package org.zaproxy.zap.extension.anticsrf;

import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import net.htmlparser.jericho.Element;
import net.htmlparser.jericho.Source;
import org.apache.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.control.Control;
import org.parosproxy.paros.db.DatabaseException;
import org.parosproxy.paros.extension.ExtensionAdaptor;
import org.parosproxy.paros.extension.ExtensionHook;
import org.parosproxy.paros.extension.SessionChangedListener;
import org.parosproxy.paros.extension.encoder.Encoder;
import org.parosproxy.paros.extension.history.ExtensionHistory;
import org.parosproxy.paros.extension.history.HistoryFilter;
import org.parosproxy.paros.model.HistoryReference;
import org.parosproxy.paros.model.Model;
import org.parosproxy.paros.model.Session;
import org.parosproxy.paros.network.HtmlParameter;
import org.parosproxy.paros.network.HttpMalformedHeaderException;
import org.parosproxy.paros.network.HttpMessage;
import org.zaproxy.zap.extension.api.API;
import org.zaproxy.zap.extension.pscan.ExtensionPassiveScan;

/* loaded from: input_file:WEB-INF/lib/zap-2.4.0.jar:org/zaproxy/zap/extension/anticsrf/ExtensionAntiCSRF.class */
public class ExtensionAntiCSRF extends ExtensionAdaptor implements SessionChangedListener {
    public static final String NAME = "ExtensionAntiCSRF";
    public static final String TAG = "AntiCSRF";
    private Map<String, AntiCsrfToken> valueToToken = new HashMap();
    private Map<String, AntiCsrfToken> urlToToken = new HashMap();
    private OptionsAntiCsrfPanel optionsAntiCsrfPanel = null;
    private PopupMenuGenerateForm popupMenuGenerateForm = null;
    private Encoder encoder = new Encoder();
    private static Logger log = Logger.getLogger(ExtensionAntiCSRF.class);
    private AntiCsrfDetectScanner antiCsrfDetectScanner;
    private HistoryReferenceFactory historyReferenceFactory;

    /* loaded from: input_file:WEB-INF/lib/zap-2.4.0.jar:org/zaproxy/zap/extension/anticsrf/ExtensionAntiCSRF$HistoryReferenceFactory.class */
    private interface HistoryReferenceFactory {
        HistoryReference createHistoryReference(int i) throws DatabaseException, HttpMalformedHeaderException;
    }

    public ExtensionAntiCSRF() {
        initialize();
    }

    private void initialize() {
        setName(NAME);
        setOrder(50);
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public void init() {
        this.antiCsrfDetectScanner = new AntiCsrfDetectScanner(this);
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public void hook(ExtensionHook extensionHook) {
        super.hook(extensionHook);
        final ExtensionHistory extensionHistory = (ExtensionHistory) Control.getSingleton().getExtensionLoader().getExtension(ExtensionHistory.NAME);
        if (extensionHistory != null) {
            this.historyReferenceFactory = new HistoryReferenceFactory() { // from class: org.zaproxy.zap.extension.anticsrf.ExtensionAntiCSRF.1
                @Override // org.zaproxy.zap.extension.anticsrf.ExtensionAntiCSRF.HistoryReferenceFactory
                public HistoryReference createHistoryReference(int i) {
                    return extensionHistory.getHistoryReference(i);
                }
            };
        } else {
            this.historyReferenceFactory = new HistoryReferenceFactory() { // from class: org.zaproxy.zap.extension.anticsrf.ExtensionAntiCSRF.2
                @Override // org.zaproxy.zap.extension.anticsrf.ExtensionAntiCSRF.HistoryReferenceFactory
                public HistoryReference createHistoryReference(int i) throws HttpMalformedHeaderException, DatabaseException {
                    return new HistoryReference(i);
                }
            };
        }
        extensionHook.addSessionListener(this);
        if (getView() != null) {
            extensionHook.getHookView().addOptionPanel(getOptionsAntiCsrfPanel());
            extensionHook.getHookMenu().addPopupMenuItem(getPopupMenuGenerateForm());
        }
        ExtensionPassiveScan extensionPassiveScan = (ExtensionPassiveScan) Control.getSingleton().getExtensionLoader().getExtension(ExtensionPassiveScan.NAME);
        if (extensionPassiveScan != null) {
            extensionPassiveScan.addPassiveScanner(this.antiCsrfDetectScanner);
        }
        AntiCsrfAPI antiCsrfAPI = new AntiCsrfAPI(this);
        antiCsrfAPI.addApiOptions(getParam());
        API.getInstance().registerApiImplementor(antiCsrfAPI);
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public void unload() {
        ExtensionPassiveScan extensionPassiveScan = (ExtensionPassiveScan) Control.getSingleton().getExtensionLoader().getExtension(ExtensionPassiveScan.NAME);
        if (extensionPassiveScan != null) {
            extensionPassiveScan.removePassiveScanner(this.antiCsrfDetectScanner);
        }
        super.unload();
    }

    private PopupMenuGenerateForm getPopupMenuGenerateForm() {
        if (this.popupMenuGenerateForm == null) {
            this.popupMenuGenerateForm = new PopupMenuGenerateForm(Constant.messages.getString("anticsrf.genForm.popup"));
        }
        return this.popupMenuGenerateForm;
    }

    private OptionsAntiCsrfPanel getOptionsAntiCsrfPanel() {
        if (this.optionsAntiCsrfPanel == null) {
            this.optionsAntiCsrfPanel = new OptionsAntiCsrfPanel();
        }
        return this.optionsAntiCsrfPanel;
    }

    protected AntiCsrfParam getParam() {
        return Model.getSingleton().getOptionsParam().getAntiCsrfParam();
    }

    public List<String> getAntiCsrfTokenNames() {
        return getParam().getTokensNames();
    }

    public void addAntiCsrfTokenName(String str) {
        getParam().addToken(str);
    }

    public void removeAntiCsrfTokenName(String str) {
        getParam().removeToken(str);
    }

    public void registerAntiCsrfToken(AntiCsrfToken antiCsrfToken) {
        log.debug("registerAntiCsrfToken " + antiCsrfToken.getMsg().getRequestHeader().getURI().toString() + " " + antiCsrfToken.getValue());
        synchronized (this.valueToToken) {
            this.valueToToken.put(this.encoder.getURLEncode(antiCsrfToken.getValue()), antiCsrfToken);
        }
        this.urlToToken.put(antiCsrfToken.getMsg().getRequestHeader().getURI().toString(), antiCsrfToken);
    }

    public boolean requestHasToken(HttpMessage httpMessage) {
        return requestHasToken(httpMessage.getRequestBody().toString());
    }

    public boolean requestHasToken(String str) {
        Set unmodifiableSet;
        synchronized (this.valueToToken) {
            unmodifiableSet = Collections.unmodifiableSet(new HashSet(this.valueToToken.keySet()));
        }
        Iterator it = unmodifiableSet.iterator();
        while (it.hasNext()) {
            if (str.indexOf((String) it.next()) >= 0) {
                return true;
            }
        }
        return false;
    }

    public List<AntiCsrfToken> getTokens(HttpMessage httpMessage) {
        return getTokens(httpMessage.getRequestBody().toString(), httpMessage.getRequestHeader().getURI().toString());
    }

    private List<AntiCsrfToken> getTokens(String str, String str2) {
        Set<String> unmodifiableSet;
        ArrayList arrayList = new ArrayList();
        synchronized (this.valueToToken) {
            unmodifiableSet = Collections.unmodifiableSet(new HashSet(this.valueToToken.keySet()));
        }
        for (String str3 : unmodifiableSet) {
            if (str.indexOf(str3) >= 0) {
                AntiCsrfToken m452clone = this.valueToToken.get(str3).m452clone();
                m452clone.setTargetURL(str2);
                arrayList.add(m452clone);
            }
        }
        return arrayList;
    }

    public String getTokenValue(HttpMessage httpMessage, String str) {
        List allElements = new Source(httpMessage.getResponseHeader().toString() + httpMessage.getResponseBody().toString()).getAllElements("form");
        if (allElements == null || allElements.size() <= 0) {
            return null;
        }
        Iterator it = allElements.iterator();
        while (it.hasNext()) {
            List<Element> allElements2 = ((Element) it.next()).getAllElements("input");
            if (allElements2 != null && allElements2.size() > 0) {
                for (Element element : allElements2) {
                    String attributeValue = element.getAttributeValue("ID");
                    if (attributeValue != null && attributeValue.equalsIgnoreCase(str)) {
                        return element.getAttributeValue("VALUE");
                    }
                    String attributeValue2 = element.getAttributeValue("NAME");
                    if (attributeValue2 != null && attributeValue2.equalsIgnoreCase(str)) {
                        return element.getAttributeValue("VALUE");
                    }
                }
            }
        }
        return null;
    }

    public List<AntiCsrfToken> getTokensFromResponse(HttpMessage httpMessage, Source source) {
        String attributeValue;
        ArrayList arrayList = new ArrayList();
        List allElements = source.getAllElements("form");
        if (allElements != null && allElements.size() > 0) {
            log.debug("Found " + allElements.size() + " forms");
            int i = 0;
            Iterator it = allElements.iterator();
            while (it.hasNext()) {
                List<Element> allElements2 = ((Element) it.next()).getAllElements("input");
                if (allElements2 != null && allElements2.size() > 0) {
                    log.debug("Found " + allElements2.size() + " inputs");
                    for (Element element : allElements2) {
                        String attributeValue2 = element.getAttributeValue("VALUE");
                        if (attributeValue2 != null) {
                            String attributeValue3 = element.getAttributeValue("ID");
                            boolean z = false;
                            if (attributeValue3 != null) {
                                Iterator<String> it2 = getAntiCsrfTokenNames().iterator();
                                while (true) {
                                    if (!it2.hasNext()) {
                                        break;
                                    }
                                    if (it2.next().equalsIgnoreCase(attributeValue3)) {
                                        arrayList.add(new AntiCsrfToken(httpMessage, attributeValue3, attributeValue2, i));
                                        z = true;
                                        break;
                                    }
                                }
                            }
                            if (!z && (attributeValue = element.getAttributeValue("NAME")) != null) {
                                Iterator<String> it3 = getAntiCsrfTokenNames().iterator();
                                while (true) {
                                    if (!it3.hasNext()) {
                                        break;
                                    }
                                    if (it3.next().equalsIgnoreCase(attributeValue)) {
                                        arrayList.add(new AntiCsrfToken(httpMessage, attributeValue, attributeValue2, i));
                                        break;
                                    }
                                }
                            }
                        }
                    }
                }
                i++;
            }
        }
        return arrayList;
    }

    @Override // org.parosproxy.paros.extension.SessionChangedListener
    public void sessionChanged(Session session) {
        if (session == null) {
            return;
        }
        synchronized (this.valueToToken) {
            this.valueToToken = new HashMap();
        }
        this.urlToToken = new HashMap();
        try {
            List<Integer> historyIdsOfHistType = getModel().getDb().getTableHistory().getHistoryIdsOfHistType(session.getSessionId(), 1, 15);
            HistoryFilter historyFilter = new HistoryFilter();
            historyFilter.setTags(Arrays.asList(TAG));
            AntiCsrfDetectScanner antiCsrfDetectScanner = new AntiCsrfDetectScanner(this);
            Iterator<Integer> it = historyIdsOfHistType.iterator();
            while (it.hasNext()) {
                HistoryReference createHistoryReference = this.historyReferenceFactory.createHistoryReference(it.next().intValue());
                if (historyFilter.matches(createHistoryReference)) {
                    HttpMessage httpMessage = createHistoryReference.getHttpMessage();
                    Source source = new Source(httpMessage.getResponseHeader().toString() + httpMessage.getResponseBody().toString());
                    if (httpMessage.isResponseFromTargetHost()) {
                        antiCsrfDetectScanner.scanHttpResponseReceive(httpMessage, createHistoryReference.getHistoryId(), source);
                    }
                }
            }
        } catch (DatabaseException | HttpMalformedHeaderException e) {
            log.error(e.getMessage(), e);
        }
    }

    public boolean isAntiCsrfToken(String str) {
        if (str == null) {
            return false;
        }
        return getParam().getTokensNames().contains(str.toLowerCase());
    }

    @Override // org.parosproxy.paros.extension.SessionChangedListener
    public void sessionAboutToChange(Session session) {
    }

    @Override // org.parosproxy.paros.extension.SessionChangedListener
    public void sessionScopeChanged(Session session) {
    }

    @Override // org.parosproxy.paros.extension.Extension
    public String getAuthor() {
        return Constant.ZAP_TEAM;
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public String getDescription() {
        return Constant.messages.getString("anticsrf.desc");
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public URL getURL() {
        try {
            return new URL(Constant.ZAP_HOMEPAGE);
        } catch (MalformedURLException e) {
            return null;
        }
    }

    @Override // org.parosproxy.paros.extension.SessionChangedListener
    public void sessionModeChanged(Control.Mode mode) {
    }

    public String generateForm(int i) throws Exception {
        HistoryReference historyReference;
        ExtensionHistory extensionHistory = (ExtensionHistory) Control.getSingleton().getExtensionLoader().getExtension(ExtensionHistory.NAME);
        if (extensionHistory == null || (historyReference = extensionHistory.getHistoryReference(i)) == null) {
            return null;
        }
        HttpMessage httpMessage = historyReference.getHttpMessage();
        StringBuilder sb = new StringBuilder(300);
        sb.append("<html>\n");
        sb.append("<body>\n");
        sb.append("<h3>");
        sb.append(httpMessage.getRequestHeader().getURI());
        sb.append("</h3>");
        sb.append("<form id=\"f1\" method=\"POST\" action=\"" + historyReference.getURI() + "\">\n");
        sb.append("<table>\n");
        Iterator<HtmlParameter> it = httpMessage.getFormParams().iterator();
        while (it.hasNext()) {
            HtmlParameter next = it.next();
            String decode = URLDecoder.decode(next.getName(), "UTF-8");
            String decode2 = URLDecoder.decode(next.getValue(), "UTF-8");
            sb.append("<tr><td>\n");
            sb.append(decode);
            sb.append("<td>");
            sb.append("<input name=\"");
            sb.append(decode);
            sb.append("\" value=\"");
            sb.append(decode2);
            sb.append("\" size=\"100\">");
            sb.append("</tr>\n");
        }
        sb.append("</table>\n");
        sb.append("</form>\n");
        sb.append("<button onclick=\"document.getElementById('f1').submit()\">Submit</button>\n");
        sb.append("</body>\n");
        sb.append("</html>\n");
        return sb.toString();
    }
}
