package org.zaproxy.zap.extension.authentication;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.httpclient.URI;
import org.apache.commons.httpclient.URIException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.parosproxy.paros.Constant;
import org.parosproxy.paros.db.DatabaseException;
import org.parosproxy.paros.db.RecordContext;
import org.parosproxy.paros.extension.ExtensionAdaptor;
import org.parosproxy.paros.extension.ExtensionHook;
import org.parosproxy.paros.extension.ExtensionPopupMenuItem;
import org.parosproxy.paros.model.Session;
import org.zaproxy.zap.authentication.AuthenticationMethod;
import org.zaproxy.zap.authentication.AuthenticationMethodType;
import org.zaproxy.zap.authentication.FormBasedAuthenticationMethodType;
import org.zaproxy.zap.authentication.HttpAuthenticationMethodType;
import org.zaproxy.zap.authentication.JsonBasedAuthenticationMethodType;
import org.zaproxy.zap.authentication.ManualAuthenticationMethodType;
import org.zaproxy.zap.authentication.ScriptBasedAuthenticationMethodType;
import org.zaproxy.zap.extension.stdmenus.PopupContextMenuItemFactory;
import org.zaproxy.zap.model.Context;
import org.zaproxy.zap.model.ContextDataFactory;
import org.zaproxy.zap.view.AbstractContextPropertiesPanel;
import org.zaproxy.zap.view.ContextPanelFactory;

/* loaded from: input_file:org/zaproxy/zap/extension/authentication/ExtensionAuthentication.class */
public class ExtensionAuthentication extends ExtensionAdaptor implements ContextPanelFactory, ContextDataFactory {
    public static final int EXTENSION_ORDER = 52;
    public static final String NAME = "ExtensionAuthentication";
    private static final int NO_AUTH_METHOD = -1;
    private static final Logger log = LogManager.getLogger(ExtensionAuthentication.class);
    List<AuthenticationMethodType> authenticationMethodTypes = new ArrayList();
    private Map<Integer, ContextAuthenticationPanel> contextPanelsMap = new HashMap();
    private PopupContextMenuItemFactory popupFlagLoggedInIndicatorMenuFactory;
    private PopupContextMenuItemFactory popupFlagLoggedOutIndicatorMenuFactory;
    private HttpSenderAuthHeaderListener httpSenderAuthHeaderListener;
    AuthenticationAPI api;

    public ExtensionAuthentication() {
        initialize();
    }

    private void initialize() {
        setName(NAME);
        setOrder(52);
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public boolean supportsDb(String str) {
        return true;
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public String getUIName() {
        return Constant.messages.getString("authentication.name");
    }

    @Override // org.parosproxy.paros.extension.ExtensionAdaptor, org.parosproxy.paros.extension.Extension
    public void hook(ExtensionHook extensionHook) {
        super.hook(extensionHook);
        extensionHook.addContextDataFactory(this);
        if (getView() != null) {
            extensionHook.getHookMenu().addPopupMenuItem(getPopupFlagLoggedInIndicatorMenu());
            extensionHook.getHookMenu().addPopupMenuItem(getPopupFlagLoggedOutIndicatorMenu());
            extensionHook.getHookView().addContextPanelFactory(this);
        }
        loadAuthenticationMethodTypes(extensionHook);
        this.api = new AuthenticationAPI(this);
        extensionHook.addApiImplementor(this.api);
        extensionHook.addHttpSenderListener(getHttpSenderAuthHeaderListener());
    }

    @Override // org.zaproxy.zap.view.ContextPanelFactory
    public AbstractContextPropertiesPanel getContextPanel(Context context) {
        ContextAuthenticationPanel contextAuthenticationPanel = this.contextPanelsMap.get(Integer.valueOf(context.getId()));
        if (contextAuthenticationPanel == null) {
            contextAuthenticationPanel = new ContextAuthenticationPanel(this, context);
            this.contextPanelsMap.put(Integer.valueOf(context.getId()), contextAuthenticationPanel);
        }
        return contextAuthenticationPanel;
    }

    @Override // org.parosproxy.paros.extension.Extension
    public String getAuthor() {
        return Constant.ZAP_TEAM;
    }

    private PopupContextMenuItemFactory getPopupFlagLoggedInIndicatorMenu() {
        if (this.popupFlagLoggedInIndicatorMenuFactory == null) {
            this.popupFlagLoggedInIndicatorMenuFactory = new PopupContextMenuItemFactory("dd - " + Constant.messages.getString("context.flag.popup")) { // from class: org.zaproxy.zap.extension.authentication.ExtensionAuthentication.1
                private static final long serialVersionUID = 2453839120088204122L;

                @Override // org.zaproxy.zap.extension.stdmenus.PopupContextMenuItemFactory
                public ExtensionPopupMenuItem getContextMenu(Context context, String str) {
                    return new PopupFlagLoggedInIndicatorMenu(context);
                }
            };
        }
        return this.popupFlagLoggedInIndicatorMenuFactory;
    }

    private PopupContextMenuItemFactory getPopupFlagLoggedOutIndicatorMenu() {
        if (this.popupFlagLoggedOutIndicatorMenuFactory == null) {
            this.popupFlagLoggedOutIndicatorMenuFactory = new PopupContextMenuItemFactory("dd - " + Constant.messages.getString("context.flag.popup")) { // from class: org.zaproxy.zap.extension.authentication.ExtensionAuthentication.2
                private static final long serialVersionUID = 2453839120088204123L;

                @Override // org.zaproxy.zap.extension.stdmenus.PopupContextMenuItemFactory
                public ExtensionPopupMenuItem getContextMenu(Context context, String str) {
                    return new PopupFlagLoggedOutIndicatorMenu(context);
                }
            };
        }
        return this.popupFlagLoggedOutIndicatorMenuFactory;
    }

    private void loadAuthenticationMethodTypes(ExtensionHook extensionHook) {
        this.authenticationMethodTypes.add(new FormBasedAuthenticationMethodType());
        this.authenticationMethodTypes.add(new HttpAuthenticationMethodType());
        this.authenticationMethodTypes.add(new ManualAuthenticationMethodType());
        this.authenticationMethodTypes.add(new ScriptBasedAuthenticationMethodType());
        this.authenticationMethodTypes.add(new JsonBasedAuthenticationMethodType());
        Iterator<AuthenticationMethodType> it = this.authenticationMethodTypes.iterator();
        while (it.hasNext()) {
            it.next().hook(extensionHook);
        }
        if (log.isInfoEnabled()) {
            log.info("Loaded authentication method types: " + this.authenticationMethodTypes);
        }
    }

    public List<AuthenticationMethodType> getAuthenticationMethodTypes() {
        return this.authenticationMethodTypes;
    }

    public AuthenticationMethodType getAuthenticationMethodTypeForIdentifier(int i) {
        for (AuthenticationMethodType authenticationMethodType : getAuthenticationMethodTypes()) {
            if (authenticationMethodType.getUniqueIdentifier() == i) {
                return authenticationMethodType;
            }
        }
        return null;
    }

    public URI getLoginRequestURIForContext(Context context) {
        if (!(context.getAuthenticationMethod() instanceof FormBasedAuthenticationMethodType.FormBasedAuthenticationMethod)) {
            return null;
        }
        try {
            return new URI(((FormBasedAuthenticationMethodType.FormBasedAuthenticationMethod) context.getAuthenticationMethod()).getLoginRequestURL(), false);
        } catch (URIException | NullPointerException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // org.zaproxy.zap.model.ContextDataFactory
    public void loadContextData(Session session, Context context) {
        AuthenticationMethodType authenticationMethodTypeForIdentifier;
        try {
            List<String> contextDataStrings = session.getContextDataStrings(context.getId(), 200);
            if (contextDataStrings != null && contextDataStrings.size() > 0 && (authenticationMethodTypeForIdentifier = getAuthenticationMethodTypeForIdentifier(Integer.parseInt(contextDataStrings.get(0)))) != null) {
                context.setAuthenticationMethod(authenticationMethodTypeForIdentifier.loadMethodFromSession(session, context.getId()));
                String contextDataString = session.getContextDataString(context.getId(), RecordContext.TYPE_AUTH_VERIF_STRATEGY, null);
                if (contextDataString != null) {
                    try {
                        context.getAuthenticationMethod().setAuthCheckingStrategy(AuthenticationMethod.AuthCheckingStrategy.valueOf(contextDataString));
                    } catch (Exception e) {
                        log.error("Failed to parse auth checking strategy " + contextDataString, e);
                    }
                }
                context.getAuthenticationMethod().setPollUrl(session.getContextDataString(context.getId(), RecordContext.TYPE_AUTH_POLL_URL, null));
                context.getAuthenticationMethod().setPollData(session.getContextDataString(context.getId(), RecordContext.TYPE_AUTH_POLL_DATA, null));
                context.getAuthenticationMethod().setPollHeaders(session.getContextDataString(context.getId(), RecordContext.TYPE_AUTH_POLL_HEADERS, null));
                context.getAuthenticationMethod().setPollFrequency(session.getContextDataInteger(context.getId(), RecordContext.TYPE_AUTH_POLL_FREQ, 0));
                String contextDataString2 = session.getContextDataString(context.getId(), RecordContext.TYPE_AUTH_POLL_FREQ_UNITS, null);
                if (contextDataString2 != null) {
                    try {
                        context.getAuthenticationMethod().setPollFrequencyUnits(AuthenticationMethod.AuthPollFrequencyUnits.valueOf(contextDataString2));
                    } catch (Exception e2) {
                        log.error("Failed to parse auth frequency units " + contextDataString2, e2);
                    }
                }
                context.getAuthenticationMethod().setLoggedInIndicatorPattern(session.getContextDataString(context.getId(), 206, null));
                context.getAuthenticationMethod().setLoggedOutIndicatorPattern(session.getContextDataString(context.getId(), RecordContext.TYPE_AUTH_METHOD_LOGGEDOUT_INDICATOR, null));
            }
        } catch (DatabaseException e3) {
            log.error("Unable to load Authentication method.", e3);
        }
    }

    @Override // org.zaproxy.zap.model.ContextDataFactory
    public void persistContextData(Session session, Context context) {
        try {
            int id = context.getId();
            AuthenticationMethodType type = context.getAuthenticationMethod().getType();
            session.setContextData(id, 200, Integer.toString(type.getUniqueIdentifier()));
            if (context.getAuthenticationMethod().getAuthCheckingStrategy() != null) {
                session.setContextData(id, RecordContext.TYPE_AUTH_VERIF_STRATEGY, context.getAuthenticationMethod().getAuthCheckingStrategy().name());
            } else {
                session.clearContextDataForType(id, RecordContext.TYPE_AUTH_VERIF_STRATEGY);
            }
            if (context.getAuthenticationMethod().getPollUrl() != null) {
                session.setContextData(id, RecordContext.TYPE_AUTH_POLL_URL, context.getAuthenticationMethod().getPollUrl());
            } else {
                session.clearContextDataForType(id, RecordContext.TYPE_AUTH_POLL_URL);
            }
            if (context.getAuthenticationMethod().getPollData() != null) {
                session.setContextData(id, RecordContext.TYPE_AUTH_POLL_DATA, context.getAuthenticationMethod().getPollData());
            } else {
                session.clearContextDataForType(id, RecordContext.TYPE_AUTH_POLL_DATA);
            }
            if (context.getAuthenticationMethod().getPollHeaders() != null) {
                session.setContextData(id, RecordContext.TYPE_AUTH_POLL_HEADERS, context.getAuthenticationMethod().getPollHeaders());
            } else {
                session.clearContextDataForType(id, RecordContext.TYPE_AUTH_POLL_HEADERS);
            }
            session.setContextData(id, RecordContext.TYPE_AUTH_POLL_FREQ, Integer.toString(context.getAuthenticationMethod().getPollFrequency()));
            if (context.getAuthenticationMethod().getPollFrequencyUnits() != null) {
                session.setContextData(id, RecordContext.TYPE_AUTH_POLL_FREQ_UNITS, context.getAuthenticationMethod().getPollFrequencyUnits().name());
            } else {
                session.clearContextDataForType(id, RecordContext.TYPE_AUTH_VERIF_STRATEGY);
            }
            persistLoggedIndicator(session, id, 206, context.getAuthenticationMethod().getLoggedInIndicatorPattern());
            persistLoggedIndicator(session, id, RecordContext.TYPE_AUTH_METHOD_LOGGEDOUT_INDICATOR, context.getAuthenticationMethod().getLoggedOutIndicatorPattern());
            type.persistMethodToSession(session, id, context.getAuthenticationMethod());
        } catch (DatabaseException e) {
            log.error("Unable to persist Authentication method.", e);
        }
    }

    private static void persistLoggedIndicator(Session session, int i, int i2, Pattern pattern) throws DatabaseException {
        if (pattern != null) {
            session.setContextData(i, i2, pattern.toString());
        } else {
            session.clearContextDataForType(i, i2);
        }
    }

    @Override // org.zaproxy.zap.view.ContextPanelFactory
    public void discardContexts() {
        this.contextPanelsMap.clear();
    }

    @Override // org.zaproxy.zap.view.ContextPanelFactory
    public void discardContext(Context context) {
        this.contextPanelsMap.remove(Integer.valueOf(context.getId()));
    }

    @Override // org.zaproxy.zap.model.ContextDataFactory
    public void exportContextData(Context context, Configuration configuration) {
        configuration.setProperty(AuthenticationMethod.CONTEXT_CONFIG_AUTH_TYPE, Integer.valueOf(context.getAuthenticationMethod().getType().getUniqueIdentifier()));
        if (context.getAuthenticationMethod().getAuthCheckingStrategy() != null) {
            configuration.setProperty(AuthenticationMethod.CONTEXT_CONFIG_AUTH_STRATEGY, context.getAuthenticationMethod().getAuthCheckingStrategy().name());
        }
        configuration.setProperty(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_URL, context.getAuthenticationMethod().getPollUrl());
        configuration.setProperty(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_DATA, context.getAuthenticationMethod().getPollData());
        configuration.setProperty(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_HEADERS, context.getAuthenticationMethod().getPollHeaders());
        configuration.setProperty(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_FREQ, Integer.valueOf(context.getAuthenticationMethod().getPollFrequency()));
        if (context.getAuthenticationMethod().getPollFrequencyUnits() != null) {
            configuration.setProperty(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_UNITS, context.getAuthenticationMethod().getPollFrequencyUnits().name());
        }
        if (context.getAuthenticationMethod().getLoggedInIndicatorPattern() != null) {
            configuration.setProperty(AuthenticationMethod.CONTEXT_CONFIG_AUTH_LOGGEDIN, context.getAuthenticationMethod().getLoggedInIndicatorPattern().toString());
        }
        if (context.getAuthenticationMethod().getLoggedOutIndicatorPattern() != null) {
            configuration.setProperty(AuthenticationMethod.CONTEXT_CONFIG_AUTH_LOGGEDOUT, context.getAuthenticationMethod().getLoggedOutIndicatorPattern().toString());
        }
        context.getAuthenticationMethod().getType().exportData(configuration, context.getAuthenticationMethod());
    }

    @Override // org.zaproxy.zap.model.ContextDataFactory
    public void importContextData(Context context, Configuration configuration) throws ConfigurationException {
        int i = configuration.getInt(AuthenticationMethod.CONTEXT_CONFIG_AUTH_TYPE, -1);
        if (i == -1) {
            return;
        }
        AuthenticationMethodType authenticationMethodTypeForIdentifier = getAuthenticationMethodTypeForIdentifier(i);
        if (authenticationMethodTypeForIdentifier == null) {
            log.warn("No authentication method type found for ID: " + i);
            return;
        }
        context.setAuthenticationMethod(authenticationMethodTypeForIdentifier.createAuthenticationMethod(context.getId()));
        AuthenticationMethod authenticationMethod = context.getAuthenticationMethod();
        authenticationMethod.setAuthCheckingStrategy(AuthenticationMethod.AuthCheckingStrategy.valueOf(configuration.getString(AuthenticationMethod.CONTEXT_CONFIG_AUTH_STRATEGY, AuthenticationMethod.AuthCheckingStrategy.EACH_RESP.name())));
        authenticationMethod.setPollUrl(configuration.getString(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_URL, Constant.USER_AGENT));
        authenticationMethod.setPollData(configuration.getString(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_DATA, Constant.USER_AGENT));
        authenticationMethod.setPollHeaders(configuration.getString(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_HEADERS, Constant.USER_AGENT));
        authenticationMethod.setPollFrequency(configuration.getInt(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_FREQ, 60));
        authenticationMethod.setPollFrequencyUnits(AuthenticationMethod.AuthPollFrequencyUnits.valueOf(configuration.getString(AuthenticationMethod.CONTEXT_CONFIG_AUTH_POLL_UNITS, AuthenticationMethod.AuthPollFrequencyUnits.REQUESTS.name())));
        authenticationMethod.setLoggedInIndicatorPattern(configuration.getString(AuthenticationMethod.CONTEXT_CONFIG_AUTH_LOGGEDIN, Constant.USER_AGENT));
        authenticationMethod.setLoggedOutIndicatorPattern(configuration.getString(AuthenticationMethod.CONTEXT_CONFIG_AUTH_LOGGEDOUT, Constant.USER_AGENT));
        authenticationMethod.getType().importData(configuration, authenticationMethod);
    }

    private HttpSenderAuthHeaderListener getHttpSenderAuthHeaderListener() {
        if (this.httpSenderAuthHeaderListener == null) {
            this.httpSenderAuthHeaderListener = new HttpSenderAuthHeaderListener(System::getenv);
        }
        return this.httpSenderAuthHeaderListener;
    }
}
