package org.sonar.java.checks.security;

import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import org.sonar.check.Rule;
import org.sonar.java.checks.MathClampRangeCheck;
import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
import org.sonar.plugins.java.api.semantic.MethodMatchers;
import org.sonar.plugins.java.api.semantic.Symbol;
import org.sonar.plugins.java.api.tree.ExpressionTree;
import org.sonar.plugins.java.api.tree.IdentifierTree;
import org.sonar.plugins.java.api.tree.MemberSelectExpressionTree;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.Tree;

@Rule(key = "S5247")
/* loaded from: input_file:org/sonar/java/checks/security/DisableAutoEscapingCheck.class */
public class DisableAutoEscapingCheck extends IssuableSubscriptionVisitor {
    private static final String MESSAGE = "Make sure disabling auto-escaping feature is safe here.";
    private static final MethodMatchers MUSTACHE_COMPILER_ESCAPE_HTML = MethodMatchers.create().ofTypes(new String[]{"com.samskivert.mustache.Mustache$Compiler"}).names(new String[]{"escapeHTML"}).addParametersMatcher(new String[]{"boolean"}).build();
    private static final MethodMatchers MUSTACHE_COMPILER_WITH_ESCAPER = MethodMatchers.create().ofTypes(new String[]{"com.samskivert.mustache.Mustache$Compiler"}).names(new String[]{"withEscaper"}).addParametersMatcher(new String[]{"com.samskivert.mustache.Mustache$Escaper"}).build();
    private static final String MUSTACHE_ESCAPERS = "com.samskivert.mustache.Escapers";
    private static final MethodMatchers MUSTACHE_ESCAPERS_SIMPLE = MethodMatchers.create().ofTypes(new String[]{MUSTACHE_ESCAPERS}).names(new String[]{"simple"}).withAnyParameters().build();
    private static final String FREEMARKER_CONFIGURATION = "freemarker.template.Configuration";
    private static final MethodMatchers FREEMARKER_SET_AUTO_ESCAPING_POLICY = MethodMatchers.create().ofTypes(new String[]{FREEMARKER_CONFIGURATION}).names(new String[]{"setAutoEscapingPolicy"}).addParametersMatcher(new String[]{MathClampRangeCheck.INT}).build();

    public List<Tree.Kind> nodesToVisit() {
        return Collections.singletonList(Tree.Kind.METHOD_INVOCATION);
    }

    public void visitNode(Tree tree) {
        MethodInvocationTree methodInvocationTree = (MethodInvocationTree) tree;
        if (FREEMARKER_SET_AUTO_ESCAPING_POLICY.matches(methodInvocationTree)) {
            handleFreeMarker(methodInvocationTree);
        } else {
            handleJMustache(methodInvocationTree);
        }
    }

    private void handleFreeMarker(MethodInvocationTree methodInvocationTree) {
        ExpressionTree expressionTree = (ExpressionTree) methodInvocationTree.arguments().get(0);
        if (isFieldFromClassWithName(expressionTree, FREEMARKER_CONFIGURATION, "DISABLE_AUTO_ESCAPING_POLICY")) {
            reportIssue(expressionTree, MESSAGE);
        }
    }

    private void handleJMustache(MethodInvocationTree methodInvocationTree) {
        if (MUSTACHE_COMPILER_ESCAPE_HTML.matches(methodInvocationTree)) {
            ExpressionTree expressionTree = (ExpressionTree) methodInvocationTree.arguments().get(0);
            Optional asConstant = expressionTree.asConstant(Boolean.class);
            Boolean bool = Boolean.FALSE;
            Objects.requireNonNull(bool);
            asConstant.filter((v1) -> {
                return r1.equals(v1);
            }).ifPresent(bool2 -> {
                reportIssue(expressionTree, MESSAGE);
            });
            return;
        }
        if (MUSTACHE_COMPILER_WITH_ESCAPER.matches(methodInvocationTree)) {
            ExpressionTree expressionTree2 = (ExpressionTree) methodInvocationTree.arguments().get(0);
            if (isSimpleEscaper(expressionTree2) || isFieldFromClassWithName(expressionTree2, MUSTACHE_ESCAPERS, "NONE")) {
                reportIssue(expressionTree2, MESSAGE);
            }
        }
    }

    private static boolean isSimpleEscaper(Tree tree) {
        if (!tree.is(new Tree.Kind[]{Tree.Kind.METHOD_INVOCATION})) {
            return false;
        }
        MethodInvocationTree methodInvocationTree = (MethodInvocationTree) tree;
        return methodInvocationTree.arguments().isEmpty() && MUSTACHE_ESCAPERS_SIMPLE.matches(methodInvocationTree);
    }

    private static boolean isFieldFromClassWithName(Tree tree, String str, String str2) {
        return ((Boolean) extractIdentifier(tree).map(identifierTree -> {
            return Boolean.valueOf(checkOwner(identifierTree, str, str2));
        }).orElse(false)).booleanValue();
    }

    private static Optional<IdentifierTree> extractIdentifier(Tree tree) {
        return tree.is(new Tree.Kind[]{Tree.Kind.MEMBER_SELECT}) ? Optional.of(((MemberSelectExpressionTree) tree).identifier()) : tree.is(new Tree.Kind[]{Tree.Kind.IDENTIFIER}) ? Optional.of((IdentifierTree) tree) : Optional.empty();
    }

    private static boolean checkOwner(IdentifierTree identifierTree, String str, String str2) {
        Symbol owner = identifierTree.symbol().owner();
        return owner != null && owner.type().is(str) && str2.equals(identifierTree.name());
    }
}
