package tigase.xmpp.impl;

import java.util.ArrayDeque;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Map;
import java.util.Queue;
import java.util.logging.Level;
import java.util.logging.Logger;
import tigase.db.NonAuthUserRepository;
import tigase.db.TigaseDBException;
import tigase.server.Packet;
import tigase.util.DNSResolver;
import tigase.util.StringUtilities;
import tigase.vhosts.DomainFilterPolicy;
import tigase.vhosts.VHostItem;
import tigase.xmpp.Authorization;
import tigase.xmpp.NoConnectionIdException;
import tigase.xmpp.NotAuthorizedException;
import tigase.xmpp.PacketErrorTypeException;
import tigase.xmpp.StanzaType;
import tigase.xmpp.XMPPPacketFilterIfc;
import tigase.xmpp.XMPPPreprocessorIfc;
import tigase.xmpp.XMPPProcessor;
import tigase.xmpp.XMPPResourceConnection;

/* loaded from: input_file:tigase/xmpp/impl/DomainFilter.class */
public class DomainFilter extends XMPPProcessor implements XMPPPacketFilterIfc, XMPPPreprocessorIfc {
    public static final String ALLOWED_DOMAINS_KEY = "allowed-domains";
    public static final String ALLOWED_DOMAINS_LIST_KEY = "allowed-domains-list";
    private static final String ID = "domain-filter";
    private static final Logger log = Logger.getLogger(DomainFilter.class.getName());
    private static final String[][] ELEMENTS = ALL_PATHS;
    private static final String[] XMLNSS = {"*"};
    private static String local_hostname;

    /* JADX WARN: Failed to find 'out' block for switch in B:28:0x00ec. Please report as an issue. */
    @Override // tigase.xmpp.XMPPPacketFilterIfc
    public void filter(Packet packet, XMPPResourceConnection xMPPResourceConnection, NonAuthUserRepository nonAuthUserRepository, Queue<Packet> queue) {
        if (log.isLoggable(Level.FINEST)) {
            log.log(Level.FINEST, "Filtering (packet): {0}", packet);
        }
        if (xMPPResourceConnection == null || queue == null || queue.size() == 0) {
            return;
        }
        try {
            DomainFilterPolicy domains = getDomains(xMPPResourceConnection);
            if (domains == DomainFilterPolicy.ALL) {
                return;
            }
            ArrayDeque arrayDeque = new ArrayDeque(1);
            Iterator<Packet> it = queue.iterator();
            while (it.hasNext()) {
                Packet next = it.next();
                if (log.isLoggable(Level.FINEST)) {
                    log.log(Level.FINEST, "Filtering (result): {0}", next);
                }
                if (domains != DomainFilterPolicy.BLOCK) {
                    String str = null;
                    if (next.getStanzaTo() != null) {
                        str = next.getStanzaTo().getDomain();
                    }
                    switch (domains) {
                        case LOCAL:
                            if (str != null && !xMPPResourceConnection.isLocalDomain(str, true) && !str.equals(local_hostname)) {
                                removePacket(it, next, arrayDeque, "You can only communicate within the server local domains.");
                                if (log.isLoggable(Level.FINEST)) {
                                    log.log(Level.FINEST, "LOCAL Domains only, blocking packet (filter): {0}", next);
                                    break;
                                }
                            } else if (log.isLoggable(Level.FINEST)) {
                                log.log(Level.FINEST, "LOCAL Domains only, packet not blocked (filter): {0}", next);
                                break;
                            }
                            break;
                        case OWN:
                            if (str != null && !str.equals(local_hostname) && !str.endsWith(xMPPResourceConnection.getDomain().getVhost().getDomain())) {
                                removePacket(it, next, arrayDeque, "You can only communicate within your own domain.");
                                if (log.isLoggable(Level.FINEST)) {
                                    log.log(Level.FINEST, "OWN Domain only, blocking packet (filter): {0}", next);
                                    break;
                                }
                            } else if (log.isLoggable(Level.FINEST)) {
                                log.log(Level.FINEST, "OWN Domain only, packet not blocked (filter): {0}", next);
                                break;
                            }
                            break;
                        case BLACKLIST:
                            String[] domainsList = getDomainsList(xMPPResourceConnection);
                            boolean z = false;
                            if (str != null && !str.equals(local_hostname)) {
                                int length = domainsList.length;
                                int i = 0;
                                while (true) {
                                    if (i < length) {
                                        if (domainsList[i] == str) {
                                            z = true;
                                        } else {
                                            i++;
                                        }
                                    }
                                }
                                if (!z) {
                                    if (log.isLoggable(Level.FINEST)) {
                                        log.log(Level.FINEST, "BLACKLIST domain {1], packet not blocked (filter): {0}", new Object[]{next, str});
                                        break;
                                    }
                                } else {
                                    removePacket(it, next, arrayDeque, "You attempted to communicate with the blacklisted domain - FORBIDDEN");
                                    if (log.isLoggable(Level.FINEST)) {
                                        log.log(Level.FINEST, "BLACKLIST domain {1}, blocking packet (filter): {0}", new Object[]{next, str});
                                        break;
                                    }
                                }
                            }
                            break;
                        case LIST:
                            String[] domainsList2 = getDomainsList(xMPPResourceConnection);
                            boolean z2 = false;
                            if (str != null && !str.equals(local_hostname)) {
                                int length2 = domainsList2.length;
                                int i2 = 0;
                                while (true) {
                                    if (i2 < length2) {
                                        if (domainsList2[i2] == str) {
                                            z2 = true;
                                        } else {
                                            i2++;
                                        }
                                    }
                                }
                                if (!z2) {
                                    removePacket(it, next, arrayDeque, "You can only communicate within selected list of domains.");
                                    if (log.isLoggable(Level.FINEST)) {
                                        log.log(Level.FINEST, "LIST Domain only {1}, blocking packet (filter): {0}", new Object[]{next, str});
                                        break;
                                    }
                                } else if (log.isLoggable(Level.FINEST)) {
                                    log.log(Level.FINEST, "LIST Domain only {1}, packet not blocked (filter): {0}", new Object[]{next, str});
                                    break;
                                }
                            }
                            break;
                    }
                } else if (next.getType() != StanzaType.error && ((next.getStanzaFrom() != null && !xMPPResourceConnection.isUserId(next.getStanzaFrom().getBareJID())) || (next.getStanzaTo() != null && !xMPPResourceConnection.isUserId(next.getStanzaTo().getBareJID())))) {
                    removePacket(it, next, arrayDeque, "Communication blocked.");
                }
            }
            queue.addAll(arrayDeque);
        } catch (TigaseDBException e) {
            log.log(Level.WARNING, "Can't access user repository.", (Throwable) e);
        } catch (NotAuthorizedException e2) {
        }
    }

    @Override // tigase.xmpp.XMPPImplIfc
    public String id() {
        return "domain-filter";
    }

    @Override // tigase.xmpp.XMPPProcessor, tigase.xmpp.XMPPImplIfc
    public void init(Map<String, Object> map) throws TigaseDBException {
        super.init(map);
        local_hostname = DNSResolver.getDefaultHostname();
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:32:0x00b2. Please report as an issue. */
    @Override // tigase.xmpp.XMPPPreprocessorIfc
    public boolean preProcess(Packet packet, XMPPResourceConnection xMPPResourceConnection, NonAuthUserRepository nonAuthUserRepository, Queue<Packet> queue, Map<String, Object> map) {
        DomainFilterPolicy domains;
        if (log.isLoggable(Level.FINEST)) {
            log.log(Level.FINEST, "Processing: {0}", packet);
        }
        boolean z = false;
        if (xMPPResourceConnection == null || xMPPResourceConnection.isServerSession()) {
            return false;
        }
        try {
            domains = getDomains(xMPPResourceConnection);
            if (log.isLoggable(Level.FINEST)) {
                log.log(Level.FINEST, "DOMAINS setting is: {0}", domains.name());
            }
        } catch (TigaseDBException e) {
            log.log(Level.WARNING, "Can't access user repository.", (Throwable) e);
        } catch (NotAuthorizedException e2) {
        }
        if (domains == DomainFilterPolicy.ALL) {
            return false;
        }
        String domain = packet.getStanzaFrom() != null ? packet.getStanzaFrom().getDomain() : null;
        try {
            if (xMPPResourceConnection.getConnectionId().equals(packet.getPacketFrom())) {
                domain = packet.getStanzaTo() != null ? packet.getStanzaTo().getDomain() : null;
            }
        } catch (NoConnectionIdException e3) {
            log.log(Level.WARNING, "No connection id for session, even though this is not a server session: {0}, request: {1}", new Object[]{xMPPResourceConnection, packet});
        }
        switch (domains) {
            case LOCAL:
                if (domain != null && !xMPPResourceConnection.isLocalDomain(domain, true)) {
                    removePacket(null, packet, queue, "You can only communicate within the server local domains.");
                    z = true;
                    if (log.isLoggable(Level.FINEST)) {
                        log.log(Level.FINEST, "LOCAL Domains only {1}, blocking packet: {0}", new Object[]{packet, domain});
                    }
                } else if (log.isLoggable(Level.FINEST)) {
                    log.log(Level.FINEST, "LOCAL Domains only {1}, packet not blocked: {0}", new Object[]{packet, domain});
                }
                return z;
            case OWN:
                if (domain != null && !domain.equals(local_hostname) && !domain.endsWith(xMPPResourceConnection.getDomain().getVhost().getDomain())) {
                    removePacket(null, packet, queue, "You can only communicate within your own domain.");
                    z = true;
                    if (log.isLoggable(Level.FINEST)) {
                        log.log(Level.FINEST, "OWN Domain only {1}, blocking packet: {0}", new Object[]{packet, domain});
                    }
                } else if (log.isLoggable(Level.FINEST)) {
                    log.log(Level.FINEST, "OWN Domain only {1}, packet not blocked: {0}", new Object[]{packet, domain});
                }
                return z;
            case BLACKLIST:
                String[] domainsList = getDomainsList(xMPPResourceConnection);
                boolean z2 = false;
                if (domain != null && !domain.equals(local_hostname)) {
                    int length = domainsList.length;
                    int i = 0;
                    while (true) {
                        if (i < length) {
                            if (domainsList[i] == domain) {
                                z2 = true;
                            } else {
                                i++;
                            }
                        }
                    }
                    if (z2) {
                        removePacket(null, packet, queue, "You attempted to communicate with the blacklisted domain - FORBIDDEN");
                        z = true;
                        if (log.isLoggable(Level.FINEST)) {
                            log.log(Level.FINEST, "Packet to blacklisted domain {1}, blocking packet: {0}", new Object[]{packet, domain});
                        }
                    } else if (log.isLoggable(Level.FINEST)) {
                        log.log(Level.FINEST, "Packet NOT TO blacklisted domain {1}, NOT blocking packet: {0}", new Object[]{packet, domain});
                    }
                }
                return z;
            case LIST:
                String[] domainsList2 = getDomainsList(xMPPResourceConnection);
                boolean z3 = false;
                if (domain != null && !domain.equals(local_hostname)) {
                    int length2 = domainsList2.length;
                    int i2 = 0;
                    while (true) {
                        if (i2 < length2) {
                            if (domainsList2[i2] == domain) {
                                z3 = true;
                            } else {
                                i2++;
                            }
                        }
                    }
                    if (!z3) {
                        removePacket(null, packet, queue, "You can only communicate within selected list of domains.");
                        z = true;
                        if (log.isLoggable(Level.FINEST)) {
                            log.log(Level.FINEST, "LISTED Domains only {1}, blocking packet: {0}", new Object[]{packet, domain});
                        }
                    } else if (log.isLoggable(Level.FINEST)) {
                        log.log(Level.FINEST, "LISTED Domain only {1}, packet not blocked: {0}", new Object[]{packet, domain});
                    }
                }
                return z;
            case BLOCK:
                if (packet.getType() == StanzaType.error || packet.getStanzaFrom() == null || (xMPPResourceConnection.isUserId(packet.getStanzaFrom().getBareJID()) && (packet.getStanzaTo() == null || xMPPResourceConnection.isUserId(packet.getStanzaTo().getBareJID())))) {
                    return false;
                }
                removePacket(null, packet, queue, "Communication blocked.");
                z = true;
                if (log.isLoggable(Level.FINEST)) {
                    log.log(Level.FINEST, "BLOCK, blocking packet: {0}", packet);
                }
                return z;
            default:
                return z;
        }
    }

    @Override // tigase.xmpp.XMPPProcessor, tigase.xmpp.XMPPImplIfc
    public String[][] supElementNamePaths() {
        return ELEMENTS;
    }

    @Override // tigase.xmpp.XMPPProcessor, tigase.xmpp.XMPPImplIfc
    public String[] supNamespaces() {
        return XMLNSS;
    }

    public DomainFilterPolicy getDomains(XMPPResourceConnection xMPPResourceConnection) throws NotAuthorizedException, TigaseDBException {
        VHostItem domain = xMPPResourceConnection.getDomain();
        DomainFilterPolicy domainFilterPolicy = (DomainFilterPolicy) xMPPResourceConnection.getCommonSessionData(ALLOWED_DOMAINS_KEY);
        if (log.isLoggable(Level.FINEST)) {
            log.log(Level.FINEST, "Domains read from user session: {0} for VHost: {1}", new Object[]{domainFilterPolicy, domain});
        }
        if (domainFilterPolicy == null) {
            String data = xMPPResourceConnection.getData(null, ALLOWED_DOMAINS_KEY, null);
            if (log.isLoggable(Level.FINEST)) {
                log.log(Level.FINEST, "Domains read from database: {0} for VHost: {1}", new Object[]{data, domain});
            }
            domainFilterPolicy = DomainFilterPolicy.valueof(data);
            if (domainFilterPolicy == null) {
                domainFilterPolicy = xMPPResourceConnection.isAnonymous() ? DomainFilterPolicy.LOCAL : domain.getDomainFilter();
            }
            if (log.isLoggable(Level.FINEST)) {
                log.log(Level.FINEST, "Domains read from VHost item: {0} for VHost: {1}", new Object[]{domainFilterPolicy, domain});
            }
            xMPPResourceConnection.putCommonSessionData(ALLOWED_DOMAINS_KEY, domainFilterPolicy);
        }
        return domainFilterPolicy;
    }

    public String[] getDomainsList(XMPPResourceConnection xMPPResourceConnection) throws NotAuthorizedException, TigaseDBException {
        VHostItem domain = xMPPResourceConnection.getDomain();
        String[] strArr = (String[]) xMPPResourceConnection.getCommonSessionData(ALLOWED_DOMAINS_LIST_KEY);
        if (log.isLoggable(Level.FINEST)) {
            Logger logger = log;
            Level level = Level.FINEST;
            Object[] objArr = new Object[2];
            objArr[0] = strArr != null ? Arrays.asList(strArr) : "";
            objArr[1] = domain;
            logger.log(level, "Getting list of domains from user session: {0} for VHost: {1}", objArr);
        }
        if (strArr == null) {
            String data = xMPPResourceConnection.getData(null, ALLOWED_DOMAINS_LIST_KEY, null);
            if (log.isLoggable(Level.FINEST)) {
                log.log(Level.FINEST, "Domains list read from database: {0} for VHost: {1}", new Object[]{data, domain});
            }
            if (data != null) {
                strArr = StringUtilities.stringToArrayOfString(data, ";");
            } else {
                strArr = domain.getDomainFilterDomains();
                if (log.isLoggable(Level.FINEST)) {
                    Logger logger2 = log;
                    Level level2 = Level.FINEST;
                    Object[] objArr2 = new Object[2];
                    objArr2[0] = strArr != null ? Arrays.asList(strArr) : "";
                    objArr2[1] = domain;
                    logger2.log(level2, "Domains list read from VHost: {0} for VHost: {1}", objArr2);
                }
            }
            xMPPResourceConnection.putCommonSessionData(ALLOWED_DOMAINS_LIST_KEY, strArr);
        }
        return strArr;
    }

    private void removePacket(Iterator<Packet> it, Packet packet, Queue<Packet> queue, String str) {
        if (it != null) {
            it.remove();
        }
        try {
            queue.add(Authorization.FORBIDDEN.getResponseMessage(packet, str, true));
        } catch (PacketErrorTypeException e) {
            log.log(Level.FINE, "Already error packet, dropping it..: {0}", packet);
        }
    }
}
