package com.newrelic.agent.security.instrumentation.spring.client5;

import com.newrelic.api.agent.security.NewRelicSecurity;
import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper;
import com.newrelic.api.agent.security.instrumentation.helpers.ServletHelper;
import com.newrelic.api.agent.security.schema.AbstractOperation;
import com.newrelic.api.agent.security.schema.StringUtils;
import com.newrelic.api.agent.security.schema.exceptions.NewRelicSecurityException;
import com.newrelic.api.agent.security.schema.operation.SSRFOperation;
import com.newrelic.api.agent.security.utils.SSRFUtils;
import com.newrelic.api.agent.security.utils.logging.LogLevel;
import java.net.URI;
import java.util.ArrayList;
import org.springframework.http.HttpMethod;
import org.springframework.web.reactive.function.client.ClientRequest;

/* loaded from: input_file:newrelic-security-agent.jar:instrumentation-security/csec-spring-webclient-5.0-1.0.jar:com/newrelic/agent/security/instrumentation/spring/client5/SpringWebClientHelper.class */
public class SpringWebClientHelper {
    public static final String NR_SEC_CUSTOM_ATTRIB_NAME = "SPRING_CLIENT_OPERATION_LOCK-";
    public static final String METHOD_EXECHANGE = "exchange";
    public static final String SPRING_WEBCLIENT_5_0 = "spring-webclient-5.0";
    public static final String SPRING_WEB_CLIENT_REQUEST_LIST_CUSTOM_ATTRIB = "SPRING-WEB-CLIENT-REQUEST-LIST";

    public static String getNrSecCustomAttribName() {
        return NR_SEC_CUSTOM_ATTRIB_NAME + Thread.currentThread().getId();
    }

    public static AbstractOperation preprocessSecurityHook(URI uri, HttpMethod httpMethod, String str, String str2) {
        if (uri == null) {
            return null;
        }
        try {
            if (uri.getPath().isEmpty()) {
                return null;
            }
            ArrayList arrayList = (ArrayList) NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(SPRING_WEB_CLIENT_REQUEST_LIST_CUSTOM_ATTRIB, ArrayList.class);
            if (arrayList == null) {
                arrayList = new ArrayList();
            }
            if (arrayList.contains(uri.toString())) {
                return null;
            }
            SSRFOperation sSRFOperation = new SSRFOperation(uri.toString(), str, str2);
            NewRelicSecurity.getAgent().getSecurityMetaData().getMetaData().setFromJumpRequiredInStackTrace(3);
            NewRelicSecurity.getAgent().registerOperation(sSRFOperation);
            arrayList.add(uri.toString());
            NewRelicSecurity.getAgent().getSecurityMetaData().addCustomAttribute(SPRING_WEB_CLIENT_REQUEST_LIST_CUSTOM_ATTRIB, arrayList);
            return sSRFOperation;
        } catch (Throwable th) {
            if (th instanceof NewRelicSecurityException) {
                NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.SECURITY_EXCEPTION_MESSAGE, SPRING_WEBCLIENT_5_0, th.getMessage()), th, SpringWebClientHelper.class.getName());
                throw th;
            }
            NewRelicSecurity.getAgent().log(LogLevel.SEVERE, String.format(GenericHelper.REGISTER_OPERATION_EXCEPTION_MESSAGE, SPRING_WEBCLIENT_5_0, th.getMessage()), th, SpringWebClientHelper.class.getName());
            NewRelicSecurity.getAgent().reportIncident(LogLevel.SEVERE, String.format(GenericHelper.REGISTER_OPERATION_EXCEPTION_MESSAGE, SPRING_WEBCLIENT_5_0, th.getMessage()), th, SpringWebClientHelper.class.getName());
            return null;
        }
    }

    public static void registerExitOperation(boolean z, AbstractOperation abstractOperation) {
        if (abstractOperation == null || !z) {
            return;
        }
        try {
            if (!NewRelicSecurity.isHookProcessingActive() || NewRelicSecurity.getAgent().getSecurityMetaData().getRequest().isEmpty() || GenericHelper.skipExistsEvent()) {
                return;
            }
            NewRelicSecurity.getAgent().registerExitEvent(abstractOperation);
        } catch (Throwable th) {
            NewRelicSecurity.getAgent().log(LogLevel.FINEST, String.format(GenericHelper.EXIT_OPERATION_EXCEPTION_MESSAGE, SPRING_WEBCLIENT_5_0, th.getMessage()), th, SpringWebClientHelper.class.getName());
        }
    }

    public static ClientRequest addSecurityHeaders(ClientRequest clientRequest, AbstractOperation abstractOperation) {
        if (abstractOperation == null || clientRequest == null) {
            return null;
        }
        ClientRequest.Builder from = ClientRequest.from(clientRequest);
        String raw = NewRelicSecurity.getAgent().getSecurityMetaData().getFuzzRequestIdentifier().getRaw();
        if (raw != null && !raw.trim().isEmpty()) {
            from.header(ServletHelper.CSEC_IAST_FUZZ_REQUEST_ID, new String[]{raw});
        }
        String str = (String) NewRelicSecurity.getAgent().getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class);
        if (StringUtils.isNotBlank(str)) {
            from.header(GenericHelper.CSEC_PARENT_ID, new String[]{str});
        }
        if (abstractOperation.getApiID() != null && !abstractOperation.getApiID().trim().isEmpty() && abstractOperation.getExecutionId() != null && !abstractOperation.getExecutionId().trim().isEmpty()) {
            from.header(ServletHelper.CSEC_DISTRIBUTED_TRACING_HEADER, new String[]{SSRFUtils.generateTracingHeaderValue(NewRelicSecurity.getAgent().getSecurityMetaData().getTracingHeaderValue(), abstractOperation.getApiID(), abstractOperation.getExecutionId(), NewRelicSecurity.getAgent().getAgentUUID())});
        }
        return from.build();
    }
}
