package sk.eset.era.g2webconsole.server.modules.authorization;

import java.util.ResourceBundle;
import sk.eset.era.commons.common.constants.Version;
import sk.eset.phoenix.common.logger.SettingsLogger;

/* loaded from: input_file:WEB-INF/lib/commons-0.0.1-SNAPSHOT.jar:sk/eset/era/g2webconsole/server/modules/authorization/SecuritySettings.class */
public class SecuritySettings {
    private final SettingsLogger logger;
    private long timeCancelIpBlock;
    private long timeCancelIpLoginBlock;
    private long numUnknownIdsToBlock;
    private long numUnknownLoginsToBlock;
    private int ipsStorageSize;
    private long timeExpiredIdCleanup;
    private long timeCleanupPeriod;
    private boolean allowIpChange;
    private boolean enableIdCheck;
    private boolean enableLoginCheck;
    private boolean isLogStackTraceEnabled;
    private Boolean enableHSTS;
    protected static final long TIME_CANCEL_IP_BLOCK = 900000;
    protected static final long TIME_CANCEL_IP_LOGIN_BLOCK = 600000;
    protected static final long NUM_UNKNOWN_IDS_TO_BLOCK = 15;
    protected static final long NUM_UNKNOWN_LOGINS_TO_BLOCK = 10;
    protected static final int IPS_STORAGE_SIZE = 10000;
    protected static final long TIME_EXPIRED_ID_CLEANUP = 3600000;
    protected static final long TIME_CLEANUP_PERIOD = 60000;
    protected static final boolean ALLOW_IP_CHANGE = false;
    protected static final boolean ENABLE_ID_CHECK = true;
    protected static final boolean ENABLE_LOGIN_CHECK = true;
    protected static final Boolean ENABLE_HSTS;
    static final /* synthetic */ boolean $assertionsDisabled;
    private boolean immutable = false;
    private RemoteAddressSource remoteAddressSource = RemoteAddressSource.CONNECTION;

    /* loaded from: input_file:WEB-INF/lib/commons-0.0.1-SNAPSHOT.jar:sk/eset/era/g2webconsole/server/modules/authorization/SecuritySettings$RemoteAddressSource.class */
    public enum RemoteAddressSource {
        CONNECTION,
        X_FORWARDED_FOR_FIRST,
        X_FORWARDED_FOR_LAST
    }

    public SecuritySettings(SettingsLogger settingsLogger) {
        this.logger = settingsLogger;
        loadDefaults();
    }

    private void loadDefaults() {
        this.timeCancelIpBlock = 900000L;
        this.timeCancelIpLoginBlock = TIME_CANCEL_IP_LOGIN_BLOCK;
        this.numUnknownIdsToBlock = NUM_UNKNOWN_IDS_TO_BLOCK;
        this.numUnknownLoginsToBlock = NUM_UNKNOWN_LOGINS_TO_BLOCK;
        this.ipsStorageSize = 10000;
        this.timeExpiredIdCleanup = 3600000L;
        this.timeCleanupPeriod = 60000L;
        this.allowIpChange = false;
        this.enableIdCheck = true;
        this.enableLoginCheck = true;
        this.enableHSTS = ENABLE_HSTS;
        this.isLogStackTraceEnabled = false;
    }

    public void readFromResources(ResourceBundle resourceBundle) {
        try {
            if (resourceBundle.containsKey("log_stack_trace") && "true".equals(resourceBundle.getString("log_stack_trace"))) {
                this.isLogStackTraceEnabled = true;
            }
            if (resourceBundle.containsKey("allow_address_changes")) {
                String string = resourceBundle.getString("allow_address_changes");
                if ("true".equals(string)) {
                    setAllowIpChange(true);
                    this.logger.configLoaded("allow_address_changes", string);
                } else if ("false".equals(string)) {
                    setAllowIpChange(false);
                    this.logger.configLoaded("allow_address_changes", string);
                }
            }
            if (resourceBundle.containsKey("remote_address_source")) {
                String string2 = resourceBundle.getString("remote_address_source");
                if ("connection".equals(string2)) {
                    setRemoteAddressSource(RemoteAddressSource.CONNECTION);
                    this.logger.configLoaded("remote_address_source", string2);
                } else if ("x-forwarded-for-first".equals(string2)) {
                    setRemoteAddressSource(RemoteAddressSource.X_FORWARDED_FOR_FIRST);
                    this.logger.configLoaded("remote_address_source", string2);
                } else if ("x-forwarded-for-last".equals(string2)) {
                    setRemoteAddressSource(RemoteAddressSource.X_FORWARDED_FOR_LAST);
                    this.logger.configLoaded("remote_address_source", string2);
                } else {
                    setRemoteAddressSource(RemoteAddressSource.CONNECTION);
                    this.logger.configLoadingFailed("Failed to load remote_address_source, falling back to 'connection'");
                }
            } else {
                setRemoteAddressSource(RemoteAddressSource.CONNECTION);
                this.logger.configLoadingFailed("Failed to load remote_address_source, falling back to 'connection'");
            }
            if (resourceBundle.containsKey("HSTS_enable")) {
                String string3 = resourceBundle.getString("HSTS_enable");
                if ("true".equals(string3)) {
                    setEnableHSTS(true);
                    this.logger.configLoaded("HSTS_enable", string3);
                } else if ("false".equals(string3)) {
                    setEnableHSTS(false);
                    this.logger.configLoaded("HSTS_enable", string3);
                } else {
                    setEnableHSTS(null);
                    this.logger.configLoaded("HSTS_enable", "no value loaded");
                }
            } else {
                setEnableHSTS(null);
                this.logger.configLoaded("HSTS_enable", "no value loaded");
            }
        } catch (Throwable th) {
            this.logger.configLoadingFailed(th);
            loadDefaults();
        }
    }

    public void makeImmutable() {
        this.immutable = true;
    }

    public boolean isImmutable() {
        return this.immutable;
    }

    public long getTimeCancelIpBlock() {
        return this.timeCancelIpBlock;
    }

    public SecuritySettings setTimeCancelIpBlock(long j) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.timeCancelIpBlock = j;
        return this;
    }

    public long getTimeCancelIpLoginBlock() {
        return this.timeCancelIpLoginBlock;
    }

    public SecuritySettings setTimeCancelIpLoginBlock(long j) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.timeCancelIpLoginBlock = j;
        return this;
    }

    public long getNumUnknownIdsToBlock() {
        return this.numUnknownIdsToBlock;
    }

    public SecuritySettings setNumUnknownIdsToBlock(long j) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.numUnknownIdsToBlock = j;
        return this;
    }

    public long getNumUnknownLoginsToBlock() {
        return this.numUnknownLoginsToBlock;
    }

    public SecuritySettings setNumUnknownLoginsToBlock(long j) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.numUnknownLoginsToBlock = j;
        return this;
    }

    public int getIpsStorageSize() {
        return this.ipsStorageSize;
    }

    public SecuritySettings setIpsStorageSize(int i) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.ipsStorageSize = i;
        return this;
    }

    public long getTimeExpiredIdCleanup() {
        return this.timeExpiredIdCleanup;
    }

    public SecuritySettings setTimeExpiredIdCleanup(long j) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.timeExpiredIdCleanup = j;
        return this;
    }

    public long getTimeCleanupPeriod() {
        return this.timeCleanupPeriod;
    }

    public SecuritySettings setTimeCleanupPeriod(long j) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.timeCleanupPeriod = j;
        return this;
    }

    public boolean getAllowIpChange() {
        return this.allowIpChange;
    }

    public boolean getEnableIdCheck() {
        return this.enableIdCheck;
    }

    public SecuritySettings setAllowIpChange(boolean z) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.allowIpChange = z;
        return this;
    }

    public SecuritySettings setEnableIdCheck(boolean z) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.enableIdCheck = z;
        return this;
    }

    public boolean getEnableLoginCheck() {
        return this.enableLoginCheck;
    }

    public SecuritySettings setEnableLoginCheck(boolean z) {
        if (!$assertionsDisabled && this.immutable) {
            throw new AssertionError();
        }
        this.enableLoginCheck = z;
        return this;
    }

    public void setRemoteAddressSource(RemoteAddressSource remoteAddressSource) {
        this.remoteAddressSource = remoteAddressSource;
    }

    public RemoteAddressSource getRemoteAddressSource() {
        return this.remoteAddressSource;
    }

    public void setEnableHSTS(Boolean bool) {
        this.enableHSTS = bool;
    }

    public Boolean getEnableHSTS() {
        return this.enableHSTS;
    }

    public boolean isLogStackTraceEnabled() {
        return Version.isDevToolsEnabled() && this.isLogStackTraceEnabled;
    }

    static {
        $assertionsDisabled = !SecuritySettings.class.desiredAssertionStatus();
        ENABLE_HSTS = null;
    }
}
