTypes;
    private List users;
    private boolean basicAuthSupport;
    private static final String[] DEFAULT_HEADERS_STRING = {"User-Agent", "Accept*", "Content*", "Pragma", "Cache-Control"};
    private static final List DEFAULT_HEADERS_LIST = Collections.synchronizedList(new ArrayList());
    private static final LogMgr logger = Log.get(Constants.LOGGING_RESOURCE_BUNDLE, Policy.class);

    public Policy() {
        this("");
    }

    public Policy(String str) {
        boolean isTraceDebugEnabled = logger.isTraceDebugEnabled();
        if (isTraceDebugEnabled) {
            logger.traceEntry("Policy", str);
        }
        this.acf = "none";
        this.url = str;
        if (isTraceDebugEnabled) {
            logger.traceDebug("Policy", "Creating lists");
        }
        this.actions = new ArrayList();
        this.cookies = new ArrayList();
        this.headers = new ArrayList();
        this.mimeTypes = new ArrayList();
        this.users = new ArrayList();
        if (isTraceDebugEnabled) {
            logger.traceDebug("Policy", "Creating default headers");
        }
        if (DEFAULT_HEADERS_LIST.size() == 0) {
            for (int i = 0; i < DEFAULT_HEADERS_STRING.length; i++) {
                DEFAULT_HEADERS_LIST.add(DEFAULT_HEADERS_STRING[i]);
            }
        }
        if (isTraceDebugEnabled) {
            logger.traceDebug("Policy", "Running initialization");
        }
        if (isTraceDebugEnabled) {
            logger.traceExit("Policy");
        }
    }

    public String getAcf() {
        return this.acf;
    }

    public void setAcf(String str) {
        this.acf = str;
    }

    public boolean basicAuthSupport() {
        return this.basicAuthSupport;
    }

    public void setBasicAuthSupport(boolean z) {
        this.basicAuthSupport = z;
    }

    public List getActions() {
        return this.actions;
    }

    public List getCookies() {
        return this.cookies;
    }

    public List getHeaders() {
        return this.headers;
    }

    public List getMimeTypes() {
        return this.mimeTypes;
    }

    public String getURL() {
        return this.url;
    }

    public void setURL(String str) {
        this.url = str;
    }

    public List getUsers() {
        return this.users;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("Policies for: " + this.url + "\n\n");
        stringBuffer.append("  ACF: " + this.acf + "\n");
        stringBuffer.append("  Actions:\n");
        Iterator it = this.actions.iterator();
        while (it.hasNext()) {
            stringBuffer.append("    " + it.next() + "\n");
        }
        stringBuffer.append("\n  Cookies:\n");
        Iterator it2 = this.cookies.iterator();
        while (it2.hasNext()) {
            stringBuffer.append("    " + it2.next() + "\n");
        }
        stringBuffer.append("\n  Headers:\n");
        Iterator it3 = this.headers.iterator();
        while (it3.hasNext()) {
            stringBuffer.append("    " + it3.next() + "\n");
        }
        stringBuffer.append("  Users:\n");
        Iterator it4 = this.users.iterator();
        while (it4.hasNext()) {
            stringBuffer.append("    " + it4.next() + "\n");
        }
        return stringBuffer.toString();
    }

    public void init() {
        initHeaders();
        initMimeTypes();
    }

    private void initHeaders() {
        logger.traceEntry("initHeaders");
        boolean isTraceDebugEnabled = logger.isTraceDebugEnabled();
        if (isTraceDebugEnabled) {
            logger.traceDebug("initHeaders", "checking for headers");
        }
        if (this.headers.size() == 0) {
            this.headers.addAll(DEFAULT_HEADERS_LIST);
        }
        for (int i = 0; i < this.headers.size(); i++) {
            String reformatRegEx = reformatRegEx((String) this.headers.get(i));
            if (isTraceDebugEnabled) {
                logger.traceDebug("initHeaders", "Creating new pattern for " + reformatRegEx);
            }
            this.headers.set(i, Pattern.compile(reformatRegEx, 2));
        }
        logger.traceExit("initHeaders");
    }

    private void initMimeTypes() {
        boolean isTraceDebugEnabled = logger.isTraceDebugEnabled();
        if (isTraceDebugEnabled) {
            logger.traceEntry("initMimeTypes");
        }
        for (int i = 0; i < this.mimeTypes.size(); i++) {
            String reformatRegEx = reformatRegEx((String) this.mimeTypes.get(i));
            if (isTraceDebugEnabled) {
                logger.traceDebug("initMimeTypes", "Creating new pattern for " + reformatRegEx);
            }
            this.mimeTypes.set(i, Pattern.compile(reformatRegEx, 2));
        }
        if (isTraceDebugEnabled) {
            logger.traceExit("initMimeTypes");
        }
    }

    public boolean isMethodAllowed(String str) {
        return this.actions.contains(str);
    }

    public Set getValidHeaders(HeaderHelper headerHelper) {
        boolean isTraceDebugEnabled = logger.isTraceDebugEnabled();
        if (isTraceDebugEnabled) {
            logger.traceEntry("getValidHeaders");
        }
        HashSet hashSet = new HashSet();
        List list = this.headers.size() > 0 ? this.headers : DEFAULT_HEADERS_LIST;
        for (int i = 0; i < list.size(); i++) {
            Pattern pattern = (Pattern) list.get(i);
            if (isTraceDebugEnabled) {
                logger.traceDebug("getValidHeaders", "Reusing pattern for " + pattern.pattern());
            }
            Iterator it = headerHelper.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (!HDR_COOKIE.equalsIgnoreCase(str)) {
                    if ("Authorization".equalsIgnoreCase(str) && this.basicAuthSupport) {
                        if (!hashSet.contains("Authorization")) {
                            if (isTraceDebugEnabled) {
                                logger.traceDebug("getValidHeaders", "Basic Auth Support is enabled, adding authorization header");
                            }
                            hashSet.add("Authorization");
                        }
                    } else if (pattern.matcher(str).matches() && !hashSet.contains(str)) {
                        if (isTraceDebugEnabled) {
                            logger.traceDebug("getValidHeaders", "Header matches an proxy-config entry, adding header");
                        }
                        hashSet.add(str);
                    }
                }
            }
        }
        logger.traceExit("getValidHeaders");
        return hashSet;
    }

    public boolean isValidMimeType(String str) {
        boolean isTraceDebugEnabled = logger.isTraceDebugEnabled();
        if (isTraceDebugEnabled) {
            logger.traceEntry("isValidMimeType", str);
        }
        List list = this.mimeTypes;
        if (list.size() == 0) {
            if (isTraceDebugEnabled) {
                logger.traceDebug("isValidMimeType", "No mime-types specified, allowing all");
            }
            logger.traceExit("isValidMimeType", "true");
            return true;
        }
        if (isTraceDebugEnabled) {
            logger.traceDebug("isValidMimeType", "mime-type count: " + list.size());
        }
        for (int i = 0; i < list.size(); i++) {
            Pattern pattern = (Pattern) list.get(i);
            if (isTraceDebugEnabled) {
                logger.traceDebug("isValidMimeType", "Reusing pattern for " + pattern.pattern());
            }
            if (pattern.matcher(str).matches()) {
                logger.traceExit("isValidMimeType", "true");
                return true;
            }
        }
        logger.traceExit("isValidMimeType", HttpState.PREEMPTIVE_DEFAULT);
        return false;
    }

    public String getFilteredCookieString(String str, String str2, String str3, String str4) throws IOException {
        boolean isTraceDebugEnabled = logger.isTraceDebugEnabled();
        if (isTraceDebugEnabled) {
            logger.traceEntry("getFilteredCookieString", String.valueOf(str) + " \n" + str2 + "\n" + str3);
        }
        if (str == null || str.length() == 0) {
            if (isTraceDebugEnabled) {
                logger.traceDebug("getFilteredCookieString", "No cookie string specified.");
            }
            logger.traceExit("getFilteredCookieString");
            return "";
        }
        if (this.cookies.size() == 0) {
            if (isTraceDebugEnabled) {
                logger.traceDebug("getFilteredCookieString", "No cookies allowed.");
            }
            logger.traceExit("getFilteredCookieString");
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (String str5 : str.split(";")) {
            String trim = str5.trim();
            Cookie cookie = new Cookie(trim);
            String name = cookie.getName();
            if (this.cookies.contains(name)) {
                if (trim.startsWith(Cookie.MAGIC_COOKIE_PREFIX)) {
                    if (isTraceDebugEnabled) {
                        logger.traceDebug("getFilteredCookieString", "Cookie was encoded. Checking domain, path, and digest...");
                    }
                    if (str2.endsWith(cookie.getDomain())) {
                        if (str3.startsWith(cookie.getPath())) {
                            if (!str4.equals(cookie.getDigest())) {
                                if (isTraceDebugEnabled) {
                                    logger.traceDebug("getFilteredCookieString", "Denying cookie because the cookie digest does not match the digest for the current request. Request digest is " + str4 + ", but cookie digest is " + cookie.getDigest() + BundleLoader.DEFAULT_PACKAGE);
                                }
                            }
                        } else if (isTraceDebugEnabled) {
                            logger.traceDebug("getFilteredCookieString", "Denying cookie because URL paths do not match. Path of target server is " + str3 + ", but cookie is for path " + cookie.getPath() + BundleLoader.DEFAULT_PACKAGE);
                        }
                    } else if (isTraceDebugEnabled) {
                        logger.traceDebug("getFilteredCookieString", "Denying cookie because domains do not match. Domain of target server is " + str2 + ", but cookie is for domain " + cookie.getDomain() + BundleLoader.DEFAULT_PACKAGE);
                    }
                }
                if (stringBuffer.length() != 0) {
                    stringBuffer.append(";");
                }
                stringBuffer.append(name).append("=").append(cookie.getValue());
            } else if (isTraceDebugEnabled) {
                logger.traceDebug("getFilteredCookieString", "Denying cookie because it is not declared in the access policy.");
            }
        }
        if (isTraceDebugEnabled) {
            logger.traceExit("getFilteredCookieString", stringBuffer.toString());
        }
        return stringBuffer.toString();
    }

    private String reformatRegEx(String str) {
        return str.replaceAll("\\*", ".*").replaceAll("[+]", "[+]");
    }
}
