package com.eviware.soapui.security.assertion;

import com.eviware.soapui.SoapUI;
import com.eviware.soapui.config.TestAssertionConfig;
import com.eviware.soapui.impl.support.AbstractHttpRequest;
import com.eviware.soapui.impl.wsdl.support.HelpUrls;
import com.eviware.soapui.impl.wsdl.teststeps.WsdlMessageAssertion;
import com.eviware.soapui.impl.wsdl.teststeps.assertions.AbstractTestAssertionFactory;
import com.eviware.soapui.model.ModelItem;
import com.eviware.soapui.model.iface.MessageExchange;
import com.eviware.soapui.model.iface.SubmitContext;
import com.eviware.soapui.model.security.SecurityScan;
import com.eviware.soapui.model.security.SensitiveInformationTableModel;
import com.eviware.soapui.model.testsuite.Assertable;
import com.eviware.soapui.model.testsuite.AssertionError;
import com.eviware.soapui.model.testsuite.AssertionException;
import com.eviware.soapui.model.testsuite.ResponseAssertion;
import com.eviware.soapui.model.testsuite.TestAssertion;
import com.eviware.soapui.model.testsuite.TestProperty;
import com.eviware.soapui.security.SensitiveInformationPropertyHolder;
import com.eviware.soapui.support.SecurityScanUtil;
import com.eviware.soapui.support.StringUtils;
import com.eviware.soapui.support.UISupport;
import com.eviware.soapui.support.components.JXToolBar;
import com.eviware.soapui.support.xml.XmlObjectConfigurationBuilder;
import com.eviware.soapui.support.xml.XmlObjectConfigurationReader;
import com.eviware.x.form.XFormDialog;
import com.eviware.x.form.support.ADialogBuilder;
import com.eviware.x.form.support.AField;
import com.eviware.x.form.support.AForm;
import java.awt.BorderLayout;
import java.awt.Dimension;
import java.awt.event.ActionEvent;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.swing.AbstractAction;
import javax.swing.Action;
import javax.swing.JPanel;
import javax.swing.JScrollPane;
import org.apache.xalan.templates.Constants;
import org.apache.xmlbeans.XmlObject;
import org.custommonkey.xmlunit.XMLConstants;
import org.jdesktop.swingx.JXTable;

/* loaded from: input_file:soapui-4.0-beta2.jar:com/eviware/soapui/security/assertion/SensitiveInfoExposureAssertion.class */
public class SensitiveInfoExposureAssertion extends WsdlMessageAssertion implements ResponseAssertion {
    private static final String PREFIX = "~";
    public static final String ID = "Sensitive Information Exposure";
    public static final String LABEL = "Sensitive Information Exposure";
    private List<String> assertionSpecificExposureList;
    private XFormDialog dialog;
    private static final String ASSERTION_SPECIFIC_EXPOSURE_LIST = "AssertionSpecificExposureList";
    private static final String INCLUDE_GLOBAL = "IncludeGlobal";
    private static final String INCLUDE_PROJECT_SPECIFIC = "IncludeProjectSpecific";
    private boolean includeGlobal;
    private boolean includeProjectSpecific;
    private JPanel sensitiveInfoTableForm;
    private SensitiveInformationTableModel sensitivInformationTableModel;
    private JXTable tokenTable;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:soapui-4.0-beta2.jar:com/eviware/soapui/security/assertion/SensitiveInfoExposureAssertion$AddTokenAction.class */
    public class AddTokenAction extends AbstractAction {
        public AddTokenAction() {
            putValue("SmallIcon", UISupport.createImageIcon("/add_property.gif"));
            putValue("ShortDescription", "Adds a token to assertion");
        }

        public void actionPerformed(ActionEvent actionEvent) {
            SensitiveInfoExposureAssertion.this.sensitivInformationTableModel.addToken(UISupport.prompt("Enter token", "New Token", ""), UISupport.prompt("Enter description", "New Description", ""));
        }
    }

    /* loaded from: input_file:soapui-4.0-beta2.jar:com/eviware/soapui/security/assertion/SensitiveInfoExposureAssertion$Factory.class */
    public static class Factory extends AbstractTestAssertionFactory {
        public Factory() {
            super("Sensitive Information Exposure", "Sensitive Information Exposure", (Class<? extends TestAssertion>) SensitiveInfoExposureAssertion.class, (Class<? extends ModelItem>[]) new Class[]{SecurityScan.class, AbstractHttpRequest.class});
        }

        @Override // com.eviware.soapui.impl.wsdl.teststeps.assertions.TestAssertionFactory
        public Class<? extends WsdlMessageAssertion> getAssertionClassType() {
            return SensitiveInfoExposureAssertion.class;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:soapui-4.0-beta2.jar:com/eviware/soapui/security/assertion/SensitiveInfoExposureAssertion$RemoveTokenAction.class */
    public class RemoveTokenAction extends AbstractAction {
        public RemoveTokenAction() {
            putValue("SmallIcon", UISupport.createImageIcon("/remove_property.gif"));
            putValue("ShortDescription", "Removes token from assertion");
        }

        public void actionPerformed(ActionEvent actionEvent) {
            SensitiveInfoExposureAssertion.this.sensitivInformationTableModel.removeRows(SensitiveInfoExposureAssertion.this.tokenTable.getSelectedRows());
        }
    }

    @AForm(description = "Configure Sensitive Information Exposure Assertion", name = "Sensitive Information Exposure Assertion", helpUrl = HelpUrls.HELP_URL_ROOT)
    /* loaded from: input_file:soapui-4.0-beta2.jar:com/eviware/soapui/security/assertion/SensitiveInfoExposureAssertion$SensitiveInformationConfigDialog.class */
    protected interface SensitiveInformationConfigDialog {

        @AField(description = "Sensitive informations to check. Use ~ as prefix for values that are regular expressions.", name = "Sensitive Information Tokens", type = AField.AFieldType.COMPONENT)
        public static final String TOKENS = "Sensitive Information Tokens";

        @AField(description = "Include project specific sensitive information configuration", name = INCLUDE_PROJECT_SPECIFIC, type = AField.AFieldType.BOOLEAN)
        public static final String INCLUDE_PROJECT_SPECIFIC = "Project Specific";

        @AField(description = "Include global sensitive information configuration", name = INCLUDE_GLOBAL, type = AField.AFieldType.BOOLEAN)
        public static final String INCLUDE_GLOBAL = "Global Configuration";
    }

    public SensitiveInfoExposureAssertion(TestAssertionConfig testAssertionConfig, Assertable assertable) {
        super(testAssertionConfig, assertable, false, true, false, true);
        init();
    }

    private void init() {
        XmlObjectConfigurationReader xmlObjectConfigurationReader = new XmlObjectConfigurationReader(getConfiguration());
        this.includeGlobal = xmlObjectConfigurationReader.readBoolean(INCLUDE_GLOBAL, true);
        this.includeProjectSpecific = xmlObjectConfigurationReader.readBoolean(INCLUDE_PROJECT_SPECIFIC, true);
        this.assertionSpecificExposureList = StringUtils.toStringList(xmlObjectConfigurationReader.readStrings(ASSERTION_SPECIFIC_EXPOSURE_LIST));
        extractTokenTable();
    }

    private void extractTokenTable() {
        SensitiveInformationPropertyHolder sensitiveInformationPropertyHolder = new SensitiveInformationPropertyHolder();
        Iterator<String> it = this.assertionSpecificExposureList.iterator();
        while (it.hasNext()) {
            String[] split = it.next().split("###");
            if (split.length == 2) {
                sensitiveInformationPropertyHolder.setPropertyValue(split[0], split[1]);
            } else {
                sensitiveInformationPropertyHolder.setPropertyValue(split[0], "");
            }
        }
        this.sensitivInformationTableModel = new SensitiveInformationTableModel(sensitiveInformationPropertyHolder);
    }

    @Override // com.eviware.soapui.impl.wsdl.teststeps.WsdlMessageAssertion
    protected String internalAssertResponse(MessageExchange messageExchange, SubmitContext submitContext) throws AssertionException {
        Map<String, String> createCheckMap = createCheckMap(submitContext);
        ArrayList arrayList = new ArrayList();
        String responseContent = messageExchange.getResponseContent();
        HashSet hashSet = new HashSet();
        try {
            for (String str : createCheckMap.keySet()) {
                boolean startsWith = str.trim().startsWith(PREFIX);
                String str2 = !createCheckMap.get(str).equals("") ? createCheckMap.get(str) : str;
                if (startsWith) {
                    str = str.substring(str.indexOf(PREFIX) + 1);
                }
                String contains = SecurityScanUtil.contains(submitContext, responseContent, str, startsWith);
                if (contains != null) {
                    String str3 = str2 + " - Token [" + str + "] found [" + contains + XMLConstants.XPATH_NODE_INDEX_END;
                    if (!hashSet.contains(str3)) {
                        arrayList.add(new AssertionError(str3));
                        hashSet.add(str3);
                    }
                }
            }
        } catch (Throwable th) {
            SoapUI.logError(th);
        }
        if (hashSet.isEmpty()) {
            return "OK";
        }
        throw new AssertionException((AssertionError[]) arrayList.toArray(new AssertionError[arrayList.size()]));
    }

    private Map<String, String> createCheckMap(SubmitContext submitContext) {
        HashMap hashMap = new HashMap();
        hashMap.putAll(createMapFromTable());
        if (this.includeProjectSpecific) {
            hashMap.putAll(SecurityScanUtil.projectEntriesList(this));
        }
        if (this.includeGlobal) {
            hashMap.putAll(SecurityScanUtil.globalEntriesList());
        }
        return propertyExpansionSupport(hashMap, submitContext);
    }

    private Map<String, String> propertyExpansionSupport(Map<String, String> map, SubmitContext submitContext) {
        HashMap hashMap = new HashMap();
        for (String str : map.keySet()) {
            hashMap.put(submitContext.expand(str), submitContext.expand(map.get(str)));
        }
        return hashMap;
    }

    @Override // com.eviware.soapui.impl.wsdl.teststeps.WsdlMessageAssertion
    protected String internalAssertRequest(MessageExchange messageExchange, SubmitContext submitContext) throws AssertionException {
        return null;
    }

    protected XmlObject createConfiguration() {
        XmlObjectConfigurationBuilder xmlObjectConfigurationBuilder = new XmlObjectConfigurationBuilder();
        xmlObjectConfigurationBuilder.add(ASSERTION_SPECIFIC_EXPOSURE_LIST, (String[]) this.assertionSpecificExposureList.toArray(new String[this.assertionSpecificExposureList.size()]));
        xmlObjectConfigurationBuilder.add(INCLUDE_PROJECT_SPECIFIC, this.includeProjectSpecific);
        xmlObjectConfigurationBuilder.add(INCLUDE_GLOBAL, this.includeGlobal);
        return xmlObjectConfigurationBuilder.finish();
    }

    @Override // com.eviware.soapui.impl.wsdl.teststeps.WsdlMessageAssertion, com.eviware.soapui.model.testsuite.TestAssertion
    public boolean configure() {
        if (this.dialog == null) {
            buildDialog();
        }
        if (!this.dialog.show()) {
            return false;
        }
        this.assertionSpecificExposureList = createListFromTable();
        this.includeProjectSpecific = Boolean.valueOf(this.dialog.getFormField(SensitiveInformationConfigDialog.INCLUDE_PROJECT_SPECIFIC).getValue()).booleanValue();
        this.includeGlobal = Boolean.valueOf(this.dialog.getFormField(SensitiveInformationConfigDialog.INCLUDE_GLOBAL).getValue()).booleanValue();
        setConfiguration(createConfiguration());
        return true;
    }

    private List<String> createListFromTable() {
        ArrayList arrayList = new ArrayList();
        for (TestProperty testProperty : this.sensitivInformationTableModel.getHolder().getPropertyList()) {
            arrayList.add(testProperty.getName() + "###" + testProperty.getValue());
        }
        return arrayList;
    }

    private Map<String, String> createMapFromTable() {
        HashMap hashMap = new HashMap();
        for (TestProperty testProperty : this.sensitivInformationTableModel.getHolder().getPropertyList()) {
            hashMap.put(testProperty.getName(), testProperty.getValue());
        }
        return hashMap;
    }

    protected void buildDialog() {
        this.dialog = ADialogBuilder.buildDialog(SensitiveInformationConfigDialog.class);
        this.dialog.setBooleanValue(SensitiveInformationConfigDialog.INCLUDE_GLOBAL, this.includeGlobal);
        this.dialog.setBooleanValue(SensitiveInformationConfigDialog.INCLUDE_PROJECT_SPECIFIC, this.includeProjectSpecific);
        this.dialog.getFormField("Sensitive Information Tokens").setProperty(Constants.ELEMNAME_COMPONENT_STRING, getForm());
    }

    @Override // com.eviware.soapui.impl.wsdl.teststeps.WsdlMessageAssertion
    public void release() {
        if (this.dialog != null) {
            this.dialog.release();
        }
        super.release();
    }

    public JPanel getForm() {
        if (this.sensitiveInfoTableForm == null) {
            this.sensitiveInfoTableForm = new JPanel(new BorderLayout());
            JXToolBar createToolbar = UISupport.createToolbar();
            createToolbar.add(UISupport.createToolbarButton((Action) new AddTokenAction()));
            createToolbar.add(UISupport.createToolbarButton((Action) new RemoveTokenAction()));
            this.tokenTable = new JXTable(this.sensitivInformationTableModel);
            this.tokenTable.setPreferredSize(new Dimension(200, 100));
            this.sensitiveInfoTableForm.add(createToolbar, "North");
            this.sensitiveInfoTableForm.add(new JScrollPane(this.tokenTable), "Center");
        }
        return this.sensitiveInfoTableForm;
    }
}
