package org.sonar.java.checks;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.annotation.Nullable;
import org.osgi.framework.AdminPermission;
import org.sonar.check.Rule;
import org.sonar.java.checks.helpers.ReassignmentFinder;
import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
import org.sonar.plugins.java.api.JavaFileScannerContext;
import org.sonar.plugins.java.api.semantic.MethodMatchers;
import org.sonar.plugins.java.api.semantic.Symbol;
import org.sonar.plugins.java.api.tree.AssignmentExpressionTree;
import org.sonar.plugins.java.api.tree.ExpressionTree;
import org.sonar.plugins.java.api.tree.IdentifierTree;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.NewClassTree;
import org.sonar.plugins.java.api.tree.Tree;

@Rule(key = "S2077")
/* loaded from: input_file:org/sonar/java/checks/SQLInjectionCheck.class */
public class SQLInjectionCheck extends IssuableSubscriptionVisitor {
    private static final String JAVA_SQL_STATEMENT = "java.sql.Statement";
    private static final String JAVA_SQL_CONNECTION = "java.sql.Connection";
    private static final String SPRING_JDBC_OPERATIONS = "org.springframework.jdbc.core.JdbcOperations";
    private static final MethodMatchers SQL_INJECTION_SUSPECTS = MethodMatchers.or(MethodMatchers.create().ofSubTypes("org.hibernate.Session").names("createQuery", "createSQLQuery").withAnyParameters().build(), MethodMatchers.create().ofSubTypes(JAVA_SQL_STATEMENT).names("executeQuery", AdminPermission.EXECUTE, "executeUpdate", "executeLargeUpdate", "addBatch").withAnyParameters().build(), MethodMatchers.create().ofSubTypes(JAVA_SQL_CONNECTION).names("prepareStatement", "prepareCall", "nativeSQL").withAnyParameters().build(), MethodMatchers.create().ofTypes("javax.persistence.EntityManager").names("createNativeQuery", "createQuery").withAnyParameters().build(), MethodMatchers.create().ofSubTypes(SPRING_JDBC_OPERATIONS, "org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate").names("batchUpdate", AdminPermission.EXECUTE, "query", "queryForList", "queryForMap", "queryForObject", "queryForRowSet", "queryForInt", "queryForLong", "update", "queryForStream").withAnyParameters().build(), MethodMatchers.create().ofTypes("org.springframework.jdbc.core.PreparedStatementCreatorFactory").names("<init>", "newPreparedStatementCreator").withAnyParameters().build(), MethodMatchers.create().ofSubTypes("javax.jdo.PersistenceManager").names("newQuery").withAnyParameters().build(), MethodMatchers.create().ofSubTypes("javax.jdo.Query").names("setFilter", "setGrouping").withAnyParameters().build(), MethodMatchers.create().ofSubTypes("org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl").names("setAuthoritiesByUsernameQuery", "setGroupAuthoritiesByUsernameQuery", "setUsersByUsernameQuery").withAnyParameters().build(), MethodMatchers.create().ofSubTypes("org.springframework.security.provisioning.JdbcUserDetailsManager").names("setChangePasswordSql", "setCreateAuthoritySql", "setCreateUserSql", "setDeleteGroupAuthoritiesSql", "setDeleteGroupAuthoritySql", "setDeleteGroupMemberSql", "setDeleteGroupMembersSql", "setDeleteGroupSql", "setDeleteUserAuthoritiesSql", "setDeleteUserSql", "setFindAllGroupsSql", "setFindGroupIdSql", "setFindUsersInGroupSql", "setGroupAuthoritiesSql", "setInsertGroupAuthoritySql", "setInsertGroupMemberSql", "setInsertGroupSql", "setRenameGroupSql", "setUpdateUserSql", "setUserExistsSql").withAnyParameters().build(), MethodMatchers.create().ofSubTypes("org.springframework.jdbc.core.simple.JdbcClient").names("sql").withAnyParameters().build(), MethodMatchers.create().ofTypes("org.springframework.data.r2dbc.repository.query.StringBasedR2dbcQuery").names("<init>").withAnyParameters().build());
    private static final String MAIN_MESSAGE = "Make sure using a dynamically formatted SQL query is safe here.";

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public List<Tree.Kind> nodesToVisit() {
        return Arrays.asList(Tree.Kind.METHOD_INVOCATION, Tree.Kind.NEW_CLASS);
    }

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public void visitNode(Tree tree) {
        if (anyMatch(tree)) {
            Optional<ExpressionTree> findFirst = arguments(tree).filter(expressionTree -> {
                return expressionTree.symbolType().is("java.lang.String");
            }).findFirst();
            if (findFirst.isPresent()) {
                ExpressionTree expressionTree2 = findFirst.get();
                if (isDynamicConcatenation(expressionTree2)) {
                    reportIssue(expressionTree2, MAIN_MESSAGE);
                    return;
                }
                if (expressionTree2.is(Tree.Kind.IDENTIFIER)) {
                    IdentifierTree identifierTree = (IdentifierTree) expressionTree2;
                    Symbol symbol = identifierTree.symbol();
                    ExpressionTree initializerOrExpression = ReassignmentFinder.getInitializerOrExpression(symbol.declaration());
                    List<AssignmentExpressionTree> reassignments = ReassignmentFinder.getReassignments(symbol.owner().declaration(), symbol.usages());
                    if ((initializerOrExpression == null || !isDynamicConcatenation(initializerOrExpression)) && !reassignments.stream().anyMatch((v0) -> {
                        return isDynamicPlusAssignment(v0);
                    })) {
                        return;
                    }
                    reportIssue(expressionTree2, MAIN_MESSAGE, secondaryLocations(initializerOrExpression, reassignments, identifierTree.name()), null);
                }
            }
        }
    }

    private static List<JavaFileScannerContext.Location> secondaryLocations(@Nullable ExpressionTree expressionTree, List<AssignmentExpressionTree> list, String str) {
        List<JavaFileScannerContext.Location> list2 = (List) list.stream().map(assignmentExpressionTree -> {
            return new JavaFileScannerContext.Location(String.format("SQL Query is assigned to '%s'", getVariableName(assignmentExpressionTree)), assignmentExpressionTree.expression());
        }).collect(Collectors.toCollection(ArrayList::new));
        if (expressionTree != null) {
            list2.add(new JavaFileScannerContext.Location(String.format("SQL Query is dynamically formatted and assigned to '%s'", str), expressionTree));
        }
        return list2;
    }

    private static String getVariableName(AssignmentExpressionTree assignmentExpressionTree) {
        return ((IdentifierTree) assignmentExpressionTree.variable()).name();
    }

    private static Stream<ExpressionTree> arguments(Tree tree) {
        return tree.is(Tree.Kind.METHOD_INVOCATION) ? ((MethodInvocationTree) tree).arguments().stream() : tree.is(Tree.Kind.NEW_CLASS) ? ((NewClassTree) tree).arguments().stream() : Stream.empty();
    }

    private static boolean anyMatch(Tree tree) {
        if (!hasArguments(tree)) {
            return false;
        }
        if (tree.is(Tree.Kind.NEW_CLASS)) {
            return SQL_INJECTION_SUSPECTS.matches((NewClassTree) tree);
        }
        if (tree.is(Tree.Kind.METHOD_INVOCATION)) {
            return SQL_INJECTION_SUSPECTS.matches((MethodInvocationTree) tree);
        }
        return false;
    }

    private static boolean hasArguments(Tree tree) {
        return arguments(tree).findAny().isPresent();
    }

    private static boolean isDynamicPlusAssignment(ExpressionTree expressionTree) {
        return expressionTree.is(Tree.Kind.PLUS_ASSIGNMENT) && !((AssignmentExpressionTree) expressionTree).expression().asConstant().isPresent();
    }

    private static boolean isDynamicConcatenation(ExpressionTree expressionTree) {
        return expressionTree.is(Tree.Kind.PLUS) && !expressionTree.asConstant().isPresent();
    }
}
