package org.sonar.java.checks;

import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.lang3.StringUtils;
import org.sonar.java.checks.helpers.ExpressionsHelper;
import org.sonar.java.model.LiteralUtils;
import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
import org.sonar.plugins.java.api.semantic.MethodMatchers;
import org.sonar.plugins.java.api.tree.Arguments;
import org.sonar.plugins.java.api.tree.AssignmentExpressionTree;
import org.sonar.plugins.java.api.tree.ExpressionTree;
import org.sonar.plugins.java.api.tree.IdentifierTree;
import org.sonar.plugins.java.api.tree.LiteralTree;
import org.sonar.plugins.java.api.tree.MemberSelectExpressionTree;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.Tree;
import org.sonar.plugins.java.api.tree.VariableTree;

/* loaded from: input_file:org/sonar/java/checks/AbstractHardCodedCredentialChecker.class */
public abstract class AbstractHardCodedCredentialChecker extends IssuableSubscriptionVisitor {
    private static final String JAVA_LANG_STRING = "java.lang.String";
    private List<Pattern> variablePatterns = null;
    private List<Pattern> literalPatterns = null;
    private static final int MINIMUM_CREDENTIAL_LENGTH = 2;
    private static final Set<String> ALLOW_LIST = Collections.singleton("anonymous");
    protected static final MethodMatchers STRING_TO_CHAR_ARRAY = MethodMatchers.create().ofTypes(new String[]{"java.lang.String"}).names(new String[]{"toCharArray"}).addWithoutParametersMatcher().build();
    private static final String JAVA_LANG_OBJECT = "java.lang.Object";
    protected static final MethodMatchers EQUALS_MATCHER = MethodMatchers.create().ofAnyType().names(new String[]{"equals"}).addParametersMatcher(new String[]{JAVA_LANG_OBJECT}).build();

    protected abstract String getCredentialWords();

    protected abstract boolean isCredentialContainingPattern(ExpressionTree expressionTree);

    protected abstract void report(Tree tree, String str);

    private Stream<Pattern> variablePatterns() {
        if (this.variablePatterns == null) {
            this.variablePatterns = toPatterns("");
        }
        return this.variablePatterns.stream();
    }

    private Stream<Pattern> literalPatterns() {
        if (this.literalPatterns == null) {
            this.literalPatterns = toPatterns("=\\s*+([^\\\\ &;#,|]+)");
        }
        return this.literalPatterns.stream();
    }

    private List<Pattern> toPatterns(String str) {
        return (List) Stream.of((Object[]) getCredentialWords().split(",")).map((v0) -> {
            return v0.trim();
        }).map(str2 -> {
            return Pattern.compile("(" + str2 + ")" + str, 2);
        }).collect(Collectors.toList());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Optional<String> isSettingCredential(MethodInvocationTree methodInvocationTree) {
        Arguments arguments = methodInvocationTree.arguments();
        return (arguments.size() == 2 && isArgumentsSuperTypeOfString(arguments) && !isCredentialContainingPattern((ExpressionTree) arguments.get(1)) && isPotentialCredential((ExpressionTree) arguments.get(1))) ? isCredential((ExpressionTree) arguments.get(0)) : Optional.empty();
    }

    private Optional<String> isCredential(ExpressionTree expressionTree) {
        String value = ExpressionsHelper.getConstantValueAsString(expressionTree).value();
        return StringUtils.isEmpty(value) ? Optional.empty() : variablePatterns().map(pattern -> {
            return pattern.matcher(value);
        }).filter((v0) -> {
            return v0.matches();
        }).map(matcher -> {
            return matcher.group(1);
        }).findAny();
    }

    private Optional<String> isCredentialVariableName(IdentifierTree identifierTree) {
        return isCredentialLikeName(identifierTree.name());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Optional<String> isCredentialLikeName(String str) {
        return variablePatterns().map(pattern -> {
            return pattern.matcher(str);
        }).filter((v0) -> {
            return v0.find();
        }).map(matcher -> {
            return matcher.group(1);
        }).findAny();
    }

    protected Optional<String> isCredentialVariable(ExpressionTree expressionTree) {
        return expressionTree.is(new Tree.Kind[]{Tree.Kind.MEMBER_SELECT}) ? isCredentialVariableName(((MemberSelectExpressionTree) expressionTree).identifier()) : expressionTree.is(new Tree.Kind[]{Tree.Kind.IDENTIFIER}) ? isCredentialVariableName((IdentifierTree) expressionTree) : Optional.empty();
    }

    protected boolean isCallOnStringLiteral(ExpressionTree expressionTree) {
        return expressionTree.is(new Tree.Kind[]{Tree.Kind.MEMBER_SELECT}) && isPotentialCredential(((MemberSelectExpressionTree) expressionTree).expression());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void handleStringLiteral(LiteralTree literalTree) {
        String trimQuotes = LiteralUtils.trimQuotes(literalTree.value());
        if (isPartOfConstantCredentialDeclaration(literalTree)) {
            return;
        }
        literalPatterns().map(pattern -> {
            return pattern.matcher(trimQuotes);
        }).filter((v0) -> {
            return v0.find();
        }).filter(matcher -> {
            return !isExcludedLiteral(matcher.group(2));
        }).findAny().ifPresent(matcher2 -> {
            report(literalTree, matcher2.group(1));
        });
    }

    private boolean isPartOfConstantCredentialDeclaration(LiteralTree literalTree) {
        VariableTree parent = literalTree.parent();
        return parent != null && parent.is(new Tree.Kind[]{Tree.Kind.VARIABLE}) && isCredentialVariableName(parent.simpleName()).isPresent();
    }

    protected boolean isPotentialCredential(String str) {
        String trim = str.trim();
        return trim.length() >= 2 && !ALLOW_LIST.contains(trim);
    }

    private boolean isExcludedLiteral(String str) {
        return !isPotentialCredential(str) || str.startsWith("?") || str.startsWith(":") || str.contains("%s");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void handleVariable(VariableTree variableTree) {
        IdentifierTree simpleName = variableTree.simpleName();
        isCredentialVariableName(simpleName).filter(str -> {
            ExpressionTree initializer = variableTree.initializer();
            return (initializer == null || !isNotExcluded(initializer) || isCredentialContainingPattern(initializer)) ? false : true;
        }).ifPresent(str2 -> {
            report(simpleName, str2);
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void handleAssignment(AssignmentExpressionTree assignmentExpressionTree) {
        ExpressionTree variable = assignmentExpressionTree.variable();
        isCredentialVariable(variable).filter(str -> {
            return isNotExcluded(assignmentExpressionTree.expression());
        }).ifPresent(str2 -> {
            report(variable, str2);
        });
    }

    private static boolean isArgumentsSuperTypeOfString(List<ExpressionTree> list) {
        return list.stream().allMatch(expressionTree -> {
            return expressionTree.symbolType().is("java.lang.String") || expressionTree.symbolType().is(JAVA_LANG_OBJECT);
        });
    }

    private boolean isNotExcluded(ExpressionTree expressionTree) {
        if (!expressionTree.is(new Tree.Kind[]{Tree.Kind.METHOD_INVOCATION})) {
            return isPotentialCredential(expressionTree);
        }
        MethodInvocationTree methodInvocationTree = (MethodInvocationTree) expressionTree;
        return STRING_TO_CHAR_ARRAY.matches(methodInvocationTree) && isCallOnStringLiteral(methodInvocationTree.methodSelect());
    }

    protected boolean isPotentialCredential(ExpressionTree expressionTree) {
        String value = ExpressionsHelper.getConstantValueAsString(expressionTree).value();
        if (value == null) {
            return false;
        }
        return isPotentialCredential(value);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void handleEqualsMethod(MethodInvocationTree methodInvocationTree, MemberSelectExpressionTree memberSelectExpressionTree) {
        ExpressionTree expression = memberSelectExpressionTree.expression();
        ExpressionTree expressionTree = (ExpressionTree) methodInvocationTree.arguments().get(0);
        isCredentialVariable(expression).filter(str -> {
            return isPotentialCredential(expressionTree) && !isCredentialContainingPattern(expressionTree);
        }).ifPresent(str2 -> {
            report(expression, str2);
        });
        isCredentialVariable(expressionTree).filter(str3 -> {
            return isPotentialCredential(expression) && !isCredentialContainingPattern(expression);
        }).ifPresent(str4 -> {
            report(expressionTree, str4);
        });
    }
}
