package org.sonar.php.checks;

import java.util.Arrays;
import java.util.List;
import org.sonar.check.Rule;
import org.sonar.php.checks.phpini.PhpIniBoolean;
import org.sonar.php.checks.phpini.PhpIniFiles;
import org.sonar.php.checks.utils.CheckUtils;
import org.sonar.php.ini.PhpIniCheck;
import org.sonar.php.ini.PhpIniIssue;
import org.sonar.php.ini.tree.PhpIniFile;
import org.sonar.plugins.php.api.tree.Tree;
import org.sonar.plugins.php.api.tree.expression.ExpressionTree;
import org.sonar.plugins.php.api.tree.expression.FunctionCallTree;
import org.sonar.plugins.php.api.visitors.PHPVisitorCheck;

@Rule(key = "S2092")
/* loaded from: input_file:org/sonar/php/checks/CookiesSecureCheck.class */
public class CookiesSecureCheck extends PHPVisitorCheck implements PhpIniCheck {
    private static final String MESSAGE_PHP_INI = "Make sure creating the session cookie without the \"secure\" flag is safe here.";
    private static final String MESSAGE = "Make sure creating this cookie without the \"secure\" flag is safe here.";
    private static final List<String> SET_COOKIE_FUNCTIONS = Arrays.asList("setcookie", "setrawcookie");
    private static final int SET_COOKIE_SECURE_PARAMETER = 5;
    private static final String SESSION_COOKIE_FUNC = "session_set_cookie_params";
    private static final int SESSION_COOKIE_SECURE_PARAMETER = 3;

    public List<PhpIniIssue> analyze(PhpIniFile phpIniFile) {
        return PhpIniFiles.checkRequiredBoolean(phpIniFile, "session.cookie_secure", PhpIniBoolean.ON, MESSAGE_PHP_INI, MESSAGE_PHP_INI);
    }

    public void visitFunctionCall(FunctionCallTree functionCallTree) {
        String lowerCaseFunctionName = CheckUtils.getLowerCaseFunctionName(functionCallTree);
        if (SET_COOKIE_FUNCTIONS.contains(lowerCaseFunctionName)) {
            raiseIssueIfBadFlag(functionCallTree, SET_COOKIE_SECURE_PARAMETER);
        } else if (SESSION_COOKIE_FUNC.equals(lowerCaseFunctionName)) {
            raiseIssueIfBadFlag(functionCallTree, 3);
        }
        super.visitFunctionCall(functionCallTree);
    }

    private void raiseIssueIfBadFlag(FunctionCallTree functionCallTree, int i) {
        if (functionCallTree.arguments().size() > i) {
            if (CheckUtils.isFalseValue((ExpressionTree) functionCallTree.arguments().get(i))) {
                context().newIssue(this, functionCallTree.callee(), MESSAGE).secondary((Tree) functionCallTree.arguments().get(i), (String) null);
            }
        } else if (functionCallTree.arguments().size() != 3) {
            context().newIssue(this, functionCallTree.callee(), MESSAGE);
        }
    }
}
