package org.zaproxy.zap.extension.ascan;

import java.util.Collections;
import java.util.Iterator;
import java.util.Map;
import java.util.TreeMap;
import org.apache.commons.httpclient.URIException;
import org.apache.log4j.Logger;
import org.parosproxy.paros.db.DatabaseException;
import org.parosproxy.paros.model.HistoryReference;
import org.parosproxy.paros.model.Model;
import org.parosproxy.paros.network.HttpHeader;
import org.parosproxy.paros.network.HttpMalformedHeaderException;
import org.parosproxy.paros.network.HttpMessage;
import org.zaproxy.zap.extension.api.ApiException;
import org.zaproxy.zap.extension.api.ApiImplementor;

/* loaded from: input_file:WEB-INF/lib/zap-2.4.0.jar:org/zaproxy/zap/extension/ascan/ChallengeCallbackAPI.class */
public abstract class ChallengeCallbackAPI extends ApiImplementor {
    private static final String API_RESPONSE_KO = "ko";
    private static final String API_RESPONSE_OK = "ok";
    private static final long CALLBACK_EXPIRE_TIME = 120000;
    private static final Logger logger = Logger.getLogger(ChallengeCallbackAPI.class);
    private final Map<String, RegisteredCallback> regCallbacks = Collections.synchronizedMap(new TreeMap());

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/zap-2.4.0.jar:org/zaproxy/zap/extension/ascan/ChallengeCallbackAPI$RegisteredCallback.class */
    public static class RegisteredCallback {
        private final ChallengeCallbackPlugin plugin;
        private HistoryReference hRef;
        private long timeStamp = System.currentTimeMillis();

        public RegisteredCallback(ChallengeCallbackPlugin challengeCallbackPlugin, HttpMessage httpMessage) {
            this.plugin = challengeCallbackPlugin;
            try {
                this.hRef = new HistoryReference(Model.getSingleton().getSession(), 0, httpMessage);
            } catch (DatabaseException | HttpMalformedHeaderException e) {
            }
        }

        public ChallengeCallbackPlugin getPlugin() {
            return this.plugin;
        }

        public HttpMessage getAttackMessage() {
            try {
                if (this.hRef != null) {
                    return this.hRef.getHttpMessage();
                }
                return null;
            } catch (DatabaseException | HttpMalformedHeaderException e) {
                return null;
            }
        }

        public long getTimestamp() {
            return this.timeStamp;
        }
    }

    public ChallengeCallbackAPI() {
        addApiShortcut(getPrefix());
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public abstract String getPrefix();

    public void cleanExpiredCallbacks() {
        long currentTimeMillis = System.currentTimeMillis();
        synchronized (this.regCallbacks) {
            Iterator<Map.Entry<String, RegisteredCallback>> it = this.regCallbacks.entrySet().iterator();
            while (it.hasNext()) {
                if (currentTimeMillis - it.next().getValue().getTimestamp() > CALLBACK_EXPIRE_TIME) {
                    it.remove();
                }
            }
        }
    }

    public String getCallbackUrl(String str) {
        return HttpHeader.SCHEME_HTTP + Model.getSingleton().getOptionsParam().getProxyParam().getProxyIp() + ":" + Model.getSingleton().getOptionsParam().getProxyParam().getProxyPort() + "/" + getPrefix() + "/" + str;
    }

    @Override // org.zaproxy.zap.extension.api.ApiImplementor
    public HttpMessage handleShortcut(HttpMessage httpMessage) throws ApiException {
        String str;
        try {
            String path = httpMessage.getRequestHeader().getURI().getPath();
            String substring = path.substring(path.indexOf(getPrefix()) + getPrefix().length() + 1);
            if (substring.charAt(substring.length() - 1) == '/') {
                substring = substring.substring(0, substring.length() - 1);
            }
            RegisteredCallback registeredCallback = this.regCallbacks.get(substring);
            if (registeredCallback != null) {
                registeredCallback.getPlugin().notifyCallback(substring, registeredCallback.getAttackMessage());
                str = API_RESPONSE_OK;
                this.regCallbacks.remove(substring);
            } else {
                str = API_RESPONSE_KO;
                cleanExpiredCallbacks();
            }
            httpMessage.setResponseHeader("HTTP/1.1 200 OK\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET,POST,OPTIONS\r\nAccess-Control-Allow-Headers: ZAP-Header\r\nContent-Length: " + str.length() + "\r\nContent-Type: text/html;");
            httpMessage.setResponseBody(str);
        } catch (URIException | HttpMalformedHeaderException e) {
            logger.warn(e.getMessage(), e);
        }
        return httpMessage;
    }

    public void registerCallback(String str, ChallengeCallbackPlugin challengeCallbackPlugin, HttpMessage httpMessage) {
        cleanExpiredCallbacks();
        this.regCallbacks.put(str, new RegisteredCallback(challengeCallbackPlugin, httpMessage));
    }
}
