package com.jsql.util;

import com.jsql.model.InjectionModel;
import com.jsql.model.exception.JSqlException;
import com.jsql.model.injection.method.MethodInjection;
import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:com/jsql/util/JsonUtil.class */
public class JsonUtil {
    private static final Logger LOGGER = Logger.getRootLogger();
    private InjectionModel injectionModel;

    public JsonUtil(InjectionModel injectionModel) {
        this.injectionModel = injectionModel;
    }

    public static Object getJson(String str) {
        Object obj;
        try {
            obj = new JSONObject(str);
        } catch (JSONException e) {
            try {
                obj = new JSONArray(str);
            } catch (JSONException e2) {
                obj = new Object();
            }
        }
        return obj;
    }

    public static List<AbstractMap.SimpleEntry<String, String>> createEntries(Object obj, String str, AbstractMap.SimpleEntry<String, String> simpleEntry) {
        ArrayList arrayList = new ArrayList();
        if (obj instanceof JSONObject) {
            JSONObject jSONObject = (JSONObject) obj;
            Iterator keys = jSONObject.keys();
            while (keys.hasNext()) {
                String str2 = (String) keys.next();
                Object obj2 = jSONObject.get(str2);
                String str3 = str + "." + str2;
                if ((obj2 instanceof JSONArray) || (obj2 instanceof JSONObject)) {
                    arrayList.addAll(createEntries(obj2, str3, simpleEntry));
                } else if (obj2 instanceof String) {
                    AbstractMap.SimpleEntry simpleEntry2 = new AbstractMap.SimpleEntry(str3, (String) obj2);
                    arrayList.add(simpleEntry2);
                    if (simpleEntry == null) {
                        jSONObject.put(str2, obj2.toString().replaceAll(Pattern.quote(InjectionModel.STAR) + "$", StringUtils.EMPTY));
                    } else if (simpleEntry2.equals(simpleEntry)) {
                        jSONObject.put(str2, obj2 + InjectionModel.STAR);
                    }
                }
            }
        } else if (obj instanceof JSONArray) {
            JSONArray jSONArray = (JSONArray) obj;
            for (int i = 0; i < jSONArray.length(); i++) {
                Object obj3 = jSONArray.get(i);
                if ((obj3 instanceof JSONObject) || (obj3 instanceof JSONArray)) {
                    arrayList.addAll(createEntries(obj3, str + "[" + i + "]", simpleEntry));
                }
            }
        }
        return arrayList;
    }

    public boolean testStandardParameter(MethodInjection methodInjection, AbstractMap.SimpleEntry<String, String> simpleEntry) {
        boolean z = false;
        simpleEntry.setValue(simpleEntry.getValue() + InjectionModel.STAR);
        try {
            try {
                LOGGER.info("Checking " + methodInjection.name() + " parameter " + simpleEntry.getKey() + "=" + simpleEntry.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY));
                z = this.injectionModel.testStrategies(true, false, simpleEntry);
                if (!z) {
                    methodInjection.getParams().stream().forEach(simpleEntry2 -> {
                        simpleEntry2.setValue(((String) simpleEntry2.getValue()).replaceAll(Pattern.quote(InjectionModel.STAR) + "$", StringUtils.EMPTY));
                    });
                    simpleEntry.setValue(simpleEntry.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY));
                }
            } catch (JSqlException e) {
                LOGGER.warn("No " + methodInjection.name() + " injection found for parameter " + simpleEntry.getKey() + "=" + simpleEntry.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY) + " (" + e.getMessage() + ")", e);
                if (!z) {
                    methodInjection.getParams().stream().forEach(simpleEntry22 -> {
                        simpleEntry22.setValue(((String) simpleEntry22.getValue()).replaceAll(Pattern.quote(InjectionModel.STAR) + "$", StringUtils.EMPTY));
                    });
                    simpleEntry.setValue(simpleEntry.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY));
                }
            }
            return z;
        } catch (Throwable th) {
            if (!z) {
                methodInjection.getParams().stream().forEach(simpleEntry222 -> {
                    simpleEntry222.setValue(((String) simpleEntry222.getValue()).replaceAll(Pattern.quote(InjectionModel.STAR) + "$", StringUtils.EMPTY));
                });
                simpleEntry.setValue(simpleEntry.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY));
            }
            throw th;
        }
    }

    public boolean testJsonParameter(MethodInjection methodInjection, AbstractMap.SimpleEntry<String, String> simpleEntry) {
        boolean z = false;
        Object json = getJson(simpleEntry.getValue());
        Iterator<AbstractMap.SimpleEntry<String, String>> it = createEntries(json, "root", null).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AbstractMap.SimpleEntry<String, String> next = it.next();
            createEntries(json, "root", null);
            createEntries(json, "root", next);
            simpleEntry.setValue(json.toString());
            try {
                try {
                    LOGGER.info("Checking JSON " + methodInjection.name() + " parameter " + next.getKey() + "=" + next.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY));
                    z = this.injectionModel.testStrategies(true, true, simpleEntry);
                    methodInjection.getParams().stream().forEach(simpleEntry2 -> {
                        simpleEntry2.setValue(((String) simpleEntry2.getValue()).replaceAll(Pattern.quote(InjectionModel.STAR) + "$", StringUtils.EMPTY));
                    });
                    if (!z) {
                        simpleEntry.setValue(simpleEntry.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY));
                    }
                } catch (JSqlException e) {
                    LOGGER.warn("No " + methodInjection.name() + " injection found for JSON " + methodInjection.name() + " parameter " + next.getKey() + "=" + next.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY), e);
                    methodInjection.getParams().stream().forEach(simpleEntry22 -> {
                        simpleEntry22.setValue(((String) simpleEntry22.getValue()).replaceAll(Pattern.quote(InjectionModel.STAR) + "$", StringUtils.EMPTY));
                    });
                    if (!z) {
                        simpleEntry.setValue(simpleEntry.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY));
                    }
                }
            } catch (Throwable th) {
                methodInjection.getParams().stream().forEach(simpleEntry222 -> {
                    simpleEntry222.setValue(((String) simpleEntry222.getValue()).replaceAll(Pattern.quote(InjectionModel.STAR) + "$", StringUtils.EMPTY));
                });
                if (!z) {
                    simpleEntry.setValue(simpleEntry.getValue().replace(InjectionModel.STAR, StringUtils.EMPTY));
                }
                throw th;
            }
        }
        return z;
    }
}
