package org.parosproxy.paros.core.scanner;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.configuration.ConversionException;
import org.apache.commons.configuration.HierarchicalConfiguration;
import org.apache.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.common.AbstractParam;
import org.zaproxy.zap.extension.api.ZapApiIgnore;

/* loaded from: input_file:org/parosproxy/paros/core/scanner/ScannerParam.class */
public class ScannerParam extends AbstractParam {
    private static final String ACTIVE_SCAN_BASE_KEY = "scanner";
    private static final String HOST_PER_SCAN = "scanner.hostPerScan";
    private static final String THREAD_PER_HOST = "scanner.threadPerHost";
    private static final String DELAY_IN_MS = "scanner.delayInMs";
    private static final String INJECT_PLUGIN_ID_IN_HEADER = "scanner.pluginHeader";
    private static final String HANDLE_ANTI_CSRF_TOKENS = "scanner.antiCSFR";
    private static final String PROMPT_IN_ATTACK_MODE = "scanner.attackPrompt";
    private static final String RESCAN_IN_ATTACK_MODE = "scanner.attackRescan";
    private static final String PROMPT_TO_CLEAR_FINISHED = "scanner.clearFinished";
    private static final String MAX_RESULTS_LIST = "scanner.maxResults";
    private static final String MAX_SCANS_IN_UI = "scanner.maxScansInUI";
    private static final String SHOW_ADV_DIALOG = "scanner.advDialog";
    private static final String DEFAULT_POLICY = "scanner.defaultPolicy";
    private static final String ATTACK_POLICY = "scanner.attackPolicy";
    private static final String ALLOW_ATTACK_ON_START = "scanner.attackOnStart";
    private static final String MAX_CHART_TIME_IN_MINS = "scanner.chartTimeInMins";
    private static final String MAX_RULE_DURATION_IN_MINS = "scanner.maxRuleDurationInMins";
    private static final String MAX_SCAN_DURATION_IN_MINS = "scanner.maxScanDurationInMins";
    private static final String EXCLUDED_PARAMS_KEY = "scanner.excludedParameters";
    private static final String EXCLUDED_PARAM_NAME = "name";
    private static final String EXCLUDED_PARAM_TYPE = "type";
    private static final String EXCLUDED_PARAM_URL = "url";
    private static final String TARGET_INJECTABLE = "scanner.injectable";
    private static final String TARGET_ENABLED_RPC = "scanner.enabledRPC";
    private static final String SCAN_HEADERS_ALL_REQUESTS = "scanner.scanHeadersAllRequests";
    private static final String SCAN_ADD_QUERY_PARAM = "scanner.addQueryParam";
    public static final int TARGET_QUERYSTRING = 1;
    public static final int TARGET_POSTDATA = 2;
    public static final int TARGET_COOKIE = 4;
    public static final int TARGET_HTTPHEADERS = 8;
    public static final int TARGET_URLPATH = 16;
    public static final int RPC_MULTIPART = 1;
    public static final int RPC_XML = 2;
    public static final int RPC_JSON = 4;
    public static final int RPC_GWT = 8;
    public static final int RPC_ODATA = 16;
    public static final int RPC_DWR = 32;
    public static final int RPC_CUSTOM = 128;
    public static final int RPC_USERDEF = 256;
    public static final int TARGET_INJECTABLE_DEFAULT = 3;
    public static final int TARGET_ENABLED_RPC_DEFAULT = 191;
    private static final int DEFAULT_MAX_CHART_TIME_IN_MINS = 10;
    private String defaultPolicy;
    private String attackPolicy;
    private boolean scanHeadersAllRequests;
    private boolean addQueryParam;
    private static final Logger logger = Logger.getLogger(ScannerParam.class);
    private int hostPerScan = 2;
    private int threadPerHost = 2;
    private int delayInMs = 0;
    private int maxResultsToList = 1000;
    private int maxScansInUI = 5;
    private boolean injectPluginIdInHeader = false;
    private boolean handleAntiCSRFTokens = false;
    private boolean promptInAttackMode = true;
    private boolean rescanInAttackMode = true;
    private boolean promptToClearFinishedScans = true;
    private boolean showAdvancedDialog = false;
    private boolean allowAttackOnStart = false;
    private int maxChartTimeInMins = 10;
    private int maxRuleDurationInMins = 0;
    private int maxScanDurationInMins = 0;
    private int targetParamsInjectable = 3;
    private int targetParamsEnabledRPC = TARGET_ENABLED_RPC_DEFAULT;
    private final List<ScannerParamFilter> excludedParams = new ArrayList();
    private final Map<Integer, List<ScannerParamFilter>> excludedParamsMap = new HashMap();

    @Override // org.parosproxy.paros.common.AbstractParam
    protected void parse() {
        removeOldOptions();
        this.threadPerHost = getInt(THREAD_PER_HOST, 2);
        this.hostPerScan = getInt(HOST_PER_SCAN, 2);
        this.delayInMs = getInt(DELAY_IN_MS, 0);
        this.maxResultsToList = getInt(MAX_RESULTS_LIST, 1000);
        this.maxRuleDurationInMins = getInt(MAX_RULE_DURATION_IN_MINS, 0);
        this.maxScanDurationInMins = getInt(MAX_SCAN_DURATION_IN_MINS, 0);
        this.maxScansInUI = getInt(MAX_SCANS_IN_UI, 5);
        this.injectPluginIdInHeader = getBoolean(INJECT_PLUGIN_ID_IN_HEADER, false);
        this.handleAntiCSRFTokens = getBoolean(HANDLE_ANTI_CSRF_TOKENS, false);
        this.promptInAttackMode = getBoolean(PROMPT_IN_ATTACK_MODE, true);
        this.rescanInAttackMode = getBoolean(RESCAN_IN_ATTACK_MODE, true);
        this.promptToClearFinishedScans = getBoolean(PROMPT_TO_CLEAR_FINISHED, true);
        this.showAdvancedDialog = getBoolean(SHOW_ADV_DIALOG, false);
        this.defaultPolicy = getString(DEFAULT_POLICY, null);
        this.attackPolicy = getString(ATTACK_POLICY, null);
        this.targetParamsInjectable = getInt(TARGET_INJECTABLE, 3);
        this.targetParamsEnabledRPC = getInt(TARGET_ENABLED_RPC, TARGET_ENABLED_RPC_DEFAULT);
        this.allowAttackOnStart = getBoolean(ALLOW_ATTACK_ON_START, false);
        this.maxChartTimeInMins = getInt(MAX_CHART_TIME_IN_MINS, 10);
        this.scanHeadersAllRequests = getBoolean(SCAN_HEADERS_ALL_REQUESTS, false);
        this.addQueryParam = getBoolean(SCAN_ADD_QUERY_PARAM, false);
        try {
            List<HierarchicalConfiguration> configurationsAt = getConfig().configurationsAt(EXCLUDED_PARAMS_KEY);
            this.excludedParams.clear();
            this.excludedParamsMap.clear();
            ArrayList arrayList = new ArrayList(configurationsAt.size());
            for (HierarchicalConfiguration hierarchicalConfiguration : configurationsAt) {
                String string = hierarchicalConfiguration.getString("name", Constant.USER_AGENT);
                if (!string.isEmpty() && !arrayList.contains(string)) {
                    arrayList.add(string);
                    addScannerParamFilter(string, hierarchicalConfiguration.getInt(EXCLUDED_PARAM_TYPE, -1), hierarchicalConfiguration.getString(EXCLUDED_PARAM_URL));
                }
            }
        } catch (ConversionException e) {
            logger.error("Error while loading the excluded parameter list: " + e.getMessage(), e);
        }
        if (this.excludedParams.isEmpty()) {
            addScannerParamFilter("(?i)ASP.NET_SessionId", -1, "*");
            addScannerParamFilter("(?i)ASPSESSIONID.*", -1, "*");
            addScannerParamFilter("(?i)PHPSESSID", -1, "*");
            addScannerParamFilter("(?i)SITESERVER", -1, "*");
            addScannerParamFilter("(?i)sessid", -1, "*");
            addScannerParamFilter("__VIEWSTATE", 2, "*");
            addScannerParamFilter("__EVENTVALIDATION", 2, "*");
            addScannerParamFilter("__EVENTTARGET", 2, "*");
            addScannerParamFilter("__EVENTARGUMENT", 2, "*");
            addScannerParamFilter("javax.faces.ViewState", 2, "*");
            addScannerParamFilter("(?i)jsessionid", -1, "*");
            addScannerParamFilter("cfid", 4, "*");
            addScannerParamFilter("cftoken", 4, "*");
        }
    }

    private void removeOldOptions() {
        if (getConfig().containsKey("scanner.deleteOnShutdown")) {
            getConfig().clearProperty("scanner.deleteOnShutdown");
        }
    }

    private void addScannerParamFilter(String str, int i, String str2) {
        ScannerParamFilter scannerParamFilter = new ScannerParamFilter();
        scannerParamFilter.setParamName(str);
        scannerParamFilter.setType(i);
        scannerParamFilter.setWildcardedUrl(str2);
        List<ScannerParamFilter> list = this.excludedParamsMap.get(Integer.valueOf(scannerParamFilter.getType()));
        if (list == null) {
            list = new ArrayList();
            this.excludedParamsMap.put(Integer.valueOf(scannerParamFilter.getType()), list);
        }
        this.excludedParams.add(scannerParamFilter);
        list.add(scannerParamFilter);
    }

    @ZapApiIgnore
    public List<ScannerParamFilter> getExcludedParamList() {
        return this.excludedParams;
    }

    public List<ScannerParamFilter> getExcludedParamList(int i) {
        return this.excludedParamsMap.get(Integer.valueOf(i));
    }

    public void setExcludedParamList(List<ScannerParamFilter> list) {
        getConfig().clearTree(EXCLUDED_PARAMS_KEY);
        this.excludedParams.clear();
        this.excludedParamsMap.clear();
        int size = list.size();
        for (int i = 0; i < size; i++) {
            String str = "scanner.excludedParameters(" + i + ").";
            ScannerParamFilter scannerParamFilter = list.get(i);
            getConfig().setProperty(str + "name", scannerParamFilter.getParamName());
            getConfig().setProperty(str + EXCLUDED_PARAM_TYPE, Integer.valueOf(scannerParamFilter.getType()));
            getConfig().setProperty(str + EXCLUDED_PARAM_URL, scannerParamFilter.getWildcardedUrl());
            addScannerParamFilter(scannerParamFilter.getParamName(), scannerParamFilter.getType(), scannerParamFilter.getWildcardedUrl());
        }
    }

    public int getThreadPerHost() {
        return this.threadPerHost;
    }

    public void setThreadPerHost(int i) {
        this.threadPerHost = i;
        getConfig().setProperty(THREAD_PER_HOST, Integer.toString(this.threadPerHost));
    }

    public int getHostPerScan() {
        return this.hostPerScan;
    }

    public void setHostPerScan(int i) {
        this.hostPerScan = i;
        getConfig().setProperty(HOST_PER_SCAN, Integer.toString(this.hostPerScan));
    }

    public int getMaxResultsToList() {
        return this.maxResultsToList;
    }

    public void setMaxResultsToList(int i) {
        this.maxResultsToList = i;
        getConfig().setProperty(MAX_RESULTS_LIST, Integer.toString(this.maxResultsToList));
    }

    public int getMaxRuleDurationInMins() {
        return this.maxRuleDurationInMins;
    }

    public void setMaxRuleDurationInMins(int i) {
        this.maxRuleDurationInMins = i;
        getConfig().setProperty(MAX_RULE_DURATION_IN_MINS, Integer.toString(this.maxRuleDurationInMins));
    }

    public int getMaxScanDurationInMins() {
        return this.maxScanDurationInMins;
    }

    public void setMaxScanDurationInMins(int i) {
        this.maxScanDurationInMins = i;
        getConfig().setProperty(MAX_SCAN_DURATION_IN_MINS, Integer.toString(this.maxScanDurationInMins));
    }

    public void setDelayInMs(int i) {
        this.delayInMs = i;
        getConfig().setProperty(DELAY_IN_MS, Integer.toString(this.delayInMs));
    }

    public int getDelayInMs() {
        return this.delayInMs;
    }

    public boolean isInjectPluginIdInHeader() {
        return this.injectPluginIdInHeader;
    }

    public void setInjectPluginIdInHeader(boolean z) {
        this.injectPluginIdInHeader = z;
        getConfig().setProperty(INJECT_PLUGIN_ID_IN_HEADER, Boolean.valueOf(z));
    }

    public boolean getHandleAntiCSRFTokens() {
        return this.handleAntiCSRFTokens;
    }

    public void setHandleAntiCSRFTokens(boolean z) {
        this.handleAntiCSRFTokens = z;
        getConfig().setProperty(HANDLE_ANTI_CSRF_TOKENS, Boolean.valueOf(z));
    }

    public boolean isRescanInAttackMode() {
        return this.rescanInAttackMode;
    }

    public void setRescanInAttackMode(boolean z) {
        this.rescanInAttackMode = z;
        getConfig().setProperty(RESCAN_IN_ATTACK_MODE, Boolean.valueOf(z));
    }

    public boolean isPromptInAttackMode() {
        return this.promptInAttackMode;
    }

    public void setPromptInAttackMode(boolean z) {
        this.promptInAttackMode = z;
        getConfig().setProperty(PROMPT_IN_ATTACK_MODE, Boolean.valueOf(z));
    }

    public int getTargetParamsInjectable() {
        return this.targetParamsInjectable;
    }

    public void setTargetParamsInjectable(int i) {
        this.targetParamsInjectable = i;
        getConfig().setProperty(TARGET_INJECTABLE, Integer.valueOf(this.targetParamsInjectable));
    }

    public int getTargetParamsEnabledRPC() {
        return this.targetParamsEnabledRPC;
    }

    public void setTargetParamsEnabledRPC(int i) {
        this.targetParamsEnabledRPC = i;
        getConfig().setProperty(TARGET_ENABLED_RPC, Integer.valueOf(this.targetParamsEnabledRPC));
    }

    public boolean isPromptToClearFinishedScans() {
        return this.promptToClearFinishedScans;
    }

    public void setPromptToClearFinishedScans(boolean z) {
        this.promptToClearFinishedScans = z;
        getConfig().setProperty(PROMPT_TO_CLEAR_FINISHED, Boolean.valueOf(this.promptToClearFinishedScans));
    }

    public int getMaxScansInUI() {
        return this.maxScansInUI;
    }

    public void setMaxScansInUI(int i) {
        this.maxScansInUI = i;
        getConfig().setProperty(MAX_SCANS_IN_UI, Integer.valueOf(this.maxScansInUI));
    }

    public boolean isShowAdvancedDialog() {
        return this.showAdvancedDialog;
    }

    public void setShowAdvancedDialog(boolean z) {
        this.showAdvancedDialog = z;
        getConfig().setProperty(SHOW_ADV_DIALOG, Boolean.valueOf(this.showAdvancedDialog));
    }

    public String getDefaultPolicy() {
        return this.defaultPolicy;
    }

    public String getAttackPolicy() {
        return this.attackPolicy;
    }

    public void setDefaultPolicy(String str) {
        this.defaultPolicy = str;
        getConfig().setProperty(DEFAULT_POLICY, this.defaultPolicy);
    }

    public void setAttackPolicy(String str) {
        this.attackPolicy = str;
        getConfig().setProperty(ATTACK_POLICY, this.attackPolicy);
    }

    public boolean isAllowAttackOnStart() {
        return this.allowAttackOnStart;
    }

    public void setAllowAttackOnStart(boolean z) {
        this.allowAttackOnStart = z;
        getConfig().setProperty(ALLOW_ATTACK_ON_START, Boolean.valueOf(this.allowAttackOnStart));
    }

    public int getMaxChartTimeInMins() {
        return this.maxChartTimeInMins;
    }

    public void setMaxChartTimeInMins(int i) {
        this.maxChartTimeInMins = i;
        getConfig().setProperty(MAX_CHART_TIME_IN_MINS, Integer.valueOf(this.maxChartTimeInMins));
    }

    public boolean isScanHeadersAllRequests() {
        return this.scanHeadersAllRequests;
    }

    public void setScanHeadersAllRequests(boolean z) {
        if (z == this.scanHeadersAllRequests) {
            return;
        }
        this.scanHeadersAllRequests = z;
        getConfig().setProperty(SCAN_HEADERS_ALL_REQUESTS, Boolean.valueOf(this.scanHeadersAllRequests));
    }

    public boolean isAddQueryParam() {
        return this.addQueryParam;
    }

    public void setAddQueryParam(boolean z) {
        this.addQueryParam = z;
        getConfig().setProperty(SCAN_ADD_QUERY_PARAM, Boolean.valueOf(this.addQueryParam));
    }
}
