package org.sonar.php.checks.security;

import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.sonar.check.Rule;
import org.sonar.php.checks.utils.CheckUtils;
import org.sonar.php.checks.utils.FunctionUsageCheck;
import org.sonar.php.ini.BasePhpIniIssue;
import org.sonar.php.ini.PhpIniCheck;
import org.sonar.php.ini.PhpIniIssue;
import org.sonar.php.ini.tree.PhpIniFile;
import org.sonar.php.utils.collections.MapBuilder;
import org.sonar.plugins.php.api.tree.Tree;
import org.sonar.plugins.php.api.tree.declaration.CallArgumentTree;
import org.sonar.plugins.php.api.tree.expression.ExpressionTree;
import org.sonar.plugins.php.api.tree.expression.FunctionCallTree;
import org.sonar.plugins.php.api.tree.expression.LiteralTree;

@Rule(key = "S3331")
/* loaded from: input_file:org/sonar/php/checks/security/CookieDomainCheck.class */
public class CookieDomainCheck extends FunctionUsageCheck implements PhpIniCheck {
    private static final String MESSAGE = "Specify at least a second-level cookie domain.";
    private static final Map<String, Integer> FUNCTION_AND_PARAM_INDEX = MapBuilder.builder().put("setcookie", 4).put("session_set_cookie_params", 2).build();

    @Override // org.sonar.php.checks.utils.FunctionUsageCheck
    protected Set<String> lookedUpFunctionNames() {
        return Collections.unmodifiableSet(FUNCTION_AND_PARAM_INDEX.keySet());
    }

    @Override // org.sonar.php.checks.utils.FunctionUsageCheck
    protected void checkFunctionCall(FunctionCallTree functionCallTree) {
        Optional<CallArgumentTree> argument = CheckUtils.argument(functionCallTree, "domain", FUNCTION_AND_PARAM_INDEX.get(CheckUtils.getLowerCaseFunctionName(functionCallTree)).intValue());
        if (argument.isPresent()) {
            ExpressionTree assignedValue = CheckUtils.assignedValue(argument.get().value());
            if (assignedValue.is(Tree.Kind.REGULAR_STRING_LITERAL) && isFirstLevelDomain(((LiteralTree) assignedValue).value())) {
                if (argument.get().value() == assignedValue) {
                    context().newIssue(this, assignedValue, MESSAGE);
                } else {
                    context().newIssue(this, assignedValue, MESSAGE).secondary(argument.get(), MESSAGE);
                }
            }
        }
    }

    @Override // org.sonar.php.ini.PhpIniCheck
    public List<PhpIniIssue> analyze(PhpIniFile phpIniFile) {
        return (List) phpIniFile.directivesForName("session.cookie_domain").stream().filter(directive -> {
            return isFirstLevelDomain(directive.value().text());
        }).map(directive2 -> {
            return BasePhpIniIssue.newIssue(MESSAGE).line(directive2.name().line());
        }).collect(Collectors.toList());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isFirstLevelDomain(String str) {
        String trimQuotes = CheckUtils.trimQuotes(str);
        return !trimQuotes.isEmpty() && Arrays.stream(trimQuotes.split("\\.")).map((v0) -> {
            return v0.trim();
        }).filter(str2 -> {
            return !str2.isEmpty();
        }).count() < 2;
    }
}
