package com.jsql.util;

import com.jsql.model.InjectionModel;
import com.jsql.model.bean.util.Header;
import com.jsql.model.bean.util.Interaction;
import com.jsql.model.bean.util.Request;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URLConnection;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.util.AbstractMap;
import java.util.EnumMap;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.regex.Pattern;
import org.apache.commons.codec.binary.Hex;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/jsql/util/HeaderUtil.class */
public class HeaderUtil {
    private static final Logger LOGGER = Logger.getRootLogger();
    public static final String CONTENT_TYPE = "Content-Type";
    private static final String WWW_AUTHENTICATE = "WWW-Authenticate";
    private static final String REGEX_HTTP_STATUS = "4\\d\\d";
    private static final String FOUND_STATUS_HTTP = "Found status HTTP ";
    private InjectionModel injectionModel;

    public HeaderUtil(InjectionModel injectionModel) {
        this.injectionModel = injectionModel;
    }

    public static void sanitizeHeaders(HttpURLConnection httpURLConnection, AbstractMap.SimpleEntry<String, String> simpleEntry) {
        String trim = simpleEntry.getKey().trim();
        String trim2 = simpleEntry.getValue().trim();
        try {
            if ("Cookie".equalsIgnoreCase(trim)) {
                httpURLConnection.addRequestProperty(trim, trim2);
            } else {
                httpURLConnection.addRequestProperty(trim, URLDecoder.decode(trim2, StandardCharsets.UTF_8.name()));
            }
        } catch (UnsupportedEncodingException | NullPointerException e) {
            LOGGER.error(e, e);
        }
    }

    public void checkResponseHeader(HttpURLConnection httpURLConnection, String str) throws IOException {
        Map<String, String> httpHeaders = getHttpHeaders(httpURLConnection);
        checkResponse(Integer.toString(httpURLConnection.getResponseCode()), httpHeaders);
        StringBuilder sb = new StringBuilder();
        Exception readSource = readSource(httpURLConnection, sb);
        this.injectionModel.getMediatorUtils().getFormUtil().parseForms(httpURLConnection, sb);
        this.injectionModel.getMediatorUtils().getCsrfUtil().parseForCsrfToken(sb, httpHeaders);
        EnumMap enumMap = new EnumMap(Header.class);
        enumMap.put((EnumMap) Header.URL, (Header) str);
        enumMap.put((EnumMap) Header.RESPONSE, (Header) httpHeaders);
        enumMap.put((EnumMap) Header.SOURCE, (Header) sb.toString());
        Request request = new Request();
        request.setMessage(Interaction.MESSAGE_HEADER);
        request.setParameters(enumMap);
        this.injectionModel.sendToViews(request);
        if (readSource != null) {
            throw new IOException(readSource);
        }
    }

    private Exception readSource(HttpURLConnection httpURLConnection, StringBuilder sb) throws IOException {
        IOException iOException = null;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            byte[] bArr = new byte[1024];
            while (true) {
                int read = httpURLConnection.getInputStream().read(bArr);
                if (read == -1) {
                    break;
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } catch (IOException e) {
            iOException = e;
            InputStream errorStream = httpURLConnection.getErrorStream();
            if (errorStream != null) {
                try {
                    byte[] bArr2 = new byte[1024];
                    while (true) {
                        int read2 = errorStream.read(bArr2);
                        if (read2 == -1) {
                            break;
                        }
                        byteArrayOutputStream.write(bArr2, 0, read2);
                    }
                } catch (Exception e2) {
                    iOException = new IOException("Exception reading Error Stream", e2);
                }
            }
        }
        sb.append(byteArrayOutputStream.toString(Hex.DEFAULT_CHARSET_NAME));
        if (this.injectionModel.getMediatorUtils().getPreferencesUtil().isNotTestingConnection()) {
            if (iOException != null) {
                LOGGER.debug("Connection test disabled, ignoring response HTTP " + httpURLConnection.getResponseCode() + "...");
            }
            iOException = null;
        } else if (iOException != null) {
            LOGGER.info("Select option 'Disable connection test' and run again");
        }
        return iOException;
    }

    private void checkResponse(String str, Map<String, String> map) {
        if (isBasicAuth(str, map)) {
            LOGGER.warn("Basic Authentication detected.\nDefine and enable authentication information in the panel Preferences.\nOr open Advanced panel, add 'Authorization: Basic b3N..3Jk' to the Header, replace b3N..3Jk with the string 'osUserName:osPassword' encoded in Base64. You can use the Coder in jSQL to encode the string.");
            return;
        }
        if (isNtlm(str, map)) {
            LOGGER.warn("NTLM Authentication detected.\nDefine and enable authentication information in the panel Preferences.\nOr add username, password and domain information to the URL, e.g. http://domain\\user:password@127.0.0.1/[..]");
            return;
        }
        if (isDigest(str, map)) {
            LOGGER.warn("Digest Authentication detected.\nDefine and enable authentication information in the panel Preferences.");
            return;
        }
        if (isNegotiate(str, map)) {
            LOGGER.warn("Negotiate Authentication detected.\nAdd username, password and domain information to the URL, e.g. http://domain\\user:password@127.0.0.1/[..]");
            return;
        }
        if (Pattern.matches("1\\d\\d", str)) {
            LOGGER.trace(FOUND_STATUS_HTTP + str + " Informational");
            return;
        }
        if (Pattern.matches("2\\d\\d", str)) {
            LOGGER.debug(FOUND_STATUS_HTTP + str + " Success");
            return;
        }
        if (Pattern.matches("3\\d\\d", str)) {
            LOGGER.warn(FOUND_STATUS_HTTP + str + " Redirection");
            if (this.injectionModel.getMediatorUtils().getPreferencesUtil().isFollowingRedirection()) {
                LOGGER.info("Redirecting to the next page...");
                return;
            } else {
                LOGGER.warn("If injection fails retry with option 'Follow HTTP redirection' activated");
                return;
            }
        }
        if (Pattern.matches(REGEX_HTTP_STATUS, str)) {
            LOGGER.warn(FOUND_STATUS_HTTP + str + " Client Error");
        } else if (Pattern.matches("5\\d\\d", str)) {
            LOGGER.warn(FOUND_STATUS_HTTP + str + " Server Error");
        } else {
            LOGGER.trace(FOUND_STATUS_HTTP + str + " Unknown");
        }
    }

    private boolean isNegotiate(String str, Map<String, String> map) {
        return Pattern.matches(REGEX_HTTP_STATUS, str) && map.containsKey(WWW_AUTHENTICATE) && "Negotiate".equals(map.get(WWW_AUTHENTICATE));
    }

    private boolean isDigest(String str, Map<String, String> map) {
        return Pattern.matches(REGEX_HTTP_STATUS, str) && map.containsKey(WWW_AUTHENTICATE) && map.get(WWW_AUTHENTICATE) != null && map.get(WWW_AUTHENTICATE).startsWith("Digest ");
    }

    private boolean isNtlm(String str, Map<String, String> map) {
        return Pattern.matches(REGEX_HTTP_STATUS, str) && map.containsKey(WWW_AUTHENTICATE) && "NTLM".equals(map.get(WWW_AUTHENTICATE));
    }

    private boolean isBasicAuth(String str, Map<String, String> map) {
        return Pattern.matches(REGEX_HTTP_STATUS, str) && map.containsKey(WWW_AUTHENTICATE) && map.get(WWW_AUTHENTICATE) != null && map.get(WWW_AUTHENTICATE).startsWith("Basic ");
    }

    public static Map<String, String> getHttpHeaders(URLConnection uRLConnection) {
        HashMap hashMap = new HashMap();
        try {
            for (Map.Entry<String, List<String>> entry : uRLConnection.getHeaderFields().entrySet()) {
                hashMap.put(entry.getKey() == null ? "Status code" : entry.getKey(), String.join(",", entry.getValue()));
            }
        } catch (NoSuchElementException e) {
            LOGGER.error(e, e);
        }
        return hashMap;
    }
}
