package com.ca.asm.smartpop.webdriver.agent;

import com.browserup.bup.BrowserUpProxy;
import com.browserup.bup.BrowserUpProxyServer;
import com.browserup.bup.filters.RequestFilter;
import com.browserup.bup.mitm.CertificateAndKeySource;
import com.browserup.bup.mitm.ExistingCertificateSource;
import com.browserup.bup.mitm.keys.ECKeyGenerator;
import com.browserup.bup.mitm.keys.KeyGenerator;
import com.browserup.bup.mitm.manager.ImpersonatingMitmManager;
import com.browserup.bup.proxy.CaptureType;
import com.browserup.bup.proxy.auth.AuthType;
import com.browserup.bup.util.HttpMessageContents;
import com.browserup.bup.util.HttpMessageInfo;
import com.ca.asm.smartpop.job.Monitor;
import com.ca.asm.smartpop.utils.PortRange;
import com.ca.asm.smartpop.utils.ProxyConfig;
import io.netty.handler.codec.http.HttpRequest;
import io.netty.handler.codec.http.HttpResponse;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.Map;
import java.util.Random;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.openqa.selenium.logging.LogType;
import org.openqa.selenium.remote.BrowserType;

/* loaded from: input_file:com/ca/asm/smartpop/webdriver/agent/BrowserUpFactoryImpl.class */
public class BrowserUpFactoryImpl implements BrowserUpFactory {
    private static final CertificateAndKeySource CERTIFICATE_SOURCE;
    private final Random random;
    private final String agentName;
    private final String version;
    private final InetAddress browsermobHost;
    private final PortRange proxyPortRange;
    private final ConcurrentMap<Integer, Closeable> activeProxies;
    private final ProxyConfig proxyConfig;
    private final boolean trustAllServers;
    private final ImpersonatingMitmManager mitmManager;
    private static final Pattern LIST_DELIMITER;
    private static final Pattern MAP_DELIMITER;
    private static final Pattern REGEX;
    private static final Logger LOGGER = Logger.getLogger(BrowserUpFactoryImpl.class.toString());
    private static final KeyGenerator KEY_GENERATOR = new ECKeyGenerator("secp256r1");

    public BrowserUpFactoryImpl(boolean z) {
        this("", "", InetAddress.getLoopbackAddress(), null, z);
    }

    public BrowserUpFactoryImpl(String str, String str2, InetAddress inetAddress, PortRange portRange, boolean z) {
        this.random = new Random();
        this.activeProxies = new ConcurrentHashMap();
        this.proxyConfig = new ProxyConfig();
        this.agentName = str;
        this.version = str2;
        this.browsermobHost = inetAddress;
        this.proxyPortRange = portRange;
        this.trustAllServers = z;
        this.mitmManager = ImpersonatingMitmManager.builder().cacheConcurrencyLevel(32).cacheExpirationInterval(2L, TimeUnit.DAYS).rootCertificateSource(CERTIFICATE_SOURCE).serverKeyGenerator(KEY_GENERATOR).trustAllServers(z).build();
    }

    @Override // com.ca.asm.smartpop.webdriver.agent.BrowserUpFactory
    public BrowserUpProxy get(final Monitor monitor) {
        BrowserUpProxyServer browserUpProxyServer = new BrowserUpProxyServer();
        browserUpProxyServer.enableHarCaptureTypes(CaptureType.REQUEST_COOKIES, CaptureType.REQUEST_HEADERS, CaptureType.RESPONSE_COOKIES, CaptureType.RESPONSE_HEADERS);
        browserUpProxyServer.disableHarCaptureTypes(CaptureType.REQUEST_CONTENT, CaptureType.REQUEST_BINARY_CONTENT, CaptureType.RESPONSE_CONTENT, CaptureType.RESPONSE_BINARY_CONTENT);
        browserUpProxyServer.setTrustAllServers(this.trustAllServers);
        String option = monitor.getOption("deny");
        if (option != null) {
            browserUpProxyServer.blacklistRequests(convertList(option), 6001);
        }
        String option2 = monitor.getOption("allow");
        if (option2 != null) {
            browserUpProxyServer.whitelistRequests(Arrays.asList(convertList(option2)), 6001);
        }
        String option3 = monitor.getOption("remapHosts");
        if (option3 != null) {
            browserUpProxyServer.getHostNameResolver().remapHosts(convertMap(option3));
        }
        ProxyConfig proxy = (monitor.isProxy() && this.proxyConfig.hasProxy()) ? this.proxyConfig : monitor.getProxy();
        if (proxy != null) {
            browserUpProxyServer.setChainedProxy(new InetSocketAddress(proxy.getHost(), proxy.getPort() > 0 ? proxy.getPort() : 80));
            if (proxy.getUser() != null && proxy.getPassword() != null) {
                browserUpProxyServer.chainedProxyAuthorization(proxy.getUser(), proxy.getPassword(), AuthType.BASIC);
            }
            Logger logger = LOGGER;
            Object[] objArr = new Object[6];
            objArr[0] = Integer.valueOf(monitor.getId());
            objArr[1] = proxy.getProto();
            objArr[2] = proxy.getHost();
            objArr[3] = Integer.valueOf(proxy.getPort());
            objArr[4] = proxy.getUser();
            objArr[5] = proxy.getPassword() != null ? "****" : null;
            logger.info(String.format("rid=%d using chained proxy %s://%s:%s user '%s' password '%s'", objArr));
        }
        AuthFiltersSource authFiltersSource = null;
        if (monitor.getAccount() != null && monitor.getPasswd() != null && monitor.getHost() != null) {
            String authentication = monitor.getAuthentication();
            boolean z = -1;
            switch (authentication.hashCode()) {
                case -1331913276:
                    if (authentication.equals("digest")) {
                        z = true;
                        break;
                    }
                    break;
                case 93508654:
                    if (authentication.equals(Monitor.AUTH_BASIC)) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    browserUpProxyServer.autoAuthorization(monitor.getHost(), monitor.getAccount(), monitor.getPasswd(), AuthType.BASIC);
                    break;
                case true:
                    authFiltersSource = new AuthFiltersSource(monitor.getHost(), new DigestHeaderGenerator(monitor.getAccount(), monitor.getPasswd(), Long.toHexString(this.random.nextLong())), monitor.isProxy() ? this.proxyConfig : null, this.trustAllServers);
                    browserUpProxyServer.addLastHttpFilterFactory(authFiltersSource);
                    break;
            }
        }
        if (monitor.getUa() != null && !monitor.getUa().trim().isEmpty()) {
            browserUpProxyServer.addRequestFilter(new RequestFilter() { // from class: com.ca.asm.smartpop.webdriver.agent.BrowserUpFactoryImpl.1
                @Override // com.browserup.bup.filters.RequestFilter
                public HttpResponse filterRequest(HttpRequest httpRequest, HttpMessageContents httpMessageContents, HttpMessageInfo httpMessageInfo) {
                    httpRequest.headers().remove("User-Agent");
                    httpRequest.headers().add("User-Agent", (Object) monitor.getUa());
                    return null;
                }
            });
        }
        if (monitor.getTag() != null) {
            String[] split = monitor.getTag().split(":", 2);
            try {
                if (split.length == 2) {
                    split[1] = split[1].replaceAll("\\{agent_name}", this.agentName).replaceAll("\\{agent_version}", this.version).replaceAll("\\{checkpoint_name}", InetAddress.getLocalHost().getHostName()).replaceAll("\\{user_id}", Integer.toString(monitor.getUid())).replaceAll("\\{monitor_id}", Integer.toString(monitor.getId())).replaceAll("\\{check_id}", monitor.getTagId() != null ? monitor.getTagId() : "").replaceAll("\\{thread_name}", Thread.currentThread().getName()).replaceAll("\\{thread_id}", Long.toString(Thread.currentThread().getId()));
                    browserUpProxyServer.addRequestFilter((httpRequest, httpMessageContents, httpMessageInfo) -> {
                        httpRequest.headers().add(split[0], (Object) split[1]);
                        return null;
                    });
                }
            } catch (UnknownHostException e) {
                throw new RuntimeException(e);
            }
        }
        browserUpProxyServer.setMitmManager(this.mitmManager);
        if (this.proxyPortRange == null) {
            startProxy(browserUpProxyServer, authFiltersSource);
            return browserUpProxyServer;
        }
        int takePort = this.proxyPortRange.takePort();
        try {
            startProxy(browserUpProxyServer, takePort, isRemoteClient(monitor), authFiltersSource);
            return browserUpProxyServer;
        } catch (ProxyExistsException e2) {
            LOGGER.fine(String.format("Proxy already exists on port %s", Integer.valueOf(takePort)));
            startProxy(browserUpProxyServer, 0, isRemoteClient(monitor), authFiltersSource);
            return browserUpProxyServer;
        }
    }

    private void startProxy(BrowserUpProxy browserUpProxy, Closeable closeable) {
        startProxy(browserUpProxy, 0, true, closeable);
    }

    private void startProxy(BrowserUpProxy browserUpProxy, int i, boolean z, Closeable closeable) {
        boolean[] zArr = {true};
        if (i != 0) {
            this.activeProxies.computeIfAbsent(Integer.valueOf(i), num -> {
                zArr[0] = false;
                Logger logger = LOGGER;
                Object[] objArr = new Object[2];
                objArr[0] = z ? "0.0.0.0" : this.browsermobHost;
                objArr[1] = Integer.valueOf(i);
                logger.fine(String.format("Starting internal proxy using address: %s:%d", objArr));
                if (z) {
                    browserUpProxy.start(num.intValue());
                } else {
                    browserUpProxy.start(num.intValue(), this.browsermobHost);
                }
                return closeable;
            });
            if (zArr[0]) {
                throw new ProxyExistsException(i);
            }
        } else {
            if (z) {
                browserUpProxy.start();
            } else {
                browserUpProxy.start(0, this.browsermobHost);
            }
            this.activeProxies.put(Integer.valueOf(browserUpProxy.getPort()), closeable != null ? closeable : () -> {
            });
        }
    }

    private static String convertList(String str) {
        Matcher matcher = REGEX.matcher(str);
        return matcher.matches() ? matcher.group(1) : (String) LIST_DELIMITER.splitAsStream(str).map(str2 -> {
            return str2.replaceAll("\\.", "\\\\.");
        }).map(str3 -> {
            return String.format("^((https?|ftp)://)?([^./]*\\.)*(%s)([#?:/|$]+.*)?", str3);
        }).collect(Collectors.joining("|"));
    }

    private static Map<String, String> convertMap(String str) {
        return (Map) MAP_DELIMITER.splitAsStream(str).map(str2 -> {
            return str2.split(LIST_DELIMITER.pattern());
        }).collect(Collectors.toMap(strArr -> {
            return strArr[0];
        }, strArr2 -> {
            return strArr2[1];
        }));
    }

    private static boolean isRemoteClient(Monitor monitor) {
        String option = monitor.getOption(LogType.BROWSER);
        if (option == null) {
            return false;
        }
        return BrowserType.IE.equals(option.toLowerCase().trim());
    }

    @Override // com.ca.asm.smartpop.webdriver.agent.BrowserUpFactory
    public void close(BrowserUpProxy browserUpProxy) {
        try {
            browserUpProxy.stop();
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "Problem when closing proxy", (Throwable) e);
            try {
                browserUpProxy.abort();
            } catch (Exception e2) {
            }
        }
        Closeable remove = this.activeProxies.remove(Integer.valueOf(browserUpProxy.getPort()));
        if (remove != null) {
            try {
                remove.close();
            } catch (IOException e3) {
            }
        }
    }

    static {
        try {
            CERTIFICATE_SOURCE = new ExistingCertificateSource((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.getDecoder().decode("MIICJDCCAcugAwIBAgIUFQh7b+hr62yN0kK7suHwoL8LXZIwCgYIKoZIzj0EAwIwaDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhJc2xhbmRpYTELMAkGA1UECgwCQ0ExDDAKBgNVBAsMA0FTTTEYMBYGA1UEAwwPd2ViZHJpdmVyIGFnZW50MB4XDTE5MDcxODEyNDAxM1oXDTQwMDEyOTEyNDAxM1owaDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhJc2xhbmRpYTELMAkGA1UECgwCQ0ExDDAKBgNVBAsMA0FTTTEYMBYGA1UEAwwPd2ViZHJpdmVyIGFnZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXnog/gc31IoxjgvCJ19KSIU4j6muthWbADFZaOAB0ByFLKuunnf374RW1jo1X1iPuFHreyYFh9XpAz49gwQNLKNTMFEwHQYDVR0OBBYEFFa2StbXob2gSyAOe3msC5g+DemNMB8GA1UdIwQYMBaAFFa2StbXob2gSyAOe3msC5g+DemNMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgQr4nFmxFlTqmNDAsFWnc3uuS+5TdsFD7Yiylfs6Neo0CIFWqy27l7cuJY/G28EYG6t2gck0dg7o76iKQsplnRLLG"))), KeyFactory.getInstance("EC").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode("MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgJDSLmHnTImPX9p7rGjykckDDaMYw/zITX8M1wxnvTfyhRANCAAReeiD+BzfUijGOC8InX0pIhTiPqa62FZsAMVlo4AHQHIUsq66ed/fvhFbWOjVfWI+4Uet7JgWH1ekDPj2DBA0s"))));
            LIST_DELIMITER = Pattern.compile(":");
            MAP_DELIMITER = Pattern.compile(",");
            REGEX = Pattern.compile("^/(.*)/$");
        } catch (NoSuchAlgorithmException | CertificateException | InvalidKeySpecException e) {
            throw new RuntimeException("Cannot load the proxy MITM certificate: " + e);
        }
    }
}
