package org.stagemonitor.web;

import java.util.Arrays;
import java.util.Collection;
import java.util.EnumSet;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import javax.servlet.DispatcherType;
import javax.servlet.FilterRegistration;
import javax.servlet.ServletContainerInitializer;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRegistration;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.stagemonitor.core.CorePlugin;
import org.stagemonitor.core.Stagemonitor;
import org.stagemonitor.core.StagemonitorPlugin;
import org.stagemonitor.core.configuration.Configuration;
import org.stagemonitor.core.configuration.ConfigurationOption;
import org.stagemonitor.core.configuration.converter.SetValueConverter;
import org.stagemonitor.core.elasticsearch.ElasticsearchClient;
import org.stagemonitor.core.grafana.GrafanaClient;
import org.stagemonitor.core.metrics.metrics2.Metric2Registry;
import org.stagemonitor.core.pool.MBeanPooledResource;
import org.stagemonitor.core.pool.PooledResourceMetricsRegisterer;
import org.stagemonitor.core.util.ClassUtils;
import org.stagemonitor.core.util.StringUtils;
import org.stagemonitor.web.configuration.ConfigurationServlet;
import org.stagemonitor.web.logging.MDCListener;
import org.stagemonitor.web.metrics.StagemonitorMetricsServlet;
import org.stagemonitor.web.monitor.MonitoredHttpRequest;
import org.stagemonitor.web.monitor.filter.HttpRequestMonitorFilter;
import org.stagemonitor.web.monitor.filter.StagemonitorSecurityFilter;
import org.stagemonitor.web.monitor.filter.UserNameFilter;
import org.stagemonitor.web.monitor.rum.RumServlet;
import org.stagemonitor.web.monitor.servlet.FileServlet;
import org.stagemonitor.web.monitor.spring.SpringMonitoredHttpRequest;
import org.stagemonitor.web.monitor.widget.RequestTraceServlet;
import org.stagemonitor.web.monitor.widget.WidgetServlet;
import org.stagemonitor.web.session.SessionCounter;

/* loaded from: input_file:org/stagemonitor/web/WebPlugin.class */
public class WebPlugin extends StagemonitorPlugin implements ServletContainerInitializer {
    public static final String STAGEMONITOR_SHOW_WIDGET = "X-Stagemonitor-Show-Widget";
    private static final String WEB_PLUGIN = "Web Plugin";
    private static final Logger logger = LoggerFactory.getLogger(WebPlugin.class);
    private final ConfigurationOption<Collection<Pattern>> requestParamsConfidential = ConfigurationOption.regexListOption().key("stagemonitor.requestmonitor.http.requestparams.confidential.regex").dynamic(true).label("Confidential request parameters (regex)").description("A list of request parameter name patterns that should not be collected.\nA request parameter is either a query string or a application/x-www-form-urlencoded request body (POST form content)").defaultValue(Arrays.asList(Pattern.compile("(?i).*pass.*"), Pattern.compile("(?i).*credit.*"), Pattern.compile("(?i).*pwd.*"))).tags(new String[]{"security-relevant"}).configurationCategory(WEB_PLUGIN).build();
    private ConfigurationOption<Boolean> collectHttpHeaders = ConfigurationOption.booleanOption().key("stagemonitor.requestmonitor.http.collectHeaders").dynamic(true).label("Collect HTTP headers").description("Whether or not HTTP headers should be collected with a call stack.").defaultValue(true).configurationCategory(WEB_PLUGIN).tags(new String[]{"security-relevant"}).build();
    private ConfigurationOption<Boolean> parseUserAgent = ConfigurationOption.booleanOption().key("stagemonitor.requestmonitor.http.parseUserAgent").dynamic(true).label("Analyze user agent").description("Whether or not the user-agent header should be parsed and analyzed to get information about the browser, device type and operating system.").defaultValue(true).configurationCategory(WEB_PLUGIN).build();
    private ConfigurationOption<Collection<String>> excludeHeaders = ConfigurationOption.lowerStringsOption().key("stagemonitor.requestmonitor.http.headers.excluded").dynamic(true).label("Do not collect headers").description("A list of (case insensitive) header names that should not be collected.").defaultValue(new LinkedHashSet(Arrays.asList("cookie", "authorization", STAGEMONITOR_SHOW_WIDGET))).configurationCategory(WEB_PLUGIN).tags(new String[]{"security-relevant"}).build();
    private final ConfigurationOption<Boolean> widgetEnabled = ConfigurationOption.booleanOption().key("stagemonitor.web.widget.enabled").dynamic(true).label("In browser widget enabled").description("If active, stagemonitor will inject a widget in the web site containing the calltrace metrics.\nRequires Servlet-Api >= 3.0").defaultValue(true).configurationCategory(WEB_PLUGIN).build();
    private final ConfigurationOption<Map<Pattern, String>> groupUrls = ConfigurationOption.regexMapOption().key("stagemonitor.groupUrls").dynamic(true).label("Group URLs regex").description("Combine url paths by regex to a single url group.\nE.g. `(.*).js: *.js` combines all URLs that end with `.js` to a group named `*.js`. The metrics for all URLs matching the pattern are consolidated and shown in one row in the request table. The syntax is `<regex>: <group name>[, <regex>: <group name>]*`").defaultValue(new LinkedHashMap<Pattern, String>() { // from class: org.stagemonitor.web.WebPlugin.1
        {
            put(Pattern.compile("(.*).js$"), "*.js");
            put(Pattern.compile("(.*).css$"), "*.css");
            put(Pattern.compile("(.*).jpg$"), "*.jpg");
            put(Pattern.compile("(.*).jpeg$"), "*.jpeg");
            put(Pattern.compile("(.*).png$"), "*.png");
        }
    }).configurationCategory(WEB_PLUGIN).build();
    private final ConfigurationOption<Boolean> rumEnabled = ConfigurationOption.booleanOption().key("stagemonitor.web.rum.enabled").dynamic(true).label("Enable Real User Monitoring").description("The Real User Monitoring feature collects the browser, network and overall percieved execution time from the user's perspective. When activated, a piece of javascript will be injected to each html page that collects the data from real users and sends it back to the server. Servlet API 3.0 or higher is required for this.").defaultValue(true).configurationCategory(WEB_PLUGIN).build();
    private final ConfigurationOption<Boolean> collectPageLoadTimesPerRequest = ConfigurationOption.booleanOption().key("stagemonitor.web.collectPageLoadTimesPerRequest").dynamic(true).label("Collect Page Load Time data per request group").description("Whether or not browser, network and overall execution time should be collected per request group.\nIf set to true, four additional timers will be created for each request group to record the page rendering time, dom processing time, network time and overall time per request. If set to false, the times of all requests will be aggregated.").defaultValue(false).configurationCategory(WEB_PLUGIN).build();
    private final ConfigurationOption<Collection<String>> excludedRequestPaths = ConfigurationOption.stringsOption().key("stagemonitor.web.paths.excluded").dynamic(false).label("Excluded paths").description("Request paths that should not be monitored. A value of `/aaa` means, that all paths starting with `/aaa` should not be monitored. It's recommended to not monitor static resources, as they are typically not interesting to monitor but consume resources when you do.").defaultValue(SetValueConverter.immutableSet(new String[]{"/VAADIN/", "/HEARTBEAT/"})).configurationCategory(WEB_PLUGIN).build();
    private final ConfigurationOption<Boolean> monitorOnlyForwardedRequests = ConfigurationOption.booleanOption().key("stagemonitor.web.monitorOnlyForwardedRequests").dynamic(true).label("Monitor only forwarded requests").description("Sometimes you only want to monitor forwarded requests, for example if you have a rewrite filter that translates a external URI (/a) to a internal URI (/b). If only /b should be monitored,set the value to true.").defaultValue(false).configurationCategory(WEB_PLUGIN).build();
    private final ConfigurationOption<String> metricsServletAllowedOrigin = ConfigurationOption.stringOption().key("stagemonitor.web.metricsServlet.allowedOrigin").dynamic(true).label("Allowed origin").description("The Access-Control-Allow-Origin header value for the metrics servlet.").defaultValue((Object) null).configurationCategory(WEB_PLUGIN).build();
    private final ConfigurationOption<String> metricsServletJsonpParameter = ConfigurationOption.stringOption().key("stagemonitor.web.metricsServlet.jsonpParameter").dynamic(true).label("The Jsonp callback parameter name").description("The name of the parameter used to specify the jsonp callback.").defaultValue((Object) null).configurationCategory(WEB_PLUGIN).build();
    private ConfigurationOption<Boolean> monitorOnlySpringMvcOption = ConfigurationOption.booleanOption().key("stagemonitor.requestmonitor.spring.monitorOnlySpringMvcRequests").dynamic(true).label("Monitor only SpringMVC requests").description("Whether or not requests should be ignored, if they will not be handled by a Spring MVC controller method.\nThis is handy, if you are not interested in the performance of serving static files. Setting this to true can also significantly reduce the amount of files (and thus storing space) Graphite will allocate.").defaultValue(false).configurationCategory("Spring MVC Plugin").build();
    private ConfigurationOption<Boolean> monitorOnlyResteasyOption = ConfigurationOption.booleanOption().key("stagemonitor.requestmonitor.resteasy.monitorOnlyResteasyRequests").dynamic(true).label("Monitor only Resteasy reqeusts").description("Whether or not requests should be ignored, if they will not be handled by a Resteasy resource method.\nThis is handy, if you are not interested in the performance of serving static files. Setting this to true can also significantly reduce the amount of files (and thus storing space) Graphite will allocate.").defaultValue(false).configurationCategory("Resteasy Plugin").build();
    private ConfigurationOption<Collection<String>> requestExceptionAttributes = ConfigurationOption.stringsOption().key("stagemonitor.requestmonitor.requestExceptionAttributes").dynamic(true).label("Request Exception Attributes").description("Defines the list of attribute names to check on the HttpServletRequest when searching for an exception. \n\nStagemonitor searches this list in order to see if any of these attributes are set on the request with an Exception object and then records that information on the request trace. If your web framework sets a different attribute outside of the defaults, you can add that attribute to this list to properly record the exception on the trace.").defaultValue(new LinkedHashSet<String>() { // from class: org.stagemonitor.web.WebPlugin.2
        {
            add("javax.servlet.error.exception");
            add("exception");
            add("org.springframework.web.servlet.DispatcherServlet.EXCEPTION");
        }
    }).configurationCategory(WEB_PLUGIN).build();

    public void initializePlugin(Metric2Registry metric2Registry, Configuration configuration) {
        PooledResourceMetricsRegisterer.registerPooledResources(metric2Registry, MBeanPooledResource.tomcatThreadPools());
        CorePlugin config = configuration.getConfig(CorePlugin.class);
        ElasticsearchClient elasticsearchClient = config.getElasticsearchClient();
        if (config.isReportToGraphite()) {
            elasticsearchClient.sendGrafana1DashboardAsync("grafana/Grafana1GraphiteServer.json");
            elasticsearchClient.sendGrafana1DashboardAsync("grafana/Grafana1GraphiteKPIsOverTime.json");
        }
        if (config.isReportToElasticsearch()) {
            GrafanaClient grafanaClient = config.getGrafanaClient();
            elasticsearchClient.sendBulkAsync("kibana/ApplicationServer.bulk");
            grafanaClient.sendGrafanaDashboardAsync("grafana/ElasticsearchApplicationServer.json");
        }
    }

    public List<ConfigurationOption<?>> getConfigurationOptions() {
        List<ConfigurationOption<?>> configurationOptions = super.getConfigurationOptions();
        if (!ClassUtils.isPresent("org.springframework.web.servlet.HandlerMapping")) {
            configurationOptions.remove(this.monitorOnlySpringMvcOption);
        }
        if (!ClassUtils.isPresent("org.jboss.resteasy.core.ResourceMethodRegistry")) {
            configurationOptions.remove(this.monitorOnlyResteasyOption);
        }
        return configurationOptions;
    }

    public boolean isCollectHttpHeaders() {
        return ((Boolean) this.collectHttpHeaders.getValue()).booleanValue();
    }

    public boolean isParseUserAgent() {
        return ((Boolean) this.parseUserAgent.getValue()).booleanValue();
    }

    public Collection<String> getExcludeHeaders() {
        return (Collection) this.excludeHeaders.getValue();
    }

    public boolean isWidgetEnabled() {
        return ((Boolean) this.widgetEnabled.getValue()).booleanValue();
    }

    public Map<Pattern, String> getGroupUrls() {
        return (Map) this.groupUrls.getValue();
    }

    public Collection<Pattern> getRequestParamsConfidential() {
        return (Collection) this.requestParamsConfidential.getValue();
    }

    public boolean isRealUserMonitoringEnabled() {
        return ((Boolean) this.rumEnabled.getValue()).booleanValue();
    }

    public boolean isCollectPageLoadTimesPerRequest() {
        return ((Boolean) this.collectPageLoadTimesPerRequest.getValue()).booleanValue();
    }

    public Collection<String> getExcludedRequestPaths() {
        return (Collection) this.excludedRequestPaths.getValue();
    }

    public boolean isMonitorOnlyForwardedRequests() {
        return ((Boolean) this.monitorOnlyForwardedRequests.getValue()).booleanValue();
    }

    public String getMetricsServletAllowedOrigin() {
        return (String) this.metricsServletAllowedOrigin.getValue();
    }

    public String getMetricsServletJsonpParamName() {
        return (String) this.metricsServletJsonpParameter.getValue();
    }

    public boolean isWidgetAndStagemonitorEndpointsAllowed(HttpServletRequest httpServletRequest, Configuration configuration) {
        Boolean bool = (Boolean) httpServletRequest.getAttribute(STAGEMONITOR_SHOW_WIDGET);
        if (bool != null) {
            logger.debug("isWidgetAndStagemonitorEndpointsAllowed: showWidgetAttr={}", bool);
            return bool.booleanValue();
        }
        boolean isWidgetEnabled = isWidgetEnabled();
        boolean isPasswordInShowWidgetHeaderCorrect = isPasswordInShowWidgetHeaderCorrect(httpServletRequest, configuration);
        boolean z = isWidgetEnabled || isPasswordInShowWidgetHeaderCorrect;
        logger.debug("isWidgetAndStagemonitorEndpointsAllowed: isWidgetEnabled={}, isPasswordInShowWidgetHeaderCorrect={}, result={}", new Object[]{Boolean.valueOf(isWidgetEnabled), Boolean.valueOf(isPasswordInShowWidgetHeaderCorrect), Boolean.valueOf(z)});
        return z;
    }

    private boolean isPasswordInShowWidgetHeaderCorrect(HttpServletRequest httpServletRequest, Configuration configuration) {
        String header = httpServletRequest.getHeader(STAGEMONITOR_SHOW_WIDGET);
        if (configuration.isPasswordCorrect(header)) {
            return true;
        }
        if (!StringUtils.isNotEmpty(header)) {
            return false;
        }
        logger.error("The password transmitted via the header {} is not correct. This might be a malicious attempt to guess the value of {}. The request was initiated from the ip {}.", new Object[]{STAGEMONITOR_SHOW_WIDGET, "stagemonitor.password", MonitoredHttpRequest.getClientIp(httpServletRequest)});
        return false;
    }

    public boolean isMonitorOnlySpringMvcRequests() {
        return ((Boolean) this.monitorOnlySpringMvcOption.getValue()).booleanValue();
    }

    public boolean isMonitorOnlyResteasyRequests() {
        return ((Boolean) this.monitorOnlyResteasyOption.getValue()).booleanValue();
    }

    public Collection<String> getRequestExceptionAttributes() {
        return (Collection) this.requestExceptionAttributes.getValue();
    }

    public void onStartup(Set<Class<?>> set, ServletContext servletContext) throws ServletException {
        servletContext.addServlet(ConfigurationServlet.class.getSimpleName(), new ConfigurationServlet()).addMapping(new String[]{ConfigurationServlet.CONFIGURATION_ENDPOINT});
        servletContext.addServlet(StagemonitorMetricsServlet.class.getSimpleName(), new StagemonitorMetricsServlet()).addMapping(new String[]{"/stagemonitor/metrics"});
        servletContext.addServlet(RumServlet.class.getSimpleName(), new RumServlet()).addMapping(new String[]{"/stagemonitor/public/rum"});
        servletContext.addServlet(FileServlet.class.getSimpleName(), new FileServlet()).addMapping(new String[]{"/stagemonitor/static/*", "/stagemonitor/public/static/*"});
        servletContext.addServlet(WidgetServlet.class.getSimpleName(), new WidgetServlet()).addMapping(new String[]{"/stagemonitor"});
        ServletRegistration.Dynamic addServlet = servletContext.addServlet(RequestTraceServlet.class.getSimpleName(), new RequestTraceServlet());
        addServlet.addMapping(new String[]{"/stagemonitor/request-traces"});
        addServlet.setAsyncSupported(true);
        FilterRegistration.Dynamic addFilter = servletContext.addFilter(StagemonitorSecurityFilter.class.getSimpleName(), new StagemonitorSecurityFilter());
        addFilter.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST), true, new String[]{"/stagemonitor/*"});
        addFilter.setAsyncSupported(true);
        FilterRegistration.Dynamic addFilter2 = servletContext.addFilter(HttpRequestMonitorFilter.class.getSimpleName(), new HttpRequestMonitorFilter());
        addFilter2.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD), false, new String[]{"/*"});
        addFilter2.setAsyncSupported(true);
        FilterRegistration.Dynamic addFilter3 = servletContext.addFilter(UserNameFilter.class.getSimpleName(), new UserNameFilter());
        addFilter3.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD), true, new String[]{"/*"});
        addFilter3.setAsyncSupported(true);
        servletContext.addListener(MDCListener.class);
        servletContext.addListener(MonitoredHttpRequest.StagemonitorServletContextListener.class);
        servletContext.addListener(SpringMonitoredHttpRequest.HandlerMappingServletContextListener.class);
        servletContext.addListener(SessionCounter.class);
    }

    static {
        Stagemonitor.init();
    }
}
