package org.zaproxy.zap.extension.params;

import java.awt.EventQueue;
import java.util.Arrays;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.control.Control;
import org.parosproxy.paros.core.scanner.NameValuePair;
import org.parosproxy.paros.core.scanner.VariantMultipartFormParameters;
import org.parosproxy.paros.db.DatabaseException;
import org.parosproxy.paros.db.RecordParam;
import org.parosproxy.paros.extension.ExtensionAdaptor;
import org.parosproxy.paros.extension.ExtensionHook;
import org.parosproxy.paros.extension.ExtensionLoader;
import org.parosproxy.paros.extension.SessionChangedListener;
import org.parosproxy.paros.model.Model;
import org.parosproxy.paros.model.Session;
import org.parosproxy.paros.model.SiteNode;
import org.parosproxy.paros.network.HtmlParameter;
import org.parosproxy.paros.network.HttpHeader;
import org.parosproxy.paros.network.HttpHeaderField;
import org.parosproxy.paros.network.HttpMessage;
import org.zaproxy.zap.extension.anticsrf.ExtensionAntiCSRF;
import org.zaproxy.zap.extension.help.ExtensionHelp;
import org.zaproxy.zap.extension.httpsessions.ExtensionHttpSessions;
import org.zaproxy.zap.extension.pscan.ExtensionPassiveScan;
import org.zaproxy.zap.extension.search.ExtensionSearch;
import org.zaproxy.zap.utils.ThreadUtils;
import org.zaproxy.zap.view.SiteMapListener;
import org.zaproxy.zap.view.SiteMapTreeCellRenderer;

/* loaded from: input_file:org/zaproxy/zap/extension/params/ExtensionParams.class */
public class ExtensionParams extends ExtensionAdaptor implements SessionChangedListener, SiteMapListener {
    public static final String NAME = "ExtensionParams";
    private ParamsPanel paramsPanel;
    private PopupMenuParamSearch popupMenuSearch;
    private PopupMenuAddAntiCSRF popupMenuAddAntiCsrf;
    private PopupMenuRemoveAntiCSRF popupMenuRemoveAntiCsrf;
    private PopupMenuAddSession popupMenuAddSession;
    private PopupMenuRemoveSession popupMenuRemoveSession;
    private Map<String, SiteParameters> siteParamsMap;
    private static final Logger LOGGER = LogManager.getLogger(ExtensionParams.class);
    private ExtensionHttpSessions extensionHttpSessions;
    private ParamScanner paramScanner;

    public ExtensionParams() {
        super(NAME);
        this.paramsPanel = null;
        this.popupMenuSearch = null;
        this.popupMenuAddAntiCsrf = null;
        this.popupMenuRemoveAntiCsrf = null;
        this.popupMenuAddSession = null;
        this.popupMenuRemoveSession = null;
        this.siteParamsMap = new HashMap();
        setOrder(58);
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public boolean supportsDb(String str) {
        return true;
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public String getUIName() {
        return Constant.messages.getString("params.name");
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public void hook(ExtensionHook extensionHook) {
        super.hook(extensionHook);
        extensionHook.addApiImplementor(new ParamsAPI(this));
        extensionHook.addSessionListener(this);
        extensionHook.addSiteMapListener(this);
        if (getView() != null) {
            extensionHook.getHookView();
            extensionHook.getHookView().addStatusPanel(getParamsPanel());
            ExtensionLoader extensionLoader = Control.getSingleton().getExtensionLoader();
            if (extensionLoader.isExtensionEnabled(ExtensionSearch.NAME)) {
                extensionHook.getHookMenu().addPopupMenuItem(getPopupMenuParamSearch());
            }
            if (extensionLoader.isExtensionEnabled(ExtensionAntiCSRF.NAME)) {
                extensionHook.getHookMenu().addPopupMenuItem(getPopupMenuAddAntiCSRF());
                extensionHook.getHookMenu().addPopupMenuItem(getPopupMenuRemoveAntiCSRF());
            }
            if (extensionLoader.isExtensionEnabled(ExtensionHttpSessions.NAME)) {
                extensionHook.getHookMenu().addPopupMenuItem(getPopupMenuAddSession());
                extensionHook.getHookMenu().addPopupMenuItem(getPopupMenuRemoveSession());
            }
            ExtensionHelp.enableHelpKey(getParamsPanel(), "ui.tabs.params");
        }
        ExtensionPassiveScan extensionPassiveScan = (ExtensionPassiveScan) Control.getSingleton().getExtensionLoader().getExtension(ExtensionPassiveScan.class);
        if (extensionPassiveScan != null) {
            this.paramScanner = new ParamScanner(this);
            extensionPassiveScan.addPassiveScanner(new ParamScanner(this));
        }
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public void unload() {
        ExtensionPassiveScan extensionPassiveScan = (ExtensionPassiveScan) Control.getSingleton().getExtensionLoader().getExtension(ExtensionPassiveScan.class);
        if (extensionPassiveScan != null) {
            extensionPassiveScan.removePassiveScanner(this.paramScanner);
        }
        super.unload();
    }

    private PopupMenuParamSearch getPopupMenuParamSearch() {
        if (this.popupMenuSearch == null) {
            this.popupMenuSearch = new PopupMenuParamSearch();
            this.popupMenuSearch.setExtension(this);
        }
        return this.popupMenuSearch;
    }

    private PopupMenuAddAntiCSRF getPopupMenuAddAntiCSRF() {
        if (this.popupMenuAddAntiCsrf == null) {
            this.popupMenuAddAntiCsrf = new PopupMenuAddAntiCSRF();
            this.popupMenuAddAntiCsrf.setExtension(this);
        }
        return this.popupMenuAddAntiCsrf;
    }

    private PopupMenuRemoveAntiCSRF getPopupMenuRemoveAntiCSRF() {
        if (this.popupMenuRemoveAntiCsrf == null) {
            this.popupMenuRemoveAntiCsrf = new PopupMenuRemoveAntiCSRF();
            this.popupMenuRemoveAntiCsrf.setExtension(this);
        }
        return this.popupMenuRemoveAntiCsrf;
    }

    private PopupMenuAddSession getPopupMenuAddSession() {
        if (this.popupMenuAddSession == null) {
            this.popupMenuAddSession = new PopupMenuAddSession();
            this.popupMenuAddSession.setExtension(this);
        }
        return this.popupMenuAddSession;
    }

    private PopupMenuRemoveSession getPopupMenuRemoveSession() {
        if (this.popupMenuRemoveSession == null) {
            this.popupMenuRemoveSession = new PopupMenuRemoveSession();
            this.popupMenuRemoveSession.setExtension(this);
        }
        return this.popupMenuRemoveSession;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ParamsPanel getParamsPanel() {
        if (this.paramsPanel == null) {
            this.paramsPanel = new ParamsPanel(this);
        }
        return this.paramsPanel;
    }

    @Override // org.parosproxy.paros.extension.SessionChangedListener
    public void sessionChanged(final Session session) {
        if (EventQueue.isDispatchThread()) {
            sessionChangedEventHandler(session);
            return;
        }
        try {
            EventQueue.invokeAndWait(new Runnable() { // from class: org.zaproxy.zap.extension.params.ExtensionParams.1
                @Override // java.lang.Runnable
                public void run() {
                    ExtensionParams.this.sessionChangedEventHandler(session);
                }
            });
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ExtensionHttpSessions getExtensionHttpSessions() {
        if (this.extensionHttpSessions == null) {
            this.extensionHttpSessions = (ExtensionHttpSessions) Control.getSingleton().getExtensionLoader().getExtension(ExtensionHttpSessions.class);
        }
        return this.extensionHttpSessions;
    }

    private void sessionChangedEventHandler(Session session) {
        this.siteParamsMap = new HashMap();
        if (getView() != null) {
            getParamsPanel().reset();
        }
        if (session == null) {
            return;
        }
        Enumeration children = session.getSiteTree().m80getRoot().children();
        while (children.hasMoreElements()) {
            String nodeName = ((SiteNode) children.nextElement()).getNodeName();
            if (getView() != null) {
                getParamsPanel().addSite(nodeName);
            }
        }
        try {
            for (RecordParam recordParam : Model.getSingleton().getDb().getTableParam().getAll()) {
                getSiteParameters(recordParam.getSite()).addParam(recordParam.getSite(), recordParam);
            }
        } catch (DatabaseException e) {
            LOGGER.error(e.getMessage(), e);
        }
    }

    public boolean onHttpRequestSend(HttpMessage httpMessage) {
        String str = httpMessage.getRequestHeader().getHostName() + ":" + httpMessage.getRequestHeader().getHostPort();
        if (getView() != null) {
            getParamsPanel().addSite(str);
        }
        SiteParameters siteParameters = this.siteParamsMap.get(str);
        if (siteParameters == null) {
            siteParameters = new SiteParameters(this, str);
            this.siteParamsMap.put(str, siteParameters);
        }
        try {
            Iterator<HtmlParameter> it = httpMessage.getRequestHeader().getCookieParams().iterator();
            while (it.hasNext()) {
                persist(siteParameters.addParam(str, it.next(), httpMessage));
            }
        } catch (IllegalArgumentException e) {
            LOGGER.warn("Failed to obtain the cookies: {}", e.getMessage(), e);
        }
        Iterator<HtmlParameter> it2 = httpMessage.getUrlParams().iterator();
        while (it2.hasNext()) {
            persist(siteParameters.addParam(str, it2.next(), httpMessage));
        }
        ExtensionAntiCSRF extensionAntiCSRF = (ExtensionAntiCSRF) Control.getSingleton().getExtensionLoader().getExtension(ExtensionAntiCSRF.class);
        Iterator<HtmlParameter> it3 = httpMessage.getFormParams().iterator();
        while (it3.hasNext()) {
            HtmlParameter next = it3.next();
            if (extensionAntiCSRF != null && extensionAntiCSRF.isAntiCsrfToken(next.getName())) {
                next.addFlag(HtmlParameter.Flags.anticsrf.name());
            }
            persist(siteParameters.addParam(str, next, httpMessage));
        }
        VariantMultipartFormParameters variantMultipartFormParameters = new VariantMultipartFormParameters();
        variantMultipartFormParameters.setMessage(httpMessage);
        for (NameValuePair nameValuePair : variantMultipartFormParameters.getParamList()) {
            if (nameValuePair.getType() == 33 || nameValuePair.getType() == 35) {
                persist(siteParameters.addParam(str, new HtmlParameter(HtmlParameter.Type.multipart, nameValuePair.getName(), nameValuePair.getValue()), httpMessage));
            }
        }
        return true;
    }

    private String setToString(Set<String> set) {
        StringBuilder sb = new StringBuilder();
        if (set == null) {
            return Constant.USER_AGENT;
        }
        synchronized (set) {
            for (String str : set) {
                if (sb.length() > 0) {
                    sb.append(',');
                }
                sb.append(str.replace(",", "%2C"));
            }
        }
        return sb.toString();
    }

    private void persist(HtmlParameterStats htmlParameterStats) {
        try {
            if (htmlParameterStats.getId() < 0) {
                htmlParameterStats.setId(Model.getSingleton().getDb().getTableParam().insert(htmlParameterStats.getSite(), htmlParameterStats.getType().name(), htmlParameterStats.getName(), htmlParameterStats.getTimesUsed(), setToString(htmlParameterStats.getFlags()), setToString(htmlParameterStats.getValues())).getParamId());
            } else {
                Model.getSingleton().getDb().getTableParam().update(htmlParameterStats.getId(), htmlParameterStats.getTimesUsed(), setToString(htmlParameterStats.getFlags()), setToString(htmlParameterStats.getValues()));
            }
        } catch (DatabaseException e) {
            if (!e.getCause().getMessage().contains("truncation")) {
                LOGGER.error(e.getMessage(), e);
                return;
            }
            LOGGER.warn("Could not add or update param: {}", htmlParameterStats.getName());
            LOGGER.warn("It is likely that the length of one of the data elements exceeded the column size.");
            LOGGER.warn(e.getMessage());
            LOGGER.debug(e.getMessage(), e);
        }
    }

    public boolean onHttpResponseReceive(HttpMessage httpMessage) {
        String str = httpMessage.getRequestHeader().getHostName() + ":" + httpMessage.getRequestHeader().getHostPort();
        if (getView() != null) {
            getParamsPanel().addSite(str);
        }
        SiteParameters siteParameters = getSiteParameters(str);
        try {
            Iterator<HtmlParameter> it = httpMessage.getResponseHeader().getCookieParams().iterator();
            while (it.hasNext()) {
                persist(siteParameters.addParam(str, it.next(), httpMessage));
            }
        } catch (IllegalArgumentException e) {
            LOGGER.warn("Failed to obtain the cookies: {}", e.getMessage(), e);
        }
        List<HttpHeaderField> headers = httpMessage.getResponseHeader().getHeaders();
        List asList = Arrays.asList(HttpHeader.SET_COOKIE.toLowerCase(), HttpHeader.SET_COOKIE2.toLowerCase());
        for (HttpHeaderField httpHeaderField : headers) {
            if (!asList.contains(httpHeaderField.getName().toLowerCase())) {
                HtmlParameter htmlParameter = new HtmlParameter(HtmlParameter.Type.header, httpHeaderField.getName(), httpHeaderField.getValue());
                ThreadUtils.invokeLater(() -> {
                    persist(siteParameters.addParam(str, htmlParameter, httpMessage));
                });
            }
        }
        return true;
    }

    @Override // org.zaproxy.zap.view.SiteMapListener
    public void nodeSelected(SiteNode siteNode) {
        getParamsPanel().nodeSelected(siteNode);
    }

    @Override // org.zaproxy.zap.view.SiteMapListener
    public void onReturnNodeRendererComponent(SiteMapTreeCellRenderer siteMapTreeCellRenderer, boolean z, SiteNode siteNode) {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void searchForSelectedParam() {
        ExtensionSearch extensionSearch;
        HtmlParameterStats selectedParam = getParamsPanel().getSelectedParam();
        if (selectedParam == null || (extensionSearch = (ExtensionSearch) Control.getSingleton().getExtensionLoader().getExtension(ExtensionSearch.class)) == null) {
            return;
        }
        if (HtmlParameter.Type.url.equals(selectedParam.getType())) {
            extensionSearch.search("[?&]" + Pattern.quote(selectedParam.getName()) + "=.*", ExtensionSearch.Type.URL, true, false);
            return;
        }
        if (HtmlParameter.Type.cookie.equals(selectedParam.getType())) {
            extensionSearch.search(Pattern.quote(selectedParam.getName()) + "=.*", ExtensionSearch.Type.Header, true, false);
            return;
        }
        if (HtmlParameter.Type.header.equals(selectedParam.getType())) {
            extensionSearch.search(Pattern.quote(selectedParam.getName()) + ":.*", ExtensionSearch.Type.Header, true, false);
        } else if (HtmlParameter.Type.multipart.equals(selectedParam.getType())) {
            extensionSearch.search("(?i)\\s*content-disposition\\s*:.*\\s+name\\s*\\=?\\s*\\\"?" + Pattern.quote(selectedParam.getName()), ExtensionSearch.Type.Request, true, false);
        } else {
            extensionSearch.search(Pattern.quote(selectedParam.getName()) + "=.*", ExtensionSearch.Type.Request, true, false);
        }
    }

    public void addAntiCsrfToken() {
        HtmlParameterStats selectedParam = getParamsPanel().getSelectedParam();
        ExtensionAntiCSRF extensionAntiCSRF = (ExtensionAntiCSRF) Control.getSingleton().getExtensionLoader().getExtension(ExtensionAntiCSRF.class);
        if (extensionAntiCSRF == null || selectedParam == null) {
            return;
        }
        extensionAntiCSRF.addAntiCsrfTokenName(selectedParam.getName());
        selectedParam.addFlag(HtmlParameter.Flags.anticsrf.name());
        getParamsPanel().getParamsTable().repaint();
    }

    public void removeAntiCsrfToken() {
        HtmlParameterStats selectedParam = getParamsPanel().getSelectedParam();
        ExtensionAntiCSRF extensionAntiCSRF = (ExtensionAntiCSRF) Control.getSingleton().getExtensionLoader().getExtension(ExtensionAntiCSRF.class);
        if (extensionAntiCSRF == null || selectedParam == null) {
            return;
        }
        extensionAntiCSRF.removeAntiCsrfTokenName(selectedParam.getName());
        selectedParam.removeFlag(HtmlParameter.Flags.anticsrf.name());
        getParamsPanel().getParamsTable().repaint();
    }

    public boolean hasSite(String str) {
        return this.siteParamsMap.containsKey(str);
    }

    public boolean hasParameters(String str) {
        SiteParameters siteParameters = this.siteParamsMap.get(str);
        if (siteParameters == null) {
            return false;
        }
        return siteParameters.hasParams();
    }

    public SiteParameters getSiteParameters(String str) {
        SiteParameters siteParameters = this.siteParamsMap.get(str);
        if (siteParameters == null) {
            siteParameters = new SiteParameters(this, str);
            this.siteParamsMap.put(str, siteParameters);
        }
        return siteParameters;
    }

    public Collection<SiteParameters> getAllSiteParameters() {
        return this.siteParamsMap.values();
    }

    public void addSessionToken() {
        HtmlParameterStats selectedParam = getParamsPanel().getSelectedParam();
        if (selectedParam != null) {
            ExtensionHttpSessions extensionHttpSessions = getExtensionHttpSessions();
            if (extensionHttpSessions != null) {
                extensionHttpSessions.addHttpSessionToken(getParamsPanel().getCurrentSite(), selectedParam.getName());
            }
            selectedParam.addFlag(HtmlParameter.Flags.session.name());
            getParamsPanel().getParamsTable().repaint();
        }
    }

    public void removeSessionToken() {
        HtmlParameterStats selectedParam = getParamsPanel().getSelectedParam();
        if (selectedParam != null) {
            ExtensionHttpSessions extensionHttpSessions = getExtensionHttpSessions();
            if (extensionHttpSessions != null) {
                extensionHttpSessions.removeHttpSessionToken(getParamsPanel().getCurrentSite(), selectedParam.getName());
            }
            selectedParam.removeFlag(HtmlParameter.Flags.session.name());
            getParamsPanel().getParamsTable().repaint();
        }
    }

    public HtmlParameterStats getSelectedParam() {
        return getParamsPanel().getSelectedParam();
    }

    @Override // org.parosproxy.paros.extension.SessionChangedListener
    public void sessionAboutToChange(Session session) {
    }

    @Override // org.parosproxy.paros.extension.SessionChangedListener
    public void sessionScopeChanged(Session session) {
    }

    @Override // org.parosproxy.paros.extension.Extension
    public String getAuthor() {
        return Constant.ZAP_TEAM;
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public String getDescription() {
        return Constant.messages.getString("params.desc");
    }

    @Override // org.parosproxy.paros.extension.SessionChangedListener
    public void sessionModeChanged(Control.Mode mode) {
    }
}
