package apiquality.sonar.openapi.checks.security;

import apiquality.sonar.openapi.checks.BaseCheck;
import com.google.common.collect.ImmutableSet;
import com.sonar.sslr.api.AstNodeType;
import java.util.Set;
import org.apiaddicts.apitools.dosonarapi.api.v2.OpenApi2Grammar;
import org.apiaddicts.apitools.dosonarapi.api.v3.OpenApi3Grammar;
import org.apiaddicts.apitools.dosonarapi.api.v31.OpenApi31Grammar;
import org.apiaddicts.apitools.dosonarapi.sslr.yaml.grammar.JsonNode;
import org.sonar.check.Rule;

@Rule(key = OAR072NonOKModelResponseCheck.KEY)
/* loaded from: input_file:apiquality/sonar/openapi/checks/security/OAR072NonOKModelResponseCheck.class */
public class OAR072NonOKModelResponseCheck extends BaseCheck {
    public static final String KEY = "OAR072";
    private static final String MESSAGE = "OAR072.error";
    private static final Set<String> ALLOWED_RESPONSE_CODES = ImmutableSet.of("200", "201", "202", "203", "204", "205", "206", "207", "208", "226", "250");

    @Override // org.apiaddicts.apitools.dosonarapi.api.OpenApiCheck
    public Set<AstNodeType> subscribedKinds() {
        return ImmutableSet.of((OpenApi31Grammar) OpenApi2Grammar.OPERATION, (OpenApi31Grammar) OpenApi3Grammar.OPERATION, OpenApi31Grammar.OPERATION);
    }

    @Override // org.apiaddicts.apitools.dosonarapi.api.OpenApiVisitor
    public void visitNode(JsonNode jsonNode) {
        visitOperationNode(jsonNode);
    }

    private void visitOperationNode(JsonNode jsonNode) {
        JsonNode jsonNode2 = jsonNode.get("responses");
        if (jsonNode2 != null) {
            for (JsonNode jsonNode3 : jsonNode2.propertyMap().values()) {
                if (!ALLOWED_RESPONSE_CODES.contains(jsonNode3.key().getTokenValue())) {
                    if (jsonNode.is(OpenApi2Grammar.OPERATION)) {
                        checkSwaggerResponse(jsonNode3);
                    } else if (jsonNode.is(OpenApi3Grammar.OPERATION)) {
                        checkOpenApiResponse(jsonNode3);
                    } else if (jsonNode.is(OpenApi31Grammar.OPERATION)) {
                        checkOpenApiResponse(jsonNode3);
                    }
                }
            }
        }
    }

    private void checkSwaggerResponse(JsonNode jsonNode) {
        JsonNode jsonNode2;
        JsonNode jsonNode3 = jsonNode.get("schema");
        if (jsonNode3 == null || (jsonNode2 = jsonNode3.get("properties")) == null) {
            return;
        }
        JsonNode jsonNode4 = jsonNode2.get("stackTrace");
        if (jsonNode4.isMissing()) {
            return;
        }
        addIssue(KEY, translate(MESSAGE, new Object[0]), jsonNode4.key());
    }

    private void checkOpenApiResponse(JsonNode jsonNode) {
        JsonNode jsonNode2;
        JsonNode jsonNode3;
        JsonNode jsonNode4;
        JsonNode jsonNode5 = jsonNode.get("content");
        if (jsonNode5 == null || (jsonNode2 = jsonNode5.get("application/json")) == null || (jsonNode3 = jsonNode2.get("schema")) == null || (jsonNode4 = jsonNode3.get("properties")) == null) {
            return;
        }
        JsonNode jsonNode6 = jsonNode4.get("stackTrace");
        if (jsonNode6.isMissing()) {
            return;
        }
        addIssue(KEY, translate(MESSAGE, new Object[0]), jsonNode6.key());
    }
}
