package com.sap.security.core.server.csi;

import com.businessobjects.report.web.shared.StaticStrings;
import com.sap.security.core.server.csi.util.RegexMatcher;
import com.sap.security.core.server.csi.util.RegexPattern;
import com.sap.security.core.server.csi.util.StringUtils;
import com.sap.security.core.server.csi.util.URI;
import com.sap.security.core.server.csi.util.URLDecoder;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Locale;
import org.apache.axis2.Constants;
import org.apache.axis2.dataretrieval.DRConstants;

/* loaded from: input_file:lib/sap.com~tc~sec~csi.jar:com/sap/security/core/server/csi/URLChecker.class */
public final class URLChecker {
    private static final String defaultEncoding = "UTF-8";
    private volatile transient URI _uriObject;
    private volatile transient String _uri;
    private volatile transient String _defaultProtocol;
    private volatile transient ArrayList _allowedProtocols;
    private volatile transient ArrayList _allowedHosts;
    private volatile transient boolean _allowedHostMatch;
    private volatile transient boolean _bRestrictEnc;
    private volatile transient boolean _bIgnoreIEx;
    private volatile transient Object _threadLock;
    private volatile transient RegexPattern _blackPattern;
    private volatile transient RegexPattern _whitePattern;
    private int _whiteFlags;
    private static final String[] URLProtocols = {"http", Constants.TRANSPORT_HTTPS, DRConstants.SERVICE_DATA.FILE, "ftp", "gopher", Constants.TRANSPORT_MAIL, "news", "nntp", "wais"};
    private static final RegexPattern scriptPattern = RegexPattern.compile("<\\s*script[^>]*>(.*)<\\s*/script\\s*>|��", 66);

    public URLChecker() {
        this._defaultProtocol = URLProtocols[0];
        this._allowedProtocols = null;
        this._allowedHosts = null;
        this._allowedHostMatch = false;
        this._bRestrictEnc = true;
        this._bIgnoreIEx = true;
        this._threadLock = new Object();
        this._blackPattern = scriptPattern;
        this._whitePattern = null;
        this._whiteFlags = 66;
        this._allowedProtocols = new ArrayList();
        for (int i = 0; i < URLProtocols.length; i++) {
            this._allowedProtocols.add(URLProtocols[i]);
        }
    }

    public URLChecker(String[] strArr) {
        this._defaultProtocol = URLProtocols[0];
        this._allowedProtocols = null;
        this._allowedHosts = null;
        this._allowedHostMatch = false;
        this._bRestrictEnc = true;
        this._bIgnoreIEx = true;
        this._threadLock = new Object();
        this._blackPattern = scriptPattern;
        this._whitePattern = null;
        this._whiteFlags = 66;
        if (strArr != null) {
            this._allowedProtocols = new ArrayList();
            for (String str : strArr) {
                this._allowedProtocols.add(str);
            }
        }
    }

    public URLChecker(String str) throws MalformedURLException {
        this(str, "UTF-8");
    }

    public URLChecker(String str, String str2) throws MalformedURLException {
        this._defaultProtocol = URLProtocols[0];
        this._allowedProtocols = null;
        this._allowedHosts = null;
        this._allowedHostMatch = false;
        this._bRestrictEnc = true;
        this._bIgnoreIEx = true;
        this._threadLock = new Object();
        this._blackPattern = scriptPattern;
        this._whitePattern = null;
        this._whiteFlags = 66;
        if (str == null || str2 == null) {
            return;
        }
        URI _createURI = _createURI(str, str2, this._bRestrictEnc, this._bIgnoreIEx);
        synchronized (this._threadLock) {
            this._uriObject = _createURI;
            this._uri = str;
            this._allowedProtocols = new ArrayList();
            for (int i = 0; i < URLProtocols.length; i++) {
                this._allowedProtocols.add(URLProtocols[i]);
            }
        }
    }

    private URI _createURI(String str, String str2, boolean z, boolean z2) throws MalformedURLException {
        if (z) {
            if (urlNormalize(URLDecoder.decodeAll(str, str2, z2)).length() == 0) {
                throw new MalformedURLException("The URL is encode more than once");
            }
        } else if (urlNormalize(URLDecoder.decode(str, str2)).length() == 0) {
            throw new MalformedURLException("The URL could not be encoded");
        }
        try {
            return URI.create(str);
        } catch (Exception e) {
            throw new MalformedURLException(e.getLocalizedMessage());
        }
    }

    private boolean _isValid(String str, String str2, boolean z, boolean z2, String str3, Collection collection, Collection collection2, RegexPattern regexPattern, RegexPattern regexPattern2) throws MalformedURLException {
        String decode;
        if (str == null) {
            throw new MalformedURLException("The URL must not be null");
        }
        if (str.length() == 0) {
            return true;
        }
        String str4 = null;
        String str5 = null;
        String str6 = str2 != null ? str2 : "UTF-8";
        if (z) {
            decode = URLDecoder.decodeAll(str, str6, z2);
            if (decode == null || decode.length() == 0) {
                throw new MalformedURLException("The URL is encoded more than once");
            }
        } else {
            decode = URLDecoder.decode(str, str6);
            if (decode == null || decode.length() == 0) {
                throw new MalformedURLException("The URL could not be decoded");
            }
        }
        if (str.charAt(str.length() - 1) != ':') {
            URI create = URI.create(str);
            str4 = create.getScheme();
            String path = create.getPath();
            str5 = create.getHost();
            if (path != null && path.length() > 0) {
                String urlNormalize = urlNormalize(path);
                if (urlNormalize == null || urlNormalize.length() == 0) {
                    throw new MalformedURLException(new StringBuffer().append("Illegal null path (").append(create.getPath()).append(") found during normalization").toString());
                }
                if (z && create.isAbsolute() && urlNormalize.lastIndexOf(org.apache.xalan.templates.Constants.ATTRVAL_PARENT) > -1 && (urlNormalize.startsWith(StaticStrings.UpDir) || urlNormalize.lastIndexOf("/../") > -1)) {
                    throw new MalformedURLException(new StringBuffer().append("Illegal path (").append(create.getPath()).append(") found during normalization").toString());
                }
            }
        } else if (collection != null && !collection.contains(str.substring(0, str.length() - 1).toLowerCase(Locale.ENGLISH)) && (!str.equalsIgnoreCase("mailto:") || !str.equalsIgnoreCase("news:"))) {
            throw new MalformedURLException("The protocol is not allowed");
        }
        if (z && regexPattern != null && !regexPattern.matcher(decode).find()) {
            throw new MalformedURLException("URL does not match with the white list");
        }
        if (z && regexPattern2 != null) {
            RegexMatcher matcher = regexPattern2.matcher(decode);
            if (matcher.find()) {
                throw new MalformedURLException(new StringBuffer().append("Illegal character \"").append(StringUtils.escapeToHTML(matcher.group())).append("\" at index ").append(matcher.start()).append(" matched with the black list").toString());
            }
        }
        if (str4 == null) {
            if (z && str3 != null && collection != null && !collection.contains(str3)) {
                throw new MalformedURLException(new StringBuffer().append("The default protocol ").append(this._defaultProtocol).append(" is not allowed").toString());
            }
        } else if (collection != null && !collection.contains(str4.toLowerCase(Locale.ENGLISH))) {
            throw new MalformedURLException("The protocol is not allowed");
        }
        if (collection2 == null || str5 == null) {
            return true;
        }
        if (!this._allowedHostMatch) {
            if (collection2.contains(str5)) {
                return true;
            }
            throw new MalformedURLException(new StringBuffer().append("The host ").append(str5).append(" is not allowed").toString());
        }
        boolean z3 = false;
        int i = 0;
        while (true) {
            if (i >= collection2.size()) {
                break;
            }
            if (RegexPattern.matches((String) ((ArrayList) collection2).get(i), str5)) {
                z3 = true;
                break;
            }
            i++;
        }
        if (z3) {
            return true;
        }
        throw new MalformedURLException(new StringBuffer().append("The host ").append(str5).append(" is not allowed").toString());
    }

    public static String urlNormalize(String str) {
        return StringUtils.urlNormalize(str);
    }

    public Object normalize() throws MalformedURLException {
        Object normalize;
        synchronized (this._threadLock) {
            normalize = this._uriObject.normalize();
        }
        return normalize;
    }

    public void setRestrictive(boolean z) {
        synchronized (this._threadLock) {
            this._bRestrictEnc = z;
        }
    }

    public void ignoreInheritedException(boolean z) {
        synchronized (this._threadLock) {
            this._bIgnoreIEx = z;
        }
    }

    public void setDefaultProtocol(String str) {
        synchronized (this._threadLock) {
            if (this._allowedProtocols == null) {
                this._defaultProtocol = str;
            } else if (this._allowedProtocols.contains(str)) {
                this._defaultProtocol = str;
            }
        }
    }

    public String getDefaultProtocol() {
        return this._defaultProtocol;
    }

    public void setProtocols(String[] strArr) {
        synchronized (this._threadLock) {
            if (strArr != null) {
                if (strArr.length > 0) {
                    if (this._allowedProtocols == null) {
                        this._allowedProtocols = new ArrayList(strArr.length);
                    } else {
                        this._allowedProtocols.clear();
                    }
                    for (String str : strArr) {
                        this._allowedProtocols.add(str);
                    }
                }
                if (!this._allowedProtocols.contains(this._defaultProtocol)) {
                    throw new IllegalArgumentException(new StringBuffer().append("Default protocol ").append(this._defaultProtocol).append(" is not defined in protocol list.").toString());
                }
            } else {
                if (this._allowedProtocols != null) {
                    this._allowedProtocols.clear();
                }
                this._allowedProtocols = null;
            }
        }
    }

    public void setHosts(String[] strArr) {
        synchronized (this._threadLock) {
            if (strArr != null) {
                this._allowedHostMatch = false;
                if (strArr.length > 0) {
                    if (this._allowedHosts != null) {
                        this._allowedHosts.clear();
                    } else {
                        this._allowedHosts = new ArrayList(strArr.length);
                    }
                    for (int i = 0; i < strArr.length; i++) {
                        if (strArr[i].indexOf(42) > -1 || strArr[i].indexOf(63) > -1) {
                            this._allowedHostMatch = true;
                        }
                        if (RegexPattern.compile(strArr[i]) == null) {
                            this._allowedHosts.clear();
                            this._allowedHosts = null;
                            throw new IllegalArgumentException(new StringBuffer().append("Syntax error in pattern: ").append(strArr[i]).toString());
                        }
                        this._allowedHosts.add(strArr[i]);
                    }
                }
            } else {
                this._allowedHostMatch = false;
                if (this._allowedHosts != null) {
                    this._allowedHosts.clear();
                }
                this._allowedHosts = null;
            }
        }
    }

    public String[] getProtocols() {
        return (String[]) this._allowedProtocols.toArray(new String[0]);
    }

    public void addProtocol(String str) {
        synchronized (this._threadLock) {
            if (!this._allowedProtocols.contains(str)) {
                this._allowedProtocols.add(str);
            }
        }
    }

    public boolean setBlackURLPattern(String str) {
        return setBlackURLPattern(str, 66);
    }

    public boolean setBlackURLPattern(String str, int i) {
        if (str == null || str.length() <= 0) {
            synchronized (this._threadLock) {
                this._blackPattern = null;
            }
            return true;
        }
        RegexPattern compile = RegexPattern.compile(str, i);
        if (compile == null) {
            return false;
        }
        synchronized (this._threadLock) {
            this._blackPattern = compile;
        }
        return true;
    }

    public boolean setWhiteURLPattern(String str) {
        return setWhiteURLPattern(str, this._whiteFlags);
    }

    public boolean setWhiteURLPattern(String str, int i) {
        if (str == null || str.length() <= 0) {
            synchronized (this._threadLock) {
                this._blackPattern = null;
            }
            return true;
        }
        RegexPattern compile = RegexPattern.compile(str, i);
        if (compile == null) {
            return false;
        }
        synchronized (this._threadLock) {
            this._whitePattern = compile;
            this._whiteFlags = i;
        }
        return true;
    }

    public boolean addWhiteURLPattern(String str) throws IllegalArgumentException {
        if (str == null) {
            return false;
        }
        if (this._whitePattern == null) {
            return setWhiteURLPattern(str, this._whiteFlags);
        }
        RegexPattern.compile(str, this._whiteFlags);
        StringBuffer stringBuffer = new StringBuffer();
        if (this._whitePattern.pattern() == null) {
            throw new IllegalArgumentException("Syntax error in pattern");
        }
        stringBuffer.append("(");
        stringBuffer.append(this._whitePattern.pattern());
        stringBuffer.append(")|(");
        stringBuffer.append(str);
        stringBuffer.append(")");
        RegexPattern compile = RegexPattern.compile(stringBuffer.toString(), this._whiteFlags);
        if (compile == null) {
            return false;
        }
        synchronized (this._threadLock) {
            this._whitePattern = compile;
        }
        return true;
    }

    public boolean isValid() throws MalformedURLException {
        boolean _isValid;
        synchronized (this._threadLock) {
            _isValid = _isValid(this._uri, "UTF-8", this._bRestrictEnc, this._bIgnoreIEx, this._defaultProtocol, this._allowedProtocols, this._allowedHosts, this._whitePattern, this._blackPattern);
        }
        return _isValid;
    }

    public boolean isValid(String str) throws MalformedURLException {
        boolean _isValid;
        synchronized (this._threadLock) {
            _isValid = _isValid(str, "UTF-8", this._bRestrictEnc, this._bIgnoreIEx, this._defaultProtocol, this._allowedProtocols, this._allowedHosts, this._whitePattern, this._blackPattern);
        }
        return _isValid;
    }

    public boolean isValid(String str, boolean z, String[] strArr) throws MalformedURLException {
        boolean _isValid;
        if (strArr == null) {
            synchronized (this._threadLock) {
                _isValid = _isValid(str, "UTF-8", z, this._bIgnoreIEx, this._defaultProtocol, this._allowedProtocols, this._allowedHosts, this._whitePattern, scriptPattern);
            }
            return _isValid;
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : strArr) {
            arrayList.add(str2);
        }
        return _isValid(str, "UTF-8", z, this._bIgnoreIEx, strArr[0], arrayList, this._allowedHosts, this._whitePattern, scriptPattern);
    }

    public boolean isValid(String str, String str2, boolean z, String str3, String[] strArr, RegexPattern regexPattern) throws MalformedURLException {
        boolean _isValid;
        if (strArr == null) {
            synchronized (this._threadLock) {
                _isValid = _isValid(str, str2, z, this._bIgnoreIEx, str3, null, this._allowedHosts, this._whitePattern, regexPattern);
            }
            return _isValid;
        }
        ArrayList arrayList = new ArrayList();
        for (String str4 : strArr) {
            arrayList.add(str4);
        }
        return _isValid(str, str2, z, this._bIgnoreIEx, str3, arrayList, this._allowedHosts, this._whitePattern, regexPattern);
    }

    public boolean isValid(String str, String str2, boolean z, String str3, String[] strArr, RegexPattern regexPattern, RegexPattern regexPattern2) throws MalformedURLException {
        boolean _isValid;
        if (strArr == null) {
            synchronized (this._threadLock) {
                _isValid = _isValid(str, str2, z, this._bIgnoreIEx, str3, null, this._allowedHosts, regexPattern, regexPattern2);
            }
            return _isValid;
        }
        ArrayList arrayList = new ArrayList();
        for (String str4 : strArr) {
            arrayList.add(str4);
        }
        return _isValid(str, str2, z, this._bIgnoreIEx, str3, arrayList, this._allowedHosts, regexPattern, regexPattern2);
    }

    public boolean isValid(String str, String str2, boolean z, boolean z2, String str3, String[] strArr, RegexPattern regexPattern) throws MalformedURLException {
        boolean _isValid;
        if (strArr == null) {
            synchronized (this._threadLock) {
                _isValid = _isValid(str, str2, z, z2, str3, null, this._allowedHosts, this._whitePattern, regexPattern);
            }
            return _isValid;
        }
        ArrayList arrayList = new ArrayList();
        for (String str4 : strArr) {
            arrayList.add(str4);
        }
        return _isValid(str, str2, z, z2, str3, arrayList, this._allowedHosts, this._whitePattern, regexPattern);
    }

    public URL getValidURL(String str) throws MalformedURLException {
        URL url;
        if (!isValid(str)) {
            return null;
        }
        synchronized (this._threadLock) {
            url = this._uriObject.toURL();
        }
        return url;
    }

    public String getValidURLString() throws MalformedURLException {
        if (isValid()) {
            return this._uri;
        }
        return null;
    }

    public static String getValidURLString(String str) {
        try {
            URLChecker uRLChecker = new URLChecker();
            if (uRLChecker.isValid(str)) {
                return uRLChecker._uriObject.toString();
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    public static boolean isValidURL(String str) {
        try {
            return new URLChecker().isValid(str);
        } catch (Exception e) {
            return false;
        }
    }

    public static boolean isValidURL(String str, String str2, boolean z, String str3, String[] strArr, RegexPattern regexPattern) {
        try {
            URLChecker uRLChecker = new URLChecker(strArr);
            return uRLChecker._isValid(str, str2, z, uRLChecker._bIgnoreIEx, str3, uRLChecker._allowedProtocols, uRLChecker._allowedHosts, uRLChecker._whitePattern, regexPattern);
        } catch (MalformedURLException e) {
            return false;
        }
    }

    public static boolean isValidURL(String str, String str2, boolean z, boolean z2, String str3, String[] strArr, RegexPattern regexPattern) {
        try {
            URLChecker uRLChecker = new URLChecker(strArr);
            return uRLChecker._isValid(str, str2, z, z2, str3, uRLChecker._allowedProtocols, uRLChecker._allowedHosts, uRLChecker._whitePattern, regexPattern);
        } catch (MalformedURLException e) {
            return false;
        }
    }

    public static boolean isValidURL(String str, String str2, boolean z, boolean z2, String str3, String[] strArr, RegexPattern regexPattern, RegexPattern regexPattern2) {
        try {
            URLChecker uRLChecker = new URLChecker(strArr);
            return uRLChecker._isValid(str, str2, z, z2, str3, uRLChecker._allowedHosts, uRLChecker._allowedProtocols, regexPattern, regexPattern2);
        } catch (MalformedURLException e) {
            return false;
        }
    }

    public static boolean isValidURL(String str, boolean z, String[] strArr) {
        try {
            URLChecker uRLChecker = new URLChecker(strArr);
            return uRLChecker._allowedProtocols != null ? uRLChecker._isValid(str, "UTF-8", z, uRLChecker._bIgnoreIEx, strArr[0], uRLChecker._allowedProtocols, uRLChecker._allowedHosts, uRLChecker._whitePattern, scriptPattern) : uRLChecker._isValid(str, "UTF-8", z, uRLChecker._bIgnoreIEx, null, null, uRLChecker._allowedHosts, uRLChecker._whitePattern, scriptPattern);
        } catch (MalformedURLException e) {
            return false;
        }
    }
}
