package org.owasp.webgoat.plugin;

import java.util.ArrayList;
import java.util.List;
import javax.servlet.http.HttpSession;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Form;
import org.apache.ecs.html.H1;
import org.apache.ecs.html.Input;
import org.owasp.webgoat.lessons.Category;
import org.owasp.webgoat.session.WebSession;
import org.owasp.webgoat.util.HtmlEncoder;

/* loaded from: input_file:WebGoat.war:plugin_lessons/csrf-prompt-by-pass-1.0.jar:org/owasp/webgoat/plugin/CsrfPromptByPass.class */
public class CsrfPromptByPass extends CSRF {
    private static final String TRANSFER_FUNDS_PARAMETER = "transferFunds";
    private static final String TRANSFER_FUNDS_PAGE = "main";
    private static final String TRANSFER_FUND_AMOUNT_ATTRIBUTE = "transferFundAmount";
    private static final String CANCEL_TRANSFER = "CANCEL";
    private static final String CONFIRM_TRANFER = "CONFIRM";
    private static final Integer DEFAULT_RANKING = new Integer(122);

    @Override // org.owasp.webgoat.plugin.CSRF
    protected Element doTransfer(WebSession webSession) {
        String encode = HtmlEncoder.encode(webSession.getParser().getRawParameter(TRANSFER_FUNDS_PARAMETER, ""));
        ElementContainer elementContainer = new ElementContainer();
        if (encode.length() != 0) {
            HttpSession session = webSession.getRequest().getSession();
            Integer num = (Integer) session.getAttribute(TRANSFER_FUND_AMOUNT_ATTRIBUTE);
            if (encode.equalsIgnoreCase("main")) {
                elementContainer.addElement(new H1("Electronic Transfer:"));
                Form form = new Form(getLink(), "POST");
                form.addElement(new Input("text", TRANSFER_FUNDS_PARAMETER, "0"));
                form.addElement(new Input("submit"));
                elementContainer.addElement(form);
            } else if (encode.equalsIgnoreCase(CONFIRM_TRANFER) && num != null) {
                elementContainer.addElement(new H1("Electronic Transfer Complete"));
                elementContainer.addElement(new StringElement("Amount Transfered: " + num));
                makeSuccess(webSession);
            } else if (encode.equalsIgnoreCase(CANCEL_TRANSFER)) {
                webSession.getRequest().removeAttribute(TRANSFER_FUND_AMOUNT_ATTRIBUTE);
            } else if (encode.length() > 0) {
                Integer num2 = new Integer(encode);
                session.setAttribute(TRANSFER_FUND_AMOUNT_ATTRIBUTE, num2);
                elementContainer.addElement(new H1("Electronic Transfer Confirmation:"));
                elementContainer.addElement(new StringElement("Amount to transfer: " + num2));
                elementContainer.addElement(new BR());
                Form form2 = new Form(getLink(), "POST");
                form2.addElement(new Input("submit", TRANSFER_FUNDS_PARAMETER, CONFIRM_TRANFER));
                form2.addElement(new Input("submit", TRANSFER_FUNDS_PARAMETER, CANCEL_TRANSFER));
                elementContainer.addElement(form2);
            }
        }
        elementContainer.addElement(new BR());
        elementContainer.addElement(new BR());
        elementContainer.addElement(new BR());
        return elementContainer;
    }

    @Override // org.owasp.webgoat.plugin.CSRF
    protected boolean isTransferFunds(WebSession webSession) {
        return webSession.getParser().getRawParameter(TRANSFER_FUNDS_PARAMETER, "").length() != 0;
    }

    @Override // org.owasp.webgoat.plugin.CSRF, org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Category getDefaultCategory() {
        return Category.XSS;
    }

    @Override // org.owasp.webgoat.plugin.CSRF, org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected Integer getDefaultRanking() {
        return DEFAULT_RANKING;
    }

    @Override // org.owasp.webgoat.plugin.CSRF, org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson
    protected List<String> getHints(WebSession webSession) {
        ArrayList arrayList = new ArrayList();
        arrayList.add("Inspect the page returned by a URL '" + getServletLink() + "&transferFunds=5000'");
        arrayList.add("Write a malicious message that, when shown in the browser, will submit the two fund requests.");
        arrayList.add("Insert two images or iframes, the second with no source.  Specify the onload attribute of the first iframe to set the source of the second iframe.");
        arrayList.add("Include these URLs in the message: <pre>'" + getServletLink() + "&transferFunds=400'</pre> and <pre>'" + getServletLink() + "&transferFunds=CONFIRM'</pre>");
        return arrayList;
    }

    @Override // org.owasp.webgoat.plugin.CSRF, org.owasp.webgoat.lessons.LessonAdapter, org.owasp.webgoat.lessons.AbstractLesson, org.owasp.webgoat.session.Screen
    public String getTitle() {
        return "CSRF Prompt By-Pass";
    }
}
