package org.zaproxy.zap.authentication;

import java.awt.BorderLayout;
import java.awt.Component;
import java.awt.GridBagLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.script.ScriptException;
import javax.swing.DefaultComboBoxModel;
import javax.swing.ImageIcon;
import javax.swing.JButton;
import javax.swing.JComboBox;
import javax.swing.JLabel;
import javax.swing.JList;
import javax.swing.JOptionPane;
import javax.swing.JPanel;
import javax.swing.border.Border;
import javax.swing.border.EmptyBorder;
import javax.swing.plaf.basic.BasicComboBoxRenderer;
import net.sf.json.JSONObject;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.exception.ExceptionUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.util.Supplier;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.control.Control;
import org.parosproxy.paros.db.DatabaseException;
import org.parosproxy.paros.extension.ExtensionHook;
import org.parosproxy.paros.model.Model;
import org.parosproxy.paros.model.Session;
import org.parosproxy.paros.network.HttpHeader;
import org.parosproxy.paros.network.HttpMessage;
import org.parosproxy.paros.network.HttpSender;
import org.parosproxy.paros.view.View;
import org.zaproxy.zap.ZAP;
import org.zaproxy.zap.authentication.AuthenticationMethod;
import org.zaproxy.zap.authentication.AuthenticationMethodType;
import org.zaproxy.zap.authentication.GenericAuthenticationCredentials;
import org.zaproxy.zap.extension.api.ApiDynamicActionImplementor;
import org.zaproxy.zap.extension.api.ApiException;
import org.zaproxy.zap.extension.api.ApiResponse;
import org.zaproxy.zap.extension.script.ExtensionScript;
import org.zaproxy.zap.extension.script.ScriptType;
import org.zaproxy.zap.extension.script.ScriptWrapper;
import org.zaproxy.zap.model.Context;
import org.zaproxy.zap.session.SessionManagementMethod;
import org.zaproxy.zap.session.WebSession;
import org.zaproxy.zap.users.User;
import org.zaproxy.zap.utils.ApiUtils;
import org.zaproxy.zap.utils.EncodingUtils;
import org.zaproxy.zap.utils.HirshbergMatcher;
import org.zaproxy.zap.view.DynamicFieldsPanel;
import org.zaproxy.zap.view.LayoutHelper;

/* loaded from: input_file:org/zaproxy/zap/authentication/ScriptBasedAuthenticationMethodType.class */
public class ScriptBasedAuthenticationMethodType extends AuthenticationMethodType {
    public static final String CONTEXT_CONFIG_AUTH_SCRIPT = "context.authentication.script";
    public static final String CONTEXT_CONFIG_AUTH_SCRIPT_NAME = "context.authentication.script.name";
    public static final String CONTEXT_CONFIG_AUTH_SCRIPT_PARAMS = "context.authentication.script.params";
    public static final int METHOD_IDENTIFIER = 4;
    public static final String SCRIPT_TYPE_AUTH = "authentication";
    private static final String API_METHOD_NAME = "scriptBasedAuthentication";
    private ExtensionScript extensionScript;
    private static final String PARAM_SCRIPT_NAME = "scriptName";
    private static final String PARAM_SCRIPT_CONFIG_PARAMS = "scriptConfigParams";
    private static final Logger log = LogManager.getLogger(ScriptBasedAuthenticationMethodType.class);
    private static final ImageIcon SCRIPT_ICON_AUTH = new ImageIcon(ZAP.class.getResource("/resource/icon/16/script-auth.png"));
    private static final String METHOD_NAME = Constant.messages.getString("authentication.method.script.name");

    /* loaded from: input_file:org/zaproxy/zap/authentication/ScriptBasedAuthenticationMethodType$AuthenticationScript.class */
    public interface AuthenticationScript {
        String[] getRequiredParamsNames();

        String[] getOptionalParamsNames();

        String[] getCredentialsParamsNames();

        HttpMessage authenticate(AuthenticationHelper authenticationHelper, Map<String, String> map, GenericAuthenticationCredentials genericAuthenticationCredentials) throws ScriptException;
    }

    /* loaded from: input_file:org/zaproxy/zap/authentication/ScriptBasedAuthenticationMethodType$AuthenticationScriptV2.class */
    public interface AuthenticationScriptV2 extends AuthenticationScript {
        String getLoggedInIndicator();

        String getLoggedOutIndicator();
    }

    /* loaded from: input_file:org/zaproxy/zap/authentication/ScriptBasedAuthenticationMethodType$ScriptBasedAuthenticationMethod.class */
    public class ScriptBasedAuthenticationMethod extends AuthenticationMethod {
        private ScriptWrapper script;
        private String[] credentialsParamNames;
        private Map<String, String> paramValues;
        private HttpSender httpSender;

        public ScriptBasedAuthenticationMethod() {
        }

        protected HttpSender getHttpSender() {
            if (this.httpSender == null) {
                this.httpSender = new HttpSender(Model.getSingleton().getOptionsParam().getConnectionParam(), true, 5);
            }
            return this.httpSender;
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v57, types: [org.zaproxy.zap.authentication.ScriptBasedAuthenticationMethodType$AuthenticationScript] */
        public void loadScript(ScriptWrapper scriptWrapper) {
            AuthenticationScriptV2 scriptInterfaceV2 = ScriptBasedAuthenticationMethodType.this.getScriptInterfaceV2(scriptWrapper);
            if (scriptInterfaceV2 == null) {
                scriptInterfaceV2 = ScriptBasedAuthenticationMethodType.this.getScriptInterface(scriptWrapper);
            }
            if (scriptInterfaceV2 == null) {
                ScriptBasedAuthenticationMethodType.log.warn("The script " + scriptWrapper.getName() + " does not properly implement the Authentication Script interface.");
                throw new IllegalArgumentException(Constant.messages.getString("authentication.method.script.dialog.error.text.interface", scriptWrapper.getName()));
            }
            try {
                if (scriptInterfaceV2 instanceof AuthenticationScriptV2) {
                    AuthenticationScriptV2 authenticationScriptV2 = scriptInterfaceV2;
                    setLoggedInIndicatorPattern(authenticationScriptV2.getLoggedInIndicator());
                    setLoggedOutIndicatorPattern(authenticationScriptV2.getLoggedOutIndicator());
                }
                String[] requiredParamsNames = scriptInterfaceV2.getRequiredParamsNames();
                String[] optionalParamsNames = scriptInterfaceV2.getOptionalParamsNames();
                this.credentialsParamNames = scriptInterfaceV2.getCredentialsParamsNames();
                if (ScriptBasedAuthenticationMethodType.log.isDebugEnabled()) {
                    ScriptBasedAuthenticationMethodType.log.debug("Loaded authentication script - required parameters: " + Arrays.toString(requiredParamsNames) + " - optional parameters: " + Arrays.toString(optionalParamsNames));
                }
                Map<String, String> emptyMap = this.paramValues != null ? this.paramValues : Collections.emptyMap();
                this.paramValues = new HashMap(requiredParamsNames.length + optionalParamsNames.length);
                for (String str : requiredParamsNames) {
                    this.paramValues.put(str, emptyMap.get(str));
                }
                for (String str2 : optionalParamsNames) {
                    this.paramValues.put(str2, emptyMap.get(str2));
                }
                this.script = scriptWrapper;
                ScriptBasedAuthenticationMethodType.log.info("Successfully loaded new script for ScriptBasedAuthentication: " + this);
            } catch (Exception e) {
                ScriptBasedAuthenticationMethodType.log.error("Error while loading authentication script", e);
                ScriptBasedAuthenticationMethodType.this.getScriptsExtension().handleScriptException(this.script, e);
                throw new IllegalArgumentException(Constant.messages.getString("authentication.method.script.dialog.error.text.loading", e.getMessage()));
            }
        }

        public String toString() {
            return "ScriptBasedAuthenticationMethod [script=" + this.script + ", paramValues=" + this.paramValues + ", credentialsParamNames=" + Arrays.toString(this.credentialsParamNames) + "]";
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public boolean isConfigured() {
            return true;
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        protected AuthenticationMethod duplicate() {
            ScriptBasedAuthenticationMethod scriptBasedAuthenticationMethod = new ScriptBasedAuthenticationMethod();
            scriptBasedAuthenticationMethod.script = this.script;
            scriptBasedAuthenticationMethod.paramValues = this.paramValues != null ? new HashMap(this.paramValues) : null;
            scriptBasedAuthenticationMethod.credentialsParamNames = this.credentialsParamNames;
            return scriptBasedAuthenticationMethod;
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public boolean validateCreationOfAuthenticationCredentials() {
            if (this.credentialsParamNames != null) {
                return true;
            }
            if (!View.isInitialised()) {
                return false;
            }
            View.getSingleton().showMessageDialog(Constant.messages.getString("authentication.method.script.dialog.error.text.notLoaded"));
            return false;
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public AuthenticationCredentials createAuthenticationCredentials() {
            return new GenericAuthenticationCredentials(this.credentialsParamNames);
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public AuthenticationMethodType getType() {
            return new ScriptBasedAuthenticationMethodType();
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v62, types: [org.zaproxy.zap.authentication.ScriptBasedAuthenticationMethodType$AuthenticationScript] */
        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public WebSession authenticate(SessionManagementMethod sessionManagementMethod, AuthenticationCredentials authenticationCredentials, User user) throws AuthenticationMethod.UnsupportedAuthenticationCredentialsException {
            if (!(authenticationCredentials instanceof GenericAuthenticationCredentials)) {
                user.getAuthenticationState().setLastAuthFailure("Credentials not GenericAuthenticationCredentials");
                throw new AuthenticationMethod.UnsupportedAuthenticationCredentialsException("Script based Authentication method only supports " + GenericAuthenticationCredentials.class.getSimpleName() + ". Received: " + authenticationCredentials.getClass());
            }
            GenericAuthenticationCredentials genericAuthenticationCredentials = (GenericAuthenticationCredentials) authenticationCredentials;
            AuthenticationScriptV2 scriptInterfaceV2 = ScriptBasedAuthenticationMethodType.this.getScriptInterfaceV2(this.script);
            if (scriptInterfaceV2 == null) {
                scriptInterfaceV2 = ScriptBasedAuthenticationMethodType.this.getScriptInterface(this.script);
            }
            if (scriptInterfaceV2 == null) {
                return null;
            }
            try {
                if (scriptInterfaceV2 instanceof AuthenticationScriptV2) {
                    AuthenticationScriptV2 authenticationScriptV2 = scriptInterfaceV2;
                    setLoggedInIndicatorPattern(authenticationScriptV2.getLoggedInIndicator());
                    setLoggedOutIndicatorPattern(authenticationScriptV2.getLoggedOutIndicator());
                }
                HttpMessage authenticate = scriptInterfaceV2.authenticate(new AuthenticationHelper(getHttpSender(), sessionManagementMethod, user), this.paramValues, genericAuthenticationCredentials);
                if (authenticate.getRequestHeader().getURI() != null) {
                    if (isAuthenticated(authenticate, user, true)) {
                        user.getAuthenticationState().setLastAuthFailure(Constant.USER_AGENT);
                        AuthenticationHelper.notifyOutputAuthSuccessful(authenticate);
                    } else {
                        user.getAuthenticationState().setLastAuthFailure("User is not authenticated");
                        AuthenticationHelper.notifyOutputAuthFailure(authenticate);
                    }
                    AuthenticationHelper.addAuthMessageToHistory(authenticate);
                    user.getAuthenticationState().setLastAuthRequestHistoryId(authenticate.getHistoryRef().getHistoryId());
                    return sessionManagementMethod.extractWebSession(authenticate);
                }
                String format = String.format("Auth request returned by the script '%s' does not have the request-target.", this.script.getName());
                user.getAuthenticationState().setLastAuthFailure(format);
                ScriptBasedAuthenticationMethodType.log.error(format);
                String str = "ERROR: " + format + HttpHeader.LF;
                ScriptBasedAuthenticationMethodType.this.getScriptsExtension().handleScriptError(this.script, str);
                if (!View.isInitialised()) {
                    return null;
                }
                View.getSingleton().getOutputPanel().appendAsync(str);
                return null;
            } catch (Exception e) {
                user.getAuthenticationState().setLastAuthFailure("Error running authentication script " + e.getMessage());
                ScriptBasedAuthenticationMethodType.log.error("An error occurred while trying to authenticate using the Authentication Script: " + this.script.getName(), e);
                ScriptBasedAuthenticationMethodType.this.getScriptsExtension().handleScriptException(this.script, e);
                return null;
            }
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public ApiResponse getApiResponseRepresentation() {
            HashMap hashMap = new HashMap();
            hashMap.put("methodName", ScriptBasedAuthenticationMethodType.API_METHOD_NAME);
            hashMap.put(ScriptBasedAuthenticationMethodType.PARAM_SCRIPT_NAME, this.script.getName());
            hashMap.putAll(this.paramValues);
            return new AuthenticationMethod.AuthMethodApiResponseRepresentation(hashMap);
        }

        @Override // org.zaproxy.zap.authentication.AuthenticationMethod
        public void replaceUserDataInPollRequest(HttpMessage httpMessage, User user) {
            AuthenticationHelper.replaceUserDataInRequest(httpMessage, ScriptBasedAuthenticationMethodType.wrapKeys(this.paramValues), AuthenticationMethodType.NULL_ENCODER);
        }
    }

    /* loaded from: input_file:org/zaproxy/zap/authentication/ScriptBasedAuthenticationMethodType$ScriptBasedAuthenticationMethodOptionsPanel.class */
    public class ScriptBasedAuthenticationMethodOptionsPanel extends AbstractAuthenticationMethodOptionsPanel {
        private static final long serialVersionUID = 7812841049435409987L;
        private final String SCRIPT_NAME_LABEL = Constant.messages.getString("authentication.method.script.field.label.scriptName");
        private final String LABEL_NOT_LOADED = Constant.messages.getString("authentication.method.script.field.label.notLoaded");
        private JComboBox<ScriptWrapper> scriptsComboBox;
        private JButton loadScriptButton;
        private ScriptBasedAuthenticationMethod method;
        private AuthenticationIndicatorsPanel indicatorsPanel;
        private ScriptWrapper loadedScript;
        private JPanel dynamicContentPanel;
        private DynamicFieldsPanel dynamicFieldsPanel;
        private String[] loadedCredentialParams;

        public ScriptBasedAuthenticationMethodOptionsPanel() {
            initialize();
        }

        private void initialize() {
            setLayout(new GridBagLayout());
            add(new JLabel(this.SCRIPT_NAME_LABEL), LayoutHelper.getGBC(0, 0, 1, HirshbergMatcher.MIN_RATIO, HirshbergMatcher.MIN_RATIO));
            this.scriptsComboBox = new JComboBox<>();
            this.scriptsComboBox.setRenderer(new ScriptWrapperRenderer(this));
            add(this.scriptsComboBox, LayoutHelper.getGBC(1, 0, 1, 1.0d, HirshbergMatcher.MIN_RATIO));
            this.loadScriptButton = new JButton("Load");
            add(this.loadScriptButton, LayoutHelper.getGBC(2, 0, 1, HirshbergMatcher.MIN_RATIO, HirshbergMatcher.MIN_RATIO));
            this.loadScriptButton.addActionListener(new ActionListener() { // from class: org.zaproxy.zap.authentication.ScriptBasedAuthenticationMethodType.ScriptBasedAuthenticationMethodOptionsPanel.1
                public void actionPerformed(ActionEvent actionEvent) {
                    ScriptBasedAuthenticationMethodOptionsPanel.this.loadScript((ScriptWrapper) ScriptBasedAuthenticationMethodOptionsPanel.this.scriptsComboBox.getSelectedItem(), true);
                }
            });
            this.loadScriptButton.setEnabled(false);
            this.scriptsComboBox.addActionListener(new ActionListener() { // from class: org.zaproxy.zap.authentication.ScriptBasedAuthenticationMethodType.ScriptBasedAuthenticationMethodOptionsPanel.2
                public void actionPerformed(ActionEvent actionEvent) {
                    ScriptBasedAuthenticationMethodOptionsPanel.this.loadScriptButton.setEnabled(ScriptBasedAuthenticationMethodOptionsPanel.this.scriptsComboBox.getSelectedIndex() >= 0);
                }
            });
            this.dynamicContentPanel = new JPanel(new BorderLayout());
            add(this.dynamicContentPanel, LayoutHelper.getGBC(0, 1, 3, 1.0d, HirshbergMatcher.MIN_RATIO));
            this.dynamicContentPanel.add(new JLabel(this.LABEL_NOT_LOADED));
        }

        @Override // org.zaproxy.zap.authentication.AbstractAuthenticationMethodOptionsPanel
        public void validateFields() throws IllegalStateException {
            if (this.loadedScript == null) {
                this.scriptsComboBox.requestFocusInWindow();
                throw new IllegalStateException(Constant.messages.getString("authentication.method.script.dialog.error.text.notLoadedNorConfigured"));
            }
            this.dynamicFieldsPanel.validateFields();
        }

        @Override // org.zaproxy.zap.authentication.AbstractAuthenticationMethodOptionsPanel
        public void saveMethod() {
            this.method.script = (ScriptWrapper) this.scriptsComboBox.getSelectedItem();
            if (this.dynamicFieldsPanel != null) {
                this.method.paramValues = this.dynamicFieldsPanel.getFieldValues();
            } else {
                this.method.paramValues = Collections.emptyMap();
            }
            if (this.loadedScript != null) {
                this.method.credentialsParamNames = this.loadedCredentialParams;
            }
        }

        @Override // org.zaproxy.zap.authentication.AbstractAuthenticationMethodOptionsPanel
        public void bindMethod(AuthenticationMethod authenticationMethod) throws AuthenticationMethodType.UnsupportedAuthenticationMethodException {
            this.method = (ScriptBasedAuthenticationMethod) authenticationMethod;
            List<ScriptWrapper> scripts = ScriptBasedAuthenticationMethodType.this.getScriptsExtension().getScripts(ScriptBasedAuthenticationMethodType.SCRIPT_TYPE_AUTH);
            this.scriptsComboBox.setModel(new DefaultComboBoxModel(scripts.toArray(new ScriptWrapper[scripts.size()])));
            this.scriptsComboBox.setSelectedItem(this.method.script);
            this.loadScriptButton.setEnabled(this.method.script != null);
            if (this.method.script != null) {
                loadScript(this.method.script, false);
                if (this.dynamicFieldsPanel != null) {
                    this.dynamicFieldsPanel.bindFieldValues(this.method.paramValues);
                }
            }
        }

        @Override // org.zaproxy.zap.authentication.AbstractAuthenticationMethodOptionsPanel
        public void bindMethod(AuthenticationMethod authenticationMethod, AuthenticationIndicatorsPanel authenticationIndicatorsPanel) throws AuthenticationMethodType.UnsupportedAuthenticationMethodException {
            this.indicatorsPanel = authenticationIndicatorsPanel;
            bindMethod(authenticationMethod);
        }

        @Override // org.zaproxy.zap.authentication.AbstractAuthenticationMethodOptionsPanel
        public AuthenticationMethod getMethod() {
            return this.method;
        }

        /* JADX INFO: Access modifiers changed from: private */
        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v78, types: [org.zaproxy.zap.authentication.ScriptBasedAuthenticationMethodType$AuthenticationScript] */
        public void loadScript(ScriptWrapper scriptWrapper, boolean z) {
            AuthenticationScriptV2 scriptInterfaceV2 = ScriptBasedAuthenticationMethodType.this.getScriptInterfaceV2(scriptWrapper);
            if (scriptInterfaceV2 == null) {
                scriptInterfaceV2 = ScriptBasedAuthenticationMethodType.this.getScriptInterface(scriptWrapper);
            }
            if (scriptInterfaceV2 == null) {
                ScriptBasedAuthenticationMethodType.log.warn("The script " + scriptWrapper.getName() + " does not properly implement the Authentication Script interface.");
                warnAndResetPanel(Constant.messages.getString("authentication.method.script.dialog.error.text.interface", scriptWrapper.getName()));
                return;
            }
            try {
                if (scriptInterfaceV2 instanceof AuthenticationScriptV2) {
                    AuthenticationScriptV2 authenticationScriptV2 = scriptInterfaceV2;
                    String string = Constant.messages.getString("authentication.method.script.dialog.loggedInOutIndicatorsInScript.toolTip");
                    String loggedInIndicator = authenticationScriptV2.getLoggedInIndicator();
                    this.method.setLoggedInIndicatorPattern(loggedInIndicator);
                    this.indicatorsPanel.setLoggedInIndicatorPattern(loggedInIndicator);
                    this.indicatorsPanel.setLoggedInIndicatorEnabled(false);
                    this.indicatorsPanel.setLoggedInIndicatorToolTip(string);
                    String loggedOutIndicator = authenticationScriptV2.getLoggedOutIndicator();
                    this.method.setLoggedOutIndicatorPattern(loggedOutIndicator);
                    this.indicatorsPanel.setLoggedOutIndicatorPattern(loggedOutIndicator);
                    this.indicatorsPanel.setLoggedOutIndicatorEnabled(false);
                    this.indicatorsPanel.setLoggedOutIndicatorToolTip(string);
                } else {
                    this.indicatorsPanel.setLoggedInIndicatorEnabled(true);
                    this.indicatorsPanel.setLoggedInIndicatorToolTip(null);
                    this.indicatorsPanel.setLoggedOutIndicatorEnabled(true);
                    this.indicatorsPanel.setLoggedOutIndicatorToolTip(null);
                }
                String[] requiredParamsNames = scriptInterfaceV2.getRequiredParamsNames();
                String[] optionalParamsNames = scriptInterfaceV2.getOptionalParamsNames();
                this.loadedCredentialParams = scriptInterfaceV2.getCredentialsParamsNames();
                if (ScriptBasedAuthenticationMethodType.log.isDebugEnabled()) {
                    ScriptBasedAuthenticationMethodType.log.debug("Loaded authentication script - required parameters: " + Arrays.toString(requiredParamsNames) + " - optional parameters: " + Arrays.toString(optionalParamsNames));
                }
                Map<String, String> map = null;
                if (z && this.dynamicFieldsPanel != null) {
                    map = this.dynamicFieldsPanel.getFieldValues();
                    if (ScriptBasedAuthenticationMethodType.log.isDebugEnabled()) {
                        ScriptBasedAuthenticationMethodType.log.debug("Trying to adapt old values: " + map);
                    }
                }
                this.dynamicFieldsPanel = new DynamicFieldsPanel(requiredParamsNames, optionalParamsNames);
                this.loadedScript = scriptWrapper;
                if (z && map != null) {
                    this.dynamicFieldsPanel.bindFieldValues(map);
                }
                this.dynamicContentPanel.removeAll();
                this.dynamicContentPanel.add(this.dynamicFieldsPanel, "Center");
                this.dynamicContentPanel.revalidate();
            } catch (Exception e) {
                ScriptBasedAuthenticationMethodType.this.getScriptsExtension().handleScriptException(scriptWrapper, e);
                ScriptBasedAuthenticationMethodType.log.error("Error while calling authentication script", e);
                warnAndResetPanel(Constant.messages.getString("authentication.method.script.dialog.error.text.loading", ExceptionUtils.getRootCauseMessage(e)));
            }
        }

        private void warnAndResetPanel(String str) {
            JOptionPane.showMessageDialog(this, str, Constant.messages.getString("authentication.method.script.dialog.error.title"), 0);
            this.loadedScript = null;
            this.scriptsComboBox.setSelectedItem((Object) null);
            this.dynamicFieldsPanel = null;
            this.dynamicContentPanel.removeAll();
            this.dynamicContentPanel.add(new JLabel(this.LABEL_NOT_LOADED), "Center");
            this.dynamicContentPanel.revalidate();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/zaproxy/zap/authentication/ScriptBasedAuthenticationMethodType$ScriptWrapperRenderer.class */
    public static class ScriptWrapperRenderer extends BasicComboBoxRenderer {
        private static final long serialVersionUID = 3654541772447187317L;
        private static final Border BORDER = new EmptyBorder(2, 3, 3, 3);
        private ScriptBasedAuthenticationMethodOptionsPanel panel;

        public ScriptWrapperRenderer(ScriptBasedAuthenticationMethodOptionsPanel scriptBasedAuthenticationMethodOptionsPanel) {
            this.panel = scriptBasedAuthenticationMethodOptionsPanel;
        }

        public Component getListCellRendererComponent(JList jList, Object obj, int i, boolean z, boolean z2) {
            super.getListCellRendererComponent(jList, obj, i, z, z2);
            if (obj != null) {
                setBorder(BORDER);
                ScriptWrapper scriptWrapper = (ScriptWrapper) obj;
                if (this.panel.loadedScript == scriptWrapper) {
                    setText("<html><b>" + StringEscapeUtils.unescapeHtml(scriptWrapper.getName()) + " (loaded)</b></html>");
                } else {
                    setText(scriptWrapper.getName());
                }
            }
            return this;
        }
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public void hook(ExtensionHook extensionHook) {
        if (getScriptsExtension() != null) {
            log.debug("Registering Script...");
            getScriptsExtension().registerScriptType(new ScriptType(SCRIPT_TYPE_AUTH, "authentication.method.script.type", SCRIPT_ICON_AUTH, false, new String[]{ScriptType.CAPABILITY_APPEND}));
        }
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public ScriptBasedAuthenticationMethod createAuthenticationMethod(int i) {
        return new ScriptBasedAuthenticationMethod();
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public String getName() {
        return METHOD_NAME;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public int getUniqueIdentifier() {
        return 4;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public AbstractAuthenticationMethodOptionsPanel buildOptionsPanel(Context context) {
        return new ScriptBasedAuthenticationMethodOptionsPanel();
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public boolean hasOptionsPanel() {
        return true;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public AbstractCredentialsOptionsPanel<? extends AuthenticationCredentials> buildCredentialsOptionsPanel(AuthenticationCredentials authenticationCredentials, Context context) {
        return new GenericAuthenticationCredentials.GenericAuthenticationCredentialsOptionsPanel((GenericAuthenticationCredentials) authenticationCredentials);
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public boolean hasCredentialsOptionsPanel() {
        return true;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public boolean isTypeForMethod(AuthenticationMethod authenticationMethod) {
        return authenticationMethod instanceof ScriptBasedAuthenticationMethod;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public ScriptBasedAuthenticationMethod loadMethodFromSession(Session session, int i) throws DatabaseException {
        ScriptBasedAuthenticationMethod createAuthenticationMethod = createAuthenticationMethod(i);
        loadMethod(createAuthenticationMethod, session.getContextDataStrings(i, 201), session.getContextDataStrings(i, 202));
        return createAuthenticationMethod;
    }

    public void loadMethod(ScriptBasedAuthenticationMethod scriptBasedAuthenticationMethod, List<String> list, List<String> list2) {
        String str = Constant.USER_AGENT;
        if (list != null && list.size() > 0) {
            str = list.get(0);
            ScriptWrapper script = getScriptsExtension().getScript(str);
            if (script == null) {
                log.error("Unable to find script while loading Script Based Authentication Method for name: " + str);
                if (View.isInitialised()) {
                    View.getSingleton().showMessageDialog(Constant.messages.getString("authentication.method.script.load.errorScriptNotFound", str));
                    return;
                }
                return;
            }
            log.info("Loaded script:" + script.getName());
            scriptBasedAuthenticationMethod.script = script;
            AuthenticationScriptV2 scriptInterfaceV2 = getScriptInterfaceV2(script);
            if (scriptInterfaceV2 == null) {
                scriptInterfaceV2 = getScriptInterface(script);
            }
            if (scriptInterfaceV2 == null) {
                log.error("Unable to load Script Based Authentication method. The script " + str + " does not properly implement the Authentication Script interface.");
                return;
            }
            try {
                if (scriptInterfaceV2 instanceof AuthenticationScriptV2) {
                    AuthenticationScriptV2 authenticationScriptV2 = scriptInterfaceV2;
                    scriptBasedAuthenticationMethod.setLoggedInIndicatorPattern(authenticationScriptV2.getLoggedInIndicator());
                    scriptBasedAuthenticationMethod.setLoggedOutIndicatorPattern(authenticationScriptV2.getLoggedOutIndicator());
                }
                scriptBasedAuthenticationMethod.credentialsParamNames = scriptInterfaceV2.getCredentialsParamsNames();
            } catch (Exception e) {
                getScriptsExtension().handleScriptException(script, e);
            }
        }
        if (list2 != null && list2.size() > 0) {
            scriptBasedAuthenticationMethod.paramValues = EncodingUtils.stringToMap(list2.get(0));
        } else {
            scriptBasedAuthenticationMethod.paramValues = new HashMap();
            log.error("Unable to load script parameter values loading Script Based Authentication Method for name: " + str);
        }
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public void persistMethodToSession(Session session, int i, AuthenticationMethod authenticationMethod) throws AuthenticationMethodType.UnsupportedAuthenticationMethodException, DatabaseException {
        if (!(authenticationMethod instanceof ScriptBasedAuthenticationMethod)) {
            throw new AuthenticationMethodType.UnsupportedAuthenticationMethodException("Script based authentication type only supports: " + ScriptBasedAuthenticationMethod.class);
        }
        ScriptBasedAuthenticationMethod scriptBasedAuthenticationMethod = (ScriptBasedAuthenticationMethod) authenticationMethod;
        session.setContextData(i, 201, scriptBasedAuthenticationMethod.script.getName());
        session.setContextData(i, 202, EncodingUtils.mapToString(scriptBasedAuthenticationMethod.paramValues));
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public AuthenticationCredentials createAuthenticationCredentials() {
        return new GenericAuthenticationCredentials(new String[0]);
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public Class<GenericAuthenticationCredentials> getAuthenticationCredentialsType() {
        return GenericAuthenticationCredentials.class;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ExtensionScript getScriptsExtension() {
        if (this.extensionScript == null) {
            this.extensionScript = (ExtensionScript) Control.getSingleton().getExtensionLoader().getExtension(ExtensionScript.class);
        }
        return this.extensionScript;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AuthenticationScript getScriptInterface(ScriptWrapper scriptWrapper) {
        try {
            return (AuthenticationScript) getScriptsExtension().getInterface(scriptWrapper, AuthenticationScript.class);
        } catch (Exception e) {
            getScriptsExtension().handleFailedScriptInterface(scriptWrapper, Constant.messages.getString("authentication.method.script.dialog.error.text.interface", scriptWrapper.getName()));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AuthenticationScriptV2 getScriptInterfaceV2(ScriptWrapper scriptWrapper) {
        try {
            AuthenticationScriptV2 authenticationScriptV2 = (AuthenticationScriptV2) getScriptsExtension().getInterface(scriptWrapper, AuthenticationScriptV2.class);
            if (authenticationScriptV2 != null) {
                authenticationScriptV2.getLoggedInIndicator();
                authenticationScriptV2.getLoggedOutIndicator();
                return authenticationScriptV2;
            }
            Logger logger = log;
            scriptWrapper.getClass();
            logger.debug("Script '{}' is not a AuthenticationScriptV2 interface.", new Supplier[]{scriptWrapper::getName});
            return null;
        } catch (Exception e) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Script '" + scriptWrapper.getName() + "' is not a AuthenticationScriptV2 interface!", e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Map<String, String> wrapKeys(Map<String, String> map) {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            hashMap.put(AuthenticationMethod.TOKEN_PREFIX + entry.getKey() + AuthenticationMethod.TOKEN_POSTFIX, entry.getValue());
        }
        return hashMap;
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public ApiDynamicActionImplementor getSetMethodForContextApiAction() {
        return new ApiDynamicActionImplementor(API_METHOD_NAME, new String[]{PARAM_SCRIPT_NAME}, new String[]{PARAM_SCRIPT_CONFIG_PARAMS}) { // from class: org.zaproxy.zap.authentication.ScriptBasedAuthenticationMethodType.1
            /* JADX WARN: Multi-variable type inference failed */
            /* JADX WARN: Type inference failed for: r0v72, types: [org.zaproxy.zap.authentication.ScriptBasedAuthenticationMethodType$AuthenticationScript] */
            @Override // org.zaproxy.zap.extension.api.ApiDynamicActionImplementor
            public void handleAction(JSONObject jSONObject) throws ApiException {
                Context contextByParamId = ApiUtils.getContextByParamId(jSONObject, "contextId");
                String nonEmptyStringParam = ApiUtils.getNonEmptyStringParam(jSONObject, ScriptBasedAuthenticationMethodType.PARAM_SCRIPT_NAME);
                ScriptBasedAuthenticationMethod createAuthenticationMethod = ScriptBasedAuthenticationMethodType.this.createAuthenticationMethod(contextByParamId.getId());
                ScriptWrapper script = ScriptBasedAuthenticationMethodType.this.getScriptsExtension().getScript(nonEmptyStringParam);
                if (script == null) {
                    ScriptBasedAuthenticationMethodType.log.error("Unable to find script while loading Script Based Authentication Method for name: " + nonEmptyStringParam);
                    throw new ApiException(ApiException.Type.SCRIPT_NOT_FOUND, nonEmptyStringParam);
                }
                ScriptBasedAuthenticationMethodType.log.info("Loaded script for API:" + script.getName());
                createAuthenticationMethod.script = script;
                AuthenticationScriptV2 scriptInterfaceV2 = ScriptBasedAuthenticationMethodType.this.getScriptInterfaceV2(script);
                if (scriptInterfaceV2 == null) {
                    scriptInterfaceV2 = ScriptBasedAuthenticationMethodType.this.getScriptInterface(script);
                }
                if (scriptInterfaceV2 == null) {
                    ScriptBasedAuthenticationMethodType.log.error("Unable to load Script Based Authentication method. The script " + script.getName() + " does not properly implement the Authentication Script interface.");
                    throw new ApiException(ApiException.Type.BAD_SCRIPT_FORMAT, "Does not follow Authentication script interface");
                }
                try {
                    if (scriptInterfaceV2 instanceof AuthenticationScriptV2) {
                        AuthenticationScriptV2 authenticationScriptV2 = scriptInterfaceV2;
                        createAuthenticationMethod.setLoggedInIndicatorPattern(authenticationScriptV2.getLoggedInIndicator());
                        createAuthenticationMethod.setLoggedOutIndicatorPattern(authenticationScriptV2.getLoggedOutIndicator());
                    }
                    createAuthenticationMethod.credentialsParamNames = scriptInterfaceV2.getCredentialsParamsNames();
                    String[] requiredParamsNames = scriptInterfaceV2.getRequiredParamsNames();
                    String[] optionalParamsNames = scriptInterfaceV2.getOptionalParamsNames();
                    if (ScriptBasedAuthenticationMethodType.log.isDebugEnabled()) {
                        ScriptBasedAuthenticationMethodType.log.debug("Loaded authentication script - required parameters: " + Arrays.toString(requiredParamsNames) + " - optional parameters: " + Arrays.toString(optionalParamsNames));
                    }
                    HashMap hashMap = new HashMap();
                    for (String str : requiredParamsNames) {
                        hashMap.put(str, ApiUtils.getNonEmptyStringParam(jSONObject, str));
                    }
                    for (String str2 : optionalParamsNames) {
                        hashMap.put(str2, ApiUtils.getOptionalStringParam(jSONObject, str2));
                    }
                    createAuthenticationMethod.paramValues = hashMap;
                    if (ScriptBasedAuthenticationMethodType.log.isDebugEnabled()) {
                        ScriptBasedAuthenticationMethodType.log.debug("Loaded authentication script parameters:" + hashMap);
                    }
                    contextByParamId.setAuthenticationMethod(createAuthenticationMethod);
                } catch (ApiException e) {
                    throw e;
                } catch (Exception e2) {
                    ScriptBasedAuthenticationMethodType.this.getScriptsExtension().handleScriptException(script, e2);
                    ScriptBasedAuthenticationMethodType.log.error("Unable to load Script Based Authentication method. The script " + script.getName() + " contains errors.");
                    throw new ApiException(ApiException.Type.BAD_SCRIPT_FORMAT, e2.getMessage());
                }
            }
        };
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public ApiDynamicActionImplementor getSetCredentialsForUserApiAction() {
        return GenericAuthenticationCredentials.getSetCredentialsForUserApiAction(this);
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public void exportData(Configuration configuration, AuthenticationMethod authenticationMethod) {
        if (!(authenticationMethod instanceof ScriptBasedAuthenticationMethod)) {
            throw new AuthenticationMethodType.UnsupportedAuthenticationMethodException("Script based authentication type only supports: " + ScriptBasedAuthenticationMethod.class.getName());
        }
        ScriptBasedAuthenticationMethod scriptBasedAuthenticationMethod = (ScriptBasedAuthenticationMethod) authenticationMethod;
        configuration.setProperty(CONTEXT_CONFIG_AUTH_SCRIPT_NAME, scriptBasedAuthenticationMethod.script.getName());
        configuration.setProperty(CONTEXT_CONFIG_AUTH_SCRIPT_PARAMS, EncodingUtils.mapToString(scriptBasedAuthenticationMethod.paramValues));
    }

    @Override // org.zaproxy.zap.authentication.AuthenticationMethodType
    public void importData(Configuration configuration, AuthenticationMethod authenticationMethod) throws ConfigurationException {
        if (!(authenticationMethod instanceof ScriptBasedAuthenticationMethod)) {
            throw new AuthenticationMethodType.UnsupportedAuthenticationMethodException("Script based authentication type only supports: " + ScriptBasedAuthenticationMethod.class.getName());
        }
        loadMethod((ScriptBasedAuthenticationMethod) authenticationMethod, objListToStrList(configuration.getList(CONTEXT_CONFIG_AUTH_SCRIPT_NAME)), objListToStrList(configuration.getList(CONTEXT_CONFIG_AUTH_SCRIPT_PARAMS)));
    }

    private List<String> objListToStrList(List<Object> list) {
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<Object> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().toString());
        }
        return arrayList;
    }
}
