package org.zaproxy.zap.authentication;

import java.awt.Component;
import java.awt.GridBagLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.awt.event.FocusAdapter;
import java.awt.event.FocusEvent;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.function.UnaryOperator;
import javax.swing.DefaultComboBoxModel;
import javax.swing.ImageIcon;
import javax.swing.JButton;
import javax.swing.JComboBox;
import javax.swing.JLabel;
import javax.swing.JList;
import javax.swing.JOptionPane;
import javax.swing.JPanel;
import javax.swing.border.Border;
import javax.swing.border.EmptyBorder;
import javax.swing.plaf.basic.BasicComboBoxRenderer;
import net.sf.json.JSONObject;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.httpclient.URI;
import org.apache.commons.httpclient.URIException;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.control.Control;
import org.parosproxy.paros.db.DatabaseException;
import org.parosproxy.paros.extension.ExtensionHook;
import org.parosproxy.paros.model.Model;
import org.parosproxy.paros.model.Session;
import org.parosproxy.paros.model.SiteNode;
import org.parosproxy.paros.network.HttpHeader;
import org.parosproxy.paros.network.HttpMalformedHeaderException;
import org.parosproxy.paros.network.HttpMessage;
import org.parosproxy.paros.network.HttpRequestHeader;
import org.parosproxy.paros.network.HttpSender;
import org.parosproxy.paros.view.SessionDialog;
import org.parosproxy.paros.view.View;
import org.zaproxy.zap.authentication.AuthenticationMethod;
import org.zaproxy.zap.authentication.AuthenticationMethodType;
import org.zaproxy.zap.authentication.UsernamePasswordAuthenticationCredentials;
import org.zaproxy.zap.extension.anticsrf.AntiCsrfToken;
import org.zaproxy.zap.extension.anticsrf.ExtensionAntiCSRF;
import org.zaproxy.zap.extension.api.ApiDynamicActionImplementor;
import org.zaproxy.zap.extension.api.ApiException;
import org.zaproxy.zap.extension.api.ApiResponse;
import org.zaproxy.zap.extension.authentication.ContextAuthenticationPanel;
import org.zaproxy.zap.extension.users.ExtensionUserManagement;
import org.zaproxy.zap.model.Context;
import org.zaproxy.zap.model.NameValuePair;
import org.zaproxy.zap.session.SessionManagementMethod;
import org.zaproxy.zap.session.WebSession;
import org.zaproxy.zap.users.User;
import org.zaproxy.zap.utils.ApiUtils;
import org.zaproxy.zap.utils.HirshbergMatcher;
import org.zaproxy.zap.utils.ZapHtmlLabel;
import org.zaproxy.zap.utils.ZapTextField;
import org.zaproxy.zap.view.LayoutHelper;
import org.zaproxy.zap.view.NodeSelectDialog;
import org.zaproxy.zap.view.popup.PopupMenuItemContext;
import org.zaproxy.zap.view.popup.PopupMenuItemSiteNodeContextMenuFactory;

/* loaded from: input_file:org/zaproxy/zap/authentication/PostBasedAuthenticationMethodType.class */
public abstract class PostBasedAuthenticationMethodType extends AuthenticationMethodType {
    private static final String CONTEXT_CONFIG_AUTH_FORM = "context.authentication.form";
    private static final String CONTEXT_CONFIG_AUTH_FORM_LOGINURL = "context.authentication.form.loginurl";
    private static final String CONTEXT_CONFIG_AUTH_FORM_LOGINBODY = "context.authentication.form.loginbody";
    private static final String CONTEXT_CONFIG_AUTH_FORM_LOGINPAGEURL = "context.authentication.form.loginpageurl";
    private static final String POST_DATA_LABEL = Constant.messages.getString("authentication.method.pb.field.label.postData");
    private static final String POST_DATA_REQUIRED_LABEL = Constant.messages.getString("authentication.method.pb.field.label.postDataRequired");
    private static final String USERNAME_PARAM_LABEL = Constant.messages.getString("authentication.method.pb.field.label.usernameParam");
    private static final String PASSWORD_PARAM_LABEL = Constant.messages.getString("authentication.method.pb.field.label.passwordParam");
    private static final String LOGIN_URL_LABEL = Constant.messages.getString("authentication.method.pb.field.label.loginUrl");
    private static final String LOGIN_PAGE_URL_LABEL = Constant.messages.getString("authentication.method.pb.field.label.loginPageUrl");
    private static final String AUTH_DESCRIPTION = Constant.messages.getString("authentication.method.pb.field.label.description");
    private static final Logger LOGGER = LogManager.getLogger(PostBasedAuthenticationMethodType.class);
    private static ExtensionAntiCSRF extAntiCsrf;
    private final String methodName;
    private final int methodIdentifier;
    private final String apiMethodName;
    private final String labelPopupMenuKey;
    private final boolean postDataRequired;
    private static final String PARAM_LOGIN_URL = "loginUrl";
    private static final String PARAM_LOGIN_REQUEST_DATA = "loginRequestData";
    private static final String PARAM_LOGIN_PAGE_URL = "loginPageUrl";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/zaproxy/zap/authentication/PostBasedAuthenticationMethodType$NameValuePairRenderer.class */
    public static class NameValuePairRenderer extends BasicComboBoxRenderer {
        private static final long serialVersionUID = 3654541772447187317L;
        public static final NameValuePairRenderer INSTANCE = new NameValuePairRenderer();
        private static final Border BORDER = new EmptyBorder(2, 3, 3, 3);

        private NameValuePairRenderer() {
        }

        public Component getListCellRendererComponent(JList jList, Object obj, int i, boolean z, boolean z2) {
            super.getListCellRendererComponent(jList, obj, i, z, z2);
            if (obj != null) {
                setBorder(BORDER);
                setText(((NameValuePair) obj).getName());
            }
            return this;
        }
    }

    /* loaded from: input_file:org/zaproxy/zap/authentication/PostBasedAuthenticationMethodType$PostBasedAuthenticationMethod.class */
    public abstract class PostBasedAuthenticationMethod extends AuthenticationMethod {
        private static final String LOGIN_ICON_RESOURCE = "/resource/icon/fugue/door-open-green-arrow.png";
        public static final String MSG_USER_PATTERN = "{%username%}";
        public static final String MSG_PASS_PATTERN = "{%password%}";
        private final String contentType;
        private final UnaryOperator<String> paramEncoder;
        private HttpSender httpSender;
        private SiteNode markedLoginSiteNode;
        private SiteNode loginSiteNode;
        private String loginRequestURL;
        private String loginPageUrl;
        private String loginRequestBody;

        /* JADX INFO: Access modifiers changed from: protected */
        public PostBasedAuthenticationMethod(String str, UnaryOperator<String> unaryOperator, PostBasedAuthenticationMethod postBasedAuthenticationMethod) {
            this.loginSiteNode = null;
            this.contentType = str + "; charset=utf-8";
            this.paramEncoder = unaryOperator;
            if (postBasedAuthenticationMethod != null) {
                this.loginRequestURL = postBasedAuthenticationMethod.loginRequestURL;
                this.loginRequestBody = postBasedAuthenticationMethod.loginRequestBody;
                this.loginSiteNode = postBasedAuthenticationMethod.loginSiteNode;
                this.markedLoginSiteNode = postBasedAuthenticationMethod.markedLoginSiteNode;
                this.loginPageUrl = postBasedAuthenticationMethod.loginPageUrl;
            }
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public boolean isConfigured() {
            return ((PostBasedAuthenticationMethodType.this.postDataRequired && (this.loginRequestBody == null || this.loginRequestBody.isEmpty())) || this.loginRequestURL == null || this.loginRequestURL.isEmpty()) ? false : true;
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public AuthenticationCredentials createAuthenticationCredentials() {
            return new UsernamePasswordAuthenticationCredentials();
        }

        protected HttpSender getHttpSender() {
            if (this.httpSender == null) {
                this.httpSender = new HttpSender(5);
            }
            return this.httpSender;
        }

        protected HttpMessage prepareRequestMessage(UsernamePasswordAuthenticationCredentials usernamePasswordAuthenticationCredentials) throws URIException, HttpMalformedHeaderException, DatabaseException {
            HttpMessage httpMessage;
            URI createLoginUrl = PostBasedAuthenticationMethodType.createLoginUrl(this.loginRequestURL, usernamePasswordAuthenticationCredentials.getUsername(), usernamePasswordAuthenticationCredentials.getPassword());
            String str = null;
            if (this.loginRequestBody != null && !this.loginRequestBody.isEmpty()) {
                HashMap hashMap = new HashMap();
                hashMap.put(MSG_USER_PATTERN, usernamePasswordAuthenticationCredentials.getUsername());
                hashMap.put(MSG_PASS_PATTERN, usernamePasswordAuthenticationCredentials.getPassword());
                str = AuthenticationHelper.replaceUserData(this.loginRequestBody, hashMap, this.paramEncoder);
            }
            if (this.loginSiteNode != null) {
                httpMessage = this.loginSiteNode.getHistoryReference().getHttpMessage().cloneRequest();
                httpMessage.getRequestHeader().setURI(createLoginUrl);
                setRequestBody(httpMessage, str);
            } else {
                String str2 = str != null ? HttpRequestHeader.POST : HttpRequestHeader.GET;
                httpMessage = new HttpMessage();
                httpMessage.setRequestHeader(new HttpRequestHeader(str2, createLoginUrl, HttpHeader.HTTP11));
                if (setRequestBody(httpMessage, str)) {
                    httpMessage.getRequestHeader().setHeader(HttpHeader.CONTENT_TYPE, this.contentType);
                }
            }
            return httpMessage;
        }

        private boolean setRequestBody(HttpMessage httpMessage, String str) {
            if (str == null) {
                return false;
            }
            httpMessage.getRequestBody().setBody(str);
            return true;
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public WebSession authenticate(SessionManagementMethod sessionManagementMethod, AuthenticationCredentials authenticationCredentials, User user) throws AuthenticationMethod.UnsupportedAuthenticationCredentialsException {
            if (!(authenticationCredentials instanceof UsernamePasswordAuthenticationCredentials)) {
                user.getAuthenticationState().setLastAuthFailure("Credentials not UsernamePasswordAuthenticationCredentials");
                throw new AuthenticationMethod.UnsupportedAuthenticationCredentialsException("Post based authentication method only supports " + UsernamePasswordAuthenticationCredentials.class.getSimpleName() + ". Received: " + authenticationCredentials.getClass());
            }
            UsernamePasswordAuthenticationCredentials usernamePasswordAuthenticationCredentials = (UsernamePasswordAuthenticationCredentials) authenticationCredentials;
            if (!usernamePasswordAuthenticationCredentials.isConfigured()) {
                PostBasedAuthenticationMethodType.LOGGER.warn("No credentials to authenticate user: {}", user.getName());
                user.getAuthenticationState().setLastAuthFailure("No credentials to authenticate user: " + user.getName());
                return null;
            }
            try {
                if (user.getAuthenticatedSession() == null) {
                    user.setAuthenticatedSession(sessionManagementMethod.createEmptyWebSession());
                }
                HttpMessage httpMessage = new HttpMessage(new URI(StringUtils.isBlank(this.loginPageUrl) ? this.loginRequestURL : this.loginPageUrl, true));
                httpMessage.setRequestingUser(user);
                getHttpSender().sendAndReceive(httpMessage);
                AuthenticationHelper.addAuthMessageToHistory(httpMessage);
                HttpMessage prepareRequestMessage = prepareRequestMessage(usernamePasswordAuthenticationCredentials);
                prepareRequestMessage.setRequestingUser(user);
                PostBasedAuthenticationMethodType.replaceAntiCsrfTokenValueIfRequired(prepareRequestMessage, httpMessage, this.paramEncoder);
                prepareRequestMessage.getRequestHeader().setHeader(HttpHeader.COOKIE, null);
                PostBasedAuthenticationMethodType.LOGGER.debug("Authentication request header: \n{}", prepareRequestMessage.getRequestHeader());
                if (!prepareRequestMessage.getRequestHeader().getMethod().equals(HttpRequestHeader.GET)) {
                    PostBasedAuthenticationMethodType.LOGGER.debug("Authentication request body: \n{}", prepareRequestMessage.getRequestBody());
                }
                if (!prepareRequestMessage.getRequestHeader().getMethod().equals(HttpRequestHeader.GET)) {
                    prepareRequestMessage.getRequestHeader().setContentLength(prepareRequestMessage.getRequestBody().length());
                }
                try {
                    getHttpSender().sendAndReceive(prepareRequestMessage);
                    AuthenticationHelper.addAuthMessageToHistory(prepareRequestMessage);
                    try {
                        user.getAuthenticationState().setLastAuthRequestHistoryId(prepareRequestMessage.getHistoryRef().getHistoryId());
                    } catch (Exception e) {
                        PostBasedAuthenticationMethodType.LOGGER.warn("Unable to set last auth request history id: {}", e.getMessage(), e);
                    }
                    WebSession extractWebSession = sessionManagementMethod.extractWebSession(prepareRequestMessage);
                    user.setAuthenticatedSession(extractWebSession);
                    if (isAuthenticated(prepareRequestMessage, user, true)) {
                        AuthenticationHelper.notifyOutputAuthSuccessful(prepareRequestMessage);
                        user.getAuthenticationState().setLastAuthFailure(Constant.USER_AGENT);
                    } else {
                        AuthenticationHelper.notifyOutputAuthFailure(prepareRequestMessage);
                    }
                    return extractWebSession;
                } catch (IOException e2) {
                    PostBasedAuthenticationMethodType.LOGGER.error("Unable to send authentication message: {}", e2.getMessage());
                    user.getAuthenticationState().setLastAuthFailure("Unable to send authentication message: " + e2.getMessage());
                    return null;
                }
            } catch (Exception e3) {
                PostBasedAuthenticationMethodType.LOGGER.error("Unable to prepare authentication message: {}", e3.getMessage(), e3);
                user.getAuthenticationState().setLastAuthFailure("Unable to prepare authentication message: " + e3.getMessage());
                return null;
            }
        }

        public void setLoginRequest(SiteNode siteNode) throws Exception {
            this.loginSiteNode = siteNode;
            HttpMessage httpMessage = siteNode.getHistoryReference().getHttpMessage();
            this.loginRequestURL = httpMessage.getRequestHeader().getURI().toString();
            if (httpMessage.getRequestHeader().getMethod().equalsIgnoreCase(HttpRequestHeader.GET)) {
                this.loginRequestBody = null;
            } else {
                this.loginRequestBody = httpMessage.getRequestBody().toString();
            }
        }

        public String getLoginRequestURL() {
            return this.loginRequestURL;
        }

        private void markLoginSiteNode(SiteNode siteNode) {
            if (this.markedLoginSiteNode == siteNode) {
                return;
            }
            if (this.markedLoginSiteNode != null) {
                this.markedLoginSiteNode.removeCustomIcon(LOGIN_ICON_RESOURCE);
            }
            this.markedLoginSiteNode = siteNode;
            if (siteNode == null) {
                return;
            }
            siteNode.addCustomIcon(LOGIN_ICON_RESOURCE, false);
        }

        protected void setLoginRequest(String str, String str2) throws Exception {
            if (str == null || str.length() == 0) {
                this.loginRequestURL = null;
                this.loginRequestBody = null;
                this.loginSiteNode = null;
                return;
            }
            String str3 = HttpRequestHeader.GET;
            if (str2 != null && str2.length() > 0) {
                str3 = HttpRequestHeader.POST;
            }
            this.loginRequestURL = str;
            this.loginRequestBody = str2;
            this.loginSiteNode = Model.getSingleton().getSession().getSiteTree().findNode(PostBasedAuthenticationMethodType.createLoginUrl(this.loginRequestURL, Constant.USER_AGENT, Constant.USER_AGENT), str3, str2);
        }

        protected void setLoginPageUrl(String str) {
            this.loginPageUrl = str;
        }

        protected void setLoginPageUrl(SiteNode siteNode) throws HttpMalformedHeaderException, DatabaseException {
            this.loginPageUrl = siteNode.getHistoryReference().getHttpMessage().getRequestHeader().getURI().toString();
        }

        public String toString() {
            return getClass().getSimpleName() + " [loginURI=" + this.loginRequestURL + "]";
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public void onMethodPersisted() {
            markLoginSiteNode(this.loginSiteNode);
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public void onMethodDiscarded() {
            markLoginSiteNode(null);
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public ApiResponse getApiResponseRepresentation() {
            HashMap hashMap = new HashMap();
            hashMap.put("methodName", PostBasedAuthenticationMethodType.this.apiMethodName);
            hashMap.put(PostBasedAuthenticationMethodType.PARAM_LOGIN_URL, this.loginRequestURL);
            hashMap.put(PostBasedAuthenticationMethodType.PARAM_LOGIN_PAGE_URL, this.loginPageUrl);
            hashMap.put(PostBasedAuthenticationMethodType.PARAM_LOGIN_REQUEST_DATA, this.loginRequestBody);
            return new AuthenticationMethod.AuthMethodApiResponseRepresentation(hashMap);
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public int hashCode() {
            return (31 * ((31 * ((31 * super.hashCode()) + (this.loginRequestBody == null ? 0 : this.loginRequestBody.hashCode()))) + (this.loginRequestURL == null ? 0 : this.loginRequestURL.hashCode()))) + (this.loginPageUrl == null ? 0 : this.loginPageUrl.hashCode());
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!super.equals(obj) || getClass() != obj.getClass()) {
                return false;
            }
            PostBasedAuthenticationMethod postBasedAuthenticationMethod = (PostBasedAuthenticationMethod) obj;
            if (this.loginRequestBody == null) {
                if (postBasedAuthenticationMethod.loginRequestBody != null) {
                    return false;
                }
            } else if (!this.loginRequestBody.equals(postBasedAuthenticationMethod.loginRequestBody)) {
                return false;
            }
            if (this.loginRequestURL == null) {
                if (postBasedAuthenticationMethod.loginRequestURL != null) {
                    return false;
                }
            } else if (!this.loginRequestURL.equals(postBasedAuthenticationMethod.loginRequestURL)) {
                return false;
            }
            return this.loginPageUrl == null ? postBasedAuthenticationMethod.loginPageUrl == null : this.loginPageUrl.equals(postBasedAuthenticationMethod.loginPageUrl);
        }
    }

    /* loaded from: input_file:org/zaproxy/zap/authentication/PostBasedAuthenticationMethodType$PostBasedAuthenticationMethodOptionsPanel.class */
    protected abstract class PostBasedAuthenticationMethodOptionsPanel extends AbstractAuthenticationMethodOptionsPanel {
        private static final long serialVersionUID = 1;
        private ZapTextField loginUrlField;
        private ZapTextField loginPageUrlField;
        private ZapTextField postDataField;
        private JComboBox<NameValuePair> usernameParameterCombo;
        private JComboBox<NameValuePair> passwordParameterCombo;
        private PostBasedAuthenticationMethod authenticationMethod;
        private Context context;
        private ExtensionUserManagement userExt = null;
        private final UnaryOperator<String> paramDecoder;

        public PostBasedAuthenticationMethodOptionsPanel(Context context, UnaryOperator<String> unaryOperator) {
            initialize();
            this.context = context;
            this.paramDecoder = unaryOperator;
        }

        private void initialize() {
            setLayout(new GridBagLayout());
            add(new JLabel(PostBasedAuthenticationMethodType.LOGIN_URL_LABEL), LayoutHelper.getGBC(0, 0, 2, 1.0d, HirshbergMatcher.MIN_RATIO));
            JPanel jPanel = new JPanel(new GridBagLayout());
            this.loginUrlField = new ZapTextField();
            this.loginPageUrlField = new ZapTextField();
            this.postDataField = new ZapTextField();
            JButton jButton = new JButton(Constant.messages.getString("all.button.select"));
            jButton.setIcon(new ImageIcon(View.class.getResource("/resource/icon/16/094.png")));
            JButton jButton2 = new JButton(Constant.messages.getString("all.button.select"));
            jButton2.setIcon(new ImageIcon(View.class.getResource("/resource/icon/16/094.png")));
            jButton.addActionListener(new ActionListener() { // from class: org.zaproxy.zap.authentication.PostBasedAuthenticationMethodType.PostBasedAuthenticationMethodOptionsPanel.1
                public void actionPerformed(ActionEvent actionEvent) {
                    NodeSelectDialog nodeSelectDialog = new NodeSelectDialog(View.getSingleton().getMainFrame());
                    SiteNode siteNode = null;
                    if (PostBasedAuthenticationMethodOptionsPanel.this.loginUrlField.getText().trim().length() > 0) {
                        try {
                            siteNode = PostBasedAuthenticationMethodOptionsPanel.this.postDataField.getText().trim().length() > 0 ? Model.getSingleton().getSession().getSiteTree().findNode(new URI(PostBasedAuthenticationMethodOptionsPanel.this.loginUrlField.getText(), false), HttpRequestHeader.POST, PostBasedAuthenticationMethodOptionsPanel.this.postDataField.getText()) : Model.getSingleton().getSession().getSiteTree().findNode(new URI(PostBasedAuthenticationMethodOptionsPanel.this.loginUrlField.getText(), false));
                        } catch (Exception e) {
                        }
                    }
                    SiteNode showDialog = nodeSelectDialog.showDialog(siteNode);
                    if (showDialog == null || showDialog.getHistoryReference() == null) {
                        return;
                    }
                    try {
                        PostBasedAuthenticationMethodType.LOGGER.info("Selected Post Based Auth Login URL via dialog: {}", showDialog.getHistoryReference().getURI());
                        PostBasedAuthenticationMethodOptionsPanel.this.loginUrlField.setText(showDialog.getHistoryReference().getURI().toString());
                        PostBasedAuthenticationMethodOptionsPanel.this.postDataField.setText(showDialog.getHistoryReference().getHttpMessage().getRequestBody().toString());
                        PostBasedAuthenticationMethodOptionsPanel.this.updateParameters();
                        if (StringUtils.isBlank(PostBasedAuthenticationMethodOptionsPanel.this.loginPageUrlField.getText())) {
                            PostBasedAuthenticationMethodOptionsPanel.this.loginPageUrlField.setText(PostBasedAuthenticationMethodOptionsPanel.this.loginUrlField.getText());
                        }
                    } catch (Exception e2) {
                        PostBasedAuthenticationMethodType.LOGGER.error(e2.getMessage(), e2);
                    }
                }
            });
            jButton2.addActionListener(actionEvent -> {
                NodeSelectDialog nodeSelectDialog = new NodeSelectDialog(View.getSingleton().getMainFrame());
                SiteNode siteNode = null;
                if (!StringUtils.isBlank(this.loginPageUrlField.getText())) {
                    try {
                        siteNode = Model.getSingleton().getSession().getSiteTree().findNode(new URI(this.loginPageUrlField.getText(), false));
                    } catch (Exception e) {
                    }
                }
                SiteNode showDialog = nodeSelectDialog.showDialog(siteNode);
                if (showDialog == null || showDialog.getHistoryReference() == null) {
                    return;
                }
                try {
                    PostBasedAuthenticationMethodType.LOGGER.info("Selected URL of the login page via dialog: {}", showDialog.getHistoryReference().getURI());
                    this.loginPageUrlField.setText(showDialog.getHistoryReference().getURI().toString());
                } catch (Exception e2) {
                    PostBasedAuthenticationMethodType.LOGGER.error(e2.getMessage(), e2);
                }
            });
            jPanel.add(this.loginUrlField, LayoutHelper.getGBC(0, 0, 1, 1.0d));
            jPanel.add(jButton, LayoutHelper.getGBC(1, 0, 1, HirshbergMatcher.MIN_RATIO));
            jPanel.add(new JLabel(PostBasedAuthenticationMethodType.LOGIN_PAGE_URL_LABEL), LayoutHelper.getGBC(0, 1, 2, 1.0d, HirshbergMatcher.MIN_RATIO));
            jPanel.add(this.loginPageUrlField, LayoutHelper.getGBC(0, 2, 1, 1.0d));
            jPanel.add(jButton2, LayoutHelper.getGBC(1, 2, 1, HirshbergMatcher.MIN_RATIO));
            add(jPanel, LayoutHelper.getGBC(0, 1, 2, 1.0d, HirshbergMatcher.MIN_RATIO));
            add(new JLabel(PostBasedAuthenticationMethodType.this.postDataRequired ? PostBasedAuthenticationMethodType.POST_DATA_REQUIRED_LABEL : PostBasedAuthenticationMethodType.POST_DATA_LABEL), LayoutHelper.getGBC(0, 2, 2, 1.0d, HirshbergMatcher.MIN_RATIO));
            add(this.postDataField, LayoutHelper.getGBC(0, 3, 2, 1.0d, HirshbergMatcher.MIN_RATIO));
            add(new JLabel(PostBasedAuthenticationMethodType.USERNAME_PARAM_LABEL), LayoutHelper.getGBC(0, 4, 1, 1.0d, HirshbergMatcher.MIN_RATIO));
            this.usernameParameterCombo = new JComboBox<>();
            this.usernameParameterCombo.setRenderer(NameValuePairRenderer.INSTANCE);
            add(this.usernameParameterCombo, LayoutHelper.getGBC(0, 5, 1, 1.0d, HirshbergMatcher.MIN_RATIO));
            add(new JLabel(PostBasedAuthenticationMethodType.PASSWORD_PARAM_LABEL), LayoutHelper.getGBC(1, 4, 1, 1.0d, HirshbergMatcher.MIN_RATIO));
            this.passwordParameterCombo = new JComboBox<>();
            this.passwordParameterCombo.setRenderer(NameValuePairRenderer.INSTANCE);
            add(this.passwordParameterCombo, LayoutHelper.getGBC(1, 5, 1, 1.0d, HirshbergMatcher.MIN_RATIO));
            add(new ZapHtmlLabel(PostBasedAuthenticationMethodType.AUTH_DESCRIPTION), LayoutHelper.getGBC(0, 8, 2, 1.0d, HirshbergMatcher.MIN_RATIO));
            this.postDataField.addFocusListener(new FocusAdapter() { // from class: org.zaproxy.zap.authentication.PostBasedAuthenticationMethodType.PostBasedAuthenticationMethodOptionsPanel.2
                public void focusLost(FocusEvent focusEvent) {
                    PostBasedAuthenticationMethodOptionsPanel.this.updateParameters();
                }
            });
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public Context getContext() {
            return this.context;
        }

        @Override // org.zaproxy.zap.authentication.AbstractAuthenticationMethodOptionsPanel
        public void validateFields() {
            if (!PostBasedAuthenticationMethodType.isValidLoginUrl(this.loginUrlField.getText())) {
                this.loginUrlField.requestFocusInWindow();
                throw new IllegalStateException(Constant.messages.getString("authentication.method.pb.dialog.error.url.text"));
            }
            if (PostBasedAuthenticationMethodType.this.postDataRequired && this.postDataField.getText().isEmpty()) {
                this.postDataField.requestFocusInWindow();
                throw new IllegalStateException(Constant.messages.getString("authentication.method.pb.dialog.error.postData.text"));
            }
        }

        protected abstract String replaceParameterValue(String str, NameValuePair nameValuePair, String str2);

        private ExtensionUserManagement getUserExt() {
            if (this.userExt == null) {
                this.userExt = (ExtensionUserManagement) Control.getSingleton().getExtensionLoader().getExtension(ExtensionUserManagement.class);
            }
            return this.userExt;
        }

        @Override // org.zaproxy.zap.authentication.AbstractAuthenticationMethodOptionsPanel
        public void saveMethod() {
            try {
                String text = this.postDataField.getText();
                if (!text.isEmpty()) {
                    NameValuePair nameValuePair = (NameValuePair) this.usernameParameterCombo.getSelectedItem();
                    NameValuePair nameValuePair2 = (NameValuePair) this.passwordParameterCombo.getSelectedItem();
                    ExtensionUserManagement userExt = getUserExt();
                    if (userExt != null && userExt.getUIConfiguredUsers(this.context.getId()).isEmpty()) {
                        String value = nameValuePair.getValue();
                        String value2 = nameValuePair2.getValue();
                        if (!value.isEmpty() && !value.contains(PostBasedAuthenticationMethod.MSG_USER_PATTERN) && !value2.contains(PostBasedAuthenticationMethod.MSG_PASS_PATTERN)) {
                            String str = (String) this.paramDecoder.apply(value);
                            String str2 = (String) this.paramDecoder.apply(value2);
                            if (!str.isEmpty() && !str2.isEmpty()) {
                                User user = new User(this.context.getId(), str);
                                user.setAuthenticationCredentials(new UsernamePasswordAuthenticationCredentials(str, str2));
                                getUserExt().getContextUserAuthManager(this.context.getId()).addUser(user);
                            }
                        }
                    }
                    text = replaceParameterValue(replaceParameterValue(text, nameValuePair, PostBasedAuthenticationMethod.MSG_USER_PATTERN), nameValuePair2, PostBasedAuthenticationMethod.MSG_PASS_PATTERN);
                }
                getMethod().setLoginRequest(this.loginUrlField.getText(), text);
                getMethod().setLoginPageUrl(this.loginPageUrlField.getText());
            } catch (Exception e) {
                PostBasedAuthenticationMethodType.LOGGER.error(e.getMessage(), e);
            }
        }

        @Override // org.zaproxy.zap.authentication.AbstractAuthenticationMethodOptionsPanel
        public void bindMethod(AuthenticationMethod authenticationMethod) {
            this.authenticationMethod = (PostBasedAuthenticationMethod) authenticationMethod;
            this.loginUrlField.setText(this.authenticationMethod.loginRequestURL);
            this.postDataField.setText(this.authenticationMethod.loginRequestBody);
            this.loginPageUrlField.setText(this.authenticationMethod.loginPageUrl);
            updateParameters();
        }

        private int getIndexOfParamWithValue(NameValuePair[] nameValuePairArr, String str) {
            for (int i = 0; i < nameValuePairArr.length; i++) {
                if (str.equals(nameValuePairArr[i].getValue())) {
                    return i;
                }
            }
            return -1;
        }

        private void updateParameters() {
            try {
                List<NameValuePair> extractParameters = extractParameters(this.postDataField.getText());
                NameValuePair[] nameValuePairArr = (NameValuePair[]) extractParameters.toArray(new NameValuePair[extractParameters.size()]);
                this.usernameParameterCombo.setModel(new DefaultComboBoxModel(nameValuePairArr));
                this.passwordParameterCombo.setModel(new DefaultComboBoxModel(nameValuePairArr));
                int indexOfParamWithValue = getIndexOfParamWithValue(nameValuePairArr, PostBasedAuthenticationMethod.MSG_USER_PATTERN);
                if (indexOfParamWithValue >= 0) {
                    this.usernameParameterCombo.setSelectedIndex(indexOfParamWithValue);
                }
                int indexOfParamWithValue2 = getIndexOfParamWithValue(nameValuePairArr, PostBasedAuthenticationMethod.MSG_PASS_PATTERN);
                if (indexOfParamWithValue2 >= 0) {
                    this.passwordParameterCombo.setSelectedIndex(indexOfParamWithValue2);
                }
            } catch (Exception e) {
                PostBasedAuthenticationMethodType.LOGGER.error(e.getMessage(), e);
            }
        }

        protected abstract List<NameValuePair> extractParameters(String str);

        @Override // org.zaproxy.zap.authentication.AbstractAuthenticationMethodOptionsPanel
        public PostBasedAuthenticationMethod getMethod() {
            return this.authenticationMethod;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PostBasedAuthenticationMethodType(String str, int i, String str2, String str3, boolean z) {
        this.methodName = str;
        this.methodIdentifier = i;
        this.apiMethodName = str2;
        this.labelPopupMenuKey = str3;
        this.postDataRequired = z;
    }

    static void setExtAntiCsrf(ExtensionAntiCSRF extensionAntiCSRF) {
        extAntiCsrf = extensionAntiCSRF;
    }

    static void replaceAntiCsrfTokenValueIfRequired(HttpMessage httpMessage, HttpMessage httpMessage2, UnaryOperator<String> unaryOperator) {
        if (extAntiCsrf == null) {
            extAntiCsrf = (ExtensionAntiCSRF) Control.getSingleton().getExtensionLoader().getExtension(ExtensionAntiCSRF.class);
        }
        if (extAntiCsrf == null) {
            LOGGER.debug("ExtensionAntiCSRF is not available, skipping ACSRF replacing task");
            return;
        }
        List<AntiCsrfToken> tokensFromResponse = extAntiCsrf.getTokensFromResponse(httpMessage2);
        if (tokensFromResponse == null || tokensFromResponse.isEmpty()) {
            LOGGER.debug("No ACSRF token found in the response of {}", httpMessage2.getRequestHeader());
            return;
        }
        LOGGER.debug("The login page has {} ACSRF token(s)", Integer.valueOf(tokensFromResponse.size()));
        String httpRequestBody = httpMessage.getRequestBody().toString();
        Map<String, String> extractParametersFromPostData = extractParametersFromPostData(httpMessage.getRequestingUser().getContext(), httpRequestBody);
        if (extractParametersFromPostData.isEmpty()) {
            LOGGER.debug("ACSRF token found but could not replace old value with fresh value");
            return;
        }
        String str = httpRequestBody;
        for (AntiCsrfToken antiCsrfToken : tokensFromResponse) {
            String str2 = extractParametersFromPostData.get(antiCsrfToken.getName());
            if (str2 == null) {
                LOGGER.debug("ACSRF token {} not found in the POST data: {}", antiCsrfToken.getName(), httpRequestBody);
            } else {
                str = str.replace(str2, (CharSequence) unaryOperator.apply(antiCsrfToken.getValue()));
                LOGGER.debug("replaced {} old ACSRF token value with {}", str2, antiCsrfToken.getValue());
            }
        }
        httpMessage.getRequestBody().setBody(str);
    }

    private static Map<String, String> extractParametersFromPostData(Context context, String str) {
        HashMap hashMap = new HashMap();
        context.getPostParamParser().parseParameters(str).forEach(nameValuePair -> {
            hashMap.put(nameValuePair.getName(), nameValuePair.getValue());
        });
        return hashMap;
    }

    private static URI createLoginUrl(String str, String str2, String str3) throws URIException {
        HashMap hashMap = new HashMap();
        hashMap.put(PostBasedAuthenticationMethod.MSG_USER_PATTERN, str2);
        hashMap.put(PostBasedAuthenticationMethod.MSG_PASS_PATTERN, str3);
        return new URI(AuthenticationHelper.replaceUserData(str, hashMap, PostBasedAuthenticationMethodType::encodeParameter), true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String encodeParameter(String str) {
        try {
            return URLEncoder.encode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            return Constant.USER_AGENT;
        }
    }

    private static boolean isValidLoginUrl(String str) {
        if (str.isEmpty()) {
            return false;
        }
        try {
            createLoginUrl(str, Constant.USER_AGENT, Constant.USER_AGENT);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public abstract PostBasedAuthenticationMethod createAuthenticationMethod(int i);

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public String getName() {
        return this.methodName;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public boolean hasOptionsPanel() {
        return true;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public AbstractCredentialsOptionsPanel<? extends AuthenticationCredentials> buildCredentialsOptionsPanel(AuthenticationCredentials authenticationCredentials, Context context) {
        return new UsernamePasswordAuthenticationCredentials.UsernamePasswordAuthenticationCredentialsOptionsPanel((UsernamePasswordAuthenticationCredentials) authenticationCredentials);
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public boolean hasCredentialsOptionsPanel() {
        return true;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public void hook(ExtensionHook extensionHook) {
        if (View.isInitialised()) {
            extensionHook.getHookMenu().addPopupMenuItem(getPopupFlagLoginRequestMenuFactory());
        }
    }

    private PopupMenuItemSiteNodeContextMenuFactory getPopupFlagLoginRequestMenuFactory() {
        return new PopupMenuItemSiteNodeContextMenuFactory(Constant.messages.getString("context.flag.popup")) { // from class: org.zaproxy.zap.authentication.PostBasedAuthenticationMethodType.1
            private static final long serialVersionUID = 8927418764L;

            /* JADX INFO: Access modifiers changed from: package-private */
            /* renamed from: org.zaproxy.zap.authentication.PostBasedAuthenticationMethodType$1$1, reason: invalid class name and collision with other inner class name */
            /* loaded from: input_file:org/zaproxy/zap/authentication/PostBasedAuthenticationMethodType$1$1.class */
            public class C00011 extends PopupMenuItemContext {
                private static final long serialVersionUID = 1967885623005183801L;
                private ExtensionUserManagement usersExtension;
                private Context uiSharedContext;

                C00011(Context context, String str, String str2) {
                    super(context, str, str2);
                }

                private boolean confirmUsersDeletion(Context context) {
                    this.usersExtension = (ExtensionUserManagement) Control.getSingleton().getExtensionLoader().getExtension(ExtensionUserManagement.class);
                    return this.usersExtension == null || this.usersExtension.getSharedContextUsers(context).size() <= 0 || JOptionPane.showConfirmDialog(this, Constant.messages.getString("authentication.dialog.confirmChange.label"), Constant.messages.getString("authentication.dialog.confirmChange.title"), 2) != 2;
                }

                @Override // org.zaproxy.zap.view.popup.PopupMenuItemSiteNodeContainer
                public void performAction(SiteNode siteNode) {
                    SessionDialog sessionDialog = View.getSingleton().getSessionDialog();
                    sessionDialog.recreateUISharedContexts(Model.getSingleton().getSession());
                    this.uiSharedContext = sessionDialog.getUISharedContext(getContext().getId());
                    if (PostBasedAuthenticationMethodType.this.isTypeForMethod(getContext().getAuthenticationMethod())) {
                        PostBasedAuthenticationMethodType.LOGGER.info("Selected new login request via PopupMenu. Changing existing {} instance for Context {}", PostBasedAuthenticationMethodType.this.methodName, Integer.valueOf(getContext().getId()));
                        PostBasedAuthenticationMethod postBasedAuthenticationMethod = (PostBasedAuthenticationMethod) this.uiSharedContext.getAuthenticationMethod();
                        try {
                            postBasedAuthenticationMethod.setLoginRequest(siteNode);
                            initializeLoginPageUrl(siteNode, postBasedAuthenticationMethod);
                            View.getSingleton().showSessionDialog(Model.getSingleton().getSession(), ContextAuthenticationPanel.buildName(getContext().getId()), false);
                            return;
                        } catch (Exception e) {
                            PostBasedAuthenticationMethodType.LOGGER.error("Failed to set login request: {}", e.getMessage(), e);
                            return;
                        }
                    }
                    PostBasedAuthenticationMethodType.LOGGER.info("Selected new login request via PopupMenu. Creating new {} instance for Context {}", PostBasedAuthenticationMethodType.this.methodName, Integer.valueOf(getContext().getId()));
                    PostBasedAuthenticationMethod createAuthenticationMethod = PostBasedAuthenticationMethodType.this.createAuthenticationMethod(getContext().getId());
                    try {
                        createAuthenticationMethod.setLoginRequest(siteNode);
                        initializeLoginPageUrl(siteNode, createAuthenticationMethod);
                        if (!confirmUsersDeletion(this.uiSharedContext)) {
                            PostBasedAuthenticationMethodType.LOGGER.debug("Cancelled change of authentication type.");
                        } else {
                            this.uiSharedContext.setAuthenticationMethod(createAuthenticationMethod);
                            View.getSingleton().showSessionDialog(Model.getSingleton().getSession(), ContextAuthenticationPanel.buildName(getContext().getId()), false, new Runnable() { // from class: org.zaproxy.zap.authentication.PostBasedAuthenticationMethodType.1.1.1
                                @Override // java.lang.Runnable
                                public void run() {
                                    if (C00011.this.usersExtension != null) {
                                        C00011.this.usersExtension.removeSharedContextUsers(C00011.this.uiSharedContext);
                                    }
                                }
                            });
                        }
                    } catch (Exception e2) {
                        PostBasedAuthenticationMethodType.LOGGER.error("Failed to set login request: {}", e2.getMessage(), e2);
                    }
                }

                private void initializeLoginPageUrl(SiteNode siteNode, PostBasedAuthenticationMethod postBasedAuthenticationMethod) throws HttpMalformedHeaderException, DatabaseException {
                    if (postBasedAuthenticationMethod.loginPageUrl == null || postBasedAuthenticationMethod.loginPageUrl.isEmpty()) {
                        postBasedAuthenticationMethod.setLoginPageUrl(siteNode);
                    }
                }
            }

            @Override // org.zaproxy.zap.view.popup.PopupMenuItemSiteNodeContextMenuFactory
            public PopupMenuItemContext getContextMenu(Context context, String str) {
                return new C00011(context, str, Constant.messages.getString(PostBasedAuthenticationMethodType.this.labelPopupMenuKey, context.getName()));
            }

            @Override // org.parosproxy.paros.extension.ExtensionPopupMenuItem
            public int getParentMenuIndex() {
                return 3;
            }
        };
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public AuthenticationMethod loadMethodFromSession(Session session, int i) throws DatabaseException {
        PostBasedAuthenticationMethod createAuthenticationMethod = createAuthenticationMethod(i);
        List<String> contextDataStrings = session.getContextDataStrings(i, 201);
        String str = Constant.USER_AGENT;
        if (contextDataStrings != null && contextDataStrings.size() > 0) {
            str = contextDataStrings.get(0);
        }
        List<String> contextDataStrings2 = session.getContextDataStrings(i, 202);
        String str2 = null;
        if (contextDataStrings2 != null && contextDataStrings2.size() > 0) {
            str2 = contextDataStrings2.get(0);
        }
        List<String> contextDataStrings3 = session.getContextDataStrings(i, 203);
        String str3 = null;
        if (contextDataStrings3 != null && !contextDataStrings3.isEmpty()) {
            str3 = contextDataStrings3.get(0);
        }
        try {
            createAuthenticationMethod.setLoginRequest(str, str2);
            createAuthenticationMethod.setLoginPageUrl(str3);
        } catch (Exception e) {
            LOGGER.error("Unable to load Post based authentication method data:", e);
        }
        return createAuthenticationMethod;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public void persistMethodToSession(Session session, int i, AuthenticationMethod authenticationMethod) throws DatabaseException {
        if (!(authenticationMethod instanceof PostBasedAuthenticationMethod)) {
            throw new AuthenticationMethodType.UnsupportedAuthenticationMethodException("Post based authentication type only supports: " + PostBasedAuthenticationMethod.class);
        }
        PostBasedAuthenticationMethod postBasedAuthenticationMethod = (PostBasedAuthenticationMethod) authenticationMethod;
        session.setContextData(i, 201, postBasedAuthenticationMethod.loginRequestURL);
        session.setContextData(i, 202, postBasedAuthenticationMethod.loginRequestBody);
        session.setContextData(i, 203, postBasedAuthenticationMethod.loginPageUrl);
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public int getUniqueIdentifier() {
        return this.methodIdentifier;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public UsernamePasswordAuthenticationCredentials createAuthenticationCredentials() {
        return new UsernamePasswordAuthenticationCredentials();
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public Class<UsernamePasswordAuthenticationCredentials> getAuthenticationCredentialsType() {
        return UsernamePasswordAuthenticationCredentials.class;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public ApiDynamicActionImplementor getSetMethodForContextApiAction() {
        String[] strArr;
        String[] strArr2;
        if (this.postDataRequired) {
            strArr = new String[]{PARAM_LOGIN_URL, PARAM_LOGIN_REQUEST_DATA};
            strArr2 = new String[]{PARAM_LOGIN_PAGE_URL};
        } else {
            strArr = new String[]{PARAM_LOGIN_URL};
            strArr2 = new String[]{PARAM_LOGIN_REQUEST_DATA, PARAM_LOGIN_PAGE_URL};
        }
        return new ApiDynamicActionImplementor(this.apiMethodName, strArr, strArr2) { // from class: org.zaproxy.zap.authentication.PostBasedAuthenticationMethodType.2
            @Override // org.zaproxy.zap.extension.api.ApiDynamicActionImplementor
            public void handleAction(JSONObject jSONObject) throws ApiException {
                Context contextByParamId = ApiUtils.getContextByParamId(jSONObject, "contextId");
                String nonEmptyStringParam = ApiUtils.getNonEmptyStringParam(jSONObject, PostBasedAuthenticationMethodType.PARAM_LOGIN_URL);
                if (!PostBasedAuthenticationMethodType.isValidLoginUrl(nonEmptyStringParam)) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PostBasedAuthenticationMethodType.PARAM_LOGIN_URL);
                }
                String optionalStringParam = ApiUtils.getOptionalStringParam(jSONObject, PostBasedAuthenticationMethodType.PARAM_LOGIN_PAGE_URL);
                if (optionalStringParam == null || optionalStringParam.isEmpty()) {
                    optionalStringParam = nonEmptyStringParam;
                } else if (!PostBasedAuthenticationMethodType.isValidLoginUrl(optionalStringParam)) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PostBasedAuthenticationMethodType.PARAM_LOGIN_PAGE_URL);
                }
                String str = Constant.USER_AGENT;
                if (PostBasedAuthenticationMethodType.this.postDataRequired) {
                    str = ApiUtils.getNonEmptyStringParam(jSONObject, PostBasedAuthenticationMethodType.PARAM_LOGIN_REQUEST_DATA);
                } else if (jSONObject.containsKey(PostBasedAuthenticationMethodType.PARAM_LOGIN_REQUEST_DATA)) {
                    str = jSONObject.getString(PostBasedAuthenticationMethodType.PARAM_LOGIN_REQUEST_DATA);
                }
                PostBasedAuthenticationMethod createAuthenticationMethod = PostBasedAuthenticationMethodType.this.createAuthenticationMethod(contextByParamId.getId());
                try {
                    createAuthenticationMethod.setLoginRequest(nonEmptyStringParam, str);
                    createAuthenticationMethod.setLoginPageUrl(optionalStringParam);
                    contextByParamId.setAuthenticationMethod(createAuthenticationMethod);
                } catch (Exception e) {
                    throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
                }
            }
        };
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public ApiDynamicActionImplementor getSetCredentialsForUserApiAction() {
        return UsernamePasswordAuthenticationCredentials.getSetCredentialsForUserApiAction(this);
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public void exportData(Configuration configuration, AuthenticationMethod authenticationMethod) {
        if (!(authenticationMethod instanceof PostBasedAuthenticationMethod)) {
            throw new AuthenticationMethodType.UnsupportedAuthenticationMethodException("Post based authentication type only supports: " + PostBasedAuthenticationMethod.class.getName());
        }
        PostBasedAuthenticationMethod postBasedAuthenticationMethod = (PostBasedAuthenticationMethod) authenticationMethod;
        configuration.setProperty(CONTEXT_CONFIG_AUTH_FORM_LOGINURL, postBasedAuthenticationMethod.loginRequestURL);
        configuration.setProperty(CONTEXT_CONFIG_AUTH_FORM_LOGINBODY, postBasedAuthenticationMethod.loginRequestBody);
        configuration.setProperty(CONTEXT_CONFIG_AUTH_FORM_LOGINPAGEURL, postBasedAuthenticationMethod.loginPageUrl);
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public void importData(Configuration configuration, AuthenticationMethod authenticationMethod) throws ConfigurationException {
        if (!(authenticationMethod instanceof PostBasedAuthenticationMethod)) {
            throw new AuthenticationMethodType.UnsupportedAuthenticationMethodException("Post based authentication type only supports: " + PostBasedAuthenticationMethod.class.getName());
        }
        PostBasedAuthenticationMethod postBasedAuthenticationMethod = (PostBasedAuthenticationMethod) authenticationMethod;
        try {
            postBasedAuthenticationMethod.setLoginRequest(configuration.getString(CONTEXT_CONFIG_AUTH_FORM_LOGINURL), configuration.getString(CONTEXT_CONFIG_AUTH_FORM_LOGINBODY));
            postBasedAuthenticationMethod.setLoginPageUrl(configuration.getString(CONTEXT_CONFIG_AUTH_FORM_LOGINPAGEURL));
        } catch (Exception e) {
            throw new ConfigurationException(e);
        }
    }

    public static void replaceUserCredentialsDataInPollRequest(HttpMessage httpMessage, User user, UnaryOperator<String> unaryOperator) {
        if (user != null) {
            AuthenticationCredentials authenticationCredentials = user.getAuthenticationCredentials();
            if (authenticationCredentials instanceof UsernamePasswordAuthenticationCredentials) {
                HashMap hashMap = new HashMap();
                hashMap.put(PostBasedAuthenticationMethod.MSG_USER_PATTERN, ((UsernamePasswordAuthenticationCredentials) authenticationCredentials).getUsername());
                AuthenticationHelper.replaceUserDataInRequest(httpMessage, hashMap, unaryOperator);
            }
        }
    }
}
