package org.sonar.php.checks;

import java.util.Set;
import java.util.regex.Pattern;
import javax.annotation.Nullable;
import org.sonar.check.Rule;
import org.sonar.php.checks.utils.CheckUtils;
import org.sonar.plugins.php.api.tree.Tree;
import org.sonar.plugins.php.api.tree.declaration.VariableDeclarationTree;
import org.sonar.plugins.php.api.tree.expression.AssignmentExpressionTree;
import org.sonar.plugins.php.api.tree.expression.ExpressionTree;
import org.sonar.plugins.php.api.tree.expression.FunctionCallTree;
import org.sonar.plugins.php.api.tree.expression.IdentifierTree;
import org.sonar.plugins.php.api.tree.expression.LiteralTree;
import org.sonar.plugins.php.api.visitors.PHPVisitorCheck;

@Rule(key = "S1075")
/* loaded from: input_file:org/sonar/php/checks/HardCodedUriCheck.class */
public class HardCodedUriCheck extends PHPVisitorCheck {
    private static final String SCHEME = "^(?!.*php)[a-zA-Z\\+\\.\\-]+";
    private static final String URI_REGEX = "^(?!.*php)[a-zA-Z\\+\\.\\-]+://[^\\$]+";
    private static final Pattern URI_PATTERN = Pattern.compile(URI_REGEX);
    private static final Pattern VARIABLE_NAME_PATTERN = Pattern.compile("filename|path", 2);
    private static final Set<String> WHITELIST = CheckUtils.lowerCaseSet("basename", "chgrp", "chmod", "chown", "clearstatcache", "copy", "delete", "dirname", "disk_free_space", "disk_total_space", "diskfreespace", "fclose", "feof", "fflush", "fgetc", "fgetcsv", "fgets", "fgetss", "file_exists", "file_get_contents", "file_put_contents", "file", "fileatime", "filectime", "filegroup", "fileinode", "filemtime", "fileowner", "fileperms", "filesize", "filetype", "flock", "fnmatch", "fopen", "fpassthru", "fputcsv", "fputs", "fread", "fscanf", "fseek", "fstat", "ftell", "ftruncate", "fwrite", "glob", "is_dir", "is_executable", "is_file", "is_link", "is_readable", "is_uploaded_file", "is_writable", "is_writeable", "lchgrp", "lchown", "link", "linkinfo", "lstat", "mkdir", "move_uploaded_file", "parse_ini_file", "parse_ini_string", "pathinfo", "pclose", "popen", "readfile", "readlink", "realpath_cache_get", "realpath_cache_size", "realpath", "rename", "rewind", "rmdir", "set_file_buffer", "stat", "symlink", "tempnam", "tmpfile", "touch", "umask", "unlink");

    private static boolean isFileNameVariable(IdentifierTree identifierTree) {
        return VARIABLE_NAME_PATTERN.matcher(identifierTree.text()).find();
    }

    public void visitFunctionCall(FunctionCallTree functionCallTree) {
        String lowerCaseFunctionName = CheckUtils.getLowerCaseFunctionName(functionCallTree);
        if (lowerCaseFunctionName != null && (lowerCaseFunctionName.startsWith("http_") || WHITELIST.contains(lowerCaseFunctionName))) {
            functionCallTree.arguments().forEach(this::checkExpression);
        }
        super.visitFunctionCall(functionCallTree);
    }

    public void visitVariableDeclaration(VariableDeclarationTree variableDeclarationTree) {
        if (isFileNameVariable(variableDeclarationTree.identifier())) {
            checkExpression(variableDeclarationTree.initValue());
        }
        super.visitVariableDeclaration(variableDeclarationTree);
    }

    public void visitAssignmentExpression(AssignmentExpressionTree assignmentExpressionTree) {
        if (assignmentExpressionTree.variable().is(new Tree.Kind[]{Tree.Kind.VARIABLE_IDENTIFIER}) && isFileNameVariable(assignmentExpressionTree.variable().variableExpression())) {
            checkExpression(assignmentExpressionTree.value());
        }
        super.visitAssignmentExpression(assignmentExpressionTree);
    }

    private void checkExpression(@Nullable ExpressionTree expressionTree) {
        if (expressionTree == null || !isHardcodedURI(expressionTree)) {
            return;
        }
        reportHardcodedURI(expressionTree);
    }

    private static boolean isHardcodedURI(ExpressionTree expressionTree) {
        LiteralTree skipParenthesis = CheckUtils.skipParenthesis(expressionTree);
        if (skipParenthesis.is(new Tree.Kind[]{Tree.Kind.REGULAR_STRING_LITERAL})) {
            return URI_PATTERN.matcher(trimQuotes(skipParenthesis.value())).find();
        }
        return false;
    }

    private static String trimQuotes(String str) {
        return str.substring(1, str.length());
    }

    private void reportHardcodedURI(ExpressionTree expressionTree) {
        context().newIssue(this, expressionTree, "Refactor your code to get this URI from a customizable parameter.");
    }
}
