package org.sonar.java.checks;

import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import org.sonar.check.Rule;
import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
import org.sonar.plugins.java.api.semantic.MethodMatchers;
import org.sonar.plugins.java.api.semantic.Type;
import org.sonar.plugins.java.api.tree.AnnotationTree;
import org.sonar.plugins.java.api.tree.AssignmentExpressionTree;
import org.sonar.plugins.java.api.tree.ExpressionTree;
import org.sonar.plugins.java.api.tree.IdentifierTree;
import org.sonar.plugins.java.api.tree.MemberSelectExpressionTree;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.Tree;

@Rule(key = "S4544")
/* loaded from: input_file:org/sonar/java/checks/JacksonDeserializationCheck.class */
public class JacksonDeserializationCheck extends IssuableSubscriptionVisitor {
    private static final MethodMatchers ENABLE_DEFAULT_TYPING = MethodMatchers.create().ofTypes(new String[]{"com.fasterxml.jackson.databind.ObjectMapper", "org.codehaus.jackson.map.ObjectMapper"}).names(new String[]{"enableDefaultTyping"}).addWithoutParametersMatcher().build();
    private static final String MESSAGE = "Make sure using this Jackson deserialization configuration is safe here.";

    public List<Tree.Kind> nodesToVisit() {
        return Arrays.asList(Tree.Kind.METHOD_INVOCATION, Tree.Kind.ANNOTATION);
    }

    public void visitNode(Tree tree) {
        if (tree.is(new Tree.Kind[]{Tree.Kind.METHOD_INVOCATION}) && ENABLE_DEFAULT_TYPING.matches((MethodInvocationTree) tree)) {
            reportIssue(tree, MESSAGE);
            return;
        }
        if (tree.is(new Tree.Kind[]{Tree.Kind.ANNOTATION})) {
            AnnotationTree annotationTree = (AnnotationTree) tree;
            if (isJsonTypeInfo(annotationTree) && isAnnotationOnClassOrField(annotationTree)) {
                findUseArgument(annotationTree).ifPresent(expressionTree -> {
                    reportIssue(expressionTree, MESSAGE);
                });
            }
        }
    }

    private static boolean isJsonTypeInfo(AnnotationTree annotationTree) {
        Type symbolType = annotationTree.annotationType().symbolType();
        return symbolType.is("com.fasterxml.jackson.annotation.JsonTypeInfo") || symbolType.is("org.codehaus.jackson.annotate.JsonTypeInfo");
    }

    private static boolean isAnnotationOnClassOrField(AnnotationTree annotationTree) {
        if (annotationTree.parent().is(new Tree.Kind[]{Tree.Kind.MODIFIERS})) {
            return annotationTree.parent().parent().is(new Tree.Kind[]{Tree.Kind.CLASS, Tree.Kind.INTERFACE, Tree.Kind.VARIABLE});
        }
        return false;
    }

    private static Optional<ExpressionTree> findUseArgument(AnnotationTree annotationTree) {
        for (AssignmentExpressionTree assignmentExpressionTree : annotationTree.arguments()) {
            if (assignmentExpressionTree.is(new Tree.Kind[]{Tree.Kind.ASSIGNMENT})) {
                AssignmentExpressionTree assignmentExpressionTree2 = assignmentExpressionTree;
                if ("use".equals(assignmentExpressionTree2.variable().name()) && isJsonTypeIdEnumValue(assignmentExpressionTree2.expression())) {
                    return Optional.of(assignmentExpressionTree2.expression());
                }
            }
        }
        return Optional.empty();
    }

    private static boolean isJsonTypeIdEnumValue(ExpressionTree expressionTree) {
        if (!isJsonTypeId(expressionTree)) {
            return false;
        }
        String name = expressionTree.is(new Tree.Kind[]{Tree.Kind.MEMBER_SELECT}) ? ((MemberSelectExpressionTree) expressionTree).identifier().name() : ((IdentifierTree) expressionTree).name();
        return "CLASS".equals(name) || "MINIMAL_CLASS".equals(name);
    }

    private static boolean isJsonTypeId(ExpressionTree expressionTree) {
        Type symbolType = expressionTree.symbolType();
        return symbolType.is("com.fasterxml.jackson.annotation.JsonTypeInfo$Id") || symbolType.is("org.codehaus.jackson.annotate.JsonTypeInfo$Id");
    }
}
