package org.owasp.esapi.reference;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.TreeSet;
import java.util.regex.Pattern;
import org.owasp.esapi.Logger;
import org.owasp.esapi.SecurityConfiguration;

/* loaded from: input_file:org/owasp/esapi/reference/DefaultSecurityConfiguration.class */
public class DefaultSecurityConfiguration implements SecurityConfiguration {
    private static final String ALLOWED_LOGIN_ATTEMPTS = "AllowedLoginAttempts";
    private static final String APPLICATION_NAME = "ApplicationName";
    private static final String MASTER_PASSWORD = "MasterPassword";
    private static final String MASTER_SALT = "MasterSalt";
    private static final String VALID_EXTENSIONS = "ValidExtensions";
    private static final String MAX_UPLOAD_FILE_BYTES = "MaxUploadFileBytes";
    private static final String USERNAME_PARAMETER_NAME = "UsernameParameterName";
    private static final String PASSWORD_PARAMETER_NAME = "PasswordParameterName";
    private static final String MAX_OLD_PASSWORD_HASHES = "MaxOldPasswordHashes";
    private static final String ENCRYPTION_ALGORITHM = "EncryptionAlgorithm";
    private static final String HASH_ALGORITHM = "HashAlgorithm";
    private static final String CHARACTER_ENCODING = "CharacterEncoding";
    private static final String RANDOM_ALGORITHM = "RandomAlgorithm";
    private static final String DIGITAL_SIGNATURE_ALGORITHM = "DigitalSignatureAlgorithm";
    private static final String RESPONSE_CONTENT_TYPE = "ResponseContentType";
    private static final String REMEMBER_TOKEN_DURATION = "RememberTokenDuration";
    private static final String IDLE_TIMEOUT_DURATION = "IdleTimeoutDuration";
    private static final String ABSOLUTE_TIMEOUT_DURATION = "AbsoluteTimeoutDuration";
    private static final String LOG_LEVEL = "LogLevel";
    private static final String LOG_FILE_NAME = "LogFileName";
    private static final String MAX_LOG_FILE_SIZE = "MaxLogFileSize";
    private static final String LOG_ENCODING_REQUIRED = "LogEncodingRequired";
    public static final int DEFAULT_MAX_LOG_FILE_SIZE = 10000000;
    public static final String RESOURCE_DIRECTORY = "org.owasp.esapi.resources";
    private static String resourceDirectory = System.getProperty(RESOURCE_DIRECTORY);
    private static long lastModified = 0;
    private Properties properties = new Properties();
    private Map regexMap = null;
    protected final int MAX_REDIRECT_LOCATION = Logger.FATAL;
    protected final int MAX_FILE_NAME_LENGTH = Logger.FATAL;

    public DefaultSecurityConfiguration() {
        loadConfiguration();
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getApplicationName() {
        return this.properties.getProperty(APPLICATION_NAME, "AppNameNotSpecified");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public char[] getMasterPassword() {
        return this.properties.getProperty(MASTER_PASSWORD).toCharArray();
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public File getKeystore() {
        return new File(getResourceDirectory(), "keystore");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getResourceDirectory() {
        if (resourceDirectory != null && !resourceDirectory.endsWith(System.getProperty("file.separator"))) {
            resourceDirectory += System.getProperty("file.separator");
        }
        return resourceDirectory;
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public void setResourceDirectory(String str) {
        resourceDirectory = str;
        if (resourceDirectory != null && !resourceDirectory.endsWith(System.getProperty("file.separator"))) {
            resourceDirectory += System.getProperty("file.separator");
        }
        loadConfiguration();
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public byte[] getMasterSalt() {
        return this.properties.getProperty(MASTER_SALT).getBytes();
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public List getAllowedFileExtensions() {
        return Arrays.asList(this.properties.getProperty(VALID_EXTENSIONS, ".zip,.pdf,.tar,.gz,.xls,.properties,.txt,.xml").split(","));
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getAllowedFileUploadSize() {
        return Integer.parseInt(this.properties.getProperty(MAX_UPLOAD_FILE_BYTES, "5000000"));
    }

    private Properties loadConfigurationFromClasspath() {
        ClassLoader classLoader = getClass().getClassLoader();
        if (classLoader == null) {
            throw new IllegalArgumentException("Failure to load ESAPI configuration from classpath");
        }
        Properties properties = null;
        InputStream inputStream = null;
        try {
            inputStream = classLoader.getResourceAsStream("ESAPI.properties");
            if (inputStream != null) {
                properties = new Properties();
                properties.load(inputStream);
            }
            try {
                inputStream.close();
            } catch (Exception e) {
            }
        } catch (Exception e2) {
            properties = null;
            try {
                inputStream.close();
            } catch (Exception e3) {
            }
        } catch (Throwable th) {
            try {
                inputStream.close();
            } catch (Exception e4) {
            }
            throw th;
        }
        if (properties == null) {
            throw new IllegalArgumentException("Can't load ESAPI.properties as a classloader resource");
        }
        return properties;
    }

    private void loadConfiguration() {
        File file = null;
        try {
            this.properties = loadConfigurationFromClasspath();
            logSpecial("Loaded ESAPI properties from classpath", null);
        } catch (Exception e) {
            logSpecial("Can't load ESAPI properties from classpath, trying FileIO", e);
            file = new File(getResourceDirectory(), "ESAPI.properties");
            if (file.lastModified() == lastModified) {
                return;
            }
            FileInputStream fileInputStream = null;
            try {
                try {
                    fileInputStream = new FileInputStream(file);
                    this.properties.load(fileInputStream);
                    logSpecial("Loaded ESAPI properties from " + file.getAbsolutePath(), null);
                    try {
                        fileInputStream.close();
                    } catch (IOException e2) {
                    }
                } catch (Exception e3) {
                    logSpecial("Can't load ESAPI properties from " + file.getAbsolutePath(), e3);
                    try {
                        fileInputStream.close();
                    } catch (IOException e4) {
                    }
                }
            } catch (Throwable th) {
                try {
                    fileInputStream.close();
                } catch (IOException e5) {
                }
                throw th;
            }
        }
        logSpecial("  ========Master Configuration========", null);
        Iterator it = new TreeSet(this.properties.keySet()).iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            logSpecial("  |   " + str + "=" + this.properties.get(str), null);
        }
        if (file != null) {
            logSpecial("  ========Master Configuration========", null);
            lastModified = file.lastModified();
        }
        this.regexMap = new HashMap();
        Iterator validationPatternNames = getValidationPatternNames();
        while (validationPatternNames.hasNext()) {
            String str2 = (String) validationPatternNames.next();
            Pattern validationPattern = getValidationPattern(str2);
            if (str2 != null && validationPattern != null) {
                this.regexMap.put(str2, validationPattern);
            }
        }
    }

    private void logSpecial(String str, Throwable th) {
        System.out.println(str);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getPasswordParameterName() {
        return this.properties.getProperty(PASSWORD_PARAMETER_NAME, "password");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getUsernameParameterName() {
        return this.properties.getProperty(USERNAME_PARAMETER_NAME, "username");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getEncryptionAlgorithm() {
        return this.properties.getProperty(ENCRYPTION_ALGORITHM, "PBEWithMD5AndDES/CBC/PKCS5Padding");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getHashAlgorithm() {
        return this.properties.getProperty(HASH_ALGORITHM, "SHA-512");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getCharacterEncoding() {
        return this.properties.getProperty(CHARACTER_ENCODING, "UTF-8");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getDigitalSignatureAlgorithm() {
        return this.properties.getProperty(DIGITAL_SIGNATURE_ALGORITHM, "SHAwithDSA");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getRandomAlgorithm() {
        return this.properties.getProperty(RANDOM_ALGORITHM, "SHA1PRNG");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getAllowedLoginAttempts() {
        return Integer.parseInt(this.properties.getProperty(ALLOWED_LOGIN_ATTEMPTS, "5"));
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getMaxOldPasswordHashes() {
        return Integer.parseInt(this.properties.getProperty(MAX_OLD_PASSWORD_HASHES, "12"));
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v20, types: [java.util.List] */
    @Override // org.owasp.esapi.SecurityConfiguration
    public SecurityConfiguration.Threshold getQuota(String str) {
        int i = 0;
        String property = this.properties.getProperty(str + ".count");
        if (property != null) {
            i = Integer.parseInt(property);
        }
        int i2 = 0;
        String property2 = this.properties.getProperty(str + ".interval");
        if (property2 != null) {
            i2 = Integer.parseInt(property2);
        }
        ArrayList arrayList = new ArrayList();
        String property3 = this.properties.getProperty(str + ".actions");
        if (property3 != null) {
            arrayList = Arrays.asList(property3.split(","));
        }
        return new SecurityConfiguration.Threshold(str, i, i2, arrayList);
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getLogLevel() {
        String property = this.properties.getProperty(LOG_LEVEL);
        if (property == null) {
            logSpecial("The LOG-LEVEL property in the ESAPI properties file is not defined.", null);
            return Logger.WARNING;
        }
        if (property.equalsIgnoreCase("OFF")) {
            return Logger.OFF;
        }
        if (property.equalsIgnoreCase("FATAL")) {
            return Logger.FATAL;
        }
        if (property.equalsIgnoreCase("ERROR")) {
            return Logger.ERROR;
        }
        if (property.equalsIgnoreCase("WARNING")) {
            return Logger.WARNING;
        }
        if (property.equalsIgnoreCase("INFO")) {
            return Logger.INFO;
        }
        if (property.equalsIgnoreCase("DEBUG")) {
            return Logger.DEBUG;
        }
        if (property.equalsIgnoreCase("TRACE")) {
            return 100;
        }
        if (property.equalsIgnoreCase("ALL")) {
            return Logger.ALL;
        }
        logSpecial("The LOG-LEVEL property in the ESAPI properties file has the unrecognized value: " + property, null);
        return Logger.WARNING;
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getLogFileName() {
        return this.properties.getProperty(LOG_FILE_NAME, "ESAPI_logging_file");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getMaxLogFileSize() {
        String property = this.properties.getProperty(MAX_LOG_FILE_SIZE);
        if (property == null) {
            return DEFAULT_MAX_LOG_FILE_SIZE;
        }
        try {
            return Integer.parseInt(property);
        } catch (NumberFormatException e) {
            return DEFAULT_MAX_LOG_FILE_SIZE;
        }
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public boolean getLogEncodingRequired() {
        String property = this.properties.getProperty(LOG_ENCODING_REQUIRED);
        return property != null && property.equalsIgnoreCase("true");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public String getResponseContentType() {
        return this.properties.getProperty(RESPONSE_CONTENT_TYPE, "text/html; charset=UTF-8");
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public long getRememberTokenDuration() {
        return 86400000 * Long.parseLong(this.properties.getProperty(REMEMBER_TOKEN_DURATION, "14"));
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getSessionIdleTimeoutLength() {
        return 60000 * Integer.parseInt(this.properties.getProperty(IDLE_TIMEOUT_DURATION, "20"));
    }

    @Override // org.owasp.esapi.SecurityConfiguration
    public int getSessionAbsoluteTimeoutLength() {
        return 60000 * Integer.parseInt(this.properties.getProperty(ABSOLUTE_TIMEOUT_DURATION, "120"));
    }

    public Iterator getValidationPatternNames() {
        TreeSet treeSet = new TreeSet();
        for (String str : this.properties.keySet()) {
            if (str.startsWith("Validator.")) {
                treeSet.add(str.substring(str.indexOf(46) + 1));
            }
        }
        return treeSet.iterator();
    }

    public Pattern getValidationPattern(String str) {
        String property = this.properties.getProperty("Validator." + str);
        if (property == null) {
            return null;
        }
        return Pattern.compile(property);
    }
}
