package org.owasp.esapi.waf.rules;

import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.pdfbox.contentstream.operator.OperatorName;
import org.owasp.esapi.waf.actions.Action;
import org.owasp.esapi.waf.actions.BlockAction;
import org.owasp.esapi.waf.actions.DefaultAction;
import org.owasp.esapi.waf.actions.DoNothingAction;
import org.owasp.esapi.waf.configuration.AppGuardianConfiguration;
import org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse;

/* loaded from: input_file:WEB-INF/lib/esapi-2.3.0.0.jar:org/owasp/esapi/waf/rules/RestrictUserAgentRule.class */
public class RestrictUserAgentRule extends Rule {
    private static final String USER_AGENT_HEADER = "User-Agent";
    private Pattern allow;
    private Pattern deny;

    public RestrictUserAgentRule(String str, Pattern pattern, Pattern pattern2) {
        this.allow = pattern;
        this.deny = pattern2;
        setId(str);
    }

    @Override // org.owasp.esapi.waf.rules.Rule
    public Action check(HttpServletRequest httpServletRequest, InterceptingHTTPServletResponse interceptingHTTPServletResponse, HttpServletResponse httpServletResponse) {
        String header = httpServletRequest.getHeader("User-Agent");
        if (header == null) {
            header = "";
        }
        if (this.allow != null) {
            if (this.allow.matcher(header).matches()) {
                return new DoNothingAction();
            }
        } else if (this.deny != null && !this.deny.matcher(header).matches()) {
            return new DoNothingAction();
        }
        log(httpServletRequest, "Disallowed user agent pattern '" + this.deny.pattern() + "' found in user agent '" + httpServletRequest.getHeader("User-Agent") + OperatorName.SHOW_TEXT_LINE);
        return AppGuardianConfiguration.DEFAULT_FAIL_ACTION == 1 ? new BlockAction() : new DefaultAction();
    }
}
