package com.ibm.ws.security.web;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.ws.management.cmdframework.impl.CommandSecurityUtil;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.util.WSUtil;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/ibm/ws/security/web/URLHandler.class */
public class URLHandler {
    private static final TraceComponent tc = Tr.register(URLHandler.class, (String) null, AdminConstants.MSG_BUNDLE_NAME);

    /* JADX INFO: Access modifiers changed from: package-private */
    public String encodeURL(String str) {
        String replaceAll = str.replaceAll("%", "%25").replaceAll(";", "%3B").replaceAll(",", "%2C");
        if (str != replaceAll && tc.isDebugEnabled()) {
            Tr.debug(tc, "encoded URL from " + str + " to " + replaceAll);
        }
        return replaceAll;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String decodeURL(String str) {
        String replaceAll = str.replaceAll("%2C", ",").replaceAll("%3B", ";").replaceAll("%25", "%");
        if (str != replaceAll && tc.isDebugEnabled()) {
            Tr.debug(tc, "decoded URL from " + str + " to " + replaceAll);
        }
        return replaceAll;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String removeHostNameFromURL(String str) {
        try {
            int indexOf = str.indexOf("/", str.indexOf("//") + 2);
            URL url = new URL(str);
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(url.getProtocol());
            stringBuffer.append("://");
            int port = url.getPort();
            if (port != -1) {
                stringBuffer.append(":");
                stringBuffer.append(port);
            }
            str = stringBuffer.append(str.substring(indexOf)).toString();
        } catch (MalformedURLException e) {
            Manager.Ffdc.log(e, this, "com.ibm.ws.security.web.URLHandler.removeHostNameFromURL", "124", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "URL is malformed: " + str);
            }
        }
        return str;
    }

    String restoreHostNameToURL(String str, String str2, SecurityConfig securityConfig) {
        if (str.startsWith("/") || str.length() == 0) {
            str = str2.substring(0, str2.indexOf("/", str2.indexOf("//") + 2)) + str;
        } else {
            try {
                String host = new URL(str).getHost();
                String host2 = new URL(str2).getHost();
                if (host == null || host.length() == 0) {
                    int indexOf = str.indexOf("//");
                    StringBuffer stringBuffer = new StringBuffer(str);
                    stringBuffer.insert(indexOf + 2, host2);
                    str = stringBuffer.toString();
                } else {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "referrerURL:" + str + " contains hostname. Checking the hostname is valid.");
                    }
                    if (!isReferrerHostValid(host, host2, securityConfig)) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "referrerURL:" + str + " does not match current hostname " + host2);
                        }
                        RuntimeException runtimeException = new RuntimeException("referrerURL:" + str + " does not match current hostname " + host2);
                        Manager.Ffdc.log(runtimeException, this, "com.ibm.ws.security.web.URLHandler.restoreHostNameToURL", "169", this);
                        throw runtimeException;
                    }
                }
            } catch (MalformedURLException e) {
                Manager.Ffdc.log(e, this, "com.ibm.ws.security.web.URLHandler.restoreHostNameToURL", "176", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "WASReqURL or requested URL is malformed. WASReqURL: " + str + " RequestedURL: " + str2);
                }
            }
        }
        return str;
    }

    public String getServletURI(HttpServletRequest httpServletRequest) {
        String servletPath = httpServletRequest.getServletPath();
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo != null) {
            servletPath = servletPath.concat(pathInfo);
        }
        if (servletPath == null || servletPath.length() == 0) {
            servletPath = "/";
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "URI requested: " + servletPath);
        }
        String resolveURI = WSUtil.resolveURI(servletPath);
        int indexOf = resolveURI.indexOf(";");
        if (indexOf != -1) {
            resolveURI = resolveURI.substring(0, indexOf);
        }
        if (resolveURI.indexOf(":") >= 0) {
            resolveURI = resolveURI.replaceAll(":", "%3A");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "URI returned: " + resolveURI);
        }
        return resolveURI;
    }

    protected boolean isReferrerHostValid(String str, String str2, SecurityConfig securityConfig) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "referrerHost=" + str + " currentHost=" + str2);
        }
        boolean z = false;
        if (str == null || str.length() == 0 || str2 == null || str2.length() == 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "referrerHost and/or currentHost is null or empty");
            }
            return false;
        }
        if (str.equalsIgnoreCase(str2)) {
            z = true;
        } else {
            String property = securityConfig.getProperty(SecurityConfig.LOGIN_PAGE_DOMAIN_LIST);
            if (property != null && property.length() > 0) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "com.ibm.websphere.security.loginPageDomainList is configured. : " + property);
                }
                StringTokenizer stringTokenizer = new StringTokenizer(property, CommandSecurityUtil.PARAM_DELIM);
                while (true) {
                    if (!stringTokenizer.hasMoreTokens()) {
                        break;
                    }
                    String nextToken = stringTokenizer.nextToken();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Trying to match the domain for the Page : " + str + " to a domain name: " + nextToken + " from the configured domain list");
                    }
                    if (nextToken.equalsIgnoreCase(str)) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "matched a configured login page domain: " + nextToken);
                        }
                        z = true;
                    }
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "ret=" + z);
        }
        return z;
    }

    protected boolean isReferrerHostValid(String str, String str2) {
        return isReferrerHostValid(str, str2, SecurityObjectLocator.getSecurityConfig());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String restoreHostNameToURL(String str, String str2) {
        return restoreHostNameToURL(str, str2, SecurityObjectLocator.getSecurityConfig());
    }
}
