package com.eviware.soapui.security.scan;

import com.eviware.soapui.SoapUI;
import com.eviware.soapui.config.MalformedXmlAttributeConfig;
import com.eviware.soapui.config.MalformedXmlConfig;
import com.eviware.soapui.config.SecurityScanConfig;
import com.eviware.soapui.config.StrategyTypeConfig;
import com.eviware.soapui.model.ModelItem;
import com.eviware.soapui.model.iface.MessageExchange;
import com.eviware.soapui.model.security.SecurityCheckedParameter;
import com.eviware.soapui.model.testsuite.TestCaseRunner;
import com.eviware.soapui.model.testsuite.TestProperty;
import com.eviware.soapui.model.testsuite.TestStep;
import com.eviware.soapui.security.SecurityTestRunContext;
import com.eviware.soapui.security.SecurityTestRunner;
import com.eviware.soapui.security.ui.MalformedXmlAdvancedSettingsPanel;
import com.eviware.soapui.support.types.StringToStringMap;
import com.eviware.soapui.support.xml.XmlObjectTreeModel;
import com.eviware.soapui.support.xml.XmlUtils;
import flex.messaging.io.amf.client.AMFConnection;
import flex.messaging.services.http.proxy.ProxyConstants;
import hermes.fix.FIXMessageTableModel;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.swing.JComponent;
import net.sf.json.util.JSONUtils;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlOptions;
import org.custommonkey.xmlunit.XMLConstants;

/* loaded from: input_file:lib/soapui-4.0.1.jar:com/eviware/soapui/security/scan/MalformedXmlSecurityScan.class */
public class MalformedXmlSecurityScan extends AbstractSecurityScanWithProperties {
    public static final String TYPE = "MalformedXmlSecurityScan";
    public static final String NAME = "Malformed XML";
    private Map<SecurityCheckedParameter, ArrayList<String>> parameterMutations;
    private boolean mutation;
    private MalformedXmlConfig malformedXmlConfig;
    private MalformedXmlAttributeConfig malformedAttributeConfig;
    private MalformedXmlAdvancedSettingsPanel advancedSettingsPanel;

    public MalformedXmlSecurityScan(TestStep testStep, SecurityScanConfig securityScanConfig, ModelItem modelItem, String str) {
        super(testStep, securityScanConfig, modelItem, str);
        this.parameterMutations = new HashMap();
        if (securityScanConfig.getConfig() == null || !(securityScanConfig.getConfig() instanceof MalformedXmlConfig)) {
            initMalformedXmlConfig();
        } else {
            this.malformedXmlConfig = (MalformedXmlConfig) securityScanConfig.getConfig();
            this.malformedAttributeConfig = this.malformedXmlConfig.getAttributeMutation();
        }
    }

    protected void initMalformedXmlConfig() {
        ((SecurityScanConfig) getConfig()).setConfig(MalformedXmlConfig.Factory.newInstance());
        this.malformedXmlConfig = (MalformedXmlConfig) ((SecurityScanConfig) getConfig()).getConfig();
        this.malformedXmlConfig.addNewAttributeMutation();
        this.malformedXmlConfig.setInsertNewElement(true);
        this.malformedXmlConfig.setNewElementValue("<xml>xml <joke> </xml> </joke>");
        this.malformedXmlConfig.setChangeTagName(true);
        this.malformedXmlConfig.setLeaveTagOpen(true);
        this.malformedXmlConfig.setInsertInvalidCharacter(true);
        this.malformedAttributeConfig = this.malformedXmlConfig.getAttributeMutation();
        this.malformedAttributeConfig.setMutateAttributes(true);
        this.malformedAttributeConfig.setInsertInvalidChars(true);
        this.malformedAttributeConfig.setLeaveAttributeOpen(true);
        this.malformedAttributeConfig.setAddNewAttribute(true);
        this.malformedAttributeConfig.setNewAttributeName("newAttribute");
        this.malformedAttributeConfig.setNewAttributeValue("XXX");
    }

    @Override // com.eviware.soapui.security.scan.AbstractSecurityScan
    protected void execute(SecurityTestRunner securityTestRunner, TestStep testStep, SecurityTestRunContext securityTestRunContext) {
        try {
            createMessageExchange(update(testStep, securityTestRunContext), (MessageExchange) testStep.run((TestCaseRunner) securityTestRunner, securityTestRunContext), securityTestRunContext);
        } catch (XmlException e) {
            SoapUI.logError(e, "[MalformedXmlSecurityScan]XPath seems to be invalid!");
            reportSecurityScanException("Property value is not XML or XPath is wrong!");
        } catch (Exception e2) {
            SoapUI.logError(e2, "[MalformedXmlSecurityScan]Property value is not valid xml!");
            reportSecurityScanException("Property value is not XML or XPath is wrong!");
        }
    }

    protected StringToStringMap update(TestStep testStep, SecurityTestRunContext securityTestRunContext) throws XmlException, Exception {
        StringToStringMap stringToStringMap = new StringToStringMap();
        if (this.parameterMutations.size() == 0) {
            mutateParameters(testStep, securityTestRunContext);
        }
        if (getExecutionStrategy().getStrategy() == StrategyTypeConfig.ONE_BY_ONE) {
            Iterator<SecurityCheckedParameter> it = getParameterHolder().getParameterList().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                SecurityCheckedParameter next = it.next();
                if (this.parameterMutations.containsKey(next) && this.parameterMutations.get(next).size() > 0) {
                    TestProperty testProperty = testStep.getProperties().get(next.getName());
                    String expand = securityTestRunContext.expand(testProperty.getValue());
                    if (next.getXpath() == null || next.getXpath().trim().length() == 0) {
                        break;
                    }
                    if (expand != null && !expand.trim().equals("")) {
                        XmlObjectTreeModel.XmlTreeNode[] selectTreeNodes = new XmlObjectTreeModel(testProperty.getSchemaType().getTypeSystem(), XmlUtils.createXmlObject(expand)).selectTreeNodes(securityTestRunContext.expand(next.getXpath()));
                        StringBuffer stringBuffer = new StringBuffer(expand);
                        for (int i = 0; i < selectTreeNodes.length; i++) {
                            int indexOf = expand.indexOf(XMLConstants.OPEN_START_NODE + selectTreeNodes[i].getNodeName());
                            for (int i2 = 0; i2 < i; i2++) {
                                indexOf = expand.indexOf(XMLConstants.OPEN_START_NODE + selectTreeNodes[i].getNodeName(), indexOf + 1);
                            }
                            String xmlForNode = getXmlForNode(selectTreeNodes[i]);
                            int indexOf2 = expand.indexOf(XMLConstants.OPEN_START_NODE + selectTreeNodes[i].getNodeName(), indexOf + 1);
                            if (indexOf2 <= 0) {
                                indexOf2 = xmlForNode.endsWith(new StringBuilder().append(XMLConstants.OPEN_END_NODE).append(selectTreeNodes[i].getDomNode().getNodeName()).append(XMLConstants.CLOSE_NODE).toString()) ? expand.indexOf(XMLConstants.OPEN_END_NODE + selectTreeNodes[i].getDomNode().getNodeName() + XMLConstants.CLOSE_NODE) + (XMLConstants.OPEN_END_NODE + selectTreeNodes[i].getDomNode().getNodeName() + XMLConstants.CLOSE_NODE).length() : expand.indexOf(XMLConstants.CLOSE_NODE, expand.indexOf("/", indexOf));
                            }
                            if (indexOf2 <= 0 || indexOf2 <= indexOf) {
                                break;
                            }
                            stringBuffer.replace(indexOf, indexOf2 + 1, this.parameterMutations.get(next).get(0));
                        }
                        stringToStringMap.put((StringToStringMap) next.getLabel(), this.parameterMutations.get(next).get(0));
                        this.parameterMutations.get(next).remove(0);
                        testStep.getProperties().get(next.getName()).setValue(stringBuffer.toString());
                    }
                }
            }
        } else {
            for (TestProperty testProperty2 : testStep.getPropertyList()) {
                String expand2 = securityTestRunContext.expand(testProperty2.getValue());
                if (XmlUtils.seemsToBeXml(expand2)) {
                    StringBuffer stringBuffer2 = new StringBuffer(expand2);
                    XmlObjectTreeModel xmlObjectTreeModel = new XmlObjectTreeModel(testProperty2.getSchemaType().getTypeSystem(), XmlUtils.createXmlObject(expand2));
                    for (SecurityCheckedParameter securityCheckedParameter : getParameterHolder().getParameterList()) {
                        if (securityCheckedParameter.getXpath() == null || securityCheckedParameter.getXpath().trim().length() == 0) {
                            if (this.parameterMutations.containsKey(securityCheckedParameter)) {
                                testStep.getProperties().get(securityCheckedParameter.getName()).setValue(this.parameterMutations.get(securityCheckedParameter).get(0));
                                stringToStringMap.put((StringToStringMap) securityCheckedParameter.getLabel(), this.parameterMutations.get(securityCheckedParameter).get(0));
                                this.parameterMutations.get(securityCheckedParameter).remove(0);
                            }
                        } else if (expand2 != null && !expand2.trim().equals("") && securityCheckedParameter.getName().equals(testProperty2.getName())) {
                            XmlObjectTreeModel.XmlTreeNode[] selectTreeNodes2 = xmlObjectTreeModel.selectTreeNodes(securityTestRunContext.expand(securityCheckedParameter.getXpath()));
                            if (this.parameterMutations.containsKey(securityCheckedParameter) && this.parameterMutations.get(securityCheckedParameter).size() > 0) {
                                for (int i3 = 0; i3 < selectTreeNodes2.length; i3++) {
                                    int indexOf3 = expand2.indexOf(XMLConstants.OPEN_START_NODE + selectTreeNodes2[i3].getNodeName());
                                    for (int i4 = 0; i4 < i3; i4++) {
                                        indexOf3 = expand2.indexOf(XMLConstants.OPEN_START_NODE + selectTreeNodes2[i3].getNodeName(), indexOf3 + 1);
                                    }
                                    String xmlForNode2 = getXmlForNode(selectTreeNodes2[i3]);
                                    int indexOf4 = expand2.indexOf(XMLConstants.OPEN_START_NODE + selectTreeNodes2[i3].getNodeName(), indexOf3 + 1);
                                    if (indexOf4 <= 0) {
                                        indexOf4 = xmlForNode2.endsWith(new StringBuilder().append(XMLConstants.OPEN_END_NODE).append(selectTreeNodes2[i3].getDomNode().getNodeName()).append(XMLConstants.CLOSE_NODE).toString()) ? expand2.indexOf(XMLConstants.OPEN_END_NODE + selectTreeNodes2[i3].getDomNode().getNodeName() + XMLConstants.CLOSE_NODE) : expand2.indexOf(XMLConstants.CLOSE_NODE, expand2.indexOf("/", indexOf3));
                                    }
                                    if (indexOf4 <= 0 || indexOf4 <= indexOf3) {
                                        break;
                                    }
                                    stringBuffer2.replace(indexOf3, indexOf4 + 1, this.parameterMutations.get(securityCheckedParameter).get(0));
                                }
                                stringToStringMap.put((StringToStringMap) securityCheckedParameter.getLabel(), this.parameterMutations.get(securityCheckedParameter).get(0));
                                this.parameterMutations.get(securityCheckedParameter).remove(0);
                            }
                        }
                    }
                    if (xmlObjectTreeModel != null) {
                        testProperty2.setValue(stringBuffer2.toString());
                        xmlObjectTreeModel.release();
                    }
                }
            }
        }
        return stringToStringMap;
    }

    protected void mutateParameters(TestStep testStep, SecurityTestRunContext securityTestRunContext) throws XmlException, IOException {
        this.mutation = true;
        for (SecurityCheckedParameter securityCheckedParameter : getParameterHolder().getParameterList()) {
            if (securityCheckedParameter.isChecked()) {
                TestProperty testProperty = getTestStep().getProperties().get(securityCheckedParameter.getName());
                if (securityCheckedParameter.getXpath() != null && securityCheckedParameter.getXpath().trim().length() != 0 && (testProperty.getValue() != null || testProperty.getDefaultValue() != null)) {
                    String expand = securityTestRunContext.expand(testProperty.getValue());
                    XmlObjectTreeModel xmlObjectTreeModel = new XmlObjectTreeModel(testProperty.getSchemaType().getTypeSystem(), XmlUtils.createXmlObject(expand));
                    XmlObjectTreeModel.XmlTreeNode[] selectTreeNodes = xmlObjectTreeModel.selectTreeNodes(securityTestRunContext.expand(securityCheckedParameter.getXpath()));
                    if (selectTreeNodes.length > 0 && !(selectTreeNodes[0] instanceof XmlObjectTreeModel.AttributeXmlTreeNode)) {
                        if (!this.parameterMutations.containsKey(securityCheckedParameter)) {
                            this.parameterMutations.put(securityCheckedParameter, new ArrayList<>());
                        }
                        this.parameterMutations.get(securityCheckedParameter).addAll(mutateNode(selectTreeNodes[0], expand));
                    }
                    xmlObjectTreeModel.release();
                }
            }
        }
    }

    protected Collection<? extends String> mutateNode(XmlObjectTreeModel.XmlTreeNode xmlTreeNode, String str) throws IOException {
        ArrayList arrayList = new ArrayList();
        String xmlForNode = getXmlForNode(xmlTreeNode);
        if (this.malformedXmlConfig.getInsertNewElement()) {
            StringBuffer stringBuffer = new StringBuffer(xmlForNode);
            if (xmlForNode.endsWith(XMLConstants.OPEN_END_NODE + xmlTreeNode.getDomNode().getNodeName() + XMLConstants.CLOSE_NODE)) {
                stringBuffer.insert(xmlForNode.indexOf(XMLConstants.CLOSE_NODE) + 1, this.malformedXmlConfig.getNewElementValue());
            } else {
                stringBuffer.delete(xmlForNode.lastIndexOf("/"), xmlForNode.length());
                stringBuffer.append(XMLConstants.CLOSE_NODE + this.malformedXmlConfig.getNewElementValue() + XMLConstants.OPEN_END_NODE + xmlTreeNode.getDomNode().getNodeName() + XMLConstants.CLOSE_NODE);
            }
            arrayList.add(stringBuffer.toString());
        }
        if (this.malformedXmlConfig.getChangeTagName()) {
            String nodeName = xmlTreeNode.getNodeName();
            if (nodeName.toUpperCase().equals(nodeName)) {
                arrayList.add(xmlForNode.replaceAll(nodeName, nodeName.toLowerCase()));
            } else if (nodeName.toLowerCase().equals(nodeName)) {
                arrayList.add(xmlForNode.replaceAll(nodeName, nodeName.toUpperCase()));
            } else {
                StringBuffer stringBuffer2 = new StringBuffer();
                for (char c : nodeName.toCharArray()) {
                    if (Character.isUpperCase(c)) {
                        stringBuffer2.append(Character.toLowerCase(c));
                    } else {
                        stringBuffer2.append(Character.toUpperCase(c));
                    }
                }
                arrayList.add(xmlForNode.replaceAll(nodeName, stringBuffer2.toString()));
                StringBuffer stringBuffer3 = new StringBuffer();
                for (char c2 : nodeName.toCharArray()) {
                    if (Character.isUpperCase(c2)) {
                        stringBuffer3.append(ProxyConstants.COOKIE_SEPARATOR).append(Character.toLowerCase(c2));
                    } else {
                        stringBuffer3.append(c2);
                    }
                }
                arrayList.add(xmlForNode.replaceAll(nodeName, stringBuffer3.toString()));
            }
        }
        if (this.malformedXmlConfig.getLeaveTagOpen()) {
            if (xmlForNode.endsWith(XMLConstants.OPEN_END_NODE + xmlTreeNode.getDomNode().getNodeName() + XMLConstants.CLOSE_NODE)) {
                StringBuffer stringBuffer4 = new StringBuffer(xmlForNode);
                stringBuffer4.delete(stringBuffer4.indexOf(XMLConstants.OPEN_END_NODE + xmlTreeNode.getDomNode().getNodeName() + XMLConstants.CLOSE_NODE), stringBuffer4.length());
                arrayList.add(stringBuffer4.toString());
                StringBuffer stringBuffer5 = new StringBuffer(xmlForNode);
                stringBuffer5.delete(0, stringBuffer5.indexOf(XMLConstants.CLOSE_NODE) + 1);
                arrayList.add(stringBuffer5.toString());
                StringBuffer stringBuffer6 = new StringBuffer(xmlForNode);
                stringBuffer6.delete(0, stringBuffer6.indexOf(XMLConstants.CLOSE_NODE) + 1);
                stringBuffer6.delete(stringBuffer6.indexOf(XMLConstants.OPEN_END_NODE + xmlTreeNode.getDomNode().getNodeName() + XMLConstants.CLOSE_NODE) + 1, stringBuffer6.indexOf(XMLConstants.OPEN_END_NODE + xmlTreeNode.getDomNode().getNodeName() + XMLConstants.CLOSE_NODE) + 2);
                arrayList.add(stringBuffer6.toString());
            } else {
                StringBuffer stringBuffer7 = new StringBuffer(xmlForNode);
                stringBuffer7.delete(xmlForNode.lastIndexOf("/"), xmlForNode.length());
                arrayList.add(stringBuffer7.toString());
            }
        }
        if (this.malformedXmlConfig.getInsertInvalidCharacter()) {
            for (char c3 : new char[]{'<', '>', '&'}) {
                StringBuffer stringBuffer8 = new StringBuffer(xmlForNode);
                if (xmlForNode.endsWith(XMLConstants.OPEN_END_NODE + xmlTreeNode.getDomNode().getNodeName() + XMLConstants.CLOSE_NODE)) {
                    stringBuffer8.insert(stringBuffer8.indexOf(XMLConstants.OPEN_END_NODE + xmlTreeNode.getDomNode().getNodeName() + XMLConstants.CLOSE_NODE), c3);
                } else {
                    stringBuffer8.delete(xmlForNode.lastIndexOf("/"), xmlForNode.length());
                    stringBuffer8.append('>').append(c3).append(XMLConstants.OPEN_END_NODE).append(xmlTreeNode.getDomNode().getNodeName()).append(XMLConstants.CLOSE_NODE);
                }
                arrayList.add(stringBuffer8.toString());
            }
        }
        if (this.malformedAttributeConfig.getMutateAttributes()) {
            if (this.malformedAttributeConfig.getAddNewAttribute() && this.malformedAttributeConfig.getNewAttributeName().trim().length() > 0) {
                StringBuffer stringBuffer9 = new StringBuffer(xmlForNode);
                stringBuffer9.insert(xmlTreeNode.getNodeName().length() + 1, FIXMessageTableModel.DIRECTION + this.malformedAttributeConfig.getNewAttributeName() + AMFConnection.COOKIE_NAMEVALUE_SEPERATOR + JSONUtils.DOUBLE_QUOTE + this.malformedAttributeConfig.getNewAttributeValue() + "\" ");
                arrayList.add(stringBuffer9.toString());
            }
            if (this.malformedAttributeConfig.getInsertInvalidChars() && xmlTreeNode.getDomNode().hasAttributes()) {
                for (char c4 : new char[]{'\"', '\'', '<', '>', '&'}) {
                    StringBuffer stringBuffer10 = new StringBuffer(xmlForNode);
                    stringBuffer10.insert(stringBuffer10.indexOf(AMFConnection.COOKIE_NAMEVALUE_SEPERATOR) + 3, c4);
                    arrayList.add(stringBuffer10.toString());
                }
            }
            if (this.malformedAttributeConfig.getLeaveAttributeOpen() && xmlTreeNode.getDomNode().hasAttributes()) {
                StringBuffer stringBuffer11 = new StringBuffer(xmlForNode);
                stringBuffer11.delete(stringBuffer11.indexOf(AMFConnection.COOKIE_NAMEVALUE_SEPERATOR) + 1, stringBuffer11.indexOf(AMFConnection.COOKIE_NAMEVALUE_SEPERATOR) + 2);
                arrayList.add(stringBuffer11.toString());
            }
        }
        return arrayList;
    }

    private String getXmlForNode(XmlObjectTreeModel.XmlTreeNode xmlTreeNode) {
        XmlOptions xmlOptions = new XmlOptions();
        xmlOptions.setSaveOuter();
        xmlOptions.setSavePrettyPrint();
        return XmlUtils.removeUnneccessaryNamespaces(xmlTreeNode.getXmlObject().xmlText(xmlOptions));
    }

    @Override // com.eviware.soapui.security.scan.AbstractSecurityScan, com.eviware.soapui.model.security.SecurityScan
    public String getConfigDescription() {
        return "Configures Malformed XML Security Scan";
    }

    @Override // com.eviware.soapui.security.scan.AbstractSecurityScan, com.eviware.soapui.model.security.SecurityScan
    public String getConfigName() {
        return "Malformed XML Security Scan";
    }

    @Override // com.eviware.soapui.security.scan.AbstractSecurityScan, com.eviware.soapui.model.security.SecurityScan
    public String getHelpURL() {
        return "http://soapui.org/Security/malformed-xml.html";
    }

    @Override // com.eviware.soapui.security.scan.AbstractSecurityScan, com.eviware.soapui.model.security.SecurityScan
    public String getType() {
        return TYPE;
    }

    @Override // com.eviware.soapui.security.scan.AbstractSecurityScan
    protected boolean hasNext(TestStep testStep, SecurityTestRunContext securityTestRunContext) {
        boolean z = false;
        if ((this.parameterMutations != null && this.parameterMutations.size() != 0) || this.mutation) {
            Iterator<SecurityCheckedParameter> it = this.parameterMutations.keySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (this.parameterMutations.get(it.next()).size() > 0) {
                    z = true;
                    break;
                }
            }
        } else {
            z = getParameterHolder().getParameterList().size() > 0;
        }
        if (!z) {
            this.parameterMutations.clear();
            this.mutation = false;
        }
        return z;
    }

    @Override // com.eviware.soapui.security.scan.AbstractSecurityScan
    protected void clear() {
        this.parameterMutations.clear();
        this.mutation = false;
    }

    @Override // com.eviware.soapui.security.scan.AbstractSecurityScan, com.eviware.soapui.model.security.SecurityScan
    public JComponent getAdvancedSettingsPanel() {
        if (this.advancedSettingsPanel == null) {
            this.advancedSettingsPanel = new MalformedXmlAdvancedSettingsPanel(this.malformedXmlConfig);
        }
        return this.advancedSettingsPanel.getPanel();
    }

    @Override // com.eviware.soapui.security.scan.AbstractSecurityScanWithProperties, com.eviware.soapui.security.scan.AbstractSecurityScan, com.eviware.soapui.impl.wsdl.AbstractWsdlModelItem
    public void release() {
        if (this.advancedSettingsPanel != null) {
            this.advancedSettingsPanel.release();
        }
        super.release();
    }
}
