package org.lucee.extension.esapi.functions;

import com.lowagie.text.html.Markup;
import lucee.loader.engine.CFMLEngineFactory;
import lucee.loader.util.Util;
import lucee.runtime.PageContext;
import lucee.runtime.exp.PageException;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Encoder;
import org.owasp.esapi.codecs.Codec;
import org.owasp.esapi.codecs.DB2Codec;
import org.owasp.esapi.codecs.MySQLCodec;
import org.owasp.esapi.codecs.OracleCodec;
import org.owasp.esapi.errors.EncodingException;

/* loaded from: input_file:WEB-INF/lib/lucee.jar:extensions/37C61C0A-5D7E-4256-8572639BE0CF5838-2.2.4.15.lex:jars/esapi-extension-2.2.4.15.jar:org/lucee/extension/esapi/functions/ESAPIEncode.class */
public class ESAPIEncode extends FunctionSupport {
    private static final long serialVersionUID = -6432679747287827759L;
    public static final short ENC_BASE64 = 1;
    public static final short ENC_CSS = 2;
    public static final short ENC_DN = 3;
    public static final short ENC_HTML = 4;
    public static final short ENC_HTML_ATTR = 5;
    public static final short ENC_JAVA_SCRIPT = 6;
    public static final short ENC_LDAP = 7;
    public static final short ENC_OS = 8;
    public static final short ENC_SQL = 9;
    public static final short ENC_URL = 10;
    public static final short ENC_VB_SCRIPT = 11;
    public static final short ENC_XML = 12;
    public static final short ENC_XML_ATTR = 13;
    public static final short ENC_XPATH = 14;
    public static final short ENC_NONE = 15;

    public static String encode(String str, short s, boolean z) throws PageException {
        return encode(str, s, z, null);
    }

    public static String encode(String str, short s, boolean z, Codec codec) throws PageException {
        if (eng.getStringUtil().isEmpty(str)) {
            return str;
        }
        try {
            Encoder encoder = ESAPI.encoder();
            if (z) {
                str = encoder.canonicalize(str, false);
            }
            switch (s) {
                case 2:
                    return encoder.encodeForCSS(str);
                case 3:
                    return encoder.encodeForDN(str);
                case 4:
                    return encoder.encodeForHTML(str);
                case 5:
                    return encoder.encodeForHTMLAttribute(str);
                case 6:
                    return encoder.encodeForJavaScript(str);
                case 7:
                    return encoder.encodeForLDAP(str);
                case 8:
                default:
                    throw exp.createApplicationException("invalid target encoding defintion");
                case 9:
                    return encoder.encodeForSQL(codec, str);
                case 10:
                    return encoder.encodeForURL(str);
                case 11:
                    return encoder.encodeForVBScript(str);
                case 12:
                    return encoder.encodeForXML(str);
                case 13:
                    return encoder.encodeForXMLAttribute(str);
                case 14:
                    return encoder.encodeForXPath(str);
                case 15:
                    return str;
            }
        } catch (EncodingException e) {
            throw cast.toPageException(e);
        }
    }

    public static Codec toCodec(String str) throws PageException, RuntimeException {
        if (Util.isEmpty(str, true)) {
            throw CFMLEngineFactory.getInstance().getExceptionUtil().createApplicationException("You need to define a SQL dialect, this dialects are supported [db2, mysql, mysql_ansi, oracle]");
        }
        String lowerCase = str.trim().toLowerCase();
        if ("mysql_ansi".equals(lowerCase)) {
            return new MySQLCodec(MySQLCodec.Mode.ANSI);
        }
        if ("mysql".equals(lowerCase)) {
            return new MySQLCodec(MySQLCodec.Mode.STANDARD);
        }
        if ("oracle".equals(lowerCase)) {
            return new OracleCodec();
        }
        if ("db2".equals(lowerCase)) {
            return new DB2Codec();
        }
        throw CFMLEngineFactory.getInstance().getExceptionUtil().createApplicationException("SQL dialect [" + lowerCase + "] is not supported, supported dialects are [db2, mysql, mysql_ansi, oracle]");
    }

    public static String call(PageContext pageContext, String str, String str2) throws PageException {
        return call(pageContext, str, str2, false, null);
    }

    public static String call(PageContext pageContext, String str, String str2, boolean z) throws PageException {
        return call(pageContext, str, str2, z, null);
    }

    public static String call(PageContext pageContext, String str, String str2, boolean z, String str3) throws PageException {
        short encodeType = toEncodeType(pageContext, str);
        return encode(str2, encodeType, z, encodeType == 9 ? toCodec(str3) : null);
    }

    public static short toEncodeType(String str, short s) {
        String lowerCase = eng.getStringUtil().emptyIfNull(str).trim().toLowerCase();
        if ("css".equals(lowerCase)) {
            return (short) 2;
        }
        if ("dn".equals(lowerCase)) {
            return (short) 3;
        }
        if ("html".equals(lowerCase)) {
            return (short) 4;
        }
        if ("html_attr".equals(lowerCase) || "htmlattr".equals(lowerCase) || "html-attr".equals(lowerCase) || "html attr".equals(lowerCase) || "htmlattribute".equals(lowerCase) || "html_attributes".equals(lowerCase) || "htmlattributes".equals(lowerCase) || "html-attributes".equals(lowerCase) || "html attributes".equals(lowerCase)) {
            return (short) 5;
        }
        if ("js".equals(lowerCase) || "javascript".equals(lowerCase) || "java_script".equals(lowerCase) || "java script".equals(lowerCase) || "java-script".equals(lowerCase)) {
            return (short) 6;
        }
        if ("ldap".equals(lowerCase)) {
            return (short) 7;
        }
        if ("".equals(lowerCase) || Markup.CSS_VALUE_NONE.equals(lowerCase)) {
            return (short) 15;
        }
        if ("sql".equals(lowerCase)) {
            return (short) 9;
        }
        if ("url".equals(lowerCase)) {
            return (short) 10;
        }
        if ("vbs".equals(lowerCase) || "vbscript".equals(lowerCase) || "vb-script".equals(lowerCase) || "vb_script".equals(lowerCase) || "vb script".equals(lowerCase)) {
            return (short) 11;
        }
        if ("xml".equals(lowerCase)) {
            return (short) 12;
        }
        if ("xmlattr".equals(lowerCase) || "xml attr".equals(lowerCase) || "xml-attr".equals(lowerCase) || "xml_attr".equals(lowerCase) || "xmlattribute".equals(lowerCase) || "xmlattributes".equals(lowerCase) || "xml attributes".equals(lowerCase) || "xml-attributes".equals(lowerCase) || "xml_attributes".equals(lowerCase)) {
            return (short) 13;
        }
        if ("xpath".equals(lowerCase)) {
            return (short) 14;
        }
        return s;
    }

    public static short toEncodeType(PageContext pageContext, String str) throws PageException {
        short encodeType = toEncodeType(str, (short) -1);
        if (encodeType != -1) {
            return encodeType;
        }
        throw exp.createApplicationException("value [" + str + "] is invalid, valid values are [css,dn,html,html_attr,javascript,ldap,sql,vbscript,xml,xml_attr,xpath]");
    }

    public static String canonicalize(String str, boolean z, boolean z2, boolean z3) throws PageException {
        if (eng.getStringUtil().isEmpty(str)) {
            return str;
        }
        try {
            return ESAPI.encoder().canonicalize(str, z, z2);
        } catch (Exception e) {
            if (z3) {
                throw cast.toPageException(e);
            }
            return "";
        }
    }

    @Override // lucee.runtime.ext.function.BIF
    public Object invoke(PageContext pageContext, Object[] objArr) throws PageException {
        if (objArr.length == 2) {
            return call(pageContext, cast.toString(objArr[0]), cast.toString(objArr[1]));
        }
        if (objArr.length == 3) {
            return call(pageContext, cast.toString(objArr[0]), cast.toString(objArr[1]), cast.toBooleanValue(objArr[2]));
        }
        if (objArr.length == 4) {
            return call(pageContext, cast.toString(objArr[0]), cast.toString(objArr[1]), cast.toBooleanValue(objArr[2]), cast.toString(objArr[3]));
        }
        throw exp.createFunctionException(pageContext, "ESAPIEncode", 2, 4, objArr.length);
    }
}
