package org.owasp.esapi.reference;

import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Stack;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.IntrusionDetector;
import org.owasp.esapi.Logger;
import org.owasp.esapi.SecurityConfiguration;
import org.owasp.esapi.User;
import org.owasp.esapi.errors.EnterpriseSecurityException;
import org.owasp.esapi.errors.IntrusionException;

/* loaded from: input_file:wlp/lib/com.ibm.ws.org.owasp.esapi.2.1.0_1.0.16.jar:org/owasp/esapi/reference/DefaultIntrusionDetector.class */
public class DefaultIntrusionDetector implements IntrusionDetector {
    private final Logger logger = ESAPI.getLogger("IntrusionDetector");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:wlp/lib/com.ibm.ws.org.owasp.esapi.2.1.0_1.0.16.jar:org/owasp/esapi/reference/DefaultIntrusionDetector$Event.class */
    public static class Event {
        public String key;
        public Stack times = new Stack();

        public Event(String str) {
            this.key = str;
        }

        public void increment(int i, long j) throws IntrusionException {
            if (ESAPI.securityConfiguration().getDisableIntrusionDetection()) {
                return;
            }
            Date date = new Date();
            this.times.add(0, date);
            while (this.times.size() > i) {
                this.times.remove(this.times.size() - 1);
            }
            if (this.times.size() == i) {
                if (date.getTime() - ((Date) this.times.get(i - 1)).getTime() < j * 1000) {
                    throw new IntrusionException("Threshold exceeded", "Exceeded threshold for " + this.key);
                }
            }
        }
    }

    @Override // org.owasp.esapi.IntrusionDetector
    public void addException(Exception exc) {
        if (ESAPI.securityConfiguration().getDisableIntrusionDetection()) {
            return;
        }
        if (exc instanceof EnterpriseSecurityException) {
            this.logger.warning(Logger.SECURITY_FAILURE, ((EnterpriseSecurityException) exc).getLogMessage(), exc);
        } else {
            this.logger.warning(Logger.SECURITY_FAILURE, exc.getMessage(), exc);
        }
        User currentUser = ESAPI.authenticator().getCurrentUser();
        String name = exc.getClass().getName();
        if (exc instanceof IntrusionException) {
            return;
        }
        try {
            addSecurityEvent(currentUser, name);
        } catch (IntrusionException e) {
            SecurityConfiguration.Threshold quota = ESAPI.securityConfiguration().getQuota(name);
            Iterator<String> it = quota.actions.iterator();
            while (it.hasNext()) {
                takeSecurityAction(it.next(), "User exceeded quota of " + quota.count + " per " + quota.interval + " seconds for event " + name + ". Taking actions " + quota.actions);
            }
        }
    }

    @Override // org.owasp.esapi.IntrusionDetector
    public void addEvent(String str, String str2) throws IntrusionException {
        if (ESAPI.securityConfiguration().getDisableIntrusionDetection()) {
            return;
        }
        this.logger.warning(Logger.SECURITY_FAILURE, "Security event " + str + " received : " + str2);
        try {
            addSecurityEvent(ESAPI.authenticator().getCurrentUser(), "event." + str);
        } catch (IntrusionException e) {
            SecurityConfiguration.Threshold quota = ESAPI.securityConfiguration().getQuota("event." + str);
            Iterator<String> it = quota.actions.iterator();
            while (it.hasNext()) {
                takeSecurityAction(it.next(), "User exceeded quota of " + quota.count + " per " + quota.interval + " seconds for event " + str + ". Taking actions " + quota.actions);
            }
        }
    }

    private void takeSecurityAction(String str, String str2) {
        if (ESAPI.securityConfiguration().getDisableIntrusionDetection()) {
            return;
        }
        if (str.equals("log")) {
            this.logger.fatal(Logger.SECURITY_FAILURE, "INTRUSION - " + str2);
        }
        User currentUser = ESAPI.authenticator().getCurrentUser();
        if (currentUser == User.ANONYMOUS) {
            return;
        }
        if (str.equals("disable")) {
            currentUser.disable();
        }
        if (str.equals("logout")) {
            currentUser.logout();
        }
    }

    private void addSecurityEvent(User user, String str) {
        if (ESAPI.securityConfiguration().getDisableIntrusionDetection() || user.isAnonymous()) {
            return;
        }
        HashMap eventMap = user.getEventMap();
        SecurityConfiguration.Threshold quota = ESAPI.securityConfiguration().getQuota(str);
        if (quota != null) {
            Event event = (Event) eventMap.get(str);
            if (event == null) {
                event = new Event(str);
                eventMap.put(str, event);
            }
            event.increment(quota.count, quota.interval);
        }
    }
}
