package org.owasp.webgoat.lessons;

import com.gargoylesoftware.htmlunit.html.HtmlForm;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.InputStreamReader;
import java.io.StringReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import org.apache.axis.Message;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.Body;
import org.apache.ecs.html.Form;
import org.apache.ecs.html.Head;
import org.apache.ecs.html.Html;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.PRE;
import org.apache.ecs.html.Title;
import org.eclipse.jdt.internal.compiler.impl.CompilerOptions;
import org.owasp.webgoat.session.ParameterNotFoundException;
import org.owasp.webgoat.session.Screen;
import org.owasp.webgoat.session.WebSession;
import org.owasp.webgoat.session.WebgoatContext;
import org.owasp.webgoat.session.WebgoatProperties;
import org.owasp.webgoat.util.BeanProvider;
import org.owasp.webgoat.util.LabelManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WebGoat.war:WEB-INF/classes/org/owasp/webgoat/lessons/AbstractLesson.class */
public abstract class AbstractLesson extends Screen implements Comparable<Object> {
    public static final String ADMIN_ROLE = "admin";
    public static final String CHALLENGE_ROLE = "challenge";
    public static final String HACKED_ADMIN_ROLE = "hacked_admin";
    public static final String USER_ROLE = "user";
    private Integer id;
    private Integer ranking;
    private Category category;
    private boolean hidden;
    private String sourceFileName;
    private String lessonSolutionFileName;
    private WebgoatContext webgoatContext;
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AbstractLesson.class);
    private static int count = 1;
    static final IMG nextGrey = new IMG("images/right16.gif").setAlt("Next").setBorder(0).setHspace(0).setVspace(0);
    static final IMG previousGrey = new IMG("images/left14.gif").setAlt("Previous").setBorder(0).setHspace(0).setVspace(0);
    private Map<String, String> lessonPlanFileName = new HashMap();
    private LinkedList<String> availableLanguages = new LinkedList<>();
    private String defaultLanguage = "en";
    private LabelManager labelManager = null;

    public AbstractLesson() {
        this.id = null;
        int i = count + 1;
        count = i;
        this.id = new Integer(i);
    }

    public String getName() {
        String name = getClass().getName();
        return name.substring(name.lastIndexOf(46) + 1);
    }

    public void setRanking(Integer num) {
        this.ranking = num;
    }

    public void setHidden(boolean z) {
        this.hidden = z;
    }

    public void update(WebgoatProperties webgoatProperties) {
        String name = getClass().getName();
        String substring = name.substring(name.lastIndexOf(".") + 1);
        setRanking(new Integer(webgoatProperties.getIntProperty("lesson." + substring + ".ranking", getDefaultRanking().intValue())));
        String str = "category." + getDefaultCategory().getName() + ".ranking";
        Category category = Category.getCategory(getDefaultCategory().getName());
        category.setRanking(new Integer(webgoatProperties.getIntProperty(str, getDefaultCategory().getRanking().intValue())));
        this.category = category;
        setHidden(webgoatProperties.getBooleanProperty("lesson." + substring + ".hidden", getDefaultHidden()));
    }

    public boolean isCompleted(WebSession webSession) {
        return getLessonTracker(webSession, this).getCompleted();
    }

    @Override // java.lang.Comparable
    public int compareTo(Object obj) {
        return getRanking().compareTo(((AbstractLesson) obj).getRanking());
    }

    public boolean equals(Object obj) {
        return getScreenId() == ((AbstractLesson) obj).getScreenId();
    }

    public Category getCategory() {
        return this.category;
    }

    protected abstract Integer getDefaultRanking();

    protected abstract Category getDefaultCategory();

    protected abstract boolean getDefaultHidden();

    public abstract String getSubmitMethod();

    public static String getFileMethod(BufferedReader bufferedReader, String str, boolean z) {
        int i = 0;
        StringBuffer stringBuffer = new StringBuffer();
        boolean z2 = false;
        boolean z3 = false;
        int i2 = 0;
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                if (readLine.indexOf(str) != -1 && (readLine.indexOf("public") != -1 || readLine.indexOf(CompilerOptions.PROTECTED) != -1 || readLine.indexOf("private") != -1)) {
                    z2 = true;
                    z3 = true;
                }
                if (z2 && z3) {
                    if (z) {
                        i++;
                        stringBuffer.append(pad(i) + "    ");
                    }
                    stringBuffer.append(readLine + "\n");
                }
                if (z2 && readLine.indexOf("{") != -1) {
                    i2++;
                }
                if (z2 && readLine.indexOf("}") != -1) {
                    i2--;
                    if (i2 == 0) {
                        z3 = false;
                        z2 = false;
                    }
                }
            } catch (Exception e) {
                System.out.println(e);
                e.printStackTrace();
            }
        }
        bufferedReader.close();
        return stringBuffer.toString();
    }

    public static String readFromFile(BufferedReader bufferedReader, boolean z) {
        return getFileText(bufferedReader, z);
    }

    public static String getFileText(BufferedReader bufferedReader, boolean z) {
        int i = 0;
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                if (z) {
                    i++;
                    stringBuffer.append(pad(i) + Message.MIME_UNKNOWN);
                }
                stringBuffer.append(readLine + System.getProperty("line.separator"));
            } catch (Exception e) {
                System.out.println(e);
                e.printStackTrace();
            }
        }
        bufferedReader.close();
        return stringBuffer.toString();
    }

    public boolean isEnterprise() {
        return false;
    }

    public int getHintCount(WebSession webSession) {
        return getHints(webSession).size();
    }

    protected abstract List<String> getHints(WebSession webSession);

    public List<String> getHintsPublic(WebSession webSession) {
        return getHints(webSession);
    }

    public String getHint(WebSession webSession, int i) {
        return "Hint: " + getHints(webSession).get(i);
    }

    public abstract String getInstructions(WebSession webSession);

    public String getLessonName() {
        return getClass().getSimpleName();
    }

    @Override // org.owasp.webgoat.session.Screen
    public abstract String getTitle();

    public String getLessonPlan(WebSession webSession) {
        StringBuffer stringBuffer = new StringBuffer();
        String currrentLanguage = webSession.getCurrrentLanguage();
        try {
            String lessonPlanFileName = getLessonPlanFileName(currrentLanguage);
            if (lessonPlanFileName == null) {
                lessonPlanFileName = getLessonPlanFileName(getDefaultLanguage());
            }
            stringBuffer.append(readFromFile(new BufferedReader(new FileReader(lessonPlanFileName)), false));
        } catch (Exception e) {
            stringBuffer = new StringBuffer("Could not find lesson plan for: " + getLessonName() + " and language " + currrentLanguage);
        }
        return stringBuffer.toString();
    }

    public Integer getRanking() {
        return this.ranking != null ? this.ranking : getDefaultRanking();
    }

    public boolean getHidden() {
        return this.hidden;
    }

    @Override // org.owasp.webgoat.session.Screen
    public String getRole() {
        return "user";
    }

    public int getScreenId() {
        return this.id.intValue();
    }

    public String getHtml_DELETE_ME(WebSession webSession) {
        return convertMetachars(readFromFile(new BufferedReader(new StringReader(createContent(webSession).toString())), true));
    }

    public String getSource(WebSession webSession) {
        String str;
        try {
            str = convertMetacharsJavaCode(readFromFile(new BufferedReader(new FileReader(getSourceFileName())), true));
        } catch (Exception e) {
            webSession.setMessage("Could not find source file");
            str = "Could not find the source file or source file does not exist.<br/>Send this message to: <a href=\"mailto:" + webSession.getWebgoatContext().getFeedbackAddress() + "?subject=Source " + getSourceFileName() + " not found. Lesson: " + webSession.getCurrentLesson().getLessonName() + "\">" + webSession.getWebgoatContext().getFeedbackAddress() + "</a>";
        }
        Html html = new Html();
        Head head = new Head();
        head.addElement(new Title(getSourceFileName()));
        Body body = new Body();
        body.addElement(new StringElement(str));
        html.addElement(head);
        html.addElement(body);
        return html.toString();
    }

    public String getRawSource(WebSession webSession) {
        String str;
        try {
            logger.debug("Loading source file: " + getSourceFileName());
            str = readFromFile(new BufferedReader(new FileReader(getSourceFileName())), false);
        } catch (FileNotFoundException e) {
            webSession.setMessage("Could not find source file");
            str = "Could not find the source file or source file does not exist.<br/>Send this message to: <a href=\"mailto:" + webSession.getWebgoatContext().getFeedbackAddress() + "?subject=Source " + getSourceFileName() + " not found. Lesson: " + webSession.getCurrentLesson().getLessonName() + "\">" + webSession.getWebgoatContext().getFeedbackAddress() + "</a>";
        }
        return str;
    }

    public String getSolution(WebSession webSession) {
        String str;
        try {
            str = readFromFile(new BufferedReader(new FileReader(getLessonSolutionFileName())), false);
        } catch (Exception e) {
            logger.error("Could not find solution for {}", getLessonSolutionFileName());
            webSession.setMessage("Could not find the solution file");
            str = "Could not find the solution file or solution file does not exist.<br/>Send this message to: <a href=\"mailto:" + webSession.getWebgoatContext().getFeedbackAddress() + "?subject=Solution " + getLessonSolutionFileName() + " not found. Lesson: " + webSession.getCurrentLesson().getLessonName() + "\">" + webSession.getWebgoatContext().getFeedbackAddress() + "</a>";
        }
        return str;
    }

    protected String getPath() {
        return "#attack";
    }

    public String getLink() {
        return new StringBuffer(getPath()).append("/").append(getScreenId()).append("/").append(getCategory().getRanking()).toString();
    }

    public String getServletLink() {
        return new StringBuffer("attack").append("?Screen=").append(getScreenId()).append("&menu=").append(getCategory().getRanking()).toString();
    }

    public String getPage(WebSession webSession) {
        return null;
    }

    public String getTemplatePage(WebSession webSession) {
        return null;
    }

    public abstract String getCurrentAction(WebSession webSession);

    public abstract void restartLesson();

    public abstract void setCurrentAction(WebSession webSession, String str);

    public boolean isAuthorized(WebSession webSession, int i, String str) {
        return false;
    }

    public boolean isAuthorized(WebSession webSession, String str, String str2) {
        logger.info("Checking if " + str + " authorized for: " + str2);
        boolean z = false;
        try {
            try {
                z = WebSession.getConnection(webSession).createStatement(1004, 1007).executeQuery("SELECT * FROM auth WHERE role = '" + str + "' and functionid = '" + str2 + "'").first();
                logger.info("authorized: " + z);
            } catch (SQLException e) {
                webSession.setMessage("Error authorizing");
                logger.error("Error authorizing", (Throwable) e);
            }
        } catch (Exception e2) {
            webSession.setMessage("Error authorizing");
            logger.error("Error authorizing", (Throwable) e2);
        }
        return z;
    }

    public int getUserId(WebSession webSession) throws ParameterNotFoundException {
        return -1;
    }

    public String getUserName(WebSession webSession) throws ParameterNotFoundException {
        return null;
    }

    public static String makeWindowScript(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<script language=\"JavaScript\">\n");
        stringBuffer.append(" <!--\n");
        stringBuffer.append("   function makeWindow(url) {\n");
        stringBuffer.append("\n");
        stringBuffer.append("       agent = navigator.userAgent;\n");
        stringBuffer.append("\n");
        stringBuffer.append("       params  = \"\";\n");
        stringBuffer.append("       params += \"toolbar=0,\";\n");
        stringBuffer.append("       params += \"location=0,\";\n");
        stringBuffer.append("       params += \"directories=0,\";\n");
        stringBuffer.append("       params += \"status=0,\";\n");
        stringBuffer.append("       params += \"menubar=0,\";\n");
        stringBuffer.append("       params += \"scrollbars=1,\";\n");
        stringBuffer.append("       params += \"resizable=1,\";\n");
        stringBuffer.append("       params += \"width=500,\";\n");
        stringBuffer.append("       params += \"height=350\";\n");
        stringBuffer.append("\n");
        stringBuffer.append("       // close the window to vary the window size\n");
        stringBuffer.append("       if (typeof(win) == \"object\" && !win.closed){\n");
        stringBuffer.append("            win.close();\n");
        stringBuffer.append("       }\n");
        stringBuffer.append("\n");
        stringBuffer.append("       win = window.open(url, '" + str + "' , params);\n");
        stringBuffer.append("\n");
        stringBuffer.append("           // bring the window to the front\n");
        stringBuffer.append("       win.focus();\n");
        stringBuffer.append("   }\n");
        stringBuffer.append(" //-->\n");
        stringBuffer.append(" </script>\n");
        return stringBuffer.toString();
    }

    public static Element readFromURL(String str) {
        ElementContainer elementContainer = new ElementContainer();
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(((HttpURLConnection) new URL(str).openConnection()).getInputStream()));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                elementContainer.addElement(new StringElement(readLine));
            }
            bufferedReader.close();
        } catch (Exception e) {
            System.out.println(e);
            e.printStackTrace();
        }
        return elementContainer;
    }

    public static Element readMethodFromFile(BufferedReader bufferedReader, String str, boolean z) {
        return new PRE().addElement(getFileMethod(bufferedReader, str, z));
    }

    public void handleRequest(WebSession webSession) {
        Form encType = new Form(getFormAction(), "POST").setName(HtmlForm.TAG_NAME).setEncType("");
        encType.addElement(createContent(webSession));
        setContent(encType);
        webSession.getRequest().getRequestURL();
    }

    public String getFormAction() {
        return getLink();
    }

    public String toString() {
        return getTitle();
    }

    public String getDefaultLanguage() {
        return this.defaultLanguage;
    }

    public String getLessonPlanFileName(String str) {
        String str2 = this.lessonPlanFileName.get(str);
        if (str2 == null) {
            str2 = this.lessonPlanFileName.get(getDefaultLanguage());
        }
        return str2;
    }

    public void setLessonPlanFileName(String str, String str2) {
        this.lessonPlanFileName.put(str, str2);
        this.availableLanguages.add(str);
    }

    public List<String> getAvailableLanguages() {
        return this.availableLanguages;
    }

    public String getLessonSolutionFileName() {
        return this.lessonSolutionFileName;
    }

    public void setLessonSolutionFileName(String str) {
        this.lessonSolutionFileName = str;
    }

    public String getSourceFileName() {
        return this.sourceFileName;
    }

    public void setSourceFileName(String str) {
        logger.debug("Setting source file of lesson " + this + " to: " + str);
        this.sourceFileName = str;
    }

    public WebgoatContext getWebgoatContext() {
        return this.webgoatContext;
    }

    public void setWebgoatContext(WebgoatContext webgoatContext) {
        this.webgoatContext = webgoatContext;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public LabelManager getLabelManager() {
        if (this.labelManager == null) {
            this.labelManager = (LabelManager) BeanProvider.getBean("labelManager", LabelManager.class);
        }
        return this.labelManager;
    }
}
