package org.zaproxy.zap.extension.authentication;

import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.regex.Pattern;
import net.sf.json.JSONObject;
import org.apache.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.control.Control;
import org.zaproxy.zap.authentication.AuthenticationMethodType;
import org.zaproxy.zap.extension.api.API;
import org.zaproxy.zap.extension.api.ApiAction;
import org.zaproxy.zap.extension.api.ApiDynamicActionImplementor;
import org.zaproxy.zap.extension.api.ApiException;
import org.zaproxy.zap.extension.api.ApiImplementor;
import org.zaproxy.zap.extension.api.ApiResponse;
import org.zaproxy.zap.extension.api.ApiResponseElement;
import org.zaproxy.zap.extension.api.ApiResponseList;
import org.zaproxy.zap.extension.api.ApiView;
import org.zaproxy.zap.extension.users.ExtensionUserManagement;
import org.zaproxy.zap.model.Context;
import org.zaproxy.zap.utils.ApiUtils;

/* loaded from: input_file:org/zaproxy/zap/extension/authentication/AuthenticationAPI.class */
public class AuthenticationAPI extends ApiImplementor {
    private static final Logger log = Logger.getLogger(AuthenticationAPI.class);
    private static final String PREFIX = "authentication";
    private static final String VIEW_GET_AUTHENTICATION = "getAuthenticationMethod";
    private static final String VIEW_GET_LOGGED_IN_INDICATOR = "getLoggedInIndicator";
    private static final String VIEW_GET_LOGGED_OUT_INDICATOR = "getLoggedOutIndicator";
    private static final String VIEW_GET_METHOD_CONFIG_PARAMETERS = "getAuthenticationMethodConfigParams";
    private static final String VIEW_GET_SUPPORTED_METHODS = "getSupportedAuthenticationMethods";
    private static final String ACTION_SET_LOGGED_IN_INDICATOR = "setLoggedInIndicator";
    private static final String ACTION_SET_LOGGED_OUT_INDICATOR = "setLoggedOutIndicator";
    private static final String ACTION_SET_METHOD = "setAuthenticationMethod";
    public static final String PARAM_CONTEXT_ID = "contextId";
    private static final String PARAM_LOGGED_IN_INDICATOR = "loggedInIndicatorRegex";
    private static final String PARAM_LOGGED_OUT_INDICATOR = "loggedOutIndicatorRegex";
    private static final String PARAM_METHOD_NAME = "authMethodName";
    private static final String PARAM_METHOD_CONFIG_PARAMS = "authMethodConfigParams";
    private Map<String, AuthMethodEntry> loadedAuthenticationMethodActions;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/zaproxy/zap/extension/authentication/AuthenticationAPI$AuthMethodEntry.class */
    public static class AuthMethodEntry {
        private final AuthenticationMethodType methodType;
        private final ApiDynamicActionImplementor api;

        public AuthMethodEntry(AuthenticationMethodType authenticationMethodType, ApiDynamicActionImplementor apiDynamicActionImplementor) {
            this.methodType = authenticationMethodType;
            this.api = apiDynamicActionImplementor;
        }

        public AuthenticationMethodType getMethodType() {
            return this.methodType;
        }

        public ApiDynamicActionImplementor getApi() {
            return this.api;
        }
    }

    public AuthenticationAPI(ExtensionAuthentication extensionAuthentication) {
        addApiView(new ApiView(VIEW_GET_SUPPORTED_METHODS));
        addApiView(new ApiView(VIEW_GET_METHOD_CONFIG_PARAMETERS, new String[]{PARAM_METHOD_NAME}));
        addApiView(new ApiView(VIEW_GET_AUTHENTICATION, new String[]{"contextId"}));
        addApiView(new ApiView(VIEW_GET_LOGGED_IN_INDICATOR, new String[]{"contextId"}));
        addApiView(new ApiView(VIEW_GET_LOGGED_OUT_INDICATOR, new String[]{"contextId"}));
        this.loadedAuthenticationMethodActions = new HashMap();
        if (extensionAuthentication != null) {
            for (AuthenticationMethodType authenticationMethodType : extensionAuthentication.getAuthenticationMethodTypes()) {
                ApiDynamicActionImplementor setMethodForContextApiAction = authenticationMethodType.getSetMethodForContextApiAction();
                if (setMethodForContextApiAction != null) {
                    this.loadedAuthenticationMethodActions.put(setMethodForContextApiAction.getName(), new AuthMethodEntry(authenticationMethodType, setMethodForContextApiAction));
                }
            }
        }
        addApiAction(new ApiAction(ACTION_SET_METHOD, new String[]{"contextId", PARAM_METHOD_NAME}, new String[]{PARAM_METHOD_CONFIG_PARAMS}));
        addApiAction(new ApiAction(ACTION_SET_LOGGED_IN_INDICATOR, new String[]{"contextId", PARAM_LOGGED_IN_INDICATOR}));
        addApiAction(new ApiAction(ACTION_SET_LOGGED_OUT_INDICATOR, new String[]{"contextId", PARAM_LOGGED_OUT_INDICATOR}));
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public String getPrefix() {
        return "authentication";
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public ApiResponse handleApiView(String str, JSONObject jSONObject) throws ApiException {
        log.debug("handleApiView " + str + " " + jSONObject.toString());
        boolean z = -1;
        switch (str.hashCode()) {
            case -1781072135:
                if (str.equals(VIEW_GET_LOGGED_OUT_INDICATOR)) {
                    z = 2;
                    break;
                }
                break;
            case -1666466046:
                if (str.equals(VIEW_GET_SUPPORTED_METHODS)) {
                    z = 3;
                    break;
                }
                break;
            case -1031145737:
                if (str.equals(VIEW_GET_METHOD_CONFIG_PARAMETERS)) {
                    z = 4;
                    break;
                }
                break;
            case 92200658:
                if (str.equals(VIEW_GET_LOGGED_IN_INDICATOR)) {
                    z = true;
                    break;
                }
                break;
            case 1134076399:
                if (str.equals(VIEW_GET_AUTHENTICATION)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return getContext(jSONObject).getAuthenticationMethod().getApiResponseRepresentation();
            case true:
                Pattern loggedInIndicatorPattern = getContext(jSONObject).getAuthenticationMethod().getLoggedInIndicatorPattern();
                return loggedInIndicatorPattern != null ? new ApiResponseElement("logged_in_regex", loggedInIndicatorPattern.toString()) : new ApiResponseElement("logged_in_regex", Constant.USER_AGENT);
            case true:
                Pattern loggedOutIndicatorPattern = getContext(jSONObject).getAuthenticationMethod().getLoggedOutIndicatorPattern();
                return loggedOutIndicatorPattern != null ? new ApiResponseElement("logged_out_regex", loggedOutIndicatorPattern.toString()) : new ApiResponseElement("logged_out_regex", Constant.USER_AGENT);
            case true:
                ApiResponseList apiResponseList = new ApiResponseList("supportedMethods");
                Iterator<AuthMethodEntry> it = this.loadedAuthenticationMethodActions.values().iterator();
                while (it.hasNext()) {
                    apiResponseList.addItem(new ApiResponseElement("methodName", it.next().getApi().getName()));
                }
                return apiResponseList;
            case true:
                return getSetMethodActionImplementor(jSONObject).getApi().buildParamsDescription();
            default:
                throw new ApiException(ApiException.Type.BAD_VIEW);
        }
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public ApiResponse handleApiAction(String str, JSONObject jSONObject) throws ApiException {
        log.debug("handleApiAction " + str + " " + jSONObject.toString());
        boolean z = -1;
        switch (str.hashCode()) {
            case -1108619013:
                if (str.equals(ACTION_SET_METHOD)) {
                    z = 2;
                    break;
                }
                break;
            case -518722746:
                if (str.equals(ACTION_SET_LOGGED_IN_INDICATOR)) {
                    z = false;
                    break;
                }
                break;
            case 755138821:
                if (str.equals(ACTION_SET_LOGGED_OUT_INDICATOR)) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                String string = jSONObject.getString(PARAM_LOGGED_IN_INDICATOR);
                if (string == null || string.isEmpty()) {
                    throw new ApiException(ApiException.Type.MISSING_PARAMETER, PARAM_LOGGED_IN_INDICATOR);
                }
                Context context = getContext(jSONObject);
                context.getAuthenticationMethod().setLoggedInIndicatorPattern(string);
                context.save();
                return ApiResponseElement.OK;
            case true:
                String string2 = jSONObject.getString(PARAM_LOGGED_OUT_INDICATOR);
                if (string2 == null || string2.isEmpty()) {
                    throw new ApiException(ApiException.Type.MISSING_PARAMETER, PARAM_LOGGED_OUT_INDICATOR);
                }
                Context context2 = getContext(jSONObject);
                context2.getAuthenticationMethod().setLoggedOutIndicatorPattern(string2);
                context2.save();
                return ApiResponseElement.OK;
            case true:
                JSONObject params = jSONObject.has(PARAM_METHOD_CONFIG_PARAMS) ? API.getParams(jSONObject.getString(PARAM_METHOD_CONFIG_PARAMS)) : new JSONObject();
                Context context3 = getContext(jSONObject);
                params.put("contextId", Integer.valueOf(context3.getIndex()));
                AuthenticationMethodType type = context3.getAuthenticationMethod().getType();
                AuthMethodEntry setMethodActionImplementor = getSetMethodActionImplementor(jSONObject);
                setMethodActionImplementor.getApi().handleAction(params);
                resetUsersCredentials(context3.getIndex(), type, setMethodActionImplementor.getMethodType());
                context3.save();
                return ApiResponseElement.OK;
            default:
                throw new ApiException(ApiException.Type.BAD_ACTION);
        }
    }

    private static void resetUsersCredentials(int i, AuthenticationMethodType authenticationMethodType, AuthenticationMethodType authenticationMethodType2) {
        ExtensionUserManagement extensionUserManagement = (ExtensionUserManagement) Control.getSingleton().getExtensionLoader().getExtension(ExtensionUserManagement.class);
        if (extensionUserManagement == null || authenticationMethodType.getAuthenticationCredentialsType() == authenticationMethodType2.getAuthenticationCredentialsType()) {
            return;
        }
        extensionUserManagement.getContextUserAuthManager(i).getUsers().forEach(user -> {
            user.setEnabled(false);
            user.setAuthenticationCredentials(authenticationMethodType2.createAuthenticationCredentials());
        });
    }

    private AuthMethodEntry getSetMethodActionImplementor(JSONObject jSONObject) throws ApiException {
        AuthMethodEntry authMethodEntry = this.loadedAuthenticationMethodActions.get(ApiUtils.getNonEmptyStringParam(jSONObject, PARAM_METHOD_NAME));
        if (authMethodEntry == null) {
            throw new ApiException(ApiException.Type.DOES_NOT_EXIST, "No authentication method type matches the provided value.");
        }
        return authMethodEntry;
    }

    private Context getContext(JSONObject jSONObject) throws ApiException {
        return ApiUtils.getContextByParamId(jSONObject, "contextId");
    }
}
