package org.openrewrite.java.security;

import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.function.Function;
import java.util.function.Supplier;
import java.util.stream.Stream;
import org.openrewrite.Cursor;
import org.openrewrite.Incubating;
import org.openrewrite.Tree;
import org.openrewrite.analysis.InvocationMatcher;
import org.openrewrite.analysis.controlflow.Guard;
import org.openrewrite.analysis.dataflow.DataFlowNode;
import org.openrewrite.analysis.dataflow.DataFlowSpec;
import org.openrewrite.analysis.dataflow.Dataflow;
import org.openrewrite.analysis.dataflow.ExternalSinkModels;
import org.openrewrite.analysis.dataflow.TaintFlowSpec;
import org.openrewrite.analysis.trait.expr.Call;
import org.openrewrite.internal.lang.NonNull;
import org.openrewrite.internal.lang.Nullable;
import org.openrewrite.java.JavaIsoVisitor;
import org.openrewrite.java.JavaTemplate;
import org.openrewrite.java.JavaVisitor;
import org.openrewrite.java.MethodMatcher;
import org.openrewrite.java.VariableNameUtils;
import org.openrewrite.java.security.PartialPathTraversalVulnerability;
import org.openrewrite.java.security.internal.CursorUtil;
import org.openrewrite.java.security.internal.FileConstructorFixVisitor;
import org.openrewrite.java.security.internal.StringToFileConstructorVisitor;
import org.openrewrite.java.security.internal.TypeGenerator;
import org.openrewrite.java.tree.Expression;
import org.openrewrite.java.tree.J;
import org.openrewrite.java.tree.JavaType;
import org.openrewrite.java.tree.MethodCall;
import org.openrewrite.java.tree.Space;
import org.openrewrite.java.tree.Statement;
import org.openrewrite.java.tree.TypeUtils;
import org.openrewrite.marker.Markers;
import org.springframework.context.expression.StandardBeanExpressionResolver;

@Incubating(since = "2.4.0")
/* loaded from: input_file:org/openrewrite/java/security/PathTraversalGuardInsertionVisitor.class */
public class PathTraversalGuardInsertionVisitor<P> extends JavaIsoVisitor<P> {
    private static final String IMPORT_REQUIRED_MESSAGE = "PATH_TRAVERSAL_IMPORT_REQUIRED";
    final InvocationMatcher userInputMatcher;
    final String newVariablePrefix;
    final String exceptionMessage;
    final boolean fixPartialPathTraversal;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/openrewrite/java/security/PathTraversalGuardInsertionVisitor$FileOrPathCreationToVulnerableUsageLocalFlowSpec.class */
    public static class FileOrPathCreationToVulnerableUsageLocalFlowSpec extends TaintFlowSpec {
        private static final MethodMatcher PATH_STARTS_WITH_MATCHER = new MethodMatcher("java.nio.file.Path startsWith(..) ");
        private static final MethodMatcher STRING_STARTS_WITH_MATCHER = new MethodMatcher("java.lang.String startsWith(..) ");

        private FileOrPathCreationToVulnerableUsageLocalFlowSpec() {
        }

        public boolean isSource(DataFlowNode dataFlowNode) {
            return true;
        }

        public boolean isSink(DataFlowNode dataFlowNode) {
            return ExternalSinkModels.instance().isSinkNode(dataFlowNode, "create-file");
        }

        public boolean isSanitizerGuard(Guard guard, boolean z) {
            if (z) {
                return PATH_STARTS_WITH_MATCHER.matches(guard.getExpression()) || (STRING_STARTS_WITH_MATCHER.matches(guard.getExpression()) && PartialPathTraversalVulnerability.isSafePartialPathExpression((Expression) guard.getExpression().getArguments().get(0)));
            }
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/openrewrite/java/security/PathTraversalGuardInsertionVisitor$PathTraversalVisitor.class */
    public static class PathTraversalVisitor<P> extends JavaIsoVisitor<P> {
        private final String newVariablePrefix;
        private final String exceptionMessage;
        private final InvocationMatcher userInputMatcher;

        public J.MethodInvocation visitMethodInvocation(J.MethodInvocation methodInvocation, P p) {
            Dataflow.startingAt(getCursor()).findSinks(new UserInputToFileOrPathCreationLocalFlowSpec(this.userInputMatcher)).forEach(sinkFlowSummary -> {
                doAfterVisit(new TaintedFileOrPathVisitor(this.newVariablePrefix, this.exceptionMessage, sinkFlowSummary.getExpressionSinks()));
            });
            return super.visitMethodInvocation(methodInvocation, p);
        }

        public PathTraversalVisitor(String str, String str2, InvocationMatcher invocationMatcher) {
            this.newVariablePrefix = str;
            this.exceptionMessage = str2;
            this.userInputMatcher = invocationMatcher;
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* renamed from: visitMethodInvocation, reason: collision with other method in class */
        public /* bridge */ /* synthetic */ J m541visitMethodInvocation(J.MethodInvocation methodInvocation, Object obj) {
            return visitMethodInvocation(methodInvocation, (J.MethodInvocation) obj);
        }
    }

    /* loaded from: input_file:org/openrewrite/java/security/PathTraversalGuardInsertionVisitor$TaintedFileOrPathVisitor.class */
    private static class TaintedFileOrPathVisitor<P> extends JavaVisitor<P> {
        private static final String IO_EXCEPTION_FQN = "java.io.IOException";
        private final JavaType ioException = TypeGenerator.generate(IO_EXCEPTION_FQN);
        private final String newVariablePrefix;
        private final String exceptionMessage;
        private final List<Expression> taintedSinks;
        static final /* synthetic */ boolean $assertionsDisabled;

        @NonNull
        /* loaded from: input_file:org/openrewrite/java/security/PathTraversalGuardInsertionVisitor$TaintedFileOrPathVisitor$PathTraversalCreateNewVariableInfo.class */
        public static final class PathTraversalCreateNewVariableInfo {
            static String CURSOR_KEY = "PathTraversalCreateNewVariableInfo";
            private final String newVariableName;
            private final Statement statement;
            private final MethodCall extractToVariable;

            public PathTraversalCreateNewVariableInfo(String str, Statement statement, MethodCall methodCall) {
                this.newVariableName = str;
                this.statement = statement;
                this.extractToVariable = methodCall;
            }

            public String getNewVariableName() {
                return this.newVariableName;
            }

            public Statement getStatement() {
                return this.statement;
            }

            public MethodCall getExtractToVariable() {
                return this.extractToVariable;
            }

            public boolean equals(Object obj) {
                if (obj == this) {
                    return true;
                }
                if (!(obj instanceof PathTraversalCreateNewVariableInfo)) {
                    return false;
                }
                PathTraversalCreateNewVariableInfo pathTraversalCreateNewVariableInfo = (PathTraversalCreateNewVariableInfo) obj;
                String newVariableName = getNewVariableName();
                String newVariableName2 = pathTraversalCreateNewVariableInfo.getNewVariableName();
                if (newVariableName == null) {
                    if (newVariableName2 != null) {
                        return false;
                    }
                } else if (!newVariableName.equals(newVariableName2)) {
                    return false;
                }
                Statement statement = getStatement();
                Statement statement2 = pathTraversalCreateNewVariableInfo.getStatement();
                if (statement == null) {
                    if (statement2 != null) {
                        return false;
                    }
                } else if (!statement.equals(statement2)) {
                    return false;
                }
                MethodCall extractToVariable = getExtractToVariable();
                MethodCall extractToVariable2 = pathTraversalCreateNewVariableInfo.getExtractToVariable();
                return extractToVariable == null ? extractToVariable2 == null : extractToVariable.equals(extractToVariable2);
            }

            public int hashCode() {
                String newVariableName = getNewVariableName();
                int hashCode = (1 * 59) + (newVariableName == null ? 43 : newVariableName.hashCode());
                Statement statement = getStatement();
                int hashCode2 = (hashCode * 59) + (statement == null ? 43 : statement.hashCode());
                MethodCall extractToVariable = getExtractToVariable();
                return (hashCode2 * 59) + (extractToVariable == null ? 43 : extractToVariable.hashCode());
            }

            public String toString() {
                return "PathTraversalGuardInsertionVisitor.TaintedFileOrPathVisitor.PathTraversalCreateNewVariableInfo(newVariableName=" + getNewVariableName() + ", statement=" + getStatement() + ", extractToVariable=" + getExtractToVariable() + ")";
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        @NonNull
        /* loaded from: input_file:org/openrewrite/java/security/PathTraversalGuardInsertionVisitor$TaintedFileOrPathVisitor$PathTraversalSimpleInjectGuardInfo.class */
        public static final class PathTraversalSimpleInjectGuardInfo {
            static String CURSOR_KEY = "PathTraversalSimpleInjectGuardInfo";
            private final Statement statement;
            private final Expression parentDir;
            private final Expression userInputEntry;

            public PathTraversalSimpleInjectGuardInfo(Statement statement, Expression expression, Expression expression2) {
                this.statement = statement;
                this.parentDir = expression;
                this.userInputEntry = expression2;
            }

            public Statement getStatement() {
                return this.statement;
            }

            public Expression getParentDir() {
                return this.parentDir;
            }

            public Expression getUserInputEntry() {
                return this.userInputEntry;
            }

            public boolean equals(Object obj) {
                if (obj == this) {
                    return true;
                }
                if (!(obj instanceof PathTraversalSimpleInjectGuardInfo)) {
                    return false;
                }
                PathTraversalSimpleInjectGuardInfo pathTraversalSimpleInjectGuardInfo = (PathTraversalSimpleInjectGuardInfo) obj;
                Statement statement = getStatement();
                Statement statement2 = pathTraversalSimpleInjectGuardInfo.getStatement();
                if (statement == null) {
                    if (statement2 != null) {
                        return false;
                    }
                } else if (!statement.equals(statement2)) {
                    return false;
                }
                Expression parentDir = getParentDir();
                Expression parentDir2 = pathTraversalSimpleInjectGuardInfo.getParentDir();
                if (parentDir == null) {
                    if (parentDir2 != null) {
                        return false;
                    }
                } else if (!parentDir.equals(parentDir2)) {
                    return false;
                }
                Expression userInputEntry = getUserInputEntry();
                Expression userInputEntry2 = pathTraversalSimpleInjectGuardInfo.getUserInputEntry();
                return userInputEntry == null ? userInputEntry2 == null : userInputEntry.equals(userInputEntry2);
            }

            public int hashCode() {
                Statement statement = getStatement();
                int hashCode = (1 * 59) + (statement == null ? 43 : statement.hashCode());
                Expression parentDir = getParentDir();
                int hashCode2 = (hashCode * 59) + (parentDir == null ? 43 : parentDir.hashCode());
                Expression userInputEntry = getUserInputEntry();
                return (hashCode2 * 59) + (userInputEntry == null ? 43 : userInputEntry.hashCode());
            }

            public String toString() {
                return "PathTraversalGuardInsertionVisitor.TaintedFileOrPathVisitor.PathTraversalSimpleInjectGuardInfo(statement=" + getStatement() + ", parentDir=" + getParentDir() + ", userInputEntry=" + getUserInputEntry() + ")";
            }
        }

        private void maybeAddImportIOException() {
            Cursor cursor = getCursor();
            Class<J.CompilationUnit> cls = J.CompilationUnit.class;
            Objects.requireNonNull(J.CompilationUnit.class);
            cursor.dropParentUntil(cls::isInstance).computeMessageIfAbsent(PathTraversalGuardInsertionVisitor.IMPORT_REQUIRED_MESSAGE, str -> {
                return Collections.singletonList(IO_EXCEPTION_FQN);
            });
        }

        private String runtimeExceptionThrowLine() {
            return String.format("    throw new RuntimeException(\"%s\");%n", this.exceptionMessage);
        }

        private String ioExceptionThrowLine() {
            return String.format("    throw new IOException(\"%s\");%n", this.exceptionMessage);
        }

        private JavaTemplate noPathTraversalFileTemplate() {
            boolean canSupportScopeSupportExceptionOfType = canSupportScopeSupportExceptionOfType(getCursor(), this.ioException);
            JavaTemplate.Builder contextSensitive = JavaTemplate.builder("if (!#{any(java.io.File)}.toPath().normalize().startsWith(#{any(java.io.File)}.toPath().normalize())) {\n" + (canSupportScopeSupportExceptionOfType ? ioExceptionThrowLine() : runtimeExceptionThrowLine()) + StandardBeanExpressionResolver.DEFAULT_EXPRESSION_SUFFIX).contextSensitive();
            if (canSupportScopeSupportExceptionOfType) {
                contextSensitive.imports(new String[]{IO_EXCEPTION_FQN});
                maybeAddImportIOException();
            }
            return contextSensitive.build();
        }

        private JavaTemplate noPathTraversalFileWithStringTemplate() {
            boolean canSupportScopeSupportExceptionOfType = canSupportScopeSupportExceptionOfType(getCursor(), this.ioException);
            JavaTemplate.Builder contextSensitive = JavaTemplate.builder("if (!#{any(java.io.File)}.toPath().normalize().startsWith(#{any(String)})) {\n" + (canSupportScopeSupportExceptionOfType ? ioExceptionThrowLine() : runtimeExceptionThrowLine()) + StandardBeanExpressionResolver.DEFAULT_EXPRESSION_SUFFIX).contextSensitive();
            if (canSupportScopeSupportExceptionOfType) {
                contextSensitive.imports(new String[]{IO_EXCEPTION_FQN});
                maybeAddImportIOException();
            }
            return contextSensitive.build();
        }

        private JavaTemplate noPathTraversalPathStartsWithPathTemplate() {
            boolean canSupportScopeSupportExceptionOfType = canSupportScopeSupportExceptionOfType(getCursor(), this.ioException);
            JavaTemplate.Builder contextSensitive = JavaTemplate.builder("if (!#{any(java.nio.file.Path)}.normalize().startsWith(#{any(java.nio.file.Path)}.normalize())) {\n" + (canSupportScopeSupportExceptionOfType ? ioExceptionThrowLine() : runtimeExceptionThrowLine()) + StandardBeanExpressionResolver.DEFAULT_EXPRESSION_SUFFIX).contextSensitive();
            if (canSupportScopeSupportExceptionOfType) {
                contextSensitive.imports(new String[]{IO_EXCEPTION_FQN});
                maybeAddImportIOException();
            }
            return contextSensitive.build();
        }

        private boolean canSupportScopeSupportExceptionOfType(Cursor cursor, JavaType javaType) {
            return CursorUtil.canSupportScopeSupportExceptionOfType(cursor, javaType);
        }

        public J visitAssignment(J.Assignment assignment, P p) {
            J visitAssignment = super.visitAssignment(assignment, p);
            return assignment != visitAssignment ? maybeAutoFormat(assignment, visitAssignment, p, getCursor().getParentOrThrow()) : visitAssignment;
        }

        public J visitMethodInvocation(J.MethodInvocation methodInvocation, P p) {
            return (J) visitMethodCall(methodInvocation, (v0) -> {
                return v0.getSelect();
            }).map(Function.identity()).orElseGet(() -> {
                return super.visitMethodInvocation(methodInvocation, p);
            });
        }

        public J visitNewClass(J.NewClass newClass, P p) {
            return (J) visitMethodCall(newClass, newClass2 -> {
                return (Expression) newClass2.getArguments().get(0);
            }).map(Function.identity()).orElseGet(() -> {
                return super.visitNewClass(newClass, p);
            });
        }

        private <M extends MethodCall> Optional<J.Identifier> visitMethodCall(M m, Function<M, Expression> function) {
            String str;
            Stream stream = m.getArguments().stream();
            List<Expression> list = this.taintedSinks;
            Objects.requireNonNull(list);
            if (stream.anyMatch((v1) -> {
                return r1.contains(v1);
            }) && Dataflow.startingAt(getCursor()).findSinks(new FileOrPathCreationToVulnerableUsageLocalFlowSpec()).isSome()) {
                J.Block block = (J.Block) getCursor().firstEnclosingOrThrow(J.Block.class);
                Statement statement = (Statement) getCursor().dropParentUntil(obj -> {
                    return block.getStatements().contains(obj);
                }).getValue();
                J.VariableDeclarations.NamedVariable namedVariable = (J.VariableDeclarations.NamedVariable) getCursor().firstEnclosing(J.VariableDeclarations.NamedVariable.class);
                if (namedVariable == null || Expression.unwrap(namedVariable.getInitializer()) != m) {
                    if (PathTraversalGuardInsertionVisitor.isTypePath(m.getType())) {
                        str = this.newVariablePrefix + "Path";
                    } else {
                        if (!$assertionsDisabled && !PathTraversalGuardInsertionVisitor.isTypeFile(m.getType())) {
                            throw new AssertionError("Expected method call to be of type `java.io.File` or `java.nio.file.Path` but was `" + m.getType() + "`");
                        }
                        str = this.newVariablePrefix + "File";
                    }
                    String generateVariableName = VariableNameUtils.generateVariableName(str, getCursor(), VariableNameUtils.GenerationStrategy.INCREMENT_NUMBER);
                    PathTraversalCreateNewVariableInfo pathTraversalCreateNewVariableInfo = new PathTraversalCreateNewVariableInfo(generateVariableName, statement, m);
                    Cursor cursor = getCursor();
                    Class<J.Block> cls = J.Block.class;
                    Objects.requireNonNull(J.Block.class);
                    cursor.dropParentUntil(cls::isInstance).putMessage(PathTraversalCreateNewVariableInfo.CURSOR_KEY, pathTraversalCreateNewVariableInfo);
                    return Optional.of(new J.Identifier(Tree.randomId(), Space.EMPTY, Markers.EMPTY, Collections.emptyList(), generateVariableName, m.getType(), (JavaType.Variable) null));
                }
                PathTraversalSimpleInjectGuardInfo pathTraversalSimpleInjectGuardInfo = new PathTraversalSimpleInjectGuardInfo(statement, function.apply(m), namedVariable.getName());
                Cursor cursor2 = getCursor();
                Class<J.Block> cls2 = J.Block.class;
                Objects.requireNonNull(J.Block.class);
                cursor2.dropParentUntil(cls2::isInstance).putMessage(PathTraversalSimpleInjectGuardInfo.CURSOR_KEY, pathTraversalSimpleInjectGuardInfo);
            }
            return Optional.empty();
        }

        public J.Block visitBlock(J.Block block, P p) {
            JavaTemplate noPathTraversalPathStartsWithPathTemplate;
            JavaTemplate build;
            J.Block visitBlock = super.visitBlock(block, p);
            PathTraversalCreateNewVariableInfo pathTraversalCreateNewVariableInfo = (PathTraversalCreateNewVariableInfo) getCursor().pollMessage(PathTraversalCreateNewVariableInfo.CURSOR_KEY);
            if (pathTraversalCreateNewVariableInfo != null) {
                if (PathTraversalGuardInsertionVisitor.isTypePath(pathTraversalCreateNewVariableInfo.extractToVariable.getType())) {
                    build = JavaTemplate.builder("final Path " + pathTraversalCreateNewVariableInfo.newVariableName + " = #{any(java.nio.file.Path)};").contextSensitive().imports(new String[]{"java.nio.file.Path"}).build();
                    maybeAddImport("java.nio.file.Path");
                } else {
                    if (!$assertionsDisabled && !PathTraversalGuardInsertionVisitor.isTypeFile(pathTraversalCreateNewVariableInfo.extractToVariable.getType())) {
                        throw new AssertionError();
                    }
                    build = JavaTemplate.builder("final File " + pathTraversalCreateNewVariableInfo.newVariableName + " = #{any(java.io.File)};").contextSensitive().imports(new String[]{"java.io.File"}).build();
                    maybeAddImport("java.io.File");
                }
                return build.apply(new Cursor(getCursor().getParent(), visitBlock), pathTraversalCreateNewVariableInfo.statement.getCoordinates().before(), new Object[]{pathTraversalCreateNewVariableInfo.extractToVariable});
            }
            PathTraversalSimpleInjectGuardInfo pathTraversalSimpleInjectGuardInfo = (PathTraversalSimpleInjectGuardInfo) getCursor().pollMessage(PathTraversalSimpleInjectGuardInfo.CURSOR_KEY);
            if (pathTraversalSimpleInjectGuardInfo == null) {
                return visitBlock;
            }
            if (PathTraversalGuardInsertionVisitor.isTypeFile(pathTraversalSimpleInjectGuardInfo.userInputEntry.getType())) {
                if (PathTraversalGuardInsertionVisitor.isTypeFile(pathTraversalSimpleInjectGuardInfo.parentDir.getType())) {
                    noPathTraversalPathStartsWithPathTemplate = noPathTraversalFileTemplate();
                } else {
                    if (!$assertionsDisabled && !TypeUtils.isString(pathTraversalSimpleInjectGuardInfo.parentDir.getType())) {
                        throw new AssertionError();
                    }
                    noPathTraversalPathStartsWithPathTemplate = noPathTraversalFileWithStringTemplate();
                }
            } else {
                if (!$assertionsDisabled && !PathTraversalGuardInsertionVisitor.isTypePath(pathTraversalSimpleInjectGuardInfo.userInputEntry.getType())) {
                    throw new AssertionError();
                }
                noPathTraversalPathStartsWithPathTemplate = noPathTraversalPathStartsWithPathTemplate();
            }
            return noPathTraversalPathStartsWithPathTemplate.apply(new Cursor(getCursor().getParent(), visitBlock), pathTraversalSimpleInjectGuardInfo.statement.getCoordinates().after(), new Object[]{pathTraversalSimpleInjectGuardInfo.userInputEntry, pathTraversalSimpleInjectGuardInfo.parentDir});
        }

        public TaintedFileOrPathVisitor(String str, String str2, List<Expression> list) {
            this.newVariablePrefix = str;
            this.exceptionMessage = str2;
            this.taintedSinks = list;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof TaintedFileOrPathVisitor)) {
                return false;
            }
            TaintedFileOrPathVisitor taintedFileOrPathVisitor = (TaintedFileOrPathVisitor) obj;
            if (!taintedFileOrPathVisitor.canEqual(this)) {
                return false;
            }
            JavaType javaType = this.ioException;
            JavaType javaType2 = taintedFileOrPathVisitor.ioException;
            if (javaType == null) {
                if (javaType2 != null) {
                    return false;
                }
            } else if (!javaType.equals(javaType2)) {
                return false;
            }
            String str = this.newVariablePrefix;
            String str2 = taintedFileOrPathVisitor.newVariablePrefix;
            if (str == null) {
                if (str2 != null) {
                    return false;
                }
            } else if (!str.equals(str2)) {
                return false;
            }
            String str3 = this.exceptionMessage;
            String str4 = taintedFileOrPathVisitor.exceptionMessage;
            if (str3 == null) {
                if (str4 != null) {
                    return false;
                }
            } else if (!str3.equals(str4)) {
                return false;
            }
            List<Expression> list = this.taintedSinks;
            List<Expression> list2 = taintedFileOrPathVisitor.taintedSinks;
            return list == null ? list2 == null : list.equals(list2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof TaintedFileOrPathVisitor;
        }

        public int hashCode() {
            JavaType javaType = this.ioException;
            int hashCode = (1 * 59) + (javaType == null ? 43 : javaType.hashCode());
            String str = this.newVariablePrefix;
            int hashCode2 = (hashCode * 59) + (str == null ? 43 : str.hashCode());
            String str2 = this.exceptionMessage;
            int hashCode3 = (hashCode2 * 59) + (str2 == null ? 43 : str2.hashCode());
            List<Expression> list = this.taintedSinks;
            return (hashCode3 * 59) + (list == null ? 43 : list.hashCode());
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* renamed from: visitBlock, reason: collision with other method in class */
        public /* bridge */ /* synthetic */ J m543visitBlock(J.Block block, Object obj) {
            return visitBlock(block, (J.Block) obj);
        }

        static {
            $assertionsDisabled = !PathTraversalGuardInsertionVisitor.class.desiredAssertionStatus();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/openrewrite/java/security/PathTraversalGuardInsertionVisitor$UserInputToAnyLocalFlowSpec.class */
    public static class UserInputToAnyLocalFlowSpec extends DataFlowSpec {
        InvocationMatcher userInputMatcher;

        public boolean isSource(DataFlowNode dataFlowNode) {
            return ((Boolean) dataFlowNode.asExprParent(Call.class).map(call -> {
                return Boolean.valueOf(call.matches(this.userInputMatcher));
            }).orSome(false)).booleanValue();
        }

        public boolean isSink(DataFlowNode dataFlowNode) {
            return true;
        }

        public UserInputToAnyLocalFlowSpec(InvocationMatcher invocationMatcher) {
            this.userInputMatcher = invocationMatcher;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/openrewrite/java/security/PathTraversalGuardInsertionVisitor$UserInputToFileOrPathCreationLocalFlowSpec.class */
    public static class UserInputToFileOrPathCreationLocalFlowSpec extends DataFlowSpec {
        private static final InvocationMatcher FILE_CREATE = InvocationMatcher.fromMethodMatcher("java.io.File <constructor>(.., java.lang.String)");
        private static final InvocationMatcher PATH_RESOLVE = InvocationMatcher.fromMethodMatcher("java.nio.file.Path resolve(..)");
        private final InvocationMatcher userInputMatcher;

        public boolean isSource(DataFlowNode dataFlowNode) {
            return ((Boolean) dataFlowNode.asExprParent(Call.class).map(call -> {
                return Boolean.valueOf(call.matches(this.userInputMatcher));
            }).orSome(false)).booleanValue();
        }

        public boolean isSink(DataFlowNode dataFlowNode) {
            return FILE_CREATE.advanced().isParameter(dataFlowNode.getCursor(), 1) || PATH_RESOLVE.advanced().isFirstParameter(dataFlowNode.getCursor());
        }

        public UserInputToFileOrPathCreationLocalFlowSpec(InvocationMatcher invocationMatcher) {
            this.userInputMatcher = invocationMatcher;
        }
    }

    public J.CompilationUnit visitCompilationUnit(J.CompilationUnit compilationUnit, P p) {
        List list;
        J.CompilationUnit visitCompilationUnit = super.visitCompilationUnit(compilationUnit, p);
        if (visitCompilationUnit != compilationUnit && (list = (List) getCursor().pollMessage(IMPORT_REQUIRED_MESSAGE)) != null) {
            list.forEach(this::maybeAddImport);
        }
        return visitCompilationUnit;
    }

    public J.Block visitBlock(J.Block block, P p) {
        J.Block block2;
        if (this.fixPartialPathTraversal && block != (block2 = (J.Block) new PartialPathTraversalVulnerability.PartialPathTraversalVulnerabilityVisitor().visitNonNull(block, p, getCursor().getParentOrThrow()))) {
            return block2;
        }
        Tree visitBlock = super.visitBlock(block, p);
        if (visitBlock != block) {
            return visitBlock;
        }
        Set<Expression> computeUserInputExpressions = computeUserInputExpressions();
        Supplier supplier = () -> {
            Objects.requireNonNull(computeUserInputExpressions);
            return new FileConstructorFixVisitor((v1) -> {
                return r2.contains(v1);
            });
        };
        J.Block visitNonNull = new StringToFileConstructorVisitor(supplier).visitNonNull((J.Block) ((FileConstructorFixVisitor) supplier.get()).visitNonNull(visitBlock, p, getCursor().getParentOrThrow()), p, getCursor().getParentOrThrow());
        J.Block visitNonNull2 = new PathTraversalVisitor(this.newVariablePrefix, this.exceptionMessage, this.userInputMatcher).visitNonNull(visitNonNull, p, getCursor().getParentOrThrow());
        return visitNonNull != visitNonNull2 ? visitNonNull2 : visitBlock;
    }

    private Set<Expression> computeUserInputExpressions() {
        return (Set) CursorUtil.findOuterExecutableBlock(getCursor()).map(cursor -> {
            return (Set) cursor.computeMessageIfAbsent("computed-zip-entry-expressions", str -> {
                HashSet hashSet = new HashSet();
                new JavaIsoVisitor<Set<Expression>>() { // from class: org.openrewrite.java.security.PathTraversalGuardInsertionVisitor.1
                    /* renamed from: visitMethodInvocation, reason: merged with bridge method [inline-methods] */
                    public J.MethodInvocation m539visitMethodInvocation(J.MethodInvocation methodInvocation, Set<Expression> set) {
                        Dataflow.startingAt(getCursor()).findSinks(new UserInputToAnyLocalFlowSpec(PathTraversalGuardInsertionVisitor.this.userInputMatcher)).forEach(sinkFlowSummary -> {
                            set.addAll(sinkFlowSummary.getExpressionSinks());
                        });
                        return super.visitMethodInvocation(methodInvocation, set);
                    }
                }.visit((Tree) cursor.getValue(), hashSet, cursor.getParentOrThrow());
                return hashSet;
            });
        }).orElseGet(HashSet::new);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isTypeFile(@Nullable JavaType javaType) {
        return TypeUtils.isOfClassType(javaType, "java.io.File");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isTypePath(@Nullable JavaType javaType) {
        return TypeUtils.isOfClassType(javaType, "java.nio.file.Path");
    }

    public PathTraversalGuardInsertionVisitor(InvocationMatcher invocationMatcher, String str, String str2, boolean z) {
        this.userInputMatcher = invocationMatcher;
        this.newVariablePrefix = str;
        this.exceptionMessage = str2;
        this.fixPartialPathTraversal = z;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* renamed from: visitCompilationUnit, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ J m537visitCompilationUnit(J.CompilationUnit compilationUnit, Object obj) {
        return visitCompilationUnit(compilationUnit, (J.CompilationUnit) obj);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* renamed from: visitBlock, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ J m538visitBlock(J.Block block, Object obj) {
        return visitBlock(block, (J.Block) obj);
    }
}
