package pt.digitalis.dif.utils.security;

import javax.servlet.http.HttpServletResponse;
import pt.digitalis.dif.ioc.DIFIoCRegistry;
import pt.digitalis.utils.common.StringUtils;
import pt.digitalis.utils.config.IConfigurations;
import pt.digitalis.utils.config.annotations.ConfigDefault;
import pt.digitalis.utils.config.annotations.ConfigID;
import pt.digitalis.utils.config.annotations.ConfigIgnore;
import pt.digitalis.utils.config.annotations.ConfigSectionID;

@ConfigID("dif2")
@ConfigSectionID("Security/HTTP")
/* loaded from: input_file:WEB-INF/lib/dif-presentation-core-2.2.18-8.jar:pt/digitalis/dif/utils/security/HTTPSecurityConfiguration.class */
public class HTTPSecurityConfiguration {
    private static HTTPSecurityConfiguration instance;
    private String securityViolationMailReportDestination;
    private String securityViolationMailReportTestingDestination;
    private Boolean validateRequestAuthorizations;
    private String xContentTypeOptions;
    private String xFrameOptions;
    private Boolean xssParameterSanitization;
    private String xssProtection;

    @ConfigIgnore
    public static HTTPSecurityConfiguration getInstance() throws Exception {
        if (instance == null) {
            try {
                instance = (HTTPSecurityConfiguration) ((IConfigurations) DIFIoCRegistry.getRegistry().getImplementation(IConfigurations.class)).readConfiguration(HTTPSecurityConfiguration.class);
            } catch (Exception e) {
                e.printStackTrace();
                instance = null;
            }
        }
        return instance;
    }

    public void applyHTTPSecurityHeaders(HttpServletResponse httpServletResponse) {
        if (StringUtils.isNotBlank(getXssProtection())) {
            httpServletResponse.setHeader("X-XSS-Protection", getXssProtection());
        }
        if (StringUtils.isNotBlank(getXssProtection())) {
            httpServletResponse.setHeader("X-Content-Type-Options", getxContentTypeOptions());
        }
        if (StringUtils.isNotBlank(getXssProtection())) {
            httpServletResponse.setHeader("X-Frame-Options", getxFrameOptions());
        }
    }

    @ConfigDefault("tech-support@digitalis.pt")
    public String getSecurityViolationMailReportDestination() {
        return this.securityViolationMailReportDestination;
    }

    public String getSecurityViolationMailReportTestingDestination() {
        return this.securityViolationMailReportTestingDestination;
    }

    @ConfigDefault("true")
    public Boolean getValidateRequestAuthorizations() {
        return this.validateRequestAuthorizations;
    }

    @ConfigDefault("nosniff")
    public String getxContentTypeOptions() {
        return this.xContentTypeOptions;
    }

    @ConfigDefault("DENY")
    public String getxFrameOptions() {
        return this.xFrameOptions;
    }

    @ConfigDefault("true")
    public Boolean getXssParameterSanitization() {
        return this.xssParameterSanitization;
    }

    @ConfigDefault("1; mode=block")
    public String getXssProtection() {
        return this.xssProtection;
    }

    public void setSecurityViolationMailReportDestination(String str) {
        this.securityViolationMailReportDestination = str;
    }

    public void setSecurityViolationMailReportTestingDestination(String str) {
        this.securityViolationMailReportTestingDestination = str;
    }

    public void setValidateRequestAuthorizations(Boolean bool) {
        this.validateRequestAuthorizations = bool;
    }

    public void setxContentTypeOptions(String str) {
        this.xContentTypeOptions = str;
    }

    public void setxFrameOptions(String str) {
        this.xFrameOptions = str;
    }

    public void setXssParameterSanitization(Boolean bool) {
        this.xssParameterSanitization = bool;
    }

    public void setXssProtection(String str) {
        this.xssProtection = str;
    }
}
