package apiaddicts.sonar.openapi.checks.security;

import apiaddicts.sonar.openapi.checks.BaseCheck;
import apiaddicts.sonar.openapi.utils.VerbPathMatcher;
import com.google.common.collect.ImmutableSet;
import com.sonar.sslr.api.AstNodeType;
import java.util.Set;
import org.apiaddicts.apitools.dosonarapi.api.v2.OpenApi2Grammar;
import org.apiaddicts.apitools.dosonarapi.api.v3.OpenApi3Grammar;
import org.apiaddicts.apitools.dosonarapi.api.v31.OpenApi31Grammar;
import org.apiaddicts.apitools.dosonarapi.sslr.yaml.grammar.JsonNode;
import org.sonar.check.Rule;

@Rule(key = OAR078VerbsSecurityCheck.KEY)
/* loaded from: input_file:apiaddicts/sonar/openapi/checks/security/OAR078VerbsSecurityCheck.class */
public class OAR078VerbsSecurityCheck extends BaseCheck {
    public static final String KEY = "OAR078";
    private static final String MESSAGE = "OAR078.error";
    private static final Set<String> SECURITY_VERBS = ImmutableSet.of(VerbPathMatcher.GET_WORD, "post", "put", "patch", VerbPathMatcher.DELETE_WORD);
    private boolean hasGlobalSecurity = false;

    @Override // org.apiaddicts.apitools.dosonarapi.api.OpenApiCheck
    public Set<AstNodeType> subscribedKinds() {
        return ImmutableSet.of((OpenApi31Grammar) OpenApi2Grammar.PATH, (OpenApi31Grammar) OpenApi3Grammar.PATH, OpenApi31Grammar.PATH, (OpenApi31Grammar) OpenApi2Grammar.OPERATION, (OpenApi31Grammar) OpenApi3Grammar.OPERATION, OpenApi31Grammar.OPERATION, (OpenApi31Grammar[]) new AstNodeType[0]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apiaddicts.apitools.dosonarapi.api.OpenApiVisitor
    public void visitFile(JsonNode jsonNode) {
        JsonNode jsonNode2 = jsonNode.get("security");
        if (jsonNode2 != null && !jsonNode2.isMissing() && !jsonNode2.isNull() && !jsonNode2.elements().isEmpty()) {
            this.hasGlobalSecurity = true;
        }
        super.visitFile(jsonNode);
    }

    @Override // org.apiaddicts.apitools.dosonarapi.api.OpenApiVisitor
    public void visitNode(JsonNode jsonNode) {
        if (this.hasGlobalSecurity) {
            return;
        }
        if (jsonNode.getType() == OpenApi2Grammar.PATH || jsonNode.getType() == OpenApi3Grammar.PATH || jsonNode.getType() == OpenApi31Grammar.PATH) {
            visitOperationNode(jsonNode);
        } else if (jsonNode.getType() == OpenApi2Grammar.OPERATION || jsonNode.getType() == OpenApi3Grammar.OPERATION || jsonNode.getType() == OpenApi31Grammar.OPERATION) {
            visitOperationNode(jsonNode);
        }
    }

    private void visitOperationNode(JsonNode jsonNode) {
        if (SECURITY_VERBS.contains(jsonNode.key().getTokenValue().toLowerCase())) {
            JsonNode jsonNode2 = jsonNode.get("security");
            if (jsonNode2.isMissing() || jsonNode2.isNull() || jsonNode2.elements().isEmpty()) {
                addIssue(KEY, translate(MESSAGE, new Object[0]), jsonNode.key());
            }
        }
    }
}
