package org.parosproxy.paros.core.scanner;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.apache.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.control.Control;
import org.parosproxy.paros.network.HttpMessage;
import org.parosproxy.paros.network.HttpStatusCode;
import org.zaproxy.zap.extension.ascan.ExtensionActiveScan;
import org.zaproxy.zap.extension.script.ExtensionScript;
import org.zaproxy.zap.extension.script.ScriptWrapper;

/* loaded from: input_file:org/parosproxy/paros/core/scanner/AbstractAppParamPlugin.class */
public abstract class AbstractAppParamPlugin extends AbstractAppPlugin {
    private final Logger logger = Logger.getLogger(getClass());
    private final ArrayList<Variant> listVariant = new ArrayList<>();
    private NameValuePair originalPair = null;
    private Variant variant = null;
    private ExtensionScript extension;

    @Override // org.parosproxy.paros.core.scanner.Plugin
    public void scan() {
        ScannerParam scannerParam = getParent().getScannerParam();
        int targetParamsInjectable = scannerParam.getTargetParamsInjectable();
        int targetParamsEnabledRPC = scannerParam.getTargetParamsEnabledRPC();
        if ((targetParamsInjectable & 1) != 0) {
            VariantURLQuery variantURLQuery = new VariantURLQuery();
            variantURLQuery.setAddQueryParam(scannerParam.isAddQueryParam());
            this.listVariant.add(variantURLQuery);
            if ((targetParamsEnabledRPC & 16) != 0) {
                this.listVariant.add(new VariantODataIdQuery());
                this.listVariant.add(new VariantODataFilterQuery());
            }
            if ((targetParamsInjectable & 16) == 0) {
                this.listVariant.add(new VariantDdnPath());
            }
        }
        if ((targetParamsInjectable & 2) != 0) {
            this.listVariant.add(new VariantFormQuery());
            if ((targetParamsEnabledRPC & 1) != 0) {
                this.listVariant.add(new VariantMultipartFormParameters());
            }
            if ((targetParamsEnabledRPC & 2) != 0) {
                this.listVariant.add(new VariantXMLQuery());
            }
            if ((targetParamsEnabledRPC & 4) != 0) {
                this.listVariant.add(new VariantJSONQuery());
            }
            if ((targetParamsEnabledRPC & 8) != 0) {
                this.listVariant.add(new VariantGWTQuery());
            }
            if ((targetParamsEnabledRPC & 32) != 0) {
                this.listVariant.add(new VariantDirectWebRemotingQuery());
            }
        }
        if ((targetParamsInjectable & 8) != 0) {
            boolean isScanHeadersAllRequests = scannerParam.isScanHeadersAllRequests();
            if (!isScanHeadersAllRequests) {
                HttpMessage baseMsg = getBaseMsg();
                char[] rawQuery = baseMsg.getRequestHeader().getURI().getRawQuery();
                isScanHeadersAllRequests = ((rawQuery == null || rawQuery.length == 0) && baseMsg.getRequestBody().length() == 0) ? false : true;
            }
            if (isScanHeadersAllRequests) {
                this.listVariant.add(new VariantHeader());
            }
        }
        if ((targetParamsInjectable & 16) != 0) {
            this.listVariant.add(new VariantURLPath());
        }
        if ((targetParamsInjectable & 4) != 0) {
            this.listVariant.add(new VariantCookie());
        }
        if ((targetParamsEnabledRPC & ScannerParam.RPC_CUSTOM) != 0 && getExtension() != null) {
            for (ScriptWrapper scriptWrapper : getExtension().getScripts(ExtensionActiveScan.SCRIPT_TYPE_VARIANT)) {
                if (scriptWrapper.isEnabled()) {
                    this.listVariant.add(new VariantCustom(scriptWrapper, getExtension()));
                }
            }
        }
        if ((targetParamsEnabledRPC & ScannerParam.RPC_USERDEF) != 0) {
            this.listVariant.add(new VariantUserDefined());
        }
        if (this.listVariant.isEmpty()) {
            getParent().pluginSkipped(this, Constant.messages.getString("ascan.progress.label.skipped.reason.noinputvectors"));
            return;
        }
        for (int i = 0; i < this.listVariant.size() && !isStop(); i++) {
            HttpMessage newMsg = getNewMsg();
            this.variant = this.listVariant.get(i);
            try {
                this.variant.setMessage(newMsg);
                scanVariant();
            } catch (Exception e) {
                this.logger.error("Error occurred while scanning with variant " + this.variant.getClass().getCanonicalName(), e);
            }
            while (getParent().isPaused() && !isStop()) {
                Util.sleep(HttpStatusCode.INTERNAL_SERVER_ERROR);
            }
        }
    }

    private void scanVariant() {
        for (int i = 0; i < this.variant.getParamList().size() && !isStop(); i++) {
            this.originalPair = this.variant.getParamList().get(i);
            if (!isToExclude(this.originalPair)) {
                try {
                    scan(getNewMsg(), this.originalPair);
                } catch (Exception e) {
                    this.logger.error("Error occurred while scanning a message:", e);
                }
            }
        }
    }

    private boolean isToExclude(NameValuePair nameValuePair) {
        List<ScannerParamFilter> parameterExclusionFilters = getParameterExclusionFilters(nameValuePair);
        HttpMessage baseMsg = getBaseMsg();
        Iterator<ScannerParamFilter> it = parameterExclusionFilters.iterator();
        while (it.hasNext()) {
            if (it.next().isToExclude(baseMsg, nameValuePair)) {
                return true;
            }
        }
        return false;
    }

    private List<ScannerParamFilter> getParameterExclusionFilters(NameValuePair nameValuePair) {
        List<ScannerParamFilter> excludedParamList = getParent().getScannerParam().getExcludedParamList(-1);
        List<ScannerParamFilter> excludedParamList2 = getParent().getScannerParam().getExcludedParamList(nameValuePair.getType());
        if (excludedParamList == null) {
            return excludedParamList2 != null ? excludedParamList2 : Collections.emptyList();
        }
        if (excludedParamList2 == null) {
            return excludedParamList;
        }
        ArrayList arrayList = new ArrayList(excludedParamList.size() + excludedParamList2.size());
        arrayList.addAll(excludedParamList);
        arrayList.addAll(excludedParamList2);
        return arrayList;
    }

    public abstract void scan(HttpMessage httpMessage, String str, String str2);

    public void scan(HttpMessage httpMessage, NameValuePair nameValuePair) {
        scan(httpMessage, nameValuePair.getName(), nameValuePair.getValue());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String setParameter(HttpMessage httpMessage, String str, String str2) {
        return this.variant.setParameter(httpMessage, this.originalPair, str, str2);
    }

    protected String setEscapedParameter(HttpMessage httpMessage, String str, String str2) {
        return this.variant.setEscapedParameter(httpMessage, this.originalPair, str, str2);
    }

    private ExtensionScript getExtension() {
        if (this.extension == null) {
            this.extension = (ExtensionScript) Control.getSingleton().getExtensionLoader().getExtension(ExtensionScript.class);
        }
        return this.extension;
    }
}
