package org.owasp.webscarab.plugin.sessionid;

import java.io.BufferedWriter;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.Date;
import java.util.Map;
import java.util.TreeMap;
import java.util.logging.Logger;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.bsf.util.cf.CodeFormatter;
import org.owasp.webscarab.httpclient.ConversationHandler;
import org.owasp.webscarab.httpclient.FetcherQueue;
import org.owasp.webscarab.httpclient.HTTPClientFactory;
import org.owasp.webscarab.model.ConversationID;
import org.owasp.webscarab.model.Cookie;
import org.owasp.webscarab.model.HttpUrl;
import org.owasp.webscarab.model.NamedValue;
import org.owasp.webscarab.model.Request;
import org.owasp.webscarab.model.Response;
import org.owasp.webscarab.model.StoreException;
import org.owasp.webscarab.plugin.Framework;
import org.owasp.webscarab.plugin.Hook;
import org.owasp.webscarab.plugin.Plugin;
import org.owasp.webscarab.plugin.fuzz.Parameter;

/* loaded from: input_file:main/main.jar:org/owasp/webscarab/plugin/sessionid/SessionIDAnalysis.class */
public class SessionIDAnalysis implements Plugin, ConversationHandler {
    private SessionIDModel _model;
    private int _threads = 4;
    private String _name = null;
    private String _regex = null;
    private int _count = 0;
    private Request _request = null;
    private Response _response = null;
    private Thread _runThread = null;
    private Logger _logger = Logger.getLogger(getClass().getName());
    private FetcherQueue _fetcherQueue = new FetcherQueue("SessionID", this, this._threads, 100);

    public SessionIDAnalysis(Framework framework) {
        this._model = new SessionIDModel(framework.getModel());
    }

    public SessionIDModel getModel() {
        return this._model;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void setSession(String str, Object obj, String str2) throws StoreException {
        if (!str.equals("FileSystem") || !(obj instanceof File)) {
            throw new StoreException("Store type '" + str + "' is not supported in " + getClass().getName());
        }
        this._model.setStore(new FileSystemStore((File) obj));
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public String getPluginName() {
        return new String("Session ID Analysis");
    }

    @Override // org.owasp.webscarab.plugin.Plugin, java.lang.Runnable
    public void run() {
        this._model.setStatus("Started");
        this._model.setRunning(true);
        this._runThread = Thread.currentThread();
        this._model.setStopping(false);
        while (!this._model.isStopping()) {
            while (this._request != null && this._count > 0 && this._fetcherQueue.getRequestsQueued() < this._threads) {
                this._fetcherQueue.submit(this._request);
            }
            try {
                Thread.sleep(100L);
            } catch (InterruptedException e) {
            }
        }
        this._request = null;
        this._fetcherQueue.clearRequestQueue();
        this._model.setRunning(false);
        this._model.setStatus("Stopped");
    }

    @Override // org.owasp.webscarab.httpclient.ConversationHandler
    public void requestError(Request request, IOException iOException) {
        this._logger.info("Requested " + request.getURL() + " got IOException " + iOException.getMessage());
    }

    @Override // org.owasp.webscarab.httpclient.ConversationHandler
    public void responseReceived(Response response) {
        if (this._count == 0) {
            return;
        }
        this._count--;
        Map iDsFromResponse = getIDsFromResponse(response, this._name, this._regex);
        for (String str : iDsFromResponse.keySet()) {
            this._model.addSessionID(str, (SessionID) iDsFromResponse.get(str));
        }
    }

    public Map getIDsFromResponse(Response response, String str, String str2) {
        String str3;
        TreeMap treeMap = new TreeMap();
        Request request = response.getRequest();
        if (request == null) {
            System.out.println("Request was null?");
            return treeMap;
        }
        HttpUrl url = request.getURL();
        Date date = new Date();
        NamedValue[] headers = response.getHeaders();
        if (str == null || str.equals("") || str2 == null) {
            Pattern compile = Pattern.compile("(.*)");
            if (str2 != null && !str2.equals("")) {
                compile = Pattern.compile(str2);
            }
            for (int i = 0; i < headers.length; i++) {
                if (headers[i].getName().equalsIgnoreCase("Set-Cookie") || headers[i].getName().equalsIgnoreCase("Set-Cookie2")) {
                    Cookie cookie = new Cookie(date, url, headers[i].getValue());
                    Matcher matcher = compile.matcher(cookie.getValue());
                    String key = cookie.getKey();
                    if (matcher.matches()) {
                        treeMap.put(key, new SessionID(date, matcher.group(0)));
                        if (matcher.groupCount() > 0) {
                            for (int i2 = 1; i2 <= matcher.groupCount(); i2++) {
                                if (!matcher.group(i2).equals(matcher.group(0))) {
                                    treeMap.put(key + " " + i2, new SessionID(date, matcher.group(i2)));
                                }
                            }
                        }
                    }
                }
            }
        } else {
            String header = response.getHeader("Location");
            if (header != null) {
                Matcher matcher2 = Pattern.compile(str2).matcher(header);
                if (matcher2.matches() && matcher2.groupCount() > 0) {
                    for (int i3 = 1; i3 <= matcher2.groupCount(); i3++) {
                        treeMap.put(str + " " + i3, new SessionID(date, matcher2.group(i3)));
                    }
                }
            }
            String header2 = response.getHeader("Content-Type");
            if (header2 != null && header2.startsWith("text/")) {
                try {
                    str3 = new String(response.getContent(), "UTF-8");
                } catch (UnsupportedEncodingException e) {
                    str3 = new String(response.getContent());
                }
                Matcher matcher3 = Pattern.compile(str2, 40).matcher(str3);
                if (matcher3.matches() && matcher3.groupCount() > 0) {
                    for (int i4 = 1; i4 <= matcher3.groupCount(); i4++) {
                        treeMap.put(str + " " + i4, new SessionID(date, matcher3.group(i4)));
                    }
                }
            }
        }
        return treeMap;
    }

    public void fetch(Request request, String str, String str2, int i) {
        Pattern.compile(str2);
        this._request = request;
        this._name = str;
        this._regex = str2;
        this._count = i;
    }

    public void setRequest(Request request) {
        this._request = request;
    }

    public void fetchResponse() throws IOException {
        this._response = HTTPClientFactory.getInstance().fetchResponse(this._request);
    }

    public Response getResponse() {
        return this._response;
    }

    public void setCalculator(String str, Calculator calculator) {
        this._model.setCalculator(str, calculator);
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean stop() {
        this._model.setStopping(true);
        try {
            this._runThread.join(5000L);
        } catch (InterruptedException e) {
            this._logger.warning("Interrupted!");
        }
        return !this._model.isRunning();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void flush() throws StoreException {
        this._model.flush();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isBusy() {
        return this._count > 0;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public String getStatus() {
        return this._model.getStatus();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isModified() {
        return this._model.isModified();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isRunning() {
        return this._model.isRunning();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void analyse(ConversationID conversationID, Request request, Response response, String str) {
        HttpUrl url = request.getURL();
        String header = request.getHeader(Parameter.LOCATION_COOKIE);
        if (header != null) {
            this._model.addRequestCookie(conversationID, header);
        }
        String[] headers = response.getHeaders("Set-Cookie");
        if (headers != null) {
            for (String str2 : headers) {
                this._model.addResponseCookie(conversationID, url, new Cookie(new Date(), str2));
            }
        }
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public Object getScriptableObject() {
        return null;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public Hook[] getScriptingHooks() {
        return new Hook[0];
    }

    public void clearSessionIDs(String str) {
        this._model.clearSessionIDs(str);
    }

    public void exportIDSToCSV(String str, File file) throws IOException {
        int sessionIDCount = this._model.getSessionIDCount(str);
        if (sessionIDCount == 0) {
            return;
        }
        BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(file));
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < sessionIDCount; i++) {
            SessionID sessionIDAt = this._model.getSessionIDAt(str, i);
            stringBuffer.append(sessionIDAt.getDate().getTime());
            stringBuffer.append(CodeFormatter.DEFAULT_S_DELIM).append(this._model.getSessionIDValue(str, sessionIDAt));
            stringBuffer.append(CodeFormatter.DEFAULT_S_DELIM).append(sessionIDAt.getValue()).append("\n");
            bufferedWriter.write(stringBuffer.toString().toCharArray());
            stringBuffer.delete(0, stringBuffer.length());
        }
        bufferedWriter.close();
    }
}
