package org.hdiv.filter;

import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.List;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hdiv.config.HDIVConfig;
import org.hdiv.dataValidator.DataValidatorFactory;
import org.hdiv.dataValidator.IDataValidator;
import org.hdiv.dataValidator.IValidationResult;
import org.hdiv.exception.HDIVException;
import org.hdiv.logs.Logger;
import org.hdiv.session.ISession;
import org.hdiv.state.IPage;
import org.hdiv.state.IParameter;
import org.hdiv.state.IState;
import org.hdiv.state.StateUtil;
import org.hdiv.util.Constants;
import org.hdiv.util.HDIVErrorCodes;
import org.hdiv.util.HDIVUtil;

/* loaded from: input_file:org/hdiv/filter/ValidatorHelperRequest.class */
public class ValidatorHelperRequest implements IValidationHelper {
    private static Log log;
    private HDIVConfig hdivConfig;
    private Logger logger;
    private StateUtil stateUtil;
    private ISession session;
    private DataValidatorFactory dataValidatorFactory;
    private Pattern numberPattern = Pattern.compile("[0-9]+");
    static Class class$org$hdiv$filter$ValidatorHelperRequest;

    @Override // org.hdiv.filter.IValidationHelper
    public void init() {
    }

    @Override // org.hdiv.filter.IValidationHelper
    public boolean validate(HttpServletRequest httpServletRequest) {
        IState restoreState;
        String target = getTarget(httpServletRequest);
        String targetWithoutContextPath = getTargetWithoutContextPath(httpServletRequest, target);
        Boolean preValidate = preValidate(httpServletRequest, target);
        if (preValidate != null) {
            return preValidate.booleanValue();
        }
        if (this.hdivConfig.hasExtensionToExclude(target)) {
            log.debug(new StringBuffer().append("The target ").append(target).append(" has an extension to exclude from validation").toString());
            return true;
        }
        if (!this.hdivConfig.isValidationInUrlsWithoutParamsActivated()) {
            if (!(httpServletRequest.getParameterNames() != null && httpServletRequest.getParameterNames().hasMoreElements())) {
                log.debug(new StringBuffer().append("The url ").append(httpServletRequest.getRequestURI()).append(" is not be validated because it has not got parameters").toString());
                return true;
            }
        }
        if (this.hdivConfig.isStartPage(targetWithoutContextPath)) {
            return validateStartPageParameters(httpServletRequest, target);
        }
        if ((this.hdivConfig.isCookiesIntegrityActivated() && !validateRequestCookies(httpServletRequest, target)) || (restoreState = restoreState(httpServletRequest, target)) == null || !isTheSameAction(httpServletRequest, target, restoreState) || !allRequiredParametersReceived(httpServletRequest, restoreState, target)) {
            return false;
        }
        String hdivParameter = getHdivParameter(httpServletRequest);
        Hashtable hashtable = new Hashtable();
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            if (this.hdivConfig.needValidation(str, hdivParameter)) {
                String str2 = (String) httpServletRequest.getSession().getAttribute(Constants.MODIFY_STATE_HDIV_PARAMETER);
                if (this.hdivConfig.needValidation(str, str2)) {
                    if (isUserDefinedNonValidationParameter(targetWithoutContextPath, str)) {
                        continue;
                    } else {
                        IParameter parameter = restoreState.getParameter(str);
                        if (parameter == null) {
                            this.logger.log(HDIVErrorCodes.PARAMETER_NOT_EXISTS, target, str, null);
                            if (!log.isDebugEnabled()) {
                                return false;
                            }
                            log.debug(new StringBuffer().append("Validation Error Detected: Parameter [").append(str).append("] does not exist in the state for action [").append(target).append("]").toString());
                            return false;
                        }
                        String[] parameterValues = httpServletRequest.getParameterValues(str);
                        if (!parameter.isEditable()) {
                            try {
                                if (!validateParameterValues(httpServletRequest, target, restoreState, parameter, str, parameterValues)) {
                                    return false;
                                }
                            } catch (Exception e) {
                                throw new HDIVException(HDIVUtil.getMessage("validation.error", e.getMessage()), e);
                            }
                        } else if (this.hdivConfig.existValidations() && parameter.getEditableDataType() != null) {
                            validateEditableParameter(httpServletRequest, target, str, parameterValues, parameter.getEditableDataType(), hashtable);
                        }
                    }
                } else if (log.isDebugEnabled() && !str.equals(str2)) {
                    log.debug(new StringBuffer().append("parameter ").append(str).append(" doesn't need validation").toString());
                }
            } else if (log.isDebugEnabled() && !str.equals(hdivParameter)) {
                log.debug(new StringBuffer().append("parameter ").append(str).append(" doesn't need validation").toString());
            }
        }
        if (hashtable.size() <= 0 || this.hdivConfig.isDebugMode()) {
            return true;
        }
        httpServletRequest.setAttribute(HDIVErrorCodes.EDITABLE_PARAMETER_ERROR, hashtable);
        return true;
    }

    public boolean isTheSameAction(HttpServletRequest httpServletRequest, String str, IState iState) {
        if (iState.getAction().equalsIgnoreCase(str)) {
            return true;
        }
        if (str.endsWith("/") && new StringBuffer().append(iState.getAction()).append("/").toString().equalsIgnoreCase(str)) {
            return true;
        }
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("target:").append(str).toString());
            log.debug(new StringBuffer().append("state action:").append(iState.getAction()).toString());
        }
        this.logger.log(HDIVErrorCodes.ACTION_ERROR, str, null, null);
        if (!log.isDebugEnabled()) {
            return false;
        }
        log.debug(new StringBuffer().append("Detected validation error in the action: action in state:").append(iState.getAction()).append(", action in the request:").append(str).toString());
        return false;
    }

    public boolean validateStartPageParameters(HttpServletRequest httpServletRequest, String str) {
        if (!this.hdivConfig.existValidations()) {
            return true;
        }
        Hashtable hashtable = new Hashtable();
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str2 = (String) parameterNames.nextElement();
            validateEditableParameter(httpServletRequest, str, str2, httpServletRequest.getParameterValues(str2), "text", hashtable);
        }
        if (hashtable.size() <= 0 || this.hdivConfig.isDebugMode()) {
            return true;
        }
        httpServletRequest.setAttribute(HDIVErrorCodes.EDITABLE_PARAMETER_ERROR, hashtable);
        return true;
    }

    public boolean validateRequestCookies(HttpServletRequest httpServletRequest, String str) {
        Hashtable hashtable;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null || cookies.length == 0 || (hashtable = (Hashtable) httpServletRequest.getSession().getAttribute(Constants.HDIV_COOKIES_KEY)) == null) {
            return true;
        }
        boolean z = Boolean.TRUE.equals(this.hdivConfig.getConfidentiality()) && this.hdivConfig.isCookiesConfidentialityActivated();
        for (int i = 0; i < cookies.length; i++) {
            boolean z2 = false;
            if (!cookies[i].getName().equals(Constants.JSESSIONID)) {
                if (hashtable.containsKey(cookies[i].getName())) {
                    SavedCookie savedCookie = (SavedCookie) hashtable.get(cookies[i].getName());
                    if (savedCookie.equals(cookies[i], z)) {
                        z2 = true;
                        if (z && savedCookie.getValue() != null) {
                            cookies[i].setValue(savedCookie.getValue());
                        }
                    }
                }
                if (!z2) {
                    this.logger.log(HDIVErrorCodes.COOKIE_INCORRECT, str, new StringBuffer().append("cookie:").append(cookies[i].getName()).toString(), cookies[i].getValue());
                    return false;
                }
            }
        }
        return true;
    }

    public void validateEditableParameter(HttpServletRequest httpServletRequest, String str, String str2, String[] strArr, String str3, Hashtable hashtable) {
        if (this.hdivConfig.areEditableParameterValuesValid(getTargetWithoutContextPath(httpServletRequest, str), str2, strArr, str3)) {
            return;
        }
        StringBuffer stringBuffer = new StringBuffer(strArr[0]);
        for (int i = 1; i < strArr.length; i++) {
            stringBuffer.append(new StringBuffer().append(",").append(strArr[i]).toString());
        }
        if (str3.equals("password")) {
            hashtable.put(str2, new String[]{"hdiv.editable.password.error"});
        } else {
            hashtable.put(str2, strArr);
        }
        this.logger.log(HDIVErrorCodes.EDITABLE_VALIDATION_ERROR, str, str2, stringBuffer.toString());
    }

    private boolean allRequiredParametersReceived(HttpServletRequest httpServletRequest, IState iState, String str) {
        Hashtable hashtable = new Hashtable(iState.getRequiredParams());
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str2 = (String) parameterNames.nextElement();
            if (hashtable.containsKey(str2)) {
                hashtable.remove(str2);
            }
            if (hashtable.size() == 0) {
                return true;
            }
        }
        if (hashtable.size() <= 0) {
            return true;
        }
        this.logger.log(HDIVErrorCodes.REQUIRED_PARAMETERS, str, hashtable.keySet().toString(), null);
        return false;
    }

    private boolean isUserDefinedNonValidationParameter(String str, String str2) {
        if (!this.hdivConfig.isParameterWithoutValidation(str, str2)) {
            return false;
        }
        if (!log.isDebugEnabled()) {
            return true;
        }
        log.debug(new StringBuffer().append("parameter ").append(str2).append(" doesn't need validation. It is user defined parameter.").toString());
        return true;
    }

    private IState restoreState(HttpServletRequest httpServletRequest, String str) {
        String hdivParameter = getHdivParameter(httpServletRequest);
        String parameter = httpServletRequest.getParameter(hdivParameter);
        if (parameter == null) {
            this.logger.log(HDIVErrorCodes.HDIV_PARAMETER_NOT_EXISTS, str, hdivParameter, null);
            return null;
        }
        try {
            if (!this.stateUtil.isMemoryStrategy(parameter) || validateHDIVSuffix(parameter)) {
                return this.stateUtil.restoreState(parameter);
            }
            this.logger.log(HDIVErrorCodes.HDIV_PARAMETER_INCORRECT_VALUE, str, hdivParameter, parameter);
            return null;
        } catch (HDIVException e) {
            if (!this.hdivConfig.getStrategy().equalsIgnoreCase("memory")) {
                parameter = null;
            }
            this.logger.log(e.getMessage(), str, hdivParameter, parameter);
            return null;
        }
    }

    public boolean validateHDIVSuffix(String str) {
        int indexOf = str.indexOf("-");
        int lastIndexOf = str.lastIndexOf("-");
        if (indexOf == -1 || indexOf >= lastIndexOf) {
            return false;
        }
        try {
            String substring = str.substring(lastIndexOf + 1);
            String substring2 = str.substring(0, indexOf);
            IPage page = this.session.getPage(substring2);
            if (page != null) {
                return page.getRandomToken().equals(substring);
            }
            if (log.isErrorEnabled()) {
                log.error(new StringBuffer().append("Page with id [").append(substring2).append("] not found in session.").toString());
            }
            throw new HDIVException(HDIVUtil.getMessage("helper.nopageinsession", substring2));
        } catch (Exception e) {
            throw new HDIVException(HDIVUtil.getMessage("validation.error", e.getMessage()), e);
        }
    }

    private boolean validateParameterValues(HttpServletRequest httpServletRequest, String str, IState iState, IParameter iParameter, String str2, String[] strArr) {
        try {
            if (iParameter.isActionParam() && strArr.length != iParameter.getValues().size()) {
                this.logger.log(HDIVErrorCodes.VALUE_LENGTH_INCORRECT, str, str2, strArr.length > iParameter.getValues().size() ? "extra value" : "more values expected");
                return false;
            }
            if (hasRepeatedOrInvalidValues(str, str2, strArr, iParameter.getValues())) {
                return false;
            }
            return validateReceivedValuesInState(httpServletRequest, str, iState, str2, strArr);
        } catch (Exception e) {
            throw new HDIVException(HDIVUtil.getMessage("validation.error", e.getMessage()), e);
        }
    }

    private boolean hasRepeatedOrInvalidValues(String str, String str2, String[] strArr, List list) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(list);
        return Boolean.TRUE.equals(this.hdivConfig.getConfidentiality()) ? hasConfidentialIncorrectValues(str, str2, strArr, list.size()) : hasNonConfidentialIncorrectValues(str, str2, strArr, arrayList);
    }

    private boolean hasConfidentialIncorrectValues(String str, String str2, String[] strArr, int i) {
        Hashtable hashtable = new Hashtable();
        for (int i2 = 0; i2 < strArr.length; i2++) {
            if (!isInRange(str, str2, strArr[i2], i)) {
                return true;
            }
            if (hashtable.containsKey(strArr[i2])) {
                this.logger.log(HDIVErrorCodes.REPEATED_VALUES, str, str2, strArr[i2]);
                return true;
            }
            hashtable.put(strArr[i2], strArr[i2]);
        }
        return false;
    }

    private boolean hasNonConfidentialIncorrectValues(String str, String str2, String[] strArr, List list) {
        Hashtable hashtable = new Hashtable();
        for (int i = 0; i < strArr.length; i++) {
            boolean z = false;
            for (int i2 = 0; i2 < list.size() && !z; i2++) {
                if (((String) list.get(i2)).equalsIgnoreCase(strArr[i])) {
                    list.remove(i2);
                    z = true;
                }
            }
            if (!z) {
                if (hashtable.containsKey(strArr[i])) {
                    this.logger.log(HDIVErrorCodes.REPEATED_VALUES, str, str2, strArr[i]);
                    return true;
                }
                this.logger.log(HDIVErrorCodes.PARAMETER_VALUE_INCORRECT, str, str2, strArr[i]);
                return true;
            }
            hashtable.put(strArr[i], strArr[i]);
        }
        return false;
    }

    private boolean isInRange(String str, String str2, String str3, int i) {
        if (this.numberPattern.matcher(str3).matches() && Integer.valueOf(str3).intValue() < i) {
            return true;
        }
        this.logger.log(HDIVErrorCodes.CONFIDENTIAL_VALUE_INCORRECT, str, str2, str3);
        return false;
    }

    private boolean validateReceivedValuesInState(HttpServletRequest httpServletRequest, String str, IState iState, String str2, String[] strArr) throws Exception {
        int length = strArr.length;
        String[] strArr2 = new String[length];
        IDataValidator newInstance = this.dataValidatorFactory.newInstance(iState);
        String targetWithoutContextPath = getTargetWithoutContextPath(httpServletRequest, str);
        for (int i = 0; i < length; i++) {
            IValidationResult validate = newInstance.validate(strArr[i], targetWithoutContextPath, str2);
            if (!validate.getLegal()) {
                this.logger.log(HDIVErrorCodes.PARAMETER_VALUE_INCORRECT, str, str2, strArr[i]);
                return false;
            }
            strArr2[i] = (String) validate.getResult();
        }
        if (!this.hdivConfig.getConfidentiality().equals(Boolean.TRUE)) {
            return true;
        }
        addParameterToRequest(httpServletRequest, str2, strArr2);
        return true;
    }

    protected void addParameterToRequest(HttpServletRequest httpServletRequest, String str, Object obj) {
        if (!(httpServletRequest instanceof RequestWrapper)) {
            throw new HDIVException("El objeto request no es de tipo RequestWrapper.");
        }
        ((RequestWrapper) httpServletRequest).addParameter(str, obj);
    }

    protected String getTarget(HttpServletRequest httpServletRequest) {
        try {
            return httpServletRequest.getRequestURI();
        } catch (Exception e) {
            throw new HDIVException(HDIVUtil.getMessage("helper.actionName"), e);
        }
    }

    protected String getTargetWithoutContextPath(HttpServletRequest httpServletRequest, String str) {
        return str.substring(httpServletRequest.getContextPath().length());
    }

    protected String getHdivParameter(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(Constants.HDIV_PARAMETER);
    }

    protected Boolean preValidate(HttpServletRequest httpServletRequest, String str) {
        return null;
    }

    @Override // org.hdiv.filter.IValidationHelper
    public void startPage(HttpServletRequest httpServletRequest) {
    }

    @Override // org.hdiv.filter.IValidationHelper
    public void endPage(HttpServletRequest httpServletRequest) {
    }

    public Logger getLogger() {
        return this.logger;
    }

    public void setLogger(Logger logger) {
        this.logger = logger;
    }

    public StateUtil getStateUtil() {
        return this.stateUtil;
    }

    public void setStateUtil(StateUtil stateUtil) {
        this.stateUtil = stateUtil;
    }

    public HDIVConfig getHdivConfig() {
        return this.hdivConfig;
    }

    public void setHdivConfig(HDIVConfig hDIVConfig) {
        this.hdivConfig = hDIVConfig;
    }

    public ISession getSession() {
        return this.session;
    }

    public void setSession(ISession iSession) {
        this.session = iSession;
    }

    public DataValidatorFactory getDataValidatorFactory() {
        return this.dataValidatorFactory;
    }

    public void setDataValidatorFactory(DataValidatorFactory dataValidatorFactory) {
        this.dataValidatorFactory = dataValidatorFactory;
    }

    public Pattern getNumberPattern() {
        return this.numberPattern;
    }

    public void setNumberPattern(Pattern pattern) {
        this.numberPattern = pattern;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$hdiv$filter$ValidatorHelperRequest == null) {
            cls = class$("org.hdiv.filter.ValidatorHelperRequest");
            class$org$hdiv$filter$ValidatorHelperRequest = cls;
        } else {
            cls = class$org$hdiv$filter$ValidatorHelperRequest;
        }
        log = LogFactory.getLog(cls);
    }
}
