package io.codemodder.codemods;

import com.contrastsecurity.sarif.Result;
import com.github.javaparser.ast.CompilationUnit;
import com.github.javaparser.ast.NodeList;
import com.github.javaparser.ast.expr.FieldAccessExpr;
import com.github.javaparser.ast.expr.MethodCallExpr;
import com.github.javaparser.ast.expr.NameExpr;
import com.github.javaparser.ast.expr.ObjectCreationExpr;
import io.codemodder.Codemod;
import io.codemodder.CodemodInvocationContext;
import io.codemodder.DependencyGAV;
import io.codemodder.ReviewGuidance;
import io.codemodder.RuleSarif;
import io.codemodder.SarifPluginJavaParserChanger;
import io.codemodder.ast.ASTTransforms;
import io.codemodder.providers.sarif.semgrep.SemgrepScan;
import io.github.pixee.security.HostValidator;
import io.github.pixee.security.Urls;
import java.util.List;
import javax.inject.Inject;

@Codemod(id = "pixee:java/sandbox-url-creation", reviewGuidance = ReviewGuidance.MERGE_WITHOUT_REVIEW)
/* loaded from: input_file:io/codemodder/codemods/SSRFCodemod.class */
public final class SSRFCodemod extends SarifPluginJavaParserChanger<ObjectCreationExpr> {
    @Inject
    public SSRFCodemod(@SemgrepScan(ruleId = "sandbox-url-creation") RuleSarif ruleSarif) {
        super(ruleSarif, ObjectCreationExpr.class);
    }

    public boolean onResultFound(CodemodInvocationContext codemodInvocationContext, CompilationUnit compilationUnit, ObjectCreationExpr objectCreationExpr, Result result) {
        NodeList arguments = objectCreationExpr.getArguments();
        ASTTransforms.addImportIfMissing(compilationUnit, Urls.class.getName());
        ASTTransforms.addImportIfMissing(compilationUnit, HostValidator.class.getName());
        FieldAccessExpr fieldAccessExpr = new FieldAccessExpr();
        fieldAccessExpr.setScope(new NameExpr(Urls.class.getSimpleName()));
        fieldAccessExpr.setName("HTTP_PROTOCOLS");
        FieldAccessExpr fieldAccessExpr2 = new FieldAccessExpr();
        fieldAccessExpr2.setScope(new NameExpr(HostValidator.class.getSimpleName()));
        fieldAccessExpr2.setName("DENY_COMMON_INFRASTRUCTURE_TARGETS");
        NodeList nodeList = new NodeList();
        nodeList.addAll(arguments);
        nodeList.add(fieldAccessExpr);
        nodeList.add(fieldAccessExpr2);
        objectCreationExpr.replace(new MethodCallExpr(new NameExpr(Urls.class.getSimpleName()), "create", nodeList));
        return true;
    }

    public List<DependencyGAV> dependenciesRequired() {
        return List.of(DependencyGAV.JAVA_SECURITY_TOOLKIT);
    }
}
