package com.inet.permissions.url;

import com.inet.annotations.InternalApi;
import com.inet.config.ConfigKey;
import com.inet.config.ConfigValue;
import com.inet.error.BaseErrorCode;
import com.inet.lib.util.NetworkFunctions;
import com.inet.lib.util.StringFunctions;
import com.inet.logging.LogManager;
import com.inet.permissions.AccessDeniedException;
import com.inet.permissions.url.legacy.OldPermissionXMLUtils;
import com.inet.plugin.ServerPluginManager;
import java.io.File;
import java.io.IOException;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.JarURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.SuppressFBWarnings;

@InternalApi
/* loaded from: input_file:com/inet/permissions/url/URLPermissionChecker.class */
public class URLPermissionChecker {
    private static HashSet<String> b;
    private static final List<PluginPermissionChecker> a = ServerPluginManager.getInstance().get(PluginPermissionChecker.class);
    private static final ConfigValue<Boolean> c = new ConfigValue<>(ConfigKey.REPOSITORY_ENABLED);
    private static final ConfigValue<Boolean> d = new ConfigValue<>(ConfigKey.FILELOCATION_ENABLED);
    private static final ConfigValue<Boolean> e = new ConfigValue<>(ConfigKey.JNDILOCATION_ENABLED);
    private static final ConfigValue<Boolean> f = new ConfigValue<>(ConfigKey.LOCALHOST_ENABLED);
    private static final ConfigValue<String[]> g = new ConfigValue<String[]>(ConfigKey.REPOSITORY) { // from class: com.inet.permissions.url.URLPermissionChecker.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.inet.config.ConfigValue
        public String[] convert(@Nonnull String str) throws IllegalArgumentException {
            return str.length() > 0 ? str.split("[;,]") : new String[0];
        }
    };

    private static void a() {
        if (b == null) {
            try {
                b = new HashSet<>();
                b.add("localhost");
                b.add("127.0.0.1");
                b.add("127.0.1.1");
                b.add("0:0:0:0:0:0:0:1");
                b.add("[0:0:0:0:0:0:0:1]");
                String localHostName = NetworkFunctions.getLocalHostName();
                b.add(localHostName.toLowerCase());
                for (InetAddress inetAddress : InetAddress.getAllByName(localHostName)) {
                    String lowerCase = inetAddress.getHostAddress().toLowerCase();
                    b.add(lowerCase);
                    if (inetAddress instanceof Inet6Address) {
                        int lastIndexOf = lowerCase.lastIndexOf("%");
                        if (lastIndexOf > 0) {
                            lowerCase = lowerCase.substring(0, lastIndexOf);
                        }
                        b.add(lowerCase);
                        b.add("[" + lowerCase + "]");
                    }
                    b.add(inetAddress.getHostName().toLowerCase());
                }
            } catch (Exception e2) {
                LogManager.getApplicationLogger().error((Throwable) e2);
            }
        }
    }

    @SuppressFBWarnings(value = {"URLCONNECTION_SSRF_FD", "PATH_TRAVERSAL_IN"}, justification = "This is the security check")
    public static void checkReportLocation(URL url) throws AccessDeniedException {
        if (c.get().booleanValue()) {
            Iterator<PluginPermissionChecker> it = a.iterator();
            while (it.hasNext()) {
                if (it.next().checkReportLocation(url)) {
                    return;
                }
            }
            a();
            String protocol = url.getProtocol();
            if ("jar".equals(protocol)) {
                try {
                    url = ((JarURLConnection) url.openConnection()).getJarFileURL();
                    protocol = url.getProtocol();
                } catch (Throwable th) {
                    LogManager.getApplicationLogger().error(th.getMessage() + "- while checking Report Location of " + String.valueOf(url), th);
                }
            }
            boolean z = protocol.equals("file") || protocol.equals("persistence");
            if (d.get().booleanValue() && z) {
                return;
            }
            if (e.get().booleanValue() && protocol.equals("jndi")) {
                return;
            }
            if (f.get().booleanValue() && isLocalHost(url.getHost())) {
                return;
            }
            String[] strArr = g.get();
            if (strArr.length > 0) {
                String url2 = url.toString();
                for (String str : strArr) {
                    try {
                        if (z && str.startsWith("file:")) {
                            if (a(new File(url.getFile()), new File(str.substring(5)))) {
                                return;
                            }
                        } else {
                            if (url2.equals(str)) {
                                return;
                            }
                            if (str.endsWith(":") && url2.startsWith(str)) {
                                return;
                            }
                            if (url2.startsWith(str.endsWith(OldPermissionXMLUtils.XML_END) ? str : str + "/")) {
                                return;
                            }
                        }
                    } catch (IOException e2) {
                        LogManager.getApplicationLogger().error((Throwable) e2);
                    }
                }
                if (url.getUserInfo() != null) {
                    try {
                        int indexOf = url2.indexOf(url.getUserInfo());
                        checkReportLocation(new URL(url2.substring(0, indexOf) + url2.substring(indexOf + url.getUserInfo().length() + 1)));
                        return;
                    } catch (MalformedURLException e3) {
                        LogManager.getApplicationLogger().error((Throwable) e3);
                    }
                }
            }
            if (LogManager.getApplicationLogger().isDebug()) {
                LogManager.getApplicationLogger().debug("Report location invalid!");
            }
            throw new AccessDeniedException(BaseErrorCode.IllegalPath, url);
        }
    }

    static boolean a(File file, File file2) throws IOException {
        String canonicalPath = file.getCanonicalPath();
        String canonicalPath2 = file2.getCanonicalPath();
        if (!canonicalPath2.endsWith(File.separator)) {
            canonicalPath2 = canonicalPath2 + File.separator;
        }
        return canonicalPath.startsWith(canonicalPath2);
    }

    public static boolean isLocalHost(String str) {
        a();
        String lowerCase = str.toLowerCase();
        return !StringFunctions.isEmpty(lowerCase) && b.contains(lowerCase);
    }
}
