package org.sonar.java.checks.spring;

import java.util.Collections;
import java.util.List;
import org.sonar.check.Rule;
import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
import org.sonar.plugins.java.api.semantic.Type;
import org.sonar.plugins.java.api.tree.AnnotationTree;
import org.sonar.plugins.java.api.tree.MethodTree;
import org.sonar.plugins.java.api.tree.Tree;

@Rule(key = "S4529")
/* loaded from: input_file:org/sonar/java/checks/spring/SpringEndpointsCheck.class */
public class SpringEndpointsCheck extends IssuableSubscriptionVisitor {
    private static final String REQUEST_MAPPING_ANNOTATION = "org.springframework.web.bind.annotation.RequestMapping";
    private static final String MESSAGE = "Make sure that exposing this HTTP endpoint is safe here.";

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public List<Tree.Kind> nodesToVisit() {
        return Collections.singletonList(Tree.Kind.METHOD);
    }

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public void visitNode(Tree tree) {
        if (hasSemantic()) {
            MethodTree methodTree = (MethodTree) tree;
            methodTree.modifiers().annotations().stream().filter(SpringEndpointsCheck::isSpringWebHandler).forEach(annotationTree -> {
                reportIssue(methodTree.simpleName(), MESSAGE);
            });
        }
    }

    private static boolean isSpringWebHandler(AnnotationTree annotationTree) {
        Type symbolType = annotationTree.annotationType().symbolType();
        return symbolType.is(REQUEST_MAPPING_ANNOTATION) || symbolType.symbol().metadata().isAnnotatedWith(REQUEST_MAPPING_ANNOTATION);
    }
}
