package org.parosproxy.paros.core.scanner;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.core.scanner.MultipartFormParameter;
import org.parosproxy.paros.network.HttpHeader;
import org.parosproxy.paros.network.HttpMessage;
import org.zaproxy.zap.core.scanner.InputVector;
import org.zaproxy.zap.extension.alert.AlertEventPublisher;

/* loaded from: input_file:org/parosproxy/paros/core/scanner/VariantMultipartFormParameters.class */
public class VariantMultipartFormParameters implements Variant {
    private static final Logger LOGGER = LogManager.getLogger(VariantMultipartFormParameters.class);
    private static final Pattern FIELD_NAME_PATTERN = Pattern.compile("\\s*content-disposition\\s*:.*\\s+name\\s*\\=?\\s*\\\"?(?<name>.[^;\\\"\\n]*)\\\"?\\;?.*", 2);
    private static final Pattern FIELD_VALUE_PATTERN = Pattern.compile("[\\r\\n]{2}(?<value>.*)");
    private static final Pattern FILENAME_PART_PATTERN = Pattern.compile("\\s*content-disposition\\s*:.*filename\\s*\\=?\\s*\\\"?(?<filename>.[^;\"\\n]*)\\\"?\\;?.*", 2);
    private static final Pattern CONTENTTYPE_PART_PATTERN = Pattern.compile("\\s*content-disposition.*content-type\\s*:\\s*\\s*\\\"?(?<contenttype>.[^;\"\\r\\n]*)\\\"?\\;?.*", 34);
    private List<NameValuePair> params = Collections.emptyList();
    private List<MultipartFormParameter> multiPartParams = new ArrayList();
    private static final String SHORT_NAME = "multipart";

    @Override // org.parosproxy.paros.core.scanner.Variant
    public String getShortName() {
        return SHORT_NAME;
    }

    @Override // org.parosproxy.paros.core.scanner.Variant
    public void setMessage(HttpMessage httpMessage) {
        if (httpMessage == null) {
            throw new IllegalArgumentException("Parameter message must not be null.");
        }
        String header = httpMessage.getRequestHeader().getHeader(HttpHeader.CONTENT_TYPE);
        if (header == null || !header.toLowerCase().startsWith("multipart/form-data")) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        int i = 0;
        int i2 = 0;
        String str = getBoundary(header) + "\r\n";
        for (String str2 : httpMessage.getRequestBody().toString().split(str)) {
            if (!StringUtils.isBlank(str2)) {
                String substring = str2.substring(0, str2.indexOf("\r\n\r\n"));
                boolean contains = substring.contains("filename=");
                str2 = str + str2;
                Matcher matcher = FIELD_NAME_PATTERN.matcher(substring);
                Matcher matcher2 = FIELD_VALUE_PATTERN.matcher(str2);
                matcher.find();
                matcher2.find();
                if (StringUtils.isBlank(matcher2.group("value"))) {
                    matcher2.find();
                }
                String group = matcher.group(AlertEventPublisher.NAME);
                String replaceAll = str2.replaceAll(Pattern.quote(str + substring) + "\r\n\r\n", Constant.USER_AGENT).replaceAll("\r\n(" + Pattern.quote(getBoundary(header)) + "--\r\n)?$", Constant.USER_AGENT);
                if (contains) {
                    i += 2;
                    arrayList.add(new NameValuePair(34, group, replaceAll, i));
                } else {
                    arrayList.add(new NameValuePair(33, group, replaceAll, i));
                }
                int indexOf = i2 + str2.indexOf("\r\n\r\n") + 4;
                int length = indexOf + replaceAll.length();
                LOGGER.debug("Name: {} O: {} S: {} E: {} Pos: {}", group, Integer.valueOf(i2), Integer.valueOf(indexOf), Integer.valueOf(length), Integer.valueOf(i));
                this.multiPartParams.add(new MultipartFormParameter(group, matcher2.group("value"), indexOf, length, i, MultipartFormParameter.Type.GENERAL));
                LOGGER.debug("Name: {} value: {}", group, matcher2.group("value"));
                if (contains) {
                    int i3 = i - 2;
                    Matcher matcher3 = FILENAME_PART_PATTERN.matcher(str2);
                    matcher3.find();
                    String group2 = matcher3.group("filename");
                    arrayList.add(arrayList.size() - 1, new NameValuePair(35, group, group2, i3));
                    int indexOf2 = i2 + str2.indexOf(group2);
                    int length2 = indexOf2 + group2.length();
                    LOGGER.debug("Name: {} O: {} S: {} E: {} Pos: {}", group, Integer.valueOf(i2), Integer.valueOf(indexOf2), Integer.valueOf(length2), Integer.valueOf(i3));
                    this.multiPartParams.add(this.multiPartParams.size() - 1, new MultipartFormParameter(group, group2, indexOf2, length2, i3, MultipartFormParameter.Type.FILE_NAME));
                    Matcher matcher4 = CONTENTTYPE_PART_PATTERN.matcher(str2);
                    matcher4.find();
                    String group3 = matcher4.group("contenttype");
                    i = i3 + 1;
                    arrayList.add(arrayList.size() - 1, new NameValuePair(36, group, group3, i));
                    int indexOf3 = i2 + str2.indexOf(group3);
                    int length3 = indexOf3 + group3.length();
                    LOGGER.debug("Name: {} O: {} S: {} E: {} Pos: {}", group, Integer.valueOf(i2), Integer.valueOf(indexOf3), Integer.valueOf(length3), Integer.valueOf(i));
                    this.multiPartParams.add(this.multiPartParams.size() - 1, new MultipartFormParameter(group, group3, indexOf3, length3, i, MultipartFormParameter.Type.FILE_CONTENT_TYPE));
                }
            }
            i++;
            i2 += str2.length();
        }
        this.params = Collections.unmodifiableList(arrayList);
    }

    @Override // org.parosproxy.paros.core.scanner.Variant
    public List<NameValuePair> getParamList() {
        return this.params;
    }

    @Override // org.parosproxy.paros.core.scanner.Variant
    public String setParameter(HttpMessage httpMessage, NameValuePair nameValuePair, String str, String str2) {
        return setParameter(httpMessage, Collections.singletonList(Integer.valueOf(nameValuePair.getPosition())), Collections.singletonList(str2));
    }

    @Override // org.parosproxy.paros.core.scanner.Variant
    public String setEscapedParameter(HttpMessage httpMessage, NameValuePair nameValuePair, String str, String str2) {
        return setParameter(httpMessage, Collections.singletonList(Integer.valueOf(nameValuePair.getPosition())), Collections.singletonList(str2));
    }

    @Override // org.parosproxy.paros.core.scanner.Variant
    public void setParameters(HttpMessage httpMessage, List<InputVector> list) {
        setParameter(httpMessage, (List) list.stream().map((v0) -> {
            return v0.getPosition();
        }).collect(Collectors.toList()), (List) list.stream().map((v0) -> {
            return v0.getValue();
        }).collect(Collectors.toList()));
    }

    private String setParameter(HttpMessage httpMessage, List<Integer> list, List<String> list2) {
        StringBuilder sb = new StringBuilder(httpMessage.getRequestBody().toString());
        int i = 0;
        for (int i2 = 0; i2 < list.size(); i2++) {
            int intValue = list.get(i2).intValue();
            String str = list2.get(i2);
            int i3 = intValue - 1;
            MultipartFormParameter multipartFormParameter = this.multiPartParams.get(i3);
            LOGGER.debug("i: {} pos: {} S: {} E: {} O: {}", Integer.valueOf(i3), Integer.valueOf(intValue), Integer.valueOf(multipartFormParameter.getStart()), Integer.valueOf(multipartFormParameter.getEnd()), Integer.valueOf(i));
            sb.replace(multipartFormParameter.getStart() + i, multipartFormParameter.getEnd() + i, str);
            i = ((i + str.length()) - multipartFormParameter.getEnd()) + multipartFormParameter.getStart();
        }
        String sb2 = sb.toString();
        httpMessage.getRequestBody().setBody(sb2);
        return sb2;
    }

    private String getBoundary(String str) {
        int lastIndexOf = str.lastIndexOf("boundary=");
        if (lastIndexOf == -1) {
            return null;
        }
        String substring = str.substring(lastIndexOf + 9);
        if (substring.charAt(0) == '\"') {
            substring = substring.substring(1, substring.lastIndexOf(34));
        }
        return "--" + substring;
    }
}
