package org.owasp.webgoat.plugin;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.gargoylesoftware.htmlunit.html.HtmlForm;
import com.gargoylesoftware.htmlunit.html.HtmlVariable;
import com.google.common.collect.Maps;
import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import javax.xml.bind.JAXBContext;
import javax.xml.stream.XMLInputFactory;
import org.apache.commons.exec.OS;
import org.apache.commons.io.IOUtils;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.Form;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.Script;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table;
import org.owasp.webgoat.lessons.Category;
import org.owasp.webgoat.lessons.LessonAdapter;
import org.owasp.webgoat.session.WebSession;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.tags.form.AbstractHtmlElementTag;

/* loaded from: input_file:WebGoat.war:plugin_lessons/xxe-1.0.jar:org/owasp/webgoat/plugin/XXE.class */
public class XXE extends LessonAdapter {
    private static final String TRAVEL_FROM = "travelFrom";
    private FlightsRepo flights;
    private static final Integer DEFAULT_RANKING = new Integer(30);
    private static final String[] DEFAULT_LINUX_DIRECTORIES = {"usr", "opt", HtmlVariable.TAG_NAME};
    private static final String[] DEFAULT_WINDOWS_DIRECTORIES = {"Windows", "Program Files (x86)", "Program Files"};

    private SearchForm parseXml(String str) throws Exception {
        JAXBContext newInstance = JAXBContext.newInstance(new Class[]{SearchForm.class});
        XMLInputFactory newFactory = XMLInputFactory.newFactory();
        newFactory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, true);
        newFactory.setProperty(XMLInputFactory.SUPPORT_DTD, true);
        return (SearchForm) newInstance.createUnmarshaller().unmarshal(newFactory.createXMLStreamReader(new StringReader(str)));
    }

    @Override // org.owasp.webgoat.lessons.AbstractLesson
    public void handleRequest(WebSession webSession) {
        this.flights = new FlightsRepo(new File(LessonUtil.getLessonDirectory(webSession, this), "/csv/flights.txt"));
        try {
            String str = new String(IOUtils.toByteArray(webSession.getRequest().getReader()));
            if (StringUtils.hasText(str)) {
                SearchForm parseXml = parseXml(str);
                returnSearchResults(parseXml, webSession, checkSolution(parseXml, webSession));
            }
        } catch (Exception e) {
        }
        Form encType = new Form(getFormAction(), "POST").setName(HtmlForm.TAG_NAME).setEncType("");
        encType.setOnSubmit("getFlights('" + LessonUtil.getXHRLink(webSession, this) + "');");
        encType.addElement(createContent(webSession));
        setContent(encType);
    }

    private void returnSearchResults(SearchForm searchForm, WebSession webSession, boolean z) throws IOException {
        List<Flight> searchFlight = this.flights.searchFlight(searchForm.getFrom());
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put("successful", Boolean.valueOf(z));
        if (searchFlight != null) {
            webSession.getResponse().setContentType("text/html");
            webSession.getResponse().setHeader("Cache-Control", "no-cache");
            PrintWriter printWriter = new PrintWriter(webSession.getResponse().getOutputStream());
            ObjectMapper objectMapper = new ObjectMapper();
            newHashMap.put("searchCriteria", searchForm.getFrom());
            newHashMap.put("flights", searchFlight);
            printWriter.print(objectMapper.writeValueAsString(newHashMap));
            printWriter.flush();
            printWriter.close();
        }
    }

    private boolean checkSolution(SearchForm searchForm, WebSession webSession) {
        boolean z = true;
        for (String str : OS.isFamilyUnix() ? DEFAULT_LINUX_DIRECTORIES : DEFAULT_WINDOWS_DIRECTORIES) {
            z &= searchForm.getFrom().contains(str);
        }
        if (!z) {
            return false;
        }
        makeSuccess(webSession);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.session.Screen
    public Element createContent(WebSession webSession) {
        ElementContainer elementContainer = new ElementContainer();
        elementContainer.addElement(new Script().setSrc(LessonUtil.buildJsPath(webSession, this, "xxe.js")));
        Table width = new Table().setCellSpacing(0).setCellPadding(0).setBorder(0).setWidth("90%");
        TR tr = new TR();
        tr.addElement(new TD("From: ").setWidth("10%"));
        Input input = new Input("TEXT", TRAVEL_FROM, "");
        input.addAttribute(AbstractHtmlElementTag.ONKEYUP_ATTRIBUTE, "return getFlights('" + LessonUtil.getXHRLink(webSession, this) + "');");
        input.addAttribute("id", TRAVEL_FROM);
        tr.addElement(new TD(input).setWidth("90%"));
        width.addElement(tr);
        elementContainer.addElement(width);
        elementContainer.addElement(new BR());
        elementContainer.addElement(new BR());
        Div div = new Div();
        div.addAttribute("name", "flightsDiv");
        div.addAttribute("id", "flightsDiv");
        elementContainer.addElement(div);
        return elementContainer;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Category getDefaultCategory() {
        return Category.PARAMETER_TAMPERING;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected List<String> getHints(WebSession webSession) {
        ArrayList arrayList = new ArrayList();
        arrayList.add("Try searching with BOS, SFO or OAK");
        arrayList.add("XXE stands for XML External Entity attack");
        arrayList.add("Look at the search form when you submit");
        arrayList.add("Try to include your own DTD");
        return arrayList;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Integer getDefaultRanking() {
        return DEFAULT_RANKING;
    }

    @Override // org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson, org.owasp.webgoat.session.Screen
    public String getTitle() {
        return "XML External Entity (XXE)";
    }
}
