package org.wso2.carbon.apimgt.gateway.mediators;

import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.Map;
import javax.xml.stream.XMLStreamException;
import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.SchemaFactory;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.mediators.AbstractMediator;
import org.apache.synapse.transport.passthru.util.RelayUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.wso2.carbon.apimgt.gateway.APIMgtGatewayConstants;
import org.wso2.carbon.apimgt.gateway.MethodTimeLogger;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityConstants;
import org.wso2.carbon.apimgt.gateway.threatprotection.APIMThreatAnalyzerException;
import org.wso2.carbon.apimgt.gateway.threatprotection.AnalyzerHolder;
import org.wso2.carbon.apimgt.gateway.threatprotection.analyzer.APIMThreatAnalyzer;
import org.wso2.carbon.apimgt.gateway.threatprotection.configuration.ConfigurationHolder;
import org.wso2.carbon.apimgt.gateway.threatprotection.configuration.XMLConfig;
import org.wso2.carbon.apimgt.gateway.threatprotection.utils.ThreatExceptionHandler;
import org.wso2.carbon.apimgt.gateway.threatprotection.utils.ThreatProtectorConstants;
import org.wso2.carbon.apimgt.gateway.utils.GatewayUtils;
import org.wso2.carbon.apimgt.impl.APIConstants;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/wso2/carbon/apimgt/gateway/mediators/XMLSchemaValidator.class */
public class XMLSchemaValidator extends AbstractMediator {
    private static final Log logger;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/mediators/XMLSchemaValidator$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(XMLSchemaValidator.mediate_aroundBody0((XMLSchemaValidator) objArr2[0], (MessageContext) objArr2[1], (JoinPoint) objArr2[2]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/mediators/XMLSchemaValidator$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return XMLSchemaValidator.configureSchemaProperties_aroundBody2((XMLSchemaValidator) objArr2[0], (MessageContext) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/mediators/XMLSchemaValidator$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(XMLSchemaValidator.isContentAware_aroundBody4((XMLSchemaValidator) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/mediators/XMLSchemaValidator$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(XMLSchemaValidator.validateSchema_aroundBody6((XMLSchemaValidator) objArr2[0], (MessageContext) objArr2[1], (BufferedInputStream) objArr2[2], (JoinPoint) objArr2[3]));
        }
    }

    static {
        ajc$preClinit();
        logger = LogFactory.getLog(XMLSchemaValidator.class);
    }

    public boolean mediate(MessageContext messageContext) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, messageContext);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{this, messageContext, makeJP}).linkClosureAndJoinPoint(69648))) : mediate_aroundBody0(this, messageContext, makeJP);
    }

    XMLConfig configureSchemaProperties(MessageContext messageContext) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this, messageContext);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? (XMLConfig) MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{this, messageContext, makeJP}).linkClosureAndJoinPoint(69648)) : configureSchemaProperties_aroundBody2(this, messageContext, makeJP);
    }

    public boolean isContentAware() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, this, this);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648))) : isContentAware_aroundBody4(this, makeJP);
    }

    private boolean validateSchema(MessageContext messageContext, BufferedInputStream bufferedInputStream) throws APIMThreatAnalyzerException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_3, this, this, messageContext, bufferedInputStream);
        return (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure7(new Object[]{this, messageContext, bufferedInputStream, makeJP}).linkClosureAndJoinPoint(69648))) : validateSchema_aroundBody6(this, messageContext, bufferedInputStream, makeJP);
    }

    static final boolean mediate_aroundBody0(XMLSchemaValidator xMLSchemaValidator, MessageContext messageContext, JoinPoint joinPoint) {
        if (logger.isDebugEnabled()) {
            logger.debug("XML validation mediator is activated...");
        }
        Map<String, InputStream> map = null;
        APIMThreatAnalyzer aPIMThreatAnalyzer = null;
        boolean z = true;
        org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
        String obj = axis2MessageContext.getProperty("HTTP_METHOD_OBJECT").toString();
        Object property = axis2MessageContext.getProperty(ThreatProtectorConstants.CONTENT_TYPE);
        String obj2 = property != null ? property.toString() : axis2MessageContext.getProperty("ContentType").toString();
        String obj3 = messageContext.getProperty(ThreatProtectorConstants.API_CONTEXT).toString();
        if (!APIConstants.SupportedHTTPVerbs.GET.name().equalsIgnoreCase(obj) && (ThreatProtectorConstants.APPLICATION_XML.equals(obj2) || ThreatProtectorConstants.TEXT_XML.equals(obj2))) {
            try {
                map = GatewayUtils.cloneRequestMessage(messageContext);
                if (map != null) {
                    Object property2 = messageContext.getProperty(APIMgtGatewayConstants.XML_VALIDATION);
                    if (property2 != null && Boolean.valueOf(property2.toString()).equals(true)) {
                        ConfigurationHolder.addXmlConfig(xMLSchemaValidator.configureSchemaProperties(messageContext));
                        aPIMThreatAnalyzer = AnalyzerHolder.getAnalyzer(obj2);
                        aPIMThreatAnalyzer.analyze(map.get(ThreatProtectorConstants.XML), obj3);
                    }
                    Object property3 = messageContext.getProperty(APIMgtGatewayConstants.SCHEMA_VALIDATION);
                    if (property3 != null && Boolean.valueOf(property3.toString()).equals(true)) {
                        xMLSchemaValidator.validateSchema(messageContext, new BufferedInputStream(map.get(ThreatProtectorConstants.SCHEMA)));
                    }
                }
            } catch (IOException e) {
                logger.error(APIMgtGatewayConstants.BAD_REQUEST, e);
                GatewayUtils.handleThreat(messageContext, "400", e.getMessage());
            } catch (APIMThreatAnalyzerException e2) {
                z = false;
                logger.error(APIMgtGatewayConstants.BAD_REQUEST, e2);
                GatewayUtils.handleThreat(messageContext, "400", e2.getMessage());
            }
            AnalyzerHolder.returnObject(aPIMThreatAnalyzer);
        } else if (xMLSchemaValidator.log.isDebugEnabled()) {
            xMLSchemaValidator.log.debug("XML Schema Validator: Neither request method nor content type is matched with the validator.");
        }
        GatewayUtils.setOriginalInputStream(map, axis2MessageContext);
        if (!z) {
            return true;
        }
        try {
            RelayUtils.buildMessage(axis2MessageContext);
            return true;
        } catch (IOException | XMLStreamException e3) {
            logger.error("Error occurred while parsing the payload.", e3);
            GatewayUtils.handleThreat(messageContext, "400", e3.getMessage());
            return true;
        }
    }

    static final XMLConfig configureSchemaProperties_aroundBody2(XMLSchemaValidator xMLSchemaValidator, MessageContext messageContext, JoinPoint joinPoint) {
        boolean z = false;
        boolean z2 = false;
        int i = 0;
        int i2 = 0;
        int i3 = 0;
        int i4 = 0;
        int i5 = 0;
        int i6 = 0;
        Object property = messageContext.getProperty(ThreatProtectorConstants.DTD_ENABLED);
        if (property != null) {
            z = Boolean.valueOf(property.toString()).booleanValue();
        } else {
            ThreatExceptionHandler.handleException(messageContext, "XML schema dtdEnabled property value is missing.");
        }
        Object property2 = messageContext.getProperty(ThreatProtectorConstants.EXTERNAL_ENTITIES_ENABLED);
        if (property2 != null) {
            z2 = Boolean.valueOf(property2.toString()).booleanValue();
        } else {
            ThreatExceptionHandler.handleException(messageContext, "XML schema externalEntitiesEnabled property value is missing.");
        }
        Object property3 = messageContext.getProperty(ThreatProtectorConstants.MAX_ELEMENT_COUNT);
        if (property3 != null) {
            i2 = Integer.parseInt(property3.toString());
        } else {
            ThreatExceptionHandler.handleException(messageContext, "XML schema elementCount property value is missing.");
        }
        Object property4 = messageContext.getProperty(ThreatProtectorConstants.MAX_ATTRIBUTE_LENGTH);
        if (property4 != null) {
            i3 = Integer.parseInt(property4.toString());
        } else {
            ThreatExceptionHandler.handleException(messageContext, "XML schema maxAttributeLength property value is missing.");
        }
        Object property5 = messageContext.getProperty(ThreatProtectorConstants.MAX_XML_DEPTH);
        if (property5 != null) {
            i = Integer.parseInt(property5.toString());
        } else {
            ThreatExceptionHandler.handleException(messageContext, "XML schema xmlDepth property value is missing.");
        }
        Object property6 = messageContext.getProperty(ThreatProtectorConstants.MAX_ATTRIBUTE_COUNT);
        if (property6 != null) {
            i4 = Integer.parseInt(property6.toString());
        } else {
            ThreatExceptionHandler.handleException(messageContext, "XML schema attributeCount property value is missing.");
        }
        Object property7 = messageContext.getProperty(ThreatProtectorConstants.ENTITY_EXPANSION_LIMIT);
        if (property7 != null) {
            i5 = Integer.parseInt(property7.toString());
        } else {
            ThreatExceptionHandler.handleException(messageContext, "XML schema entityExpansionLimit property value is missing.");
        }
        Object property8 = messageContext.getProperty(ThreatProtectorConstants.CHILDREN_PER_ELEMENT);
        if (property8 == null) {
            ThreatExceptionHandler.handleException(messageContext, "XML schema childrenElement property value is missing.");
        } else {
            i6 = Integer.parseInt(property8.toString());
        }
        if (xMLSchemaValidator.log.isDebugEnabled()) {
            xMLSchemaValidator.log.debug("DTD enable:" + z + ", External entities: " + z2 + ", Element Count:" + i2 + ", Max AttributeLength:" + i3 + ", Max xml Depth:" + i + ", Attribute count:" + i4 + ", Entity Expansion Limit" + i4 + APISecurityConstants.DESCRIPTION_SEPARATOR + "childrenElement:" + i4);
        }
        XMLConfig xMLConfig = new XMLConfig();
        xMLConfig.setDtdEnabled(z);
        xMLConfig.setExternalEntitiesEnabled(z2);
        xMLConfig.setMaxDepth(i);
        xMLConfig.setMaxElementCount(i2);
        xMLConfig.setMaxAttributeCount(i4);
        xMLConfig.setMaxAttributeLength(i3);
        xMLConfig.setEntityExpansionLimit(i5);
        xMLConfig.setMaxChildrenPerElement(i6);
        return xMLConfig;
    }

    static final boolean isContentAware_aroundBody4(XMLSchemaValidator xMLSchemaValidator, JoinPoint joinPoint) {
        return false;
    }

    static final boolean validateSchema_aroundBody6(XMLSchemaValidator xMLSchemaValidator, MessageContext messageContext, BufferedInputStream bufferedInputStream, JoinPoint joinPoint) {
        SchemaFactory newInstance = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema");
        try {
            Object property = messageContext.getProperty(APIMgtGatewayConstants.XSD_URL);
            if (property == null || String.valueOf(property).isEmpty()) {
                return true;
            }
            newInstance.newSchema(new URL(String.valueOf(property))).newValidator().validate(new StreamSource(bufferedInputStream));
            return true;
        } catch (IOException | SAXException e) {
            throw new APIMThreatAnalyzerException("Error occurred while parsing XML payload : " + e);
        }
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("XMLSchemaValidator.java", XMLSchemaValidator.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "mediate", "org.wso2.carbon.apimgt.gateway.mediators.XMLSchemaValidator", "org.apache.synapse.MessageContext", "messageContext", APIMgtGatewayConstants.EMPTY, "boolean"), 66);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("0", "configureSchemaProperties", "org.wso2.carbon.apimgt.gateway.mediators.XMLSchemaValidator", "org.apache.synapse.MessageContext", "messageContext", APIMgtGatewayConstants.EMPTY, "org.wso2.carbon.apimgt.gateway.threatprotection.configuration.XMLConfig"), 152);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "isContentAware", "org.wso2.carbon.apimgt.gateway.mediators.XMLSchemaValidator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "boolean"), 252);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "validateSchema", "org.wso2.carbon.apimgt.gateway.mediators.XMLSchemaValidator", "org.apache.synapse.MessageContext:java.io.BufferedInputStream", "messageContext:bufferedInputStream", "org.wso2.carbon.apimgt.gateway.threatprotection.APIMThreatAnalyzerException", "boolean"), 264);
    }
}
