package com.atlassian.stash.internal.web;

import com.atlassian.bitbucket.request.RequestInfoProvider;
import com.atlassian.security.random.SecureRandomFactory;
import java.security.SecureRandom;
import java.util.zip.CRC32;
import javax.annotation.Nonnull;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

@Component("httpRequestInfoHelper")
/* loaded from: input_file:WEB-INF/lib/bitbucket-service-impl-6.0.0.jar:com/atlassian/stash/internal/web/DefaultHttpRequestInfoHelper.class */
public class DefaultHttpRequestInfoHelper implements HttpRequestInfoHelper {
    static final String ATTR_SESSION_ID = "bitbucket.session-id";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) DefaultHttpRequestInfoHelper.class);
    private final SecureRandom secureRandom = SecureRandomFactory.newInstance();

    /* loaded from: input_file:WEB-INF/lib/bitbucket-service-impl-6.0.0.jar:com/atlassian/stash/internal/web/DefaultHttpRequestInfoHelper$HttpRequestInfoProvider.class */
    private class HttpRequestInfoProvider implements RequestInfoProvider {
        private final HttpServletRequest request;
        private final HttpServletResponse response;
        private String action;
        private String requestDetails;
        private String sessionId;

        private HttpRequestInfoProvider(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            this.request = httpServletRequest;
            this.response = httpServletResponse;
        }

        @Override // com.atlassian.bitbucket.request.RequestMetadata
        @Nonnull
        public String getAction() {
            if (this.action == null) {
                this.action = "\"" + this.request.getMethod() + " " + DefaultHttpRequestInfoHelper.this.getRequestUrl(this.request) + " " + this.request.getProtocol() + "\"";
            }
            return this.action;
        }

        @Override // com.atlassian.bitbucket.request.RequestMetadata
        public String getDetails() {
            if (this.requestDetails == null) {
                this.requestDetails = String.format("\"%1$s\" \"%2$s\"", StringUtils.defaultString(StringUtils.substringBefore(this.request.getHeader("referer"), "?")), StringUtils.defaultString(this.request.getHeader("user-agent")));
            }
            return this.requestDetails;
        }

        @Override // com.atlassian.bitbucket.request.RequestMetadata
        @Nonnull
        public String getProtocol() {
            return this.request.getScheme();
        }

        @Override // com.atlassian.bitbucket.request.RequestInfoProvider
        @Nonnull
        public Object getRawRequest() {
            return this.request;
        }

        @Override // com.atlassian.bitbucket.request.RequestInfoProvider
        @Nonnull
        public Object getRawResponse() {
            return this.response;
        }

        @Override // com.atlassian.bitbucket.request.RequestMetadata
        public String getRemoteAddress() {
            return DefaultHttpRequestInfoHelper.this.getRemoteAddress(this.request);
        }

        @Override // com.atlassian.bitbucket.request.RequestMetadata
        public String getSessionId() {
            if (this.sessionId == null) {
                this.sessionId = DefaultHttpRequestInfoHelper.this.getSessionId(this.request);
            }
            return this.sessionId;
        }

        @Override // com.atlassian.bitbucket.request.RequestMetadata
        public boolean hasSessionId() {
            return getSessionId() != null;
        }

        @Override // com.atlassian.bitbucket.request.RequestMetadata
        public boolean isSecure() {
            return this.request.isSecure();
        }
    }

    @Override // com.atlassian.stash.internal.web.HttpRequestInfoHelper
    public RequestInfoProvider createRequestInfoProvider(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return new HttpRequestInfoProvider(httpServletRequest, httpServletResponse);
    }

    @Override // com.atlassian.stash.internal.web.HttpRequestInfoHelper
    public String getRemoteAddress(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        String header = httpServletRequest.getHeader("X-Forwarded-For");
        if (header != null) {
            sb.append(header).append(",");
        }
        sb.append(httpServletRequest.getRemoteAddr());
        return sb.toString().replaceAll("\\s", "");
    }

    @Override // com.atlassian.stash.internal.web.HttpRequestInfoHelper
    public String getRequestUrl(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        if (StringUtils.isNotBlank(httpServletRequest.getContextPath())) {
            requestURI = requestURI.substring(httpServletRequest.getContextPath().length());
        }
        return requestURI;
    }

    @Override // com.atlassian.stash.internal.web.HttpRequestInfoHelper
    public String getSessionId(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            return null;
        }
        String str = null;
        try {
            str = (String) session.getAttribute(ATTR_SESSION_ID);
            if (str == null) {
                byte[] bArr = new byte[40];
                this.secureRandom.nextBytes(bArr);
                CRC32 crc32 = new CRC32();
                crc32.update(bArr);
                str = Long.toString(crc32.getValue(), 36);
                session.setAttribute(ATTR_SESSION_ID, str);
            }
        } catch (IllegalStateException e) {
            log.debug("Could not retrieve sessionId: {}", StringUtils.defaultString(e.getMessage()));
        }
        return str;
    }
}
