package com.jsql.model;

import com.jsql.model.accessible.DataAccess;
import com.jsql.model.accessible.ResourceAccess;
import com.jsql.model.bean.util.Header;
import com.jsql.model.bean.util.Interaction;
import com.jsql.model.bean.util.Request;
import com.jsql.model.exception.JSqlException;
import com.jsql.model.injection.method.AbstractMethodInjection;
import com.jsql.model.injection.method.MediatorMethod;
import com.jsql.model.injection.strategy.MediatorStrategy;
import com.jsql.model.injection.vendor.MediatorVendor;
import com.jsql.util.AuthenticationUtil;
import com.jsql.util.ConnectionUtil;
import com.jsql.util.CsrfUtil;
import com.jsql.util.ExceptionUtil;
import com.jsql.util.FormUtil;
import com.jsql.util.GitUtil;
import com.jsql.util.HeaderUtil;
import com.jsql.util.I18nUtil;
import com.jsql.util.JsonUtil;
import com.jsql.util.ParameterUtil;
import com.jsql.util.PreferencesUtil;
import com.jsql.util.PropertiesUtil;
import com.jsql.util.ProxyUtil;
import com.jsql.util.SoapUtil;
import com.jsql.util.StringUtil;
import com.jsql.util.TamperingUtil;
import com.jsql.util.ThreadUtil;
import com.jsql.util.UserAgentUtil;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.Serializable;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.PrivilegedActionException;
import java.text.DecimalFormat;
import java.util.AbstractMap;
import java.util.EnumMap;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Stream;
import javax.security.auth.login.LoginException;
import net.sourceforge.spnego.SpnegoHttpURLConnection;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.apache.log4j.spi.LocationInfo;
import org.ietf.jgss.GSSException;
import org.jsoup.helper.HttpConnection;

/* loaded from: input_file:com/jsql/model/InjectionModel.class */
public class InjectionModel extends AbstractModelObservable implements Serializable {
    private static final Logger LOGGER = Logger.getRootLogger();
    public static final String STAR = "*";
    private transient MediatorVendor mediatorVendor = new MediatorVendor(this);
    private transient MediatorMethod mediatorMethod = new MediatorMethod(this);
    private transient PropertiesUtil propertiesUtil = new PropertiesUtil();
    private transient DataAccess dataAccess = new DataAccess(this);
    private transient ResourceAccess resourceAccess = new ResourceAccess(this);
    private String indexesInUrl = StringUtils.EMPTY;
    private boolean shouldErasePreviousInjection = false;
    private boolean isScanning = false;
    private transient MediatorUtils mediatorUtils = new MediatorUtils();
    private transient MediatorStrategy mediatorStrategy = new MediatorStrategy(this);

    public InjectionModel() {
        this.mediatorUtils.setPropertiesUtil(this.propertiesUtil);
        this.mediatorUtils.setConnectionUtil(new ConnectionUtil(this));
        this.mediatorUtils.setAuthenticationUtil(new AuthenticationUtil(this));
        this.mediatorUtils.setGitUtil(new GitUtil(this));
        this.mediatorUtils.setHeaderUtil(new HeaderUtil(this));
        this.mediatorUtils.setParameterUtil(new ParameterUtil(this));
        this.mediatorUtils.setExceptionUtil(new ExceptionUtil(this));
        this.mediatorUtils.setSoapUtil(new SoapUtil(this));
        this.mediatorUtils.setJsonUtil(new JsonUtil(this));
        this.mediatorUtils.setPreferencesUtil(new PreferencesUtil());
        this.mediatorUtils.setProxyUtil(new ProxyUtil(this));
        this.mediatorUtils.setThreadUtil(new ThreadUtil(this));
        this.mediatorUtils.setTamperingUtil(new TamperingUtil());
        this.mediatorUtils.setUserAgentUtil(new UserAgentUtil());
        this.mediatorUtils.setCsrfUtil(new CsrfUtil(this));
        this.mediatorUtils.setFormUtil(new FormUtil(this));
    }

    public void resetModel() {
        this.mediatorStrategy.getNormal().setVisibleIndex(null);
        this.mediatorStrategy.getNormal().setApplicable(false);
        this.mediatorStrategy.getError().setApplicable(false);
        this.mediatorStrategy.getBlind().setApplicable(false);
        this.mediatorStrategy.getTime().setApplicable(false);
        this.indexesInUrl = StringUtils.EMPTY;
        this.mediatorUtils.getCsrfUtil().setTokenCsrf(null);
        setIsStoppedByUser(false);
        this.shouldErasePreviousInjection = false;
        this.mediatorStrategy.setStrategy(null);
        this.resourceAccess.setReadingIsAllowed(false);
        this.mediatorUtils.getThreadUtil().reset();
    }

    public void beginInjection() {
        resetModel();
        try {
            if (this.mediatorUtils.getProxyUtil().isLive(GitUtil.ShowOnConsole.YES)) {
                LOGGER.info(I18nUtil.valueByKey("LOG_START_INJECTION") + ": " + this.mediatorUtils.getConnectionUtil().getUrlByUser());
                this.mediatorUtils.getParameterUtil().checkParametersFormat();
                LOGGER.trace(I18nUtil.valueByKey("LOG_CONNECTION_TEST"));
                this.mediatorUtils.getConnectionUtil().testConnection();
                boolean testParameters = this.mediatorMethod.getQuery().testParameters();
                if (!testParameters) {
                    testParameters = this.mediatorUtils.getSoapUtil().testParameters();
                }
                if (!testParameters) {
                    LOGGER.trace("Checking standard Request parameters");
                    testParameters = this.mediatorMethod.getRequest().testParameters();
                }
                if (!testParameters) {
                    testParameters = this.mediatorMethod.getHeader().testParameters();
                }
                if (testParameters && !this.isScanning) {
                    if (getMediatorUtils().getPreferencesUtil().isZipStrategy()) {
                        LOGGER.info("Using Zip strategy for minimal query size");
                    } else if (getMediatorUtils().getPreferencesUtil().isDiosStrategy()) {
                        LOGGER.info("Using Dump In One Shot strategy for single query dump");
                    }
                    if (!this.mediatorUtils.getPreferencesUtil().isNotInjectingMetadata()) {
                        this.dataAccess.getDatabaseInfos();
                    }
                    this.dataAccess.listDatabases();
                }
                LOGGER.trace(I18nUtil.valueByKey("LOG_DONE"));
                this.shouldErasePreviousInjection = true;
            }
        } catch (JSqlException e) {
            LOGGER.warn(e.getMessage(), e);
        } finally {
            Request request = new Request();
            request.setMessage(Interaction.END_PREPARATION);
            sendToViews(request);
        }
    }

    @Override // com.jsql.model.AbstractModelObservable
    public String inject(String str, boolean z, String str2) {
        String urlBase = this.mediatorUtils.getConnectionUtil().getUrlBase();
        String str3 = StringUtils.SPACE + str;
        String clean = StringUtil.clean(this.mediatorStrategy.buildURL(urlBase, z, str3).trim());
        try {
            URL url = new URL(clean);
            Map<Header, Object> enumMap = new EnumMap<>(Header.class);
            URL initializeQueryString = initializeQueryString(z, clean, str3, url, enumMap);
            String str4 = StringUtils.EMPTY;
            try {
                HttpURLConnection initializeConnection = initializeConnection(initializeQueryString);
                this.mediatorUtils.getCsrfUtil().addHeaderToken(initializeConnection);
                this.mediatorUtils.getConnectionUtil().fixJcifsTimeout(initializeConnection);
                this.mediatorUtils.getConnectionUtil().setCustomUserAgent(initializeConnection);
                initializeHeader(z, str3, initializeConnection, enumMap);
                initializeRequest(z, str3, initializeConnection, enumMap);
                enumMap.put(Header.RESPONSE, HeaderUtil.getHttpHeaders(initializeConnection));
                str4 = ConnectionUtil.getSource(initializeConnection);
                enumMap.put(Header.PAGE_SIZE, new DecimalFormat("0.000").format((str4.length() + r0.keySet().stream().map(str5
                /*  JADX ERROR: Method code generation error
                    jadx.core.utils.exceptions.CodegenException: Error generate insn: 0x0138: INVOKE 
                      (r0v18 'enumMap' java.util.Map<com.jsql.model.bean.util.Header, java.lang.Object>)
                      (wrap:com.jsql.model.bean.util.Header:0x012d: SGET  A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, WRAPPED] com.jsql.model.bean.util.Header.PAGE_SIZE com.jsql.model.bean.util.Header)
                      (wrap:java.lang.Object:0x0135: INVOKE 
                      (wrap:java.text.DecimalFormat:0x0126: CONSTRUCTOR ("0.000") A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, MD:(java.lang.String):void (c), WRAPPED] call: java.text.DecimalFormat.<init>(java.lang.String):void type: CONSTRUCTOR)
                      (wrap:float:0x011d: ARITH (wrap:int:0x0119: ARITH (wrap:int:0x0114: INVOKE (r15v3 'str4' java.lang.String) VIRTUAL call: java.lang.String.length():int A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, MD:():int (c), REMOVE, WRAPPED]) + (wrap:int:0x010b: INVOKE 
                      (wrap:java.util.stream.IntStream:0x0106: INVOKE 
                      (wrap:java.util.stream.Stream<R>:0x00fc: INVOKE 
                      (wrap:java.util.stream.Stream<java.lang.String>:0x00f0: INVOKE 
                      (wrap:java.util.Set<java.lang.String>:0x00eb: INVOKE (r0 I:java.util.Map) INTERFACE call: java.util.Map.keySet():java.util.Set A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, MD:():java.util.Set<K> (c), REMOVE, WRAPPED])
                     INTERFACE call: java.util.Set.stream():java.util.stream.Stream A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, MD:():java.util.stream.Stream<E> (c), REMOVE, WRAPPED])
                      (wrap:java.util.function.Function<? super java.lang.String, ? extends R>:0x00f7: INVOKE_CUSTOM (r0 I:java.util.Map A[DONT_INLINE]) A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, MD:(java.util.Map):java.util.function.Function (s), REMOVE, WRAPPED]
                     handle type: INVOKE_STATIC
                     lambda: java.util.function.Function.apply(java.lang.Object):java.lang.Object
                     call insn: INVOKE (r1 I:java.util.Map), (v1 java.lang.String) STATIC call: com.jsql.model.InjectionModel.lambda$inject$0(java.util.Map, java.lang.String):java.lang.Integer A[MD:(java.util.Map, java.lang.String):java.lang.Integer (m)])
                     INTERFACE call: java.util.stream.Stream.map(java.util.function.Function):java.util.stream.Stream A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, MD:<R>:(java.util.function.Function<? super T, ? extends R>):java.util.stream.Stream<R> (c), REMOVE, WRAPPED])
                      (wrap:java.util.function.ToIntFunction:0x0101: INVOKE_CUSTOM  A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, MD:():java.util.function.ToIntFunction (s), REMOVE, WRAPPED]
                     handle type: INVOKE_INSTANCE
                     lambda: java.util.function.ToIntFunction.applyAsInt(java.lang.Object):int
                     call insn: INVOKE (v0 java.lang.Integer) VIRTUAL call: java.lang.Integer.intValue():int)
                     INTERFACE call: java.util.stream.Stream.mapToInt(java.util.function.ToIntFunction):java.util.stream.IntStream A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, MD:(java.util.function.ToIntFunction<? super T>):java.util.stream.IntStream (c), REMOVE, WRAPPED])
                     INTERFACE call: java.util.stream.IntStream.sum():int A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, MD:():int (c), REMOVE, WRAPPED]) A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, REMOVE, WRAPPED]) / (1024.0f float) A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, DONT_GENERATE, REMOVE, WRAPPED])
                     VIRTUAL call: java.text.DecimalFormat.format(double):java.lang.String A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, MD:(double):java.lang.String (c), WRAPPED])
                     INTERFACE call: java.util.Map.put(java.lang.Object, java.lang.Object):java.lang.Object A[Catch: IOException | LoginException | GSSException | PrivilegedActionException -> 0x01b3, MD:(K, V):V (c)] in method: com.jsql.model.InjectionModel.inject(java.lang.String, boolean, java.lang.String):java.lang.String, file: input_file:com/jsql/model/InjectionModel.class
                    	at jadx.core.codegen.InsnGen.makeInsn(InsnGen.java:310)
                    	at jadx.core.codegen.InsnGen.makeInsn(InsnGen.java:273)
                    	at jadx.core.codegen.RegionGen.makeSimpleBlock(RegionGen.java:94)
                    	at jadx.core.dex.nodes.IBlock.generate(IBlock.java:15)
                    	at jadx.core.codegen.RegionGen.makeRegion(RegionGen.java:66)
                    	at jadx.core.dex.regions.Region.generate(Region.java:35)
                    	at jadx.core.codegen.RegionGen.makeRegion(RegionGen.java:66)
                    	at jadx.core.codegen.RegionGen.makeRegionIndent(RegionGen.java:83)
                    	at jadx.core.codegen.RegionGen.makeTryCatch(RegionGen.java:315)
                    	at jadx.core.dex.regions.TryCatchRegion.generate(TryCatchRegion.java:85)
                    	at jadx.core.codegen.RegionGen.makeRegion(RegionGen.java:66)
                    	at jadx.core.dex.regions.Region.generate(Region.java:35)
                    	at jadx.core.codegen.RegionGen.makeRegion(RegionGen.java:66)
                    	at jadx.core.codegen.RegionGen.makeRegionIndent(RegionGen.java:83)
                    	at jadx.core.codegen.RegionGen.makeTryCatch(RegionGen.java:315)
                    	at jadx.core.dex.regions.TryCatchRegion.generate(TryCatchRegion.java:85)
                    	at jadx.core.codegen.RegionGen.makeRegion(RegionGen.java:66)
                    	at jadx.core.dex.regions.Region.generate(Region.java:35)
                    	at jadx.core.codegen.RegionGen.makeRegion(RegionGen.java:66)
                    	at jadx.core.codegen.MethodGen.addRegionInsns(MethodGen.java:297)
                    	at jadx.core.codegen.MethodGen.addInstructions(MethodGen.java:276)
                    	at jadx.core.codegen.ClassGen.addMethodCode(ClassGen.java:406)
                    	at jadx.core.codegen.ClassGen.addMethod(ClassGen.java:335)
                    	at jadx.core.codegen.ClassGen.lambda$addInnerClsAndMethods$3(ClassGen.java:301)
                    	at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184)
                    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
                    	at java.base/java.util.stream.SortedOps$RefSortingSink.end(SortedOps.java:395)
                    	at java.base/java.util.stream.Sink$ChainedReference.end(Sink.java:261)
                    Caused by: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.SSAVar.getCodeVar()" because the return value of "jadx.core.dex.instructions.args.RegisterArg.getSVar()" is null
                    	at jadx.core.codegen.InsnGen.makeInlinedLambdaMethod(InsnGen.java:1041)
                    	at jadx.core.codegen.InsnGen.makeInvokeLambda(InsnGen.java:936)
                    	at jadx.core.codegen.InsnGen.makeInvoke(InsnGen.java:827)
                    	at jadx.core.codegen.InsnGen.makeInsnBody(InsnGen.java:422)
                    	at jadx.core.codegen.InsnGen.addWrappedArg(InsnGen.java:145)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:121)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:108)
                    	at jadx.core.codegen.InsnGen.generateMethodArguments(InsnGen.java:1117)
                    	at jadx.core.codegen.InsnGen.makeInvoke(InsnGen.java:884)
                    	at jadx.core.codegen.InsnGen.makeInsnBody(InsnGen.java:422)
                    	at jadx.core.codegen.InsnGen.addWrappedArg(InsnGen.java:145)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:121)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:108)
                    	at jadx.core.codegen.InsnGen.addArgDot(InsnGen.java:97)
                    	at jadx.core.codegen.InsnGen.makeInvoke(InsnGen.java:852)
                    	at jadx.core.codegen.InsnGen.makeInsnBody(InsnGen.java:422)
                    	at jadx.core.codegen.InsnGen.addWrappedArg(InsnGen.java:145)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:121)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:108)
                    	at jadx.core.codegen.InsnGen.addArgDot(InsnGen.java:97)
                    	at jadx.core.codegen.InsnGen.makeInvoke(InsnGen.java:852)
                    	at jadx.core.codegen.InsnGen.makeInsnBody(InsnGen.java:422)
                    	at jadx.core.codegen.InsnGen.addWrappedArg(InsnGen.java:145)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:121)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:108)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:104)
                    	at jadx.core.codegen.InsnGen.makeArith(InsnGen.java:1184)
                    	at jadx.core.codegen.InsnGen.makeInsnBody(InsnGen.java:353)
                    	at jadx.core.codegen.InsnGen.addWrappedArg(InsnGen.java:145)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:121)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:108)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:104)
                    	at jadx.core.codegen.InsnGen.makeArith(InsnGen.java:1180)
                    	at jadx.core.codegen.InsnGen.makeInsnBody(InsnGen.java:353)
                    	at jadx.core.codegen.InsnGen.addWrappedArg(InsnGen.java:145)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:121)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:108)
                    	at jadx.core.codegen.InsnGen.generateMethodArguments(InsnGen.java:1117)
                    	at jadx.core.codegen.InsnGen.makeInvoke(InsnGen.java:884)
                    	at jadx.core.codegen.InsnGen.makeInsnBody(InsnGen.java:422)
                    	at jadx.core.codegen.InsnGen.addWrappedArg(InsnGen.java:145)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:121)
                    	at jadx.core.codegen.InsnGen.addArg(InsnGen.java:108)
                    	at jadx.core.codegen.InsnGen.generateMethodArguments(InsnGen.java:1117)
                    	at jadx.core.codegen.InsnGen.makeInvoke(InsnGen.java:884)
                    	at jadx.core.codegen.InsnGen.makeInsnBody(InsnGen.java:422)
                    	at jadx.core.codegen.InsnGen.makeInsn(InsnGen.java:303)
                    	... 27 more
                    */
                /*
                    Method dump skipped, instructions count: 471
                    To view this dump add '--comments-level debug' option
                */
                throw new UnsupportedOperationException("Method not decompiled: com.jsql.model.InjectionModel.inject(java.lang.String, boolean, java.lang.String):java.lang.String");
            }

            private URL initializeQueryString(boolean z, String str, String str2, URL url, Map<Header, Object> map) {
                String str3 = str;
                URL url2 = url;
                if (this.mediatorUtils.getParameterUtil().getListQueryString().isEmpty() && !this.mediatorUtils.getPreferencesUtil().isProcessingCsrf()) {
                    map.put(Header.URL, str3);
                    return url2;
                }
                if (!str3.contains(LocationInfo.NA)) {
                    str3 = str3 + LocationInfo.NA;
                }
                String addQueryStringToken = this.mediatorUtils.getCsrfUtil().addQueryStringToken(str3 + buildQuery(this.mediatorMethod.getQuery(), this.mediatorUtils.getParameterUtil().getQueryStringFromEntries(), z, str2));
                try {
                    url2 = new URL(addQueryStringToken);
                } catch (MalformedURLException e) {
                    LOGGER.warn("Incorrect Url: " + e.getMessage(), e);
                }
                map.put(Header.URL, addQueryStringToken);
                return url2;
            }

            private HttpURLConnection initializeConnection(URL url) throws IOException, LoginException, GSSException, PrivilegedActionException {
                HttpURLConnection connect = this.mediatorUtils.getAuthenticationUtil().isKerberos() ? new SpnegoHttpURLConnection(Pattern.compile("(?s)\\{.*").matcher(StringUtils.join(Files.readAllLines(Paths.get(this.mediatorUtils.getAuthenticationUtil().getPathKerberosLogin(), new String[0]), Charset.defaultCharset()), StringUtils.EMPTY)).replaceAll(StringUtils.EMPTY).trim()).connect(url) : (HttpURLConnection) url.openConnection();
                connect.setReadTimeout(this.mediatorUtils.getConnectionUtil().getTimeout().intValue());
                connect.setConnectTimeout(this.mediatorUtils.getConnectionUtil().getTimeout().intValue());
                connect.setDefaultUseCaches(false);
                connect.setRequestProperty("Pragma", "no-cache");
                connect.setRequestProperty("Cache-Control", "no-cache");
                connect.setRequestProperty("Expires", "-1");
                connect.setRequestProperty("Content-Type", "text/plain");
                return connect;
            }

            private void initializeHeader(boolean z, String str, HttpURLConnection httpURLConnection, Map<Header, Object> map) {
                if (this.mediatorUtils.getParameterUtil().getListHeader().isEmpty()) {
                    return;
                }
                Stream.of((Object[]) buildQuery(this.mediatorMethod.getHeader(), this.mediatorUtils.getParameterUtil().getHeaderFromEntries(), z, str).split("\\\\r\\\\n")).forEach(str2 -> {
                    if (str2.split(":").length == 2) {
                        HeaderUtil.sanitizeHeaders(httpURLConnection, new AbstractMap.SimpleEntry(str2.split(":")[0], str2.split(":")[1]));
                    }
                });
                map.put(Header.HEADER, buildQuery(this.mediatorMethod.getHeader(), this.mediatorUtils.getParameterUtil().getHeaderFromEntries(), z, str));
            }

            private void initializeRequest(boolean z, String str, HttpURLConnection httpURLConnection, Map<Header, Object> map) {
                if (this.mediatorUtils.getParameterUtil().getListRequest().isEmpty() && this.mediatorUtils.getCsrfUtil().getTokenCsrf() == null) {
                    return;
                }
                try {
                    ConnectionUtil.fixCustomRequestMethod(httpURLConnection, this.mediatorUtils.getConnectionUtil().getTypeRequest());
                    httpURLConnection.setDoOutput(true);
                    if (this.mediatorUtils.getParameterUtil().isRequestSoap()) {
                        httpURLConnection.setRequestProperty("Content-Type", "text/xml");
                    } else {
                        httpURLConnection.setRequestProperty("Content-Type", HttpConnection.FORM_URL_ENCODED);
                    }
                    DataOutputStream dataOutputStream = new DataOutputStream(httpURLConnection.getOutputStream());
                    this.mediatorUtils.getCsrfUtil().addRequestToken(dataOutputStream);
                    if (this.mediatorUtils.getConnectionUtil().getTypeRequest().matches("PUT|POST")) {
                        if (this.mediatorUtils.getParameterUtil().isRequestSoap()) {
                            dataOutputStream.writeBytes(buildQuery(this.mediatorMethod.getRequest(), this.mediatorUtils.getParameterUtil().getRawRequest(), z, str));
                        } else {
                            dataOutputStream.writeBytes(buildQuery(this.mediatorMethod.getRequest(), this.mediatorUtils.getParameterUtil().getRequestFromEntries(), z, str));
                        }
                    }
                    dataOutputStream.flush();
                    dataOutputStream.close();
                    if (this.mediatorUtils.getParameterUtil().isRequestSoap()) {
                        map.put(Header.POST, buildQuery(this.mediatorMethod.getRequest(), this.mediatorUtils.getParameterUtil().getRawRequest(), z, str));
                    } else {
                        map.put(Header.POST, buildQuery(this.mediatorMethod.getRequest(), this.mediatorUtils.getParameterUtil().getRequestFromEntries(), z, str));
                    }
                } catch (IOException e) {
                    LOGGER.warn("Error during Request connection: " + e.getMessage(), e);
                }
            }

            private String buildQuery(AbstractMethodInjection abstractMethodInjection, String str, boolean z, String str2) {
                String replace = str.replace(STAR, "<tampering>*</tampering>");
                String clean = clean(abstractMethodInjection, (this.mediatorUtils.getConnectionUtil().getMethodInjection() != abstractMethodInjection || this.mediatorUtils.getConnectionUtil().getUrlBase().contains(STAR)) ? replace : replace.contains(STAR) ? initializeStarInjection(replace, z, str2) : initializeRawInjection(replace, z, str2));
                if (this.mediatorUtils.getConnectionUtil().getMethodInjection() == abstractMethodInjection) {
                    clean = this.mediatorUtils.getTamperingUtil().tamper(clean);
                }
                return applyRfcEncoding(abstractMethodInjection, clean);
            }

            private String initializeRawInjection(String str, boolean z, String str2) {
                String str3;
                if (z) {
                    str3 = (str + this.indexesInUrl.replaceAll("1337" + this.mediatorStrategy.getNormal().getVisibleIndex() + "7331", Matcher.quoteReplacement(str2))) + this.mediatorVendor.getVendor().instance().endingComment();
                } else {
                    str3 = (str + str2) + this.mediatorVendor.getVendor().instance().endingComment();
                }
                return str3;
            }

            private String initializeStarInjection(String str, boolean z, String str2) {
                return !z ? str.replace(STAR, str2 + this.mediatorVendor.getVendor().instance().endingComment()) : str.replace(STAR, this.indexesInUrl.replace("1337" + this.mediatorStrategy.getNormal().getVisibleIndex() + "7331", str2) + this.mediatorVendor.getVendor().instance().endingComment());
            }

            private String clean(AbstractMethodInjection abstractMethodInjection, String str) {
                return (abstractMethodInjection == this.mediatorMethod.getRequest() && this.mediatorUtils.getParameterUtil().isRequestSoap()) ? str.replaceAll("(?s)(?!/\\*\\*/|/\\*!.*\\*/)/\\*.*?\\*/", StringUtils.EMPTY).replace("+", StringUtils.SPACE).replace("%2b", "+").replace(DataAccess.CALIBRATOR_SQL, "#") : StringUtil.clean(str);
            }

            private String applyRfcEncoding(AbstractMethodInjection abstractMethodInjection, String str) {
                String str2 = str;
                if (!this.mediatorUtils.getParameterUtil().isRequestSoap()) {
                    if (abstractMethodInjection != this.mediatorMethod.getHeader()) {
                        if (!this.mediatorUtils.getPreferencesUtil().isUrlEncodingDisabled()) {
                            str2 = str2.replace("\"", "%22").replace("'", "%27").replace("(", "%28").replace(")", "%29").replace("{", "%7b").replace("[", "%5b").replace("`", "%60").replace("]", "%5d").replace("}", "%7d").replace(">", "%3e").replace("<", "%3c").replace(LocationInfo.NA, "%3f").replace("_", "%5f").replace(",", "%2c").replace(StringUtils.SPACE, "+");
                        }
                        str2 = str2.replace("|", "%7c").replace("\\", "%5c");
                    } else {
                        str2 = str2.replace("+", "%20").replace(",", "%2c");
                    }
                }
                return str2;
            }

            public void sendResponseFromSite(String str, String str2) {
                LOGGER.warn(str + ", response from site:");
                LOGGER.warn(">>>" + str2);
            }

            public void displayVersion() {
                LOGGER.trace(String.format("jSQL Injection v%s on Java %s-%s-%s", getVersionJsql(), System.getProperty("java.version"), System.getProperty("os.arch"), System.getProperty("user.language")));
            }

            public String getIndexesInUrl() {
                return this.indexesInUrl;
            }

            public void setIndexesInUrl(String str) {
                this.indexesInUrl = str;
            }

            public boolean shouldErasePreviousInjection() {
                return this.shouldErasePreviousInjection;
            }

            public void setIsScanning(boolean z) {
                this.isScanning = z;
            }

            public String getVersionJsql() {
                return this.propertiesUtil.getProperties().getProperty("jsql.version");
            }

            public MediatorUtils getMediatorUtils() {
                return this.mediatorUtils;
            }

            public MediatorVendor getMediatorVendor() {
                return this.mediatorVendor;
            }

            public MediatorMethod getMediatorMethod() {
                return this.mediatorMethod;
            }

            public DataAccess getDataAccess() {
                return this.dataAccess;
            }

            public ResourceAccess getResourceAccess() {
                return this.resourceAccess;
            }

            public MediatorStrategy getMediatorStrategy() {
                return this.mediatorStrategy;
            }
        }
