package org.owasp.webscarab.plugin.webservice;

import com.ibm.wsdl.Constants;
import com.ibm.wsdl.extensions.schema.SchemaConstants;
import com.ibm.wsdl.extensions.soap.SOAPConstants;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.net.MalformedURLException;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Logger;
import javax.wsdl.Binding;
import javax.wsdl.BindingInput;
import javax.wsdl.BindingOperation;
import javax.wsdl.Definition;
import javax.wsdl.Input;
import javax.wsdl.Message;
import javax.wsdl.Operation;
import javax.wsdl.Part;
import javax.wsdl.Port;
import javax.wsdl.Service;
import javax.wsdl.WSDLException;
import javax.wsdl.extensions.ExtensibilityElement;
import javax.wsdl.extensions.soap.SOAPAddress;
import javax.wsdl.extensions.soap.SOAPBinding;
import javax.wsdl.extensions.soap.SOAPBody;
import javax.wsdl.extensions.soap.SOAPOperation;
import javax.wsdl.factory.WSDLFactory;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.htmlparser.tags.FormTag;
import org.owasp.webscarab.httpclient.HTTPClientFactory;
import org.owasp.webscarab.model.ConversationID;
import org.owasp.webscarab.model.HttpUrl;
import org.owasp.webscarab.model.NamedValue;
import org.owasp.webscarab.model.Request;
import org.owasp.webscarab.model.Response;
import org.owasp.webscarab.model.StoreException;
import org.owasp.webscarab.plugin.Framework;
import org.owasp.webscarab.plugin.Hook;
import org.owasp.webscarab.plugin.Plugin;
import org.owasp.webscarab.plugin.fuzz.Parameter;
import org.owasp.webscarab.util.DOMHandler;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.ErrorHandler;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;

/* loaded from: input_file:org/owasp/webscarab/plugin/webservice/WebService.class */
public class WebService implements Plugin {
    public static final String DEFAULT_SOAP_ENCODING_STYLE = "http://schemas.xmlsoap.org/soap/encoding/";
    public static final String SOAP_NS = "http://schemas.xmlsoap.org/soap/envelope/";
    public static final String XSD_NS = "http://www.w3.org/2001/XMLSchema";
    public static final String XSI_NS = "http://www.w3.org/2001/XMLSchema-instance";
    private Framework _framework;
    private WebServiceModel _model;
    private Request _request = null;
    private Response _response = null;
    private Date _responseDate = null;
    private Logger _logger = Logger.getLogger(getClass().toString());

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.owasp.webscarab.plugin.webservice.WebService$1, reason: invalid class name */
    /* loaded from: input_file:org/owasp/webscarab/plugin/webservice/WebService$1.class */
    public static class AnonymousClass1 {
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/owasp/webscarab/plugin/webservice/WebService$XMLErrorHandler.class */
    public class XMLErrorHandler implements ErrorHandler {
        private final WebService this$0;

        private XMLErrorHandler(WebService webService) {
            this.this$0 = webService;
        }

        @Override // org.xml.sax.ErrorHandler
        public void fatalError(SAXParseException sAXParseException) throws SAXException {
        }

        @Override // org.xml.sax.ErrorHandler
        public void error(SAXParseException sAXParseException) throws SAXParseException {
            throw sAXParseException;
        }

        @Override // org.xml.sax.ErrorHandler
        public void warning(SAXParseException sAXParseException) throws SAXParseException {
            System.out.println(new StringBuffer().append("** Warning, line ").append(sAXParseException.getLineNumber()).append(", uri ").append(sAXParseException.getSystemId()).toString());
            System.out.println(new StringBuffer().append("   ").append(sAXParseException.getMessage()).toString());
        }

        XMLErrorHandler(WebService webService, AnonymousClass1 anonymousClass1) {
            this(webService);
        }
    }

    public WebService(Framework framework) {
        this._framework = framework;
        this._model = new WebServiceModel(framework.getModel());
    }

    public WebServiceModel getModel() {
        return this._model;
    }

    public Definition getWSDL(String str) throws MalformedURLException, IOException, SAXException, WSDLException {
        if (str.startsWith("http://") || str.startsWith("https://")) {
            Request request = new Request();
            request.setMethod(FormTag.GET);
            request.setVersion("HTTP/1.0");
            request.setURL(new HttpUrl(str));
            Response fetchResponse = HTTPClientFactory.getInstance().fetchResponse(request);
            Definition parseWSDL = parseWSDL(str, parseXML(fetchResponse.getContent()));
            if (parseWSDL != null) {
                this._framework.addConversation(request, fetchResponse, getPluginName());
            }
            return parseWSDL;
        }
        File file = new File(str);
        FileInputStream fileInputStream = new FileInputStream(file);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[2048];
        while (true) {
            int read = fileInputStream.read(bArr);
            if (read <= 0) {
                return parseWSDL(file.toURI().toString(), parseXML(byteArrayOutputStream.toByteArray()));
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void analyse(ConversationID conversationID, Request request, Response response, String str) {
        byte[] content;
        String header = response.getHeader("Content-Type");
        if (header == null || !header.startsWith("text/xml") || (content = response.getContent()) == null || content.length == 0) {
            return;
        }
        try {
            parseWSDL(request.getURL().toString(), parseXML(content));
            this._model.setWSDLResponse(conversationID);
        } catch (Exception e) {
        }
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void flush() throws StoreException {
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public String getPluginName() {
        return "WebServices";
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public Object getScriptableObject() {
        return null;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public Hook[] getScriptingHooks() {
        return null;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public String getStatus() {
        return "Idle";
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isBusy() {
        return false;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isModified() {
        return this._model.isModified();
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isRunning() {
        return this._model.isRunning();
    }

    @Override // org.owasp.webscarab.plugin.Plugin, java.lang.Runnable
    public void run() {
        this._model.setRunning(true);
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void setSession(String str, Object obj, String str2) throws StoreException {
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean stop() {
        this._model.setRunning(false);
        return true;
    }

    public Definition getDefinition(ConversationID conversationID) throws WSDLException, SAXException {
        String httpUrl = this._model.getURL(conversationID).toString();
        byte[] wsdl = this._model.getWSDL(conversationID);
        if (wsdl != null) {
            return parseWSDL(httpUrl, parseXML(wsdl));
        }
        return null;
    }

    public void selectWSDL(Definition definition) throws WSDLException {
        this._model.setDefinition(definition);
        Schema createSchemaFromTypes = createSchemaFromTypes(this._model.getDefinition());
        if (createSchemaFromTypes != null) {
            this._model.setSchema(createSchemaFromTypes);
            this._model.setServices(buildComponents(this._model.getDefinition()));
        } else {
            this._logger.warning("Can't proceed with an empty schema!");
            this._model.setDefinition(null);
            this._model.setSchema(null);
            this._model.setServices(null);
        }
    }

    public Value[] buildValues(OperationInfo operationInfo, Message message) {
        ArrayList arrayList = new ArrayList();
        for (Part part : message.getOrderedParts(null)) {
            String name = part.getName();
            if (name != null) {
                arrayList.add(constructValue(name, part.getTypeName()));
            }
        }
        return (Value[]) arrayList.toArray(new Value[0]);
    }

    public Value constructValue(String str, QName qName) {
        Type type = this._model.getSchema().getType(qName);
        if (type == null) {
            return new SimpleValue(str, qName, null);
        }
        if (!type.isComplex()) {
            return type.isArray() ? new ArrayValue(str, qName, type, type.getComponentQName(), this._model.getSchema().getType(type.getComponentQName())) : new SimpleValue(str, qName, type);
        }
        ComplexValue complexValue = new ComplexValue(str, qName, type);
        Field[] fields = type.getFields();
        for (int i = 0; i < fields.length; i++) {
            complexValue.setValue(fields[i].getName(), constructValue(fields[i].getName(), fields[i].getType()));
        }
        return complexValue;
    }

    public Response invokeOperation(OperationInfo operationInfo, Value[] valueArr) throws MalformedURLException, IOException {
        Request request = new Request();
        request.setMethod(FormTag.POST);
        HttpUrl httpUrl = new HttpUrl(operationInfo.getTargetURL());
        request.setURL(httpUrl);
        request.setVersion("HTTP/1.0");
        request.addHeader("Accept", "application/soap+xml, application/dime, multipart/related, text/*");
        request.addHeader("Host", new StringBuffer().append(httpUrl.getHost()).append(":").append(httpUrl.getPort()).toString());
        request.addHeader("Content-Type", "text/xml; charset=utf-8");
        request.addHeader("SOAPAction", new StringBuffer().append("\"").append(operationInfo.getSoapActionURI()).append("\"").toString());
        NamedValue[] extraHeaders = this._model.getExtraHeaders();
        if (extraHeaders != null && extraHeaders.length > 0) {
            for (int i = 0; i < extraHeaders.length; i++) {
                if (extraHeaders[i] != null) {
                    request.addHeader(extraHeaders[i]);
                }
            }
        }
        Document constructMessageDocument = constructMessageDocument(operationInfo, valueArr);
        StringWriter stringWriter = new StringWriter();
        new DOMWriter().write(stringWriter, constructMessageDocument);
        String stringWriter2 = stringWriter.toString();
        request.addHeader("Content-Length", String.valueOf(stringWriter2.length()));
        request.setContent(stringWriter2.getBytes());
        Response fetchResponse = HTTPClientFactory.getInstance().fetchResponse(request);
        if (fetchResponse != null) {
            this._framework.addConversation(request, fetchResponse, getPluginName());
        }
        return fetchResponse;
    }

    private Document constructMessageDocument(OperationInfo operationInfo, Value[] valueArr) {
        try {
            Message inputMessage = operationInfo.getInputMessage();
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Document newDocument = newInstance.newDocumentBuilder().newDocument();
            Element createElement = createElement(newDocument, "Envelope", "http://schemas.xmlsoap.org/soap/envelope/");
            createElement.setAttribute(new StringBuffer().append(DOMHandler.XMLNS_STRING).append(this._model.getSchema().getPrefix("http://www.w3.org/2001/XMLSchema")).toString(), "http://www.w3.org/2001/XMLSchema");
            createElement.setAttribute(new StringBuffer().append(DOMHandler.XMLNS_STRING).append(this._model.getSchema().getPrefix("http://www.w3.org/2001/XMLSchema-instance")).toString(), "http://www.w3.org/2001/XMLSchema-instance");
            Element createElement2 = createElement(createElement, Parameter.LOCATION_BODY, "http://schemas.xmlsoap.org/soap/envelope/");
            Element createElement3 = createElement(createElement2, operationInfo.getTargetMethodName(), operationInfo.getTargetObjectURI());
            String encodingStyle = operationInfo.getEncodingStyle();
            if (!encodingStyle.equals("literal")) {
                createAttr(createElement2, SOAPConstants.ATTR_ENCODING_STYLE, "http://schemas.xmlsoap.org/soap/envelope/").setValue(encodingStyle);
            }
            Iterator it = inputMessage.getOrderedParts(null).iterator();
            int i = 0;
            while (it.hasNext()) {
                int i2 = i;
                i++;
                setElementValue(operationInfo.getStyle(), operationInfo.getEncodingStyle(), createElement(createElement3, ((Part) it.next()).getName()), valueArr[i2]);
            }
            return newDocument;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private Element createElement(Node node, String str, String str2) {
        Document ownerDocument = node instanceof Document ? (Document) node : node.getOwnerDocument();
        if (str2 == null) {
            Element createElement = ownerDocument.createElement(str);
            node.appendChild(createElement);
            return createElement;
        }
        String prefix = this._model.getSchema().getPrefix(str2);
        if (prefix == null) {
            throw new RuntimeException(new StringBuffer().append("No prefix found for ").append(str2).toString());
        }
        Element createElementNS = ownerDocument.createElementNS(str2, new StringBuffer().append(prefix).append(":").append(str).toString());
        node.appendChild(createElementNS);
        return createElementNS;
    }

    private Element createElement(Node node, String str) {
        Element createElement = (node instanceof Document ? (Document) node : node.getOwnerDocument()).createElement(str);
        node.appendChild(createElement);
        return createElement;
    }

    private Attr createAttr(Element element, String str, String str2) {
        String prefix = this._model.getSchema().getPrefix(str2);
        if (prefix == null) {
            throw new RuntimeException(new StringBuffer().append("No prefix found for ").append(str2).toString());
        }
        Attr createAttributeNS = (element instanceof Document ? (Document) element : element.getOwnerDocument()).createAttributeNS(str2, new StringBuffer().append(prefix).append(":").append(str).toString());
        element.setAttributeNodeNS(createAttributeNS);
        return createAttributeNS;
    }

    private void setElementValue(String str, String str2, Element element, Value value) {
        Document ownerDocument = element.getOwnerDocument();
        if (str.equalsIgnoreCase("rpc")) {
            Attr createAttributeNS = ownerDocument.createAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:type");
            QName componentTypeName = value instanceof ArrayValue ? ((ArrayValue) value).getComponentTypeName() : value.getTypeName();
            createAttributeNS.setValue(new StringBuffer().append(this._model.getSchema().getPrefix(componentTypeName.getNamespaceURI())).append(":").append(componentTypeName.getLocalPart()).toString());
            element.setAttributeNodeNS(createAttributeNS);
        }
        if (value instanceof SimpleValue) {
            SimpleValue simpleValue = (SimpleValue) value;
            if (simpleValue.getValue() != null) {
                setElementValue(element, simpleValue.getValue());
                return;
            } else {
                if (str.equalsIgnoreCase("rpc")) {
                    Attr createAttributeNS2 = ownerDocument.createAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:nil");
                    createAttributeNS2.setValue("true");
                    element.setAttributeNodeNS(createAttributeNS2);
                    return;
                }
                return;
            }
        }
        if (value instanceof ComplexValue) {
            ComplexValue complexValue = (ComplexValue) value;
            for (int i = 0; i < complexValue.getFieldCount(); i++) {
                String fieldName = complexValue.getFieldName(i);
                setElementValue(str, str2, createElement(element, fieldName), complexValue.getValue(fieldName));
            }
            return;
        }
        if ((value instanceof ArrayValue) && str.equalsIgnoreCase("rpc")) {
            Attr createAttributeNS3 = ownerDocument.createAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:nil");
            createAttributeNS3.setValue("true");
            element.setAttributeNodeNS(createAttributeNS3);
        }
    }

    private void setElementValue(Element element, Object obj) {
        Node createTextNode;
        NodeList childNodes = element.getChildNodes();
        if (childNodes.getLength() > 1) {
            throw new RuntimeException("Can't set the value for a node with multiple children");
        }
        if (childNodes.getLength() == 1) {
            createTextNode = childNodes.item(0);
            if (createTextNode.getNodeType() != 3) {
                throw new RuntimeException(new StringBuffer().append("Child is not a text node : ").append(createTextNode).toString());
            }
        } else {
            createTextNode = element.getOwnerDocument().createTextNode("");
            element.appendChild(createTextNode);
        }
        createTextNode.setNodeValue(obj == null ? "" : obj.toString());
    }

    private Document parseXML(byte[] bArr) throws SAXException {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setValidating(false);
        newInstance.setNamespaceAware(true);
        try {
            InputSource inputSource = new InputSource(new ByteArrayInputStream(bArr));
            DocumentBuilder newDocumentBuilder = newInstance.newDocumentBuilder();
            newDocumentBuilder.setErrorHandler(new XMLErrorHandler(this, null));
            return newDocumentBuilder.parse(inputSource);
        } catch (IOException e) {
            return null;
        } catch (ParserConfigurationException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    private Definition parseWSDL(String str, Document document) throws WSDLException {
        return WSDLFactory.newInstance().newWSDLReader().readWSDL(str, document);
    }

    private ServiceInfo[] buildComponents(Definition definition) {
        ArrayList arrayList = new ArrayList();
        Map services = definition.getServices();
        if (services != null) {
            Iterator it = services.values().iterator();
            int i = 0;
            while (it.hasNext()) {
                ServiceInfo serviceInfo = new ServiceInfo();
                populateComponent(serviceInfo, (Service) it.next());
                arrayList.add(serviceInfo);
                i++;
            }
        }
        return (ServiceInfo[]) arrayList.toArray(new ServiceInfo[0]);
    }

    protected Schema createSchemaFromTypes(Definition definition) {
        ExtensibilityElement[] findExtensibilityElements;
        Element[] elementArr = null;
        if (definition.getTypes() != null && (findExtensibilityElements = findExtensibilityElements(definition.getTypes().getExtensibilityElements(), SchemaConstants.ELEM_SCHEMA)) != null && findExtensibilityElements.length > 0) {
            elementArr = new Element[findExtensibilityElements.length];
            for (int i = 0; i < findExtensibilityElements.length; i++) {
                if (findExtensibilityElements[i] instanceof javax.wsdl.extensions.schema.Schema) {
                    elementArr[i] = ((javax.wsdl.extensions.schema.Schema) findExtensibilityElements[i]).getElement();
                } else {
                    elementArr[i] = null;
                    System.err.println(new StringBuffer().append("Looked for schema elements, but got ").append(findExtensibilityElements[i].getClass()).toString());
                }
            }
        }
        Map namespaces = definition.getNamespaces();
        if (elementArr == null || elementArr.length == 0) {
            System.err.println("Unable to find schema extensibility element in WSDL, using an empty schema!");
            return new Schema(namespaces, new Element[0]);
        }
        try {
            return new Schema(namespaces, elementArr);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private ServiceInfo populateComponent(ServiceInfo serviceInfo, Service service) {
        QName qName = service.getQName();
        String namespaceURI = qName.getNamespaceURI();
        serviceInfo.setName(qName.getLocalPart());
        for (Port port : service.getPorts().values()) {
            for (OperationInfo operationInfo : buildOperations(port.getBinding())) {
                operationInfo.setNamespaceURI(namespaceURI);
                ExtensibilityElement findExtensibilityElement = findExtensibilityElement(port.getExtensibilityElements(), "address");
                if (findExtensibilityElement != null && (findExtensibilityElement instanceof SOAPAddress)) {
                    operationInfo.setTargetURL(((SOAPAddress) findExtensibilityElement).getLocationURI());
                }
                serviceInfo.addOperation(operationInfo);
            }
        }
        return serviceInfo;
    }

    private List buildOperations(Binding binding) {
        ArrayList arrayList = new ArrayList();
        List<BindingOperation> bindingOperations = binding.getBindingOperations();
        if (bindingOperations != null && !bindingOperations.isEmpty()) {
            ExtensibilityElement findExtensibilityElement = findExtensibilityElement(binding.getExtensibilityElements(), "binding");
            String str = "document";
            if (findExtensibilityElement != null && (findExtensibilityElement instanceof SOAPBinding)) {
                str = ((SOAPBinding) findExtensibilityElement).getStyle();
            }
            for (BindingOperation bindingOperation : bindingOperations) {
                ExtensibilityElement findExtensibilityElement2 = findExtensibilityElement(bindingOperation.getExtensibilityElements(), Constants.ELEM_OPERATION);
                if (findExtensibilityElement2 != null && (findExtensibilityElement2 instanceof SOAPOperation)) {
                    OperationInfo operationInfo = new OperationInfo(str);
                    buildOperation(operationInfo, bindingOperation);
                    arrayList.add(operationInfo);
                }
            }
        }
        return arrayList;
    }

    private OperationInfo buildOperation(OperationInfo operationInfo, BindingOperation bindingOperation) {
        Message message;
        Operation operation = bindingOperation.getOperation();
        operationInfo.setTargetMethodName(operation.getName());
        ExtensibilityElement findExtensibilityElement = findExtensibilityElement(bindingOperation.getExtensibilityElements(), Constants.ELEM_OPERATION);
        if (findExtensibilityElement != null && (findExtensibilityElement instanceof SOAPOperation)) {
            operationInfo.setSoapActionURI(((SOAPOperation) findExtensibilityElement).getSoapActionURI());
        }
        BindingInput bindingInput = bindingOperation.getBindingInput();
        bindingOperation.getBindingOutput();
        ExtensibilityElement findExtensibilityElement2 = findExtensibilityElement(bindingInput.getExtensibilityElements(), SOAPConstants.ELEM_BODY);
        if (findExtensibilityElement2 != null && (findExtensibilityElement2 instanceof SOAPBody)) {
            SOAPBody sOAPBody = (SOAPBody) findExtensibilityElement2;
            List encodingStyles = sOAPBody.getEncodingStyles();
            String str = null;
            if (encodingStyles != null) {
                str = encodingStyles.get(0).toString();
            }
            if (str == null) {
                str = DEFAULT_SOAP_ENCODING_STYLE;
            }
            operationInfo.setEncodingStyle(str.toString());
            operationInfo.setTargetObjectURI(sOAPBody.getNamespaceURI());
        }
        Input input = operation.getInput();
        if (input != null && (message = input.getMessage()) != null) {
            operationInfo.setInputMessageName(message.getQName().getLocalPart());
            operationInfo.setInputMessage(message);
        }
        return operationInfo;
    }

    private static ExtensibilityElement findExtensibilityElement(List list, String str) {
        if (list == null) {
            return null;
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            ExtensibilityElement extensibilityElement = (ExtensibilityElement) it.next();
            if (extensibilityElement.getElementType().getLocalPart().equalsIgnoreCase(str)) {
                return extensibilityElement;
            }
        }
        return null;
    }

    private static ExtensibilityElement[] findExtensibilityElements(List list, String str) {
        ArrayList arrayList = new ArrayList();
        if (list != null) {
            Iterator it = list.iterator();
            while (it.hasNext()) {
                ExtensibilityElement extensibilityElement = (ExtensibilityElement) it.next();
                if (extensibilityElement.getElementType().getLocalPart().equalsIgnoreCase(str)) {
                    arrayList.add(extensibilityElement);
                }
            }
        }
        return (ExtensibilityElement[]) arrayList.toArray(new ExtensibilityElement[0]);
    }
}
