package blackboard.platform.session.impl;

import blackboard.data.registry.SystemRegistryUtil;
import blackboard.persist.Id;
import blackboard.platform.log.LogServiceFactory;
import blackboard.platform.security.SecurityUtil;
import blackboard.platform.session.BbSession;
import blackboard.util.StringUtil;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:blackboard/platform/session/impl/SessionFingerprintHelper.class */
public class SessionFingerprintHelper {
    public static final String ENABLED_KEY = "session.fingerprint.enabled";
    public static final String CONTENT_KEY = "session.fingerprint.content";
    public static final String ACTION_KEY = "session.fingerprint.action";
    public static final String FILTER_KEY = "session.fingerprint.filter";
    private static final String FP_SECRET = "fp";
    private static final String USER_AGENT_HEADER = "User-Agent";
    private static final Pattern IP_PATTERN = Pattern.compile("^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/?(\\d{0,2})$");
    private final Map<Long, Integer> _ignoredIpSubnets = new HashMap();

    /* loaded from: input_file:blackboard/platform/session/impl/SessionFingerprintHelper$Action.class */
    public enum Action {
        log,
        logAndInvalidate
    }

    /* loaded from: input_file:blackboard/platform/session/impl/SessionFingerprintHelper$Content.class */
    public enum Content {
        ip,
        userAgent,
        ipAndUserAgent
    }

    public SessionFingerprintHelper(File file) {
        if (file == null || !file.exists()) {
            return;
        }
        try {
            parseIgnoredIps(new FileInputStream(file));
        } catch (IOException e) {
            LogServiceFactory.getInstance().logError("Could not load ignored IP file for session fingerprinting.");
        }
    }

    public SessionFingerprintHelper(InputStream inputStream) {
        if (inputStream != null) {
            parseIgnoredIps(inputStream);
        }
    }

    private void parseIgnoredIps(InputStream inputStream) {
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    return;
                }
                Matcher matcher = IP_PATTERN.matcher(readLine);
                if (matcher.matches()) {
                    long parseLong = Long.parseLong(matcher.group(1));
                    long parseLong2 = Long.parseLong(matcher.group(2));
                    long parseLong3 = Long.parseLong(matcher.group(3));
                    long parseLong4 = Long.parseLong(matcher.group(4));
                    String group = matcher.group(5);
                    int i = 0;
                    if (StringUtil.notEmpty(group)) {
                        i = 32 - Integer.parseInt(group);
                    }
                    this._ignoredIpSubnets.put(Long.valueOf(parseLong4 + (parseLong3 << 8) + (parseLong2 << 16) + (parseLong << 24)), Integer.valueOf(i));
                }
            }
        } catch (IOException e) {
            LogServiceFactory.getInstance().logError("Could not load ignored IP file for session fingerprinting.");
        }
    }

    public SessionFingerprintHelper() {
    }

    public boolean shouldFingerprintSession(BbSession bbSession) {
        return isFingerprintingEnabled() && bbSession != null && Id.isValid(bbSession.getUserId());
    }

    public boolean validFingerprint(BbSession bbSession, String str) {
        return str.equals(((BbSessionImpl) bbSession).getFingerprint());
    }

    public String constructFingerprint(HttpServletRequest httpServletRequest) {
        Content fingerprintContentSetting = getFingerprintContentSetting();
        String remoteAddr = httpServletRequest.getRemoteAddr();
        if (isIpFilteringEnabled()) {
            Matcher matcher = IP_PATTERN.matcher(remoteAddr);
            if (matcher.matches()) {
                long parseLong = Long.parseLong(matcher.group(1));
                long parseLong2 = Long.parseLong(matcher.group(4)) + (Long.parseLong(matcher.group(3)) << 8) + (Long.parseLong(matcher.group(2)) << 16) + (parseLong << 24);
                Iterator<Map.Entry<Long, Integer>> it = this._ignoredIpSubnets.entrySet().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    Map.Entry<Long, Integer> next = it.next();
                    if ((parseLong2 >> next.getValue().intValue()) == (next.getKey().longValue() >> next.getValue().intValue())) {
                        remoteAddr = "";
                        break;
                    }
                }
            }
        }
        StringBuilder sb = new StringBuilder(FP_SECRET);
        switch (fingerprintContentSetting) {
            case ip:
                sb.append(remoteAddr);
                break;
            case userAgent:
                sb.append(httpServletRequest.getHeader(USER_AGENT_HEADER));
                break;
            case ipAndUserAgent:
                sb.append(remoteAddr);
                sb.append(httpServletRequest.getHeader(USER_AGENT_HEADER));
                break;
        }
        return SecurityUtil.getHashValue(sb.toString());
    }

    public boolean isFingerprintingEnabled() {
        return SystemRegistryUtil.getBoolean(ENABLED_KEY, true);
    }

    public void setFingerprintingEnabled(boolean z) {
        SystemRegistryUtil.setBoolean(ENABLED_KEY, z);
    }

    public Content getFingerprintContentSetting() {
        return Content.valueOf(SystemRegistryUtil.getPersistentString(CONTENT_KEY, Content.userAgent.name()));
    }

    public void setFingerprintContentSetting(Content content) {
        SystemRegistryUtil.setString(CONTENT_KEY, content.name());
    }

    public Action getFingerprintActionSetting() {
        return Action.valueOf(SystemRegistryUtil.getPersistentString(ACTION_KEY, Action.log.name()));
    }

    public void setFingerprintActionSetting(Action action) {
        SystemRegistryUtil.setString(ACTION_KEY, action.name());
    }

    public boolean isIpFilteringEnabled() {
        return SystemRegistryUtil.getBoolean(FILTER_KEY, false);
    }

    public void setIpFilteringEnabled(boolean z) {
        SystemRegistryUtil.setBoolean(FILTER_KEY, z);
    }
}
