package org.zaproxy.zap.extension.httpsessions;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import net.sf.json.JSONObject;
import org.apache.commons.httpclient.Cookie;
import org.apache.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.zaproxy.zap.extension.alert.AlertEventPublisher;
import org.zaproxy.zap.extension.api.ApiAction;
import org.zaproxy.zap.extension.api.ApiException;
import org.zaproxy.zap.extension.api.ApiImplementor;
import org.zaproxy.zap.extension.api.ApiResponse;
import org.zaproxy.zap.extension.api.ApiResponseElement;
import org.zaproxy.zap.extension.api.ApiResponseList;
import org.zaproxy.zap.extension.api.ApiResponseSet;
import org.zaproxy.zap.extension.api.ApiView;
import org.zaproxy.zap.utils.ApiUtils;
import org.zaproxy.zap.utils.Pair;
import org.zaproxy.zap.utils.XMLStringUtil;

/* loaded from: input_file:org/zaproxy/zap/extension/httpsessions/HttpSessionsAPI.class */
public class HttpSessionsAPI extends ApiImplementor {
    private static final Logger log = Logger.getLogger(HttpSessionsAPI.class);
    private static final String PREFIX = "httpSessions";
    private static final String ACTION_CREATE_EMPTY_SESSION = "createEmptySession";
    private static final String ACTION_REMOVE_SESSION = "removeSession";
    private static final String ACTION_SET_ACTIVE_SESSION = "setActiveSession";
    private static final String ACTION_ADD_SESSION_TOKEN = "addSessionToken";
    private static final String ACTION_REMOVE_SESSION_TOKEN = "removeSessionToken";
    private static final String ACTION_UNSET_ACTIVE_SESSION = "unsetActiveSession";
    private static final String ACTION_SET_SESSION_TOKEN = "setSessionTokenValue";
    private static final String ACTION_ADD_DEFAULT_SESSION_TOKEN = "addDefaultSessionToken";
    private static final String ACTION_SET_DEFAULT_SESSION_TOKEN_ENABLED = "setDefaultSessionTokenEnabled";
    private static final String ACTION_REMOVE_DEFAULT_SESSION_TOKEN = "removeDefaultSessionToken";
    private static final String ACTION_RENAME_SESSION = "renameSession";
    private static final String ACTION_PARAM_SITE = "site";
    private static final String ACTION_PARAM_SESSION = "session";
    private static final String ACTION_PARAM_SESSION_OLD_NAME = "oldSessionName";
    private static final String ACTION_PARAM_SESSION_NEW_NAME = "newSessionName";
    private static final String ACTION_PARAM_TOKEN_NAME = "sessionToken";
    private static final String ACTION_PARAM_TOKEN_VALUE = "tokenValue";
    private static final String ACTION_PARAM_TOKEN_ENABLED = "tokenEnabled";
    private static final String VIEW_SITES = "sites";
    private static final String VIEW_SESSIONS = "sessions";
    private static final String VIEW_ACTIVE_SESSION = "activeSession";
    private static final String VIEW_SESSION_TOKENS = "sessionTokens";
    private static final String VIEW_DEFAULT_SESSION_TOKENS = "defaultSessionTokens";
    private static final String VIEW_PARAM_SITE = "site";
    private static final String VIEW_PARAM_SESSION = "session";
    private ExtensionHttpSessions extension;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/zaproxy/zap/extension/httpsessions/HttpSessionsAPI$TokenValuesResponseSet.class */
    public static class TokenValuesResponseSet extends ApiResponseSet<Cookie> {
        private final List<List<Pair<String, String>>> xmlTokenElements;

        public TokenValuesResponseSet(Map<String, Cookie> map) {
            super("tokens", map);
            this.xmlTokenElements = convertTokenValues(map);
        }

        @Override // org.zaproxy.zap.extension.api.ApiResponseSet, org.zaproxy.zap.extension.api.ApiResponse
        public void toXML(Document document, Element element) {
            element.setAttribute("type", "set");
            for (List<Pair<String, String>> list : this.xmlTokenElements) {
                Element createElement = document.createElement("token");
                createElement.setAttribute("type", "set");
                for (Pair<String, String> pair : list) {
                    Element createElement2 = document.createElement(pair.first);
                    createElement2.appendChild(document.createTextNode(XMLStringUtil.escapeControlChrs(pair.second)));
                    createElement.appendChild(createElement2);
                }
                element.appendChild(createElement);
            }
        }

        private static List<List<Pair<String, String>>> convertTokenValues(Map<String, Cookie> map) {
            ArrayList arrayList = new ArrayList();
            for (Map.Entry<String, Cookie> entry : map.entrySet()) {
                Cookie value = entry.getValue();
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(new Pair(AlertEventPublisher.NAME, entry.getKey()));
                arrayList2.add(new Pair("value", value.getValue()));
                arrayList2.add(new Pair("domain", value.getDomain()));
                arrayList2.add(new Pair("path", value.getPath()));
                arrayList2.add(new Pair("secure", Boolean.toString(value.getSecure())));
                arrayList.add(arrayList2);
            }
            return arrayList;
        }
    }

    public HttpSessionsAPI(ExtensionHttpSessions extensionHttpSessions) {
        this.extension = extensionHttpSessions;
        addApiAction(new ApiAction(ACTION_CREATE_EMPTY_SESSION, new String[]{"site"}, new String[]{"session"}));
        addApiAction(new ApiAction(ACTION_REMOVE_SESSION, new String[]{"site", "session"}));
        addApiAction(new ApiAction(ACTION_SET_ACTIVE_SESSION, new String[]{"site", "session"}));
        addApiAction(new ApiAction(ACTION_UNSET_ACTIVE_SESSION, new String[]{"site"}));
        addApiAction(new ApiAction(ACTION_ADD_SESSION_TOKEN, new String[]{"site", ACTION_PARAM_TOKEN_NAME}));
        addApiAction(new ApiAction(ACTION_REMOVE_SESSION_TOKEN, new String[]{"site", ACTION_PARAM_TOKEN_NAME}));
        addApiAction(new ApiAction(ACTION_SET_SESSION_TOKEN, new String[]{"site", "session", ACTION_PARAM_TOKEN_NAME, ACTION_PARAM_TOKEN_VALUE}));
        addApiAction(new ApiAction(ACTION_RENAME_SESSION, new String[]{"site", ACTION_PARAM_SESSION_OLD_NAME, ACTION_PARAM_SESSION_NEW_NAME}));
        addApiAction(new ApiAction(ACTION_ADD_DEFAULT_SESSION_TOKEN, new String[]{ACTION_PARAM_TOKEN_NAME}, new String[]{ACTION_PARAM_TOKEN_ENABLED}));
        addApiAction(new ApiAction(ACTION_SET_DEFAULT_SESSION_TOKEN_ENABLED, new String[]{ACTION_PARAM_TOKEN_NAME, ACTION_PARAM_TOKEN_ENABLED}));
        addApiAction(new ApiAction(ACTION_REMOVE_DEFAULT_SESSION_TOKEN, new String[]{ACTION_PARAM_TOKEN_NAME}));
        addApiView(new ApiView(VIEW_SITES));
        addApiView(new ApiView(VIEW_SESSIONS, new String[]{"site"}, new String[]{"session"}));
        addApiView(new ApiView(VIEW_ACTIVE_SESSION, new String[]{"site"}));
        addApiView(new ApiView(VIEW_SESSION_TOKENS, new String[]{"site"}));
        addApiView(new ApiView(VIEW_DEFAULT_SESSION_TOKENS));
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public String getPrefix() {
        return PREFIX;
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public ApiResponse handleApiAction(String str, JSONObject jSONObject) throws ApiException {
        if (log.isDebugEnabled()) {
            log.debug("Request for handleApiAction: " + str + " (params: " + jSONObject.toString() + ")");
        }
        boolean z = -1;
        switch (str.hashCode()) {
            case -2143687826:
                if (str.equals(ACTION_SET_ACTIVE_SESSION)) {
                    z = 2;
                    break;
                }
                break;
            case -1114487438:
                if (str.equals(ACTION_REMOVE_SESSION)) {
                    z = true;
                    break;
                }
                break;
            case -1073028744:
                if (str.equals(ACTION_RENAME_SESSION)) {
                    z = 7;
                    break;
                }
                break;
            case -578095425:
                if (str.equals(ACTION_SET_DEFAULT_SESSION_TOKEN_ENABLED)) {
                    z = 9;
                    break;
                }
                break;
            case -566728212:
                if (str.equals(ACTION_SET_SESSION_TOKEN)) {
                    z = 6;
                    break;
                }
                break;
            case -414396507:
                if (str.equals(ACTION_CREATE_EMPTY_SESSION)) {
                    z = false;
                    break;
                }
                break;
            case -1857529:
                if (str.equals(ACTION_UNSET_ACTIVE_SESSION)) {
                    z = 3;
                    break;
                }
                break;
            case 1379620932:
                if (str.equals(ACTION_ADD_SESSION_TOKEN)) {
                    z = 4;
                    break;
                }
                break;
            case 1936530343:
                if (str.equals(ACTION_REMOVE_SESSION_TOKEN)) {
                    z = 5;
                    break;
                }
                break;
            case 2028300163:
                if (str.equals(ACTION_ADD_DEFAULT_SESSION_TOKEN)) {
                    z = 8;
                    break;
                }
                break;
            case 2144771776:
                if (str.equals(ACTION_REMOVE_DEFAULT_SESSION_TOKEN)) {
                    z = 10;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                HttpSessionsSite httpSessionsSite = this.extension.getHttpSessionsSite(ApiUtils.getAuthority(jSONObject.getString("site")), true);
                if (httpSessionsSite == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "site");
                }
                String param = getParam(jSONObject, "session", Constant.USER_AGENT);
                if (Constant.USER_AGENT.equals(param)) {
                    httpSessionsSite.createEmptySession();
                } else {
                    httpSessionsSite.createEmptySession(param);
                }
                return ApiResponseElement.OK;
            case true:
                HttpSessionsSite httpSessionsSite2 = this.extension.getHttpSessionsSite(ApiUtils.getAuthority(jSONObject.getString("site")), false);
                if (httpSessionsSite2 == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "site");
                }
                HttpSession httpSession = httpSessionsSite2.getHttpSession(jSONObject.getString("session"));
                if (httpSession == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "session");
                }
                httpSessionsSite2.removeHttpSession(httpSession);
                return ApiResponseElement.OK;
            case true:
                HttpSessionsSite httpSessionsSite3 = this.extension.getHttpSessionsSite(ApiUtils.getAuthority(jSONObject.getString("site")), false);
                if (httpSessionsSite3 == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "site");
                }
                String string = jSONObject.getString("session");
                for (HttpSession httpSession2 : httpSessionsSite3.getHttpSessions()) {
                    if (httpSession2.getName().equals(string)) {
                        httpSessionsSite3.setActiveSession(httpSession2);
                        return ApiResponseElement.OK;
                    }
                }
                throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "session");
            case true:
                HttpSessionsSite httpSessionsSite4 = this.extension.getHttpSessionsSite(ApiUtils.getAuthority(jSONObject.getString("site")), false);
                if (httpSessionsSite4 == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "site");
                }
                httpSessionsSite4.unsetActiveSession();
                return ApiResponseElement.OK;
            case true:
                this.extension.addHttpSessionToken(ApiUtils.getAuthority(jSONObject.getString("site")), jSONObject.getString(ACTION_PARAM_TOKEN_NAME));
                return ApiResponseElement.OK;
            case true:
                this.extension.removeHttpSessionToken(ApiUtils.getAuthority(jSONObject.getString("site")), jSONObject.getString(ACTION_PARAM_TOKEN_NAME));
                return ApiResponseElement.OK;
            case true:
                HttpSessionsSite httpSessionsSite5 = this.extension.getHttpSessionsSite(ApiUtils.getAuthority(jSONObject.getString("site")), false);
                if (httpSessionsSite5 == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "site");
                }
                HttpSession httpSession3 = httpSessionsSite5.getHttpSession(jSONObject.getString("session"));
                if (httpSession3 == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "session");
                }
                this.extension.addHttpSessionToken(ApiUtils.getAuthority(jSONObject.getString("site")), jSONObject.getString(ACTION_PARAM_TOKEN_NAME));
                httpSession3.setTokenValue(jSONObject.getString(ACTION_PARAM_TOKEN_NAME), new Cookie((String) null, jSONObject.getString(ACTION_PARAM_TOKEN_NAME), jSONObject.getString(ACTION_PARAM_TOKEN_VALUE)));
                return ApiResponseElement.OK;
            case true:
                HttpSessionsSite httpSessionsSite6 = this.extension.getHttpSessionsSite(ApiUtils.getAuthority(jSONObject.getString("site")), false);
                if (httpSessionsSite6 == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "site");
                }
                if (httpSessionsSite6.renameHttpSession(jSONObject.getString(ACTION_PARAM_SESSION_OLD_NAME), jSONObject.getString(ACTION_PARAM_SESSION_NEW_NAME))) {
                    return ApiResponseElement.OK;
                }
                throw new ApiException(ApiException.Type.INTERNAL_ERROR, Constant.messages.getString("httpsessions.api.error.rename"));
            case true:
                if (this.extension.getParam().addDefaultToken(jSONObject.getString(ACTION_PARAM_TOKEN_NAME), getParam(jSONObject, ACTION_PARAM_TOKEN_ENABLED, true))) {
                    return ApiResponseElement.OK;
                }
                throw new ApiException(ApiException.Type.ALREADY_EXISTS, ACTION_PARAM_TOKEN_NAME);
            case true:
                if (this.extension.getParam().setDefaultTokenEnabled(jSONObject.getString(ACTION_PARAM_TOKEN_NAME), jSONObject.getBoolean(ACTION_PARAM_TOKEN_ENABLED))) {
                    return ApiResponseElement.OK;
                }
                throw new ApiException(ApiException.Type.DOES_NOT_EXIST, ACTION_PARAM_TOKEN_NAME);
            case true:
                if (this.extension.getParam().removeDefaultToken(jSONObject.getString(ACTION_PARAM_TOKEN_NAME))) {
                    return ApiResponseElement.OK;
                }
                throw new ApiException(ApiException.Type.DOES_NOT_EXIST, ACTION_PARAM_TOKEN_NAME);
            default:
                throw new ApiException(ApiException.Type.BAD_ACTION);
        }
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public ApiResponse handleApiView(String str, JSONObject jSONObject) throws ApiException {
        Set<String> tokensSet;
        if (log.isDebugEnabled()) {
            log.debug("Request for handleApiView: " + str + " (params: " + jSONObject.toString() + ")");
        }
        boolean z = -1;
        switch (str.hashCode()) {
            case -118281264:
                if (str.equals(VIEW_SESSION_TOKENS)) {
                    z = 3;
                    break;
                }
                break;
            case 54163215:
                if (str.equals(VIEW_DEFAULT_SESSION_TOKENS)) {
                    z = 4;
                    break;
                }
                break;
            case 109447692:
                if (str.equals(VIEW_SITES)) {
                    z = false;
                    break;
                }
                break;
            case 805554352:
                if (str.equals(VIEW_ACTIVE_SESSION)) {
                    z = 2;
                    break;
                }
                break;
            case 1405079709:
                if (str.equals(VIEW_SESSIONS)) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                ApiResponseList apiResponseList = new ApiResponseList(str);
                Iterator<String> it = this.extension.getSites().iterator();
                while (it.hasNext()) {
                    apiResponseList.addItem(new ApiResponseElement("site", it.next()));
                }
                return apiResponseList;
            case true:
                HttpSessionsSite httpSessionsSite = this.extension.getHttpSessionsSite(ApiUtils.getAuthority(jSONObject.getString("site")), false);
                if (httpSessionsSite == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "site");
                }
                ApiResponseList apiResponseList2 = new ApiResponseList(str);
                String param = getParam(jSONObject, "session", Constant.USER_AGENT);
                if (param == null || param.isEmpty()) {
                    Set<HttpSession> httpSessions = httpSessionsSite.getHttpSessions();
                    if (log.isDebugEnabled()) {
                        log.debug("API View for sessions for " + ApiUtils.getAuthority(jSONObject.getString("site")) + ": " + httpSessionsSite);
                    }
                    for (HttpSession httpSession : httpSessions) {
                        if (httpSession.getTokenValuesUnmodifiableMap().size() > 0) {
                            apiResponseList2.addItem(createSessionResponse(httpSession));
                        }
                    }
                } else {
                    HttpSession httpSession2 = httpSessionsSite.getHttpSession(param);
                    if (httpSession2 != null) {
                        apiResponseList2.addItem(createSessionResponse(httpSession2));
                    }
                }
                return apiResponseList2;
            case true:
                HttpSessionsSite httpSessionsSite2 = this.extension.getHttpSessionsSite(ApiUtils.getAuthority(jSONObject.getString("site")), false);
                if (httpSessionsSite2 == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "site");
                }
                if (log.isDebugEnabled()) {
                    log.debug("API View for active session for " + ApiUtils.getAuthority(jSONObject.getString("site")) + ": " + httpSessionsSite2);
                }
                return httpSessionsSite2.getActiveSession() != null ? new ApiResponseElement("active_session", httpSessionsSite2.getActiveSession().getName()) : new ApiResponseElement("active_session", Constant.USER_AGENT);
            case true:
                String authority = ApiUtils.getAuthority(jSONObject.getString("site"));
                if (this.extension.getHttpSessionsSite(authority, false) == null) {
                    throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, "site");
                }
                HttpSessionTokensSet httpSessionTokensSet = this.extension.getHttpSessionTokensSet(authority);
                ApiResponseList apiResponseList3 = new ApiResponseList("session_tokens");
                if (httpSessionTokensSet != null && (tokensSet = httpSessionTokensSet.getTokensSet()) != null) {
                    Iterator<String> it2 = tokensSet.iterator();
                    while (it2.hasNext()) {
                        apiResponseList3.addItem(new ApiResponseElement("token", it2.next()));
                    }
                }
                return apiResponseList3;
            case true:
                ApiResponseList apiResponseList4 = new ApiResponseList(str);
                for (HttpSessionToken httpSessionToken : this.extension.getParam().getDefaultTokens()) {
                    HashMap hashMap = new HashMap();
                    hashMap.put(AlertEventPublisher.NAME, httpSessionToken.getName());
                    hashMap.put("enabled", Boolean.valueOf(httpSessionToken.isEnabled()));
                    apiResponseList4.addItem(new ApiResponseSet("token", hashMap));
                }
                return apiResponseList4;
            default:
                throw new ApiException(ApiException.Type.BAD_VIEW);
        }
    }

    private ApiResponseList createSessionResponse(HttpSession httpSession) {
        ApiResponseList apiResponseList = new ApiResponseList("session");
        apiResponseList.addItem(new ApiResponseElement(AlertEventPublisher.NAME, httpSession.getName()));
        apiResponseList.addItem(new TokenValuesResponseSet(httpSession.getTokenValuesUnmodifiableMap()));
        apiResponseList.addItem(new ApiResponseElement("messages_matched", Integer.toString(httpSession.getMessagesMatched())));
        return apiResponseList;
    }
}
