package org.owasp.webgoat.session;

import java.util.Enumeration;
import java.util.StringTokenizer;
import java.util.Vector;
import java.util.regex.Pattern;
import javax.servlet.ServletRequest;
import org.owasp.webgoat.util.HtmlEncoder;
import org.springframework.beans.PropertyAccessor;
import org.springframework.beans.factory.BeanFactory;

/* loaded from: input_file:WebGoat.war:WEB-INF/classes/org/owasp/webgoat/session/ParameterParser.class */
public class ParameterParser {
    private static final String ALLOWED_CHARACTERS = "_$()-?.@!,:;=//+";
    private ServletRequest request;
    private static final String SSNREGEX = "^\\d{3}-\\d{2}-\\d{4}$";
    private static final Pattern Ssnpattern = Pattern.compile(SSNREGEX);
    private static final String CCNREGEX = "^\\d{16}$";
    private static final Pattern Ccnpattern = Pattern.compile(CCNREGEX);
    private static final String ZIPREGEX = "^\\d{5}(-\\d{4})?$";
    private static final Pattern Zippattern = Pattern.compile(ZIPREGEX);
    private static final String PHONEREGEX = "^\\(?[\\d]{3}\\)?[\\s-]?[\\d]{3}[\\s-]?[\\d]{4}$";
    private static final Pattern phonepattern = Pattern.compile(PHONEREGEX);
    private static final String EMAILREGEX = "^[\\w-]+(?:\\.[\\w-]+)*@(?:[\\w-]+\\.)+[a-zA-Z]{2,7}$";
    private static final Pattern emailpattern = Pattern.compile(EMAILREGEX);
    private static final String DATEREGEX = "([\\/ .,:0-9a-zA-Z])+$";
    private static final Pattern datepattern = Pattern.compile(DATEREGEX);
    private static final String URLREGEX = "^(((https?)://)([-()_.!~*';/?:@&=+$,A-Za-z0-9])+)([).!';/?:,][[:blank:]])?$";
    private static final Pattern URLpattern = Pattern.compile(URLREGEX);

    public ParameterParser(ServletRequest servletRequest) {
        this.request = servletRequest;
    }

    private String clean(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (Character.isLetterOrDigit(charAt) || Character.isWhitespace(charAt) || ALLOWED_CHARACTERS.indexOf(charAt) != -1) {
                stringBuffer.append(charAt);
            } else {
                stringBuffer.append('.');
            }
        }
        return stringBuffer.toString();
    }

    public boolean getBooleanParameter(String str) throws ParameterNotFoundException {
        return new Boolean(getStringParameter(str)).booleanValue();
    }

    public boolean getBooleanParameter(String str, boolean z) {
        try {
            return getBooleanParameter(str);
        } catch (Exception e) {
            return z;
        }
    }

    public boolean getBooleanSubParameter(String str, String str2, boolean z) {
        try {
            return new Boolean(getSubParameter(str, str2)).booleanValue();
        } catch (Exception e) {
            return z;
        }
    }

    public byte getByteParameter(String str) throws ParameterNotFoundException, NumberFormatException {
        return Byte.parseByte(getStringParameter(str));
    }

    public byte getByteParameter(String str, byte b) {
        try {
            return getByteParameter(str);
        } catch (Exception e) {
            return b;
        }
    }

    public char getCharParameter(String str) throws ParameterNotFoundException {
        String stringParameter = getStringParameter(str);
        if (stringParameter.length() == 0) {
            throw new ParameterNotFoundException(str + " is empty string");
        }
        return stringParameter.charAt(0);
    }

    public char getCharParameter(String str, char c) {
        try {
            return getCharParameter(str);
        } catch (Exception e) {
            return c;
        }
    }

    public String getClassNameParameter(String str) throws ParameterNotFoundException {
        return new StringTokenizer(getStringParameter(str)).nextToken().trim();
    }

    public String getClassNameParameter(String str, String str2) {
        try {
            return getClassNameParameter(str);
        } catch (Exception e) {
            return str2;
        }
    }

    public double getDoubleParameter(String str) throws ParameterNotFoundException, NumberFormatException {
        return new Double(getStringParameter(str)).doubleValue();
    }

    public double getDoubleParameter(String str, double d) {
        try {
            return getDoubleParameter(str);
        } catch (Exception e) {
            return d;
        }
    }

    public float getFloatParameter(String str) throws ParameterNotFoundException, NumberFormatException {
        return new Float(getStringParameter(str)).floatValue();
    }

    public float getFloatParameter(String str, float f) {
        try {
            return getFloatParameter(str);
        } catch (Exception e) {
            return f;
        }
    }

    public String getIPParameter(String str, String str2) {
        try {
            return getIPParameter(str);
        } catch (Exception e) {
            return str2;
        }
    }

    public String getIPParameter(String str) throws ParameterNotFoundException {
        boolean z = true;
        String[] parameterValues = this.request.getParameterValues(str);
        if (parameterValues == null) {
            throw new ParameterNotFoundException(str + " not found");
        }
        if (parameterValues[0].length() == 0) {
            throw new ParameterNotFoundException(str + " was empty");
        }
        String clean = clean(parameterValues[0].trim());
        if (clean.indexOf(BeanFactory.FACTORY_BEAN_PREFIX) > 0) {
            clean = clean.substring(0, clean.indexOf(BeanFactory.FACTORY_BEAN_PREFIX));
        }
        int i = 0;
        int i2 = 0;
        if (clean.indexOf(".") >= 0) {
            for (int i3 = 0; z && i3 < 4; i3++) {
                i2 = clean.indexOf(".", i);
                if (i2 == -1) {
                    i2 = clean.length();
                }
                String substring = clean.substring(i, i2);
                i = i2 + 1;
                try {
                    int parseInt = Integer.parseInt(substring);
                    if (parseInt <= 0 || parseInt >= 256) {
                        z = false;
                    }
                } catch (Exception e) {
                    z = false;
                }
            }
        } else {
            z = false;
        }
        if (clean.length() != i2) {
            z = false;
        }
        if (z) {
            return clean;
        }
        return null;
    }

    public int getIntParameter(String str) throws ParameterNotFoundException, NumberFormatException {
        return Integer.parseInt(getStringParameter(str));
    }

    public int getIntParameter(String str, int i) {
        try {
            return getIntParameter(str);
        } catch (Exception e) {
            return i;
        }
    }

    public long getLongParameter(String str) throws ParameterNotFoundException, NumberFormatException {
        return Long.parseLong(getStringParameter(str));
    }

    public long getLongParameter(String str, long j) {
        try {
            return getLongParameter(str);
        } catch (Exception e) {
            return j;
        }
    }

    public String[] getMissingParameters(String[] strArr) {
        Vector vector = new Vector();
        for (int i = 0; i < strArr.length; i++) {
            if (getStringParameter(strArr[i], null) == null) {
                vector.addElement(strArr[i]);
            }
        }
        if (vector.size() == 0) {
            return null;
        }
        String[] strArr2 = new String[vector.size()];
        vector.copyInto(strArr2);
        return strArr2;
    }

    public Enumeration getParameterNames() {
        if (this.request == null) {
            return null;
        }
        return this.request.getParameterNames();
    }

    public String[] getParameterValues(String str) {
        if (this.request == null) {
            return null;
        }
        return this.request.getParameterValues(str);
    }

    public String getRawParameter(String str, String str2) {
        try {
            return getRawParameter(str);
        } catch (Exception e) {
            return str2;
        }
    }

    public String getRawParameter(String str) throws ParameterNotFoundException {
        String[] parameterValues = this.request.getParameterValues(str);
        if (parameterValues == null) {
            throw new ParameterNotFoundException(str + " not found");
        }
        if (parameterValues[0].length() == 0) {
            throw new ParameterNotFoundException(str + " was empty");
        }
        return parameterValues[0];
    }

    public short getShortParameter(String str) throws ParameterNotFoundException, NumberFormatException {
        return Short.parseShort(getStringParameter(str));
    }

    public short getShortParameter(String str, short s) {
        try {
            return getShortParameter(str);
        } catch (Exception e) {
            return s;
        }
    }

    public String getStringParameter(String str) throws ParameterNotFoundException {
        String[] parameterValues = this.request.getParameterValues(str);
        if (parameterValues == null) {
            throw new ParameterNotFoundException(str + " not found");
        }
        if (parameterValues[0].length() == 0) {
            throw new ParameterNotFoundException(str + " was empty");
        }
        String clean = clean(parameterValues[0].trim());
        if (clean.indexOf(BeanFactory.FACTORY_BEAN_PREFIX) > 0) {
            clean = clean.substring(0, clean.indexOf(BeanFactory.FACTORY_BEAN_PREFIX));
        }
        return clean;
    }

    public String getStringParameter(String str, String str2) {
        try {
            return getStringParameter(str);
        } catch (Exception e) {
            return str2;
        }
    }

    public String getSubParameter(String str, String str2, String str3) {
        try {
            return getSubParameter(str, str2);
        } catch (Exception e) {
            return str3;
        }
    }

    public String getSubParameter(String str, String str2) throws ParameterNotFoundException {
        String[] parameterValues = this.request.getParameterValues(str);
        if (parameterValues == null) {
            throw new ParameterNotFoundException(str + " not found");
        }
        if (parameterValues[0].length() == 0) {
            throw new ParameterNotFoundException(str + " was empty");
        }
        String clean = clean(parameterValues[0].trim());
        int indexOf = clean.indexOf(BeanFactory.FACTORY_BEAN_PREFIX) + 1;
        if (indexOf == 0) {
            throw new ParameterNotFoundException("No subparameter key");
        }
        String substring = clean.substring(indexOf);
        int indexOf2 = substring.indexOf(str2 + "=");
        if (indexOf2 < 0) {
            throw new ParameterNotFoundException("No subparameter value");
        }
        int length = indexOf2 + str2.length() + 1;
        if (length < 0) {
            throw new ParameterNotFoundException(str2 + " not found");
        }
        String substring2 = substring.substring(length);
        if (substring2.indexOf(BeanFactory.FACTORY_BEAN_PREFIX) > 0) {
            substring2 = substring2.substring(0, substring2.indexOf(BeanFactory.FACTORY_BEAN_PREFIX));
        }
        return substring2;
    }

    public String getWordParameter(String str) throws ParameterNotFoundException {
        return new StringTokenizer(getStringParameter(str)).nextToken().trim();
    }

    public String getWordParameter(String str, String str2) {
        try {
            return getWordParameter(str);
        } catch (Exception e) {
            return str2;
        }
    }

    private String getRegexParameter(String str, String str2, Pattern pattern) throws ValidationException {
        try {
            return getRegexParameter(str, pattern);
        } catch (Exception e) {
            return str2;
        }
    }

    private String getRegexParameter(String str, Pattern pattern) throws ParameterNotFoundException, ValidationException {
        String stringParameter = getStringParameter(str);
        if (pattern.matcher(stringParameter).matches()) {
            return stringParameter;
        }
        throw new ValidationException(str + " contained an invalid value");
    }

    public String getStrictAlphaParameter(String str, int i) throws ParameterNotFoundException, ValidationException {
        return getRegexParameter(str, Pattern.compile("^[a-zA-Z\\s]{0," + i + "}$"));
    }

    public String getStrictNumericParameter(String str, int i) throws ParameterNotFoundException, ValidationException {
        return getRegexParameter(str, Pattern.compile("^\\d{0," + i + "}$"));
    }

    public String getSsnParameter(String str) throws ParameterNotFoundException, ValidationException {
        return getRegexParameter(str, Ssnpattern);
    }

    public String getCcnParameter(String str) throws ParameterNotFoundException, ValidationException {
        return getRegexParameter(str, Ccnpattern);
    }

    public String getZipParameter(String str) throws ParameterNotFoundException, ValidationException {
        return getZipParameter(str, null);
    }

    public String getZipParameter(String str, String str2) throws ValidationException {
        return getRegexParameter(str, str2, Zippattern);
    }

    public String getPhoneParameter(String str) throws ParameterNotFoundException, ValidationException {
        return getPhoneParameter(str, null);
    }

    public String getPhoneParameter(String str, String str2) throws ValidationException {
        return getRegexParameter(str, str2, phonepattern);
    }

    public String getEMailParameter(String str) throws ParameterNotFoundException, ValidationException {
        return getEMailParameter(str, null);
    }

    public String getEMailParameter(String str, String str2) throws ValidationException {
        return getRegexParameter(str, str2, emailpattern);
    }

    public String getDateParameter(String str) throws ParameterNotFoundException, ValidationException {
        return getDateParameter(str, null);
    }

    public String getDateParameter(String str, String str2) throws ValidationException {
        return getRegexParameter(str, str2, datepattern);
    }

    public String getURLParameter(String str) throws ParameterNotFoundException, ValidationException {
        return getURLParameter(str, null);
    }

    public String getURLParameter(String str, String str2) throws ValidationException {
        return getRegexParameter(str, str2, URLpattern);
    }

    protected static String htmlEncode(String str) {
        return HtmlEncoder.encode(str);
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer(PropertyAccessor.PROPERTY_KEY_PREFIX);
        Enumeration parameterNames = getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            stringBuffer.append(str + "=" + getParameterValues(str)[0]);
            if (parameterNames.hasMoreElements()) {
                stringBuffer.append(",");
            }
        }
        stringBuffer.append("]");
        return stringBuffer.toString();
    }

    public void update(ServletRequest servletRequest) {
        this.request = servletRequest;
    }
}
