package org.wso2.carbon.apimgt.gateway.mediators;

import java.util.Map;
import java.util.regex.Pattern;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPBody;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.mediators.AbstractMediator;
import org.wso2.carbon.apimgt.gateway.APIMgtGatewayConstants;
import org.wso2.carbon.apimgt.gateway.utils.GatewayUtils;

/* loaded from: input_file:org/wso2/carbon/apimgt/gateway/mediators/RegularExpressionProtector.class */
public class RegularExpressionProtector extends AbstractMediator {
    private Boolean enabledCheckBody = true;
    private String threatType = null;
    private Pattern pattern = null;
    private Boolean enabledCheckHeaders;
    private Boolean enabledCheckPathParam;

    public boolean mediate(MessageContext messageContext) {
        if (this.log.isDebugEnabled()) {
            this.log.debug("RegularExpressionProtector mediator is activated...");
        }
        Object property = messageContext.getProperty(APIMgtGatewayConstants.REGEX_PATTERN);
        if (property != null) {
            this.pattern = Pattern.compile(property.toString(), 2);
        } else {
            GatewayUtils.handleThreat(messageContext, APIMgtGatewayConstants.HTTP_SC_CODE, "Threat detection key words are missing");
        }
        Object property2 = messageContext.getProperty(APIMgtGatewayConstants.ENABLED_CHECK_BODY);
        if (property2 != null) {
            this.enabledCheckBody = Boolean.valueOf(property2.toString());
        }
        Object property3 = messageContext.getProperty(APIMgtGatewayConstants.ENABLED_CHECK_PATHPARAM);
        if (property3 != null) {
            this.enabledCheckPathParam = Boolean.valueOf(property3.toString());
        }
        Object property4 = messageContext.getProperty(APIMgtGatewayConstants.ENABLED_CHECK_HEADERS);
        if (property4 != null) {
            this.enabledCheckHeaders = Boolean.valueOf(property4.toString());
        }
        Object property5 = messageContext.getProperty(APIMgtGatewayConstants.THREAT_TYPE);
        if (property5 != null) {
            this.threatType = String.valueOf(property5);
        }
        checkRequestBody(messageContext);
        checkRequestHeaders(messageContext);
        checkRequestPath(messageContext);
        return true;
    }

    private void checkRequestBody(MessageContext messageContext) {
        SOAPEnvelope envelope;
        SOAPBody body;
        OMElement firstElement;
        org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
        if (!this.enabledCheckBody.booleanValue() || (envelope = axis2MessageContext.getEnvelope()) == null || (body = envelope.getBody()) == null || (firstElement = body.getFirstElement()) == null) {
            return;
        }
        String oMElement = firstElement.toString();
        if (this.pattern == null || oMElement == null || !this.pattern.matcher(oMElement).find()) {
            return;
        }
        if (this.log.isDebugEnabled()) {
            this.log.debug(String.format("Threat detected in request payload [ %s ] by regex [ %s ]))", oMElement, this.pattern));
        }
        GatewayUtils.handleThreat(messageContext, APIMgtGatewayConstants.HTTP_SC_CODE, this.threatType + " " + APIMgtGatewayConstants.PAYLOAD_THREAT_MSG);
    }

    private void checkRequestPath(MessageContext messageContext) {
        org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
        if (this.enabledCheckPathParam.booleanValue()) {
            String str = (String) axis2MessageContext.getProperty(APIMgtGatewayConstants.REST_URL_POSTFIX);
            if (this.pattern == null || str == null || !this.pattern.matcher(str).find()) {
                return;
            }
            if (this.log.isDebugEnabled()) {
                this.log.debug(String.format("Threat detected in query parameters [ %s ] by regex [ %s ]", str, this.pattern));
            }
            GatewayUtils.handleThreat(messageContext, APIMgtGatewayConstants.HTTP_SC_CODE, this.threatType + " " + APIMgtGatewayConstants.QPARAM_THREAT_MSG);
        }
    }

    private void checkRequestHeaders(MessageContext messageContext) {
        org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
        if (this.enabledCheckHeaders.booleanValue()) {
            Map map = (Map) axis2MessageContext.getProperty(APIMgtGatewayConstants.TRANSPORT_HEADERS);
            if (this.pattern == null || map == null || !this.pattern.matcher(map.toString()).find()) {
                return;
            }
            if (this.log.isDebugEnabled()) {
                this.log.debug(String.format("Threat detected in Transport headers [ %s ] by regex [ %s ]", map, this.pattern));
            }
            GatewayUtils.handleThreat(messageContext, APIMgtGatewayConstants.HTTP_SC_CODE, this.threatType + " " + APIMgtGatewayConstants.HTTP_HEADER_THREAT_MSG);
        }
    }

    public boolean isContentAware() {
        return this.enabledCheckBody.booleanValue();
    }
}
