package sorald.processor;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.xml.XMLConstants;
import sorald.annotations.IncompleteProcessor;
import sorald.annotations.ProcessorAnnotation;
import spoon.reflect.code.CtBlock;
import spoon.reflect.code.CtExpression;
import spoon.reflect.code.CtFieldRead;
import spoon.reflect.code.CtInvocation;
import spoon.reflect.code.CtLiteral;
import spoon.reflect.code.CtLocalVariable;
import spoon.reflect.code.CtReturn;
import spoon.reflect.code.CtStatement;
import spoon.reflect.code.CtTypeAccess;
import spoon.reflect.code.CtVariableAccess;
import spoon.reflect.declaration.CtMethod;
import spoon.reflect.declaration.CtType;
import spoon.reflect.declaration.ModifierKind;
import spoon.reflect.reference.CtTypeReference;

@IncompleteProcessor(description = "This processor is a WIP and currently supports a subset of rule 2755. See Sorald's documentation for details.")
@ProcessorAnnotation(key = 2755, description = "XML parsers should not be vulnerable to XXE attacks")
/* loaded from: input_file:sorald/processor/XxeProcessingProcessor.class */
public class XxeProcessingProcessor extends SoraldAbstractProcessor<CtInvocation<?>> {
    private static final String ACCESS_EXTERNAL_DTD = "ACCESS_EXTERNAL_DTD";
    private static final String ACCESS_EXTERNAL_SCHEMA = "ACCESS_EXTERNAL_SCHEMA";
    private static final String ACCESS_EXTERNAL_STYLESHEET = "ACCESS_EXTERNAL_STYLESHEET";
    private static final String DOCUMENT_BUILDER_FACTORY = "DocumentBuilderFactory";
    private static final String TRANSFORMER_FACTORY = "TransformerFactory";
    private static final String XML_INPUT_FACTORY = "XMLInputFactory";

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // sorald.processor.SoraldAbstractProcessor
    public boolean canRepairInternal(CtInvocation<?> ctInvocation) {
        return isSupported(ctInvocation);
    }

    private static boolean isSupported(CtInvocation<?> ctInvocation) {
        List asList = Arrays.asList(DOCUMENT_BUILDER_FACTORY, TRANSFORMER_FACTORY, XML_INPUT_FACTORY);
        CtTypeReference type = ctInvocation.getType();
        return asList.contains(type != null ? type.getSimpleName() : "");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // sorald.processor.SoraldAbstractProcessor
    public void repairInternal(CtInvocation<?> ctInvocation) {
        ctInvocation.replace(invoke(createFactoryMethod(ctInvocation, (CtType) ctInvocation.getParent(CtType.class))));
    }

    private CtMethod<?> createFactoryMethod(CtInvocation<?> ctInvocation, CtType<?> ctType) {
        CtLocalVariable<?> createLocalVariable = createLocalVariable("factory", ctInvocation);
        ArrayList arrayList = new ArrayList();
        arrayList.add(createLocalVariable);
        arrayList.addAll(setXMLConstantsAttributesToEmptyString(createLocalVariable));
        return createPrivateStaticMethod("create" + ctInvocation.getType().getSimpleName(), ctType, arrayList, read(createLocalVariable));
    }

    private List<? extends CtInvocation<?>> setXMLConstantsAttributesToEmptyString(CtLocalVariable<?> ctLocalVariable) {
        CtLiteral createLiteral = getFactory().createLiteral("");
        return (List) getXMLConstantNamesFor(ctLocalVariable.getType()).stream().map(this::readXmlConstant).map(ctFieldRead -> {
            return createSetAttributeInvocation(read(ctLocalVariable), ctFieldRead, createLiteral);
        }).collect(Collectors.toList());
    }

    private <T> CtMethod<T> createPrivateStaticMethod(String str, CtType<?> ctType, List<? extends CtStatement> list, CtExpression<T> ctExpression) {
        CtReturn createReturn = getFactory().createReturn();
        createReturn.setReturnedExpression(ctExpression);
        CtBlock createBlock = getFactory().createBlock();
        Objects.requireNonNull(createBlock);
        list.forEach(createBlock::addStatement);
        createBlock.addStatement(createReturn);
        CtMethod<T> createMethod = getFactory().createMethod(ctType, new HashSet(Arrays.asList(ModifierKind.PRIVATE, ModifierKind.STATIC)), ctExpression.getType().getTypeDeclaration().getReference(), str, Collections.emptyList(), Collections.emptySet());
        createMethod.setBody(createBlock);
        return createMethod;
    }

    private <T> CtLocalVariable<T> createLocalVariable(String str, CtExpression<T> ctExpression) {
        return getFactory().createLocalVariable(ctExpression.getType().clone(), str, ctExpression.clone());
    }

    private CtFieldRead<String> readXmlConstant(String str) {
        CtType ctType = getFactory().Type().get(XMLConstants.class);
        CtTypeAccess createTypeAccess = getFactory().createTypeAccess(ctType.getReference());
        CtFieldRead<String> createFieldRead = getFactory().createFieldRead();
        createFieldRead.setTarget(createTypeAccess);
        createFieldRead.setVariable(ctType.getDeclaredField(str));
        return createFieldRead;
    }

    private <T> CtInvocation<T> createSetAttributeInvocation(CtExpression<T> ctExpression, CtExpression<String> ctExpression2, CtExpression<Object> ctExpression3) {
        return getFactory().createInvocation(ctExpression, ctExpression.getType().getTypeDeclaration().getMethod(getAttributeSetterMethodName(ctExpression.getType()), new CtTypeReference[]{getFactory().Type().STRING, getFactory().Type().OBJECT}).getReference(), new CtExpression[]{ctExpression2, ctExpression3});
    }

    private <T> CtVariableAccess<T> read(CtLocalVariable<T> ctLocalVariable) {
        return getFactory().createVariableRead(ctLocalVariable.getReference(), ctLocalVariable.isStatic());
    }

    private CtInvocation<?> invoke(CtMethod<?> ctMethod) {
        return getFactory().createInvocation(getFactory().createThisAccess(ctMethod.getParent(CtType.class).getReference(), true), ctMethod.getReference(), new CtExpression[0]);
    }

    private static List<String> getXMLConstantNamesFor(CtTypeReference<?> ctTypeReference) {
        return ctTypeReference.getSimpleName().equals(TRANSFORMER_FACTORY) ? Arrays.asList(ACCESS_EXTERNAL_DTD, ACCESS_EXTERNAL_STYLESHEET) : Arrays.asList(ACCESS_EXTERNAL_DTD, ACCESS_EXTERNAL_SCHEMA);
    }

    private static String getAttributeSetterMethodName(CtTypeReference<?> ctTypeReference) {
        String simpleName = ctTypeReference.getSimpleName();
        boolean z = -1;
        switch (simpleName.hashCode()) {
            case -1988953647:
                if (simpleName.equals(TRANSFORMER_FACTORY)) {
                    z = true;
                    break;
                }
                break;
            case -1517721737:
                if (simpleName.equals(XML_INPUT_FACTORY)) {
                    z = 2;
                    break;
                }
                break;
            case 1930027786:
                if (simpleName.equals(DOCUMENT_BUILDER_FACTORY)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
                return "setAttribute";
            case true:
                return "setProperty";
            default:
                throw new IllegalArgumentException("Missing method name for " + ctTypeReference.getSimpleName());
        }
    }
}
