package org.owasp.webgoat.plugin;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.List;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.PRE;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table;
import org.owasp.webgoat.lessons.Category;
import org.owasp.webgoat.lessons.LessonAdapter;
import org.owasp.webgoat.plugin.GoatHillsFinancial.GoatHillsFinancial;
import org.owasp.webgoat.session.ECSFactory;
import org.owasp.webgoat.session.WebSession;

/* loaded from: input_file:WebGoat.war:plugin_lessons/log-spoofing-1.0.jar:org/owasp/webgoat/plugin/LogSpoofing.class */
public class LogSpoofing extends LessonAdapter {
    private static final String USERNAME = "username";
    private static final String PASSWORD = "password";
    private static final Integer DEFAULT_RANKING = new Integer(72);

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.session.Screen
    public Element createContent(WebSession webSession) {
        ElementContainer elementContainer;
        ElementContainer elementContainer2 = null;
        try {
            Table border = new Table(0).setCellSpacing(0).setCellPadding(0).setBorder(0);
            TR tr = new TR();
            TR tr2 = new TR();
            TR tr3 = new TR();
            tr.addElement(new TD(new StringElement(getLabelManager().get("UserName") + ":")));
            tr.addElement(new TD(new Input("TEXT", USERNAME, "")));
            tr2.addElement(new TD(new StringElement(getLabelManager().get(ECSFactory.PASSWORD) + ": ")));
            tr2.addElement(new TD(new Input(Input.PASSWORD, "password", "")));
            Element makeButton = ECSFactory.makeButton(getLabelManager().get(GoatHillsFinancial.LOGIN_ACTION));
            tr3.addElement(new TD(new StringElement("&nbsp; ")));
            tr3.addElement(new TD(makeButton)).setAlign("right");
            border.addElement(tr);
            border.addElement(tr2);
            border.addElement(tr3);
            elementContainer2 = new ElementContainer();
            elementContainer2.addElement(border);
            String str = new String(webSession.getParser().getRawParameter(USERNAME, ""));
            if (str.length() != 0) {
                str = URLDecoder.decode(str, "UTF-8");
            }
            elementContainer2.addElement(new PRE(" "));
            Table border2 = new Table(0).setCellSpacing(0).setCellPadding(0).setBorder(0);
            TR tr4 = new TR();
            tr4.addElement(new TD(new PRE(getLabelManager().get("LoginFailedForUserName") + ": " + str))).setBgColor("#808080");
            border2.addElement(tr4);
            elementContainer2.addElement(border2);
            if (str.length() > 0 && str.indexOf(10) >= 0 && str.indexOf(10) >= 0) {
                makeSuccess(webSession);
            }
            elementContainer = elementContainer2;
        } catch (UnsupportedEncodingException e) {
            webSession.setMessage("Error generating " + getClass().getName());
            e.printStackTrace();
            elementContainer = elementContainer2;
        }
        return elementContainer;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Integer getDefaultRanking() {
        return DEFAULT_RANKING;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected List<String> getHints(WebSession webSession) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(getLabelManager().get("LogSpoofingHint1"));
        arrayList.add(getLabelManager().get("LogSpoofingHint2"));
        arrayList.add(getLabelManager().get("LogSpoofingHint3"));
        arrayList.add(getLabelManager().get("LogSpoofingHint4"));
        return arrayList;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson, org.owasp.webgoat.session.Screen
    public String getTitle() {
        return "Log Spoofing";
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Category getDefaultCategory() {
        return Category.INJECTION;
    }
}
