package org.zaproxy.zap.authentication;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.regex.Pattern;
import net.sf.json.JSON;
import net.sf.json.JSONObject;
import org.apache.commons.httpclient.URI;
import org.apache.commons.httpclient.URIException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.model.Model;
import org.parosproxy.paros.network.HttpHeader;
import org.parosproxy.paros.network.HttpMessage;
import org.parosproxy.paros.network.HttpRequestHeader;
import org.parosproxy.paros.network.HttpSender;
import org.parosproxy.paros.view.View;
import org.zaproxy.zap.extension.api.ApiResponse;
import org.zaproxy.zap.extension.api.ApiResponseSet;
import org.zaproxy.zap.model.SessionStructure;
import org.zaproxy.zap.session.SessionManagementMethod;
import org.zaproxy.zap.session.WebSession;
import org.zaproxy.zap.users.AuthenticationState;
import org.zaproxy.zap.users.User;
import org.zaproxy.zap.utils.Stats;

/* loaded from: input_file:org/zaproxy/zap/authentication/AuthenticationMethod.class */
public abstract class AuthenticationMethod {
    private static final Logger LOGGER = LogManager.getLogger(AuthenticationMethod.class);
    public static final String CONTEXT_CONFIG_AUTH = "context.authentication";
    public static final String CONTEXT_CONFIG_AUTH_TYPE = "context.authentication.type";
    public static final String CONTEXT_CONFIG_AUTH_STRATEGY = "context.authentication.strategy";
    public static final String CONTEXT_CONFIG_AUTH_POLL_URL = "context.authentication.pollurl";
    public static final String CONTEXT_CONFIG_AUTH_POLL_DATA = "context.authentication.polldata";
    public static final String CONTEXT_CONFIG_AUTH_POLL_HEADERS = "context.authentication.pollheaders";
    public static final String CONTEXT_CONFIG_AUTH_POLL_FREQ = "context.authentication.pollfreq";
    public static final String CONTEXT_CONFIG_AUTH_POLL_UNITS = "context.authentication.pollunits";
    public static final String CONTEXT_CONFIG_AUTH_LOGGEDIN = "context.authentication.loggedin";
    public static final String CONTEXT_CONFIG_AUTH_LOGGEDOUT = "context.authentication.loggedout";
    public static final String AUTH_STATE_ASSUMED_IN_STATS = "stats.auth.state.assumedin";
    public static final String AUTH_STATE_LOGGED_IN_STATS = "stats.auth.state.loggedin";
    public static final String AUTH_STATE_LOGGED_OUT_STATS = "stats.auth.state.loggedout";
    public static final String AUTH_STATE_NO_INDICATOR_STATS = "stats.auth.state.noindicator";
    public static final String AUTH_STATE_UNKNOWN_STATS = "stats.auth.state.unknown";
    public static final String TOKEN_PREFIX = "{%";
    public static final String TOKEN_POSTFIX = "%}";
    public static final int DEFAULT_POLL_FREQUENCY = 60;
    private String pollUrl;
    private String pollData;
    private String pollHeaders;
    private HttpSender httpSender;
    private AuthCheckingStrategy authCheckingStrategy = AuthCheckingStrategy.EACH_RESP;
    private int pollFrequency = 60;
    private AuthPollFrequencyUnits pollFrequencyUnits = AuthPollFrequencyUnits.REQUESTS;
    protected Pattern loggedInIndicatorPattern = null;
    protected Pattern loggedOutIndicatorPattern = null;

    /* loaded from: input_file:org/zaproxy/zap/authentication/AuthenticationMethod$AuthCheckingStrategy.class */
    public enum AuthCheckingStrategy {
        EACH_RESP,
        EACH_REQ,
        EACH_REQ_RESP,
        POLL_URL
    }

    /* loaded from: input_file:org/zaproxy/zap/authentication/AuthenticationMethod$AuthMethodApiResponseRepresentation.class */
    static class AuthMethodApiResponseRepresentation<T> extends ApiResponseSet<T> {
        public AuthMethodApiResponseRepresentation(Map<String, T> map) {
            super("method", map);
        }

        @Override // org.zaproxy.zap.extension.api.ApiResponseSet, org.zaproxy.zap.extension.api.ApiResponse
        public JSON toJSON() {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(getName(), super.toJSON());
            return jSONObject;
        }
    }

    /* loaded from: input_file:org/zaproxy/zap/authentication/AuthenticationMethod$AuthPollFrequencyUnits.class */
    public enum AuthPollFrequencyUnits {
        REQUESTS,
        SECONDS
    }

    /* loaded from: input_file:org/zaproxy/zap/authentication/AuthenticationMethod$UnsupportedAuthenticationCredentialsException.class */
    public static class UnsupportedAuthenticationCredentialsException extends RuntimeException {
        private static final long serialVersionUID = 4802501809913124766L;

        public UnsupportedAuthenticationCredentialsException(String str) {
            super(str);
        }
    }

    public abstract boolean isConfigured();

    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public AuthenticationMethod m141clone() {
        AuthenticationMethod duplicate = duplicate();
        duplicate.authCheckingStrategy = this.authCheckingStrategy;
        duplicate.pollUrl = this.pollUrl;
        duplicate.pollData = this.pollData;
        duplicate.pollHeaders = this.pollHeaders;
        duplicate.pollFrequency = this.pollFrequency;
        duplicate.pollFrequencyUnits = this.pollFrequencyUnits;
        duplicate.loggedInIndicatorPattern = this.loggedInIndicatorPattern;
        duplicate.loggedOutIndicatorPattern = this.loggedOutIndicatorPattern;
        return duplicate;
    }

    protected abstract AuthenticationMethod duplicate();

    public boolean validateCreationOfAuthenticationCredentials() {
        return true;
    }

    public abstract AuthenticationCredentials createAuthenticationCredentials();

    public abstract AuthenticationMethodType getType();

    public abstract WebSession authenticate(SessionManagementMethod sessionManagementMethod, AuthenticationCredentials authenticationCredentials, User user) throws UnsupportedAuthenticationCredentialsException;

    public abstract ApiResponse getApiResponseRepresentation();

    public abstract void replaceUserDataInPollRequest(HttpMessage httpMessage, User user);

    public void onMethodPersisted() {
    }

    public void onMethodDiscarded() {
    }

    private HttpSender getHttpSender() {
        if (this.httpSender == null) {
            this.httpSender = new HttpSender(Model.getSingleton().getOptionsParam().getConnectionParam(), true, 15);
        }
        return this.httpSender;
    }

    @Deprecated
    public boolean isAuthenticated(HttpMessage httpMessage) {
        return isAuthenticated(httpMessage, null, false);
    }

    public boolean isAuthenticated(HttpMessage httpMessage, User user) {
        return isAuthenticated(httpMessage, user, false);
    }

    public boolean isAuthenticated(HttpMessage httpMessage, User user, boolean z) {
        HttpMessage pollAsUser;
        if (httpMessage == null || user == null) {
            return false;
        }
        AuthenticationState authenticationState = user.getAuthenticationState();
        if (this.loggedInIndicatorPattern == null && this.loggedOutIndicatorPattern == null) {
            try {
                Stats.incCounter(SessionStructure.getHostName(httpMessage), AUTH_STATE_NO_INDICATOR_STATS);
            } catch (URIException e) {
            }
            if (!View.isInitialised()) {
                return true;
            }
            View.getSingleton().getOutputPanel().append(Constant.messages.getString("authentication.output.indicatorsNotSet", httpMessage.getRequestHeader().getURI()) + HttpHeader.LF);
            return true;
        }
        switch (this.authCheckingStrategy) {
            case EACH_REQ:
            case EACH_REQ_RESP:
            case EACH_RESP:
                pollAsUser = httpMessage;
                break;
            case POLL_URL:
                if (!z && authenticationState.getLastPollResult() != null && authenticationState.getLastPollResult().booleanValue()) {
                    switch (this.pollFrequencyUnits) {
                        case SECONDS:
                            if ((System.currentTimeMillis() - authenticationState.getLastPollTime()) / 1000 < this.pollFrequency) {
                                try {
                                    Stats.incCounter(SessionStructure.getHostName(httpMessage), AUTH_STATE_ASSUMED_IN_STATS);
                                    return true;
                                } catch (URIException e2) {
                                    return true;
                                }
                            }
                            break;
                        case REQUESTS:
                        default:
                            if (authenticationState.getRequestsSincePoll() < this.pollFrequency) {
                                authenticationState.incRequestsSincePoll();
                                try {
                                    Stats.incCounter(SessionStructure.getHostName(httpMessage), AUTH_STATE_ASSUMED_IN_STATS);
                                    return true;
                                } catch (URIException e3) {
                                    return true;
                                }
                            }
                            break;
                    }
                }
                try {
                    pollAsUser = pollAsUser(user);
                    break;
                } catch (Exception e4) {
                    LOGGER.warn("Failed sending poll request to " + getPollUrl(), e4);
                    return false;
                }
                break;
            default:
                return false;
        }
        return evaluateAuthRequest(pollAsUser, authenticationState);
    }

    public boolean evaluateAuthRequest(HttpMessage httpMessage, AuthenticationState authenticationState) {
        ArrayList arrayList = new ArrayList();
        switch (this.authCheckingStrategy) {
            case EACH_REQ:
                arrayList.add(httpMessage.getRequestHeader().toString());
                arrayList.add(httpMessage.getRequestBody().toString());
                break;
            case EACH_REQ_RESP:
                arrayList.add(httpMessage.getRequestHeader().toString());
                arrayList.add(httpMessage.getRequestBody().toString());
                arrayList.add(httpMessage.getResponseHeader().toString());
                arrayList.add(httpMessage.getResponseBody().toString());
                break;
            case EACH_RESP:
            case POLL_URL:
                arrayList.add(httpMessage.getResponseHeader().toString());
                arrayList.add(httpMessage.getResponseBody().toString());
                break;
        }
        if (patternMatchesAny(this.loggedInIndicatorPattern, arrayList)) {
            try {
                Stats.incCounter(SessionStructure.getHostName(httpMessage), AUTH_STATE_LOGGED_IN_STATS);
            } catch (URIException e) {
            }
            if (!this.authCheckingStrategy.equals(AuthCheckingStrategy.POLL_URL)) {
                return true;
            }
            authenticationState.setLastPollResult(true);
            return true;
        }
        if (this.loggedOutIndicatorPattern == null || patternMatchesAny(this.loggedOutIndicatorPattern, arrayList)) {
            try {
                Stats.incCounter(SessionStructure.getHostName(httpMessage), AUTH_STATE_LOGGED_OUT_STATS);
            } catch (URIException e2) {
            }
            if (!this.authCheckingStrategy.equals(AuthCheckingStrategy.POLL_URL)) {
                return false;
            }
            authenticationState.setLastPollResult(false);
            return false;
        }
        try {
            Stats.incCounter(SessionStructure.getHostName(httpMessage), AUTH_STATE_UNKNOWN_STATS);
        } catch (URIException e3) {
        }
        if (!this.authCheckingStrategy.equals(AuthCheckingStrategy.POLL_URL)) {
            return true;
        }
        authenticationState.setLastPollResult(true);
        return true;
    }

    public HttpMessage pollAsUser(User user) throws IOException {
        if (!this.authCheckingStrategy.equals(AuthCheckingStrategy.POLL_URL)) {
            throw new IllegalArgumentException("Authentication checking strategy is not POLL_URL");
        }
        HttpMessage httpMessage = new HttpMessage(new URI(getPollUrl(), true));
        if (getPollData() != null && getPollData().length() > 0) {
            httpMessage.getRequestHeader().setMethod(HttpRequestHeader.POST);
            httpMessage.getRequestBody().setBody(getPollData());
            httpMessage.getRequestHeader().setContentLength(httpMessage.getRequestBody().length());
        }
        if (getPollHeaders() != null && getPollHeaders().length() > 0) {
            for (String str : getPollHeaders().split(HttpHeader.LF)) {
                String[] split = str.split(":");
                if (split.length == 2) {
                    httpMessage.getRequestHeader().addHeader(split[0].trim(), split[1].trim());
                } else {
                    LOGGER.error("Invalid header '" + str + "' for poll request to " + getPollUrl());
                }
            }
        }
        httpMessage.setRequestingUser(user);
        replaceUserDataInPollRequest(httpMessage, user);
        getHttpSender().sendAndReceive(httpMessage);
        AuthenticationHelper.addAuthMessageToHistory(httpMessage);
        AuthenticationState authenticationState = user.getAuthenticationState();
        authenticationState.setLastPollTime(System.currentTimeMillis());
        authenticationState.setRequestsSincePoll(0);
        return httpMessage;
    }

    private static boolean patternMatchesAny(Pattern pattern, List<String> list) {
        if (pattern == null) {
            return false;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (pattern.matcher(it.next()).find()) {
                return true;
            }
        }
        return false;
    }

    public Pattern getLoggedInIndicatorPattern() {
        return this.loggedInIndicatorPattern;
    }

    public void setLoggedInIndicatorPattern(String str) {
        if (str == null || str.trim().length() == 0) {
            this.loggedInIndicatorPattern = null;
        } else {
            this.loggedInIndicatorPattern = Pattern.compile(str);
        }
    }

    public Pattern getLoggedOutIndicatorPattern() {
        return this.loggedOutIndicatorPattern;
    }

    public void setLoggedOutIndicatorPattern(String str) {
        if (str == null || str.trim().length() == 0) {
            this.loggedOutIndicatorPattern = null;
        } else {
            this.loggedOutIndicatorPattern = Pattern.compile(str);
        }
    }

    public AuthCheckingStrategy getAuthCheckingStrategy() {
        return this.authCheckingStrategy;
    }

    public void setAuthCheckingStrategy(AuthCheckingStrategy authCheckingStrategy) {
        Objects.requireNonNull(authCheckingStrategy);
        this.authCheckingStrategy = authCheckingStrategy;
    }

    public String getPollUrl() {
        return this.pollUrl;
    }

    public void setPollUrl(String str) {
        this.pollUrl = str;
    }

    public String getPollData() {
        return this.pollData;
    }

    public void setPollData(String str) {
        this.pollData = str;
    }

    public String getPollHeaders() {
        return this.pollHeaders;
    }

    public void setPollHeaders(String str) {
        this.pollHeaders = str;
    }

    public int getPollFrequency() {
        return this.pollFrequency;
    }

    public void setPollFrequency(int i) {
        this.pollFrequency = i;
    }

    public AuthPollFrequencyUnits getPollFrequencyUnits() {
        return this.pollFrequencyUnits;
    }

    public void setPollFrequencyUnits(AuthPollFrequencyUnits authPollFrequencyUnits) {
        this.pollFrequencyUnits = authPollFrequencyUnits;
    }

    public boolean isSameType(AuthenticationMethod authenticationMethod) {
        if (authenticationMethod == null) {
            return false;
        }
        return authenticationMethod.getClass().equals(getClass());
    }

    public int hashCode() {
        return (31 * ((31 * 1) + (this.loggedInIndicatorPattern == null ? 0 : this.loggedInIndicatorPattern.pattern().hashCode()))) + (this.loggedOutIndicatorPattern == null ? 0 : this.loggedOutIndicatorPattern.pattern().hashCode());
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        AuthenticationMethod authenticationMethod = (AuthenticationMethod) obj;
        return isSamePattern(this.loggedInIndicatorPattern, authenticationMethod.loggedInIndicatorPattern) && isSamePattern(this.loggedOutIndicatorPattern, authenticationMethod.loggedOutIndicatorPattern) && this.authCheckingStrategy.equals(authenticationMethod.authCheckingStrategy) && Objects.equals(this.pollUrl, authenticationMethod.pollUrl) && Objects.equals(this.pollData, authenticationMethod.pollData) && Objects.equals(this.pollHeaders, authenticationMethod.pollHeaders) && this.pollFrequency == authenticationMethod.pollFrequency && this.pollFrequencyUnits.equals(authenticationMethod.pollFrequencyUnits);
    }

    private static boolean isSamePattern(Pattern pattern, Pattern pattern2) {
        return pattern == null ? pattern2 == null : pattern2 != null && pattern.pattern().equals(pattern2.pattern());
    }
}
