package com.android.tools.lint.checks;

import com.android.tools.lint.detector.api.Category;
import com.android.tools.lint.detector.api.Detector;
import com.android.tools.lint.detector.api.Implementation;
import com.android.tools.lint.detector.api.Issue;
import com.android.tools.lint.detector.api.JavaContext;
import com.android.tools.lint.detector.api.Scope;
import com.android.tools.lint.detector.api.Severity;
import com.intellij.psi.JavaElementVisitor;
import com.intellij.psi.PsiElement;
import com.intellij.psi.PsiLiteralExpression;
import java.util.Collections;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:com/android/tools/lint/checks/StringAuthLeakDetector.class */
public class StringAuthLeakDetector extends Detector implements Detector.JavaPsiScanner {
    public static final Issue AUTH_LEAK = Issue.create("AuthLeak", "Code might contain an auth leak", "Strings in java apps can be discovered by decompiling apps, this lint check looks for code which looks like it may contain an url with a username and password", Category.SECURITY, 6, Severity.WARNING, new Implementation(StringAuthLeakDetector.class, Scope.JAVA_FILE_SCOPE));

    /* loaded from: input_file:com/android/tools/lint/checks/StringAuthLeakDetector$AuthLeakChecker.class */
    private static class AuthLeakChecker extends JavaElementVisitor {
        private static final String LEGAL_CHARS = "([\\w_.!~*'()%;&=+$,-]+)";
        private static final Pattern AUTH_REGEXP = Pattern.compile("([\\w+.-]+)://([\\w_.!~*'()%;&=+$,-]+):([\\w_.!~*'()%;&=+$,-]+)@([\\w_.!~*'()%;&=+$,-]+)");
        private final JavaContext mContext;

        private AuthLeakChecker(JavaContext javaContext) {
            this.mContext = javaContext;
        }

        public void visitLiteralExpression(PsiLiteralExpression psiLiteralExpression) {
            String group;
            if (psiLiteralExpression.getValue() instanceof String) {
                Matcher matcher = AUTH_REGEXP.matcher((String) psiLiteralExpression.getValue());
                if (!matcher.find() || (group = matcher.group(3)) == null) {
                    return;
                }
                if (group.startsWith("%") && group.endsWith("s")) {
                    return;
                }
                this.mContext.report(StringAuthLeakDetector.AUTH_LEAK, psiLiteralExpression, this.mContext.getRangeLocation(psiLiteralExpression, matcher.start() + 1, psiLiteralExpression, -((psiLiteralExpression.getTextRange().getLength() - matcher.end()) - 1)), "Possible credential leak");
            }
        }
    }

    public List<Class<? extends PsiElement>> getApplicablePsiTypes() {
        return Collections.singletonList(PsiLiteralExpression.class);
    }

    public JavaElementVisitor createPsiVisitor(JavaContext javaContext) {
        return new AuthLeakChecker(javaContext);
    }
}
