package org.sonar.php.checks;

import java.util.regex.Pattern;
import javax.annotation.Nullable;
import org.sonar.check.Rule;
import org.sonar.php.tree.impl.PHPTree;
import org.sonar.plugins.php.api.tree.Tree;
import org.sonar.plugins.php.api.tree.declaration.VariableDeclarationTree;
import org.sonar.plugins.php.api.tree.expression.AssignmentExpressionTree;
import org.sonar.plugins.php.api.tree.expression.LiteralTree;
import org.sonar.plugins.php.api.tree.lexical.SyntaxToken;
import org.sonar.plugins.php.api.visitors.PHPVisitorCheck;

@Rule(key = HardCodedCredentialsCheck.KEY)
/* loaded from: input_file:META-INF/lib/php-checks-2.9.2.1744.jar:org/sonar/php/checks/HardCodedCredentialsCheck.class */
public class HardCodedCredentialsCheck extends PHPVisitorCheck {
    public static final String KEY = "S2068";
    private static final String MESSAGE = "Remove this hard-coded password.";
    private static final Pattern PASSWORD_LITERAL_PATTERN = Pattern.compile("password=..", 2);
    private static final Pattern PASSWORD_VARIABLE_PATTERN = Pattern.compile("password", 2);

    @Override // org.sonar.plugins.php.api.visitors.PHPVisitorCheck, org.sonar.plugins.php.api.visitors.VisitorCheck
    public void visitLiteral(LiteralTree literalTree) {
        if (literalTree.is(Tree.Kind.REGULAR_STRING_LITERAL) && PASSWORD_LITERAL_PATTERN.matcher(literalTree.token().text()).find()) {
            addIssue(literalTree);
        }
        super.visitLiteral(literalTree);
    }

    @Override // org.sonar.plugins.php.api.visitors.PHPVisitorCheck, org.sonar.plugins.php.api.visitors.VisitorCheck
    public void visitVariableDeclaration(VariableDeclarationTree variableDeclarationTree) {
        checkVariable(variableDeclarationTree.identifier(), variableDeclarationTree.identifier().text(), variableDeclarationTree.initValue());
        super.visitVariableDeclaration(variableDeclarationTree);
    }

    @Override // org.sonar.plugins.php.api.visitors.PHPVisitorCheck, org.sonar.plugins.php.api.visitors.VisitorCheck
    public void visitAssignmentExpression(AssignmentExpressionTree assignmentExpressionTree) {
        SyntaxToken lastToken = ((PHPTree) assignmentExpressionTree.variable()).getLastToken();
        checkVariable(lastToken, lastToken.text(), assignmentExpressionTree.value());
        super.visitAssignmentExpression(assignmentExpressionTree);
    }

    private void checkVariable(Tree tree, String str, @Nullable Tree tree2) {
        if (tree2 != null && tree2.is(Tree.Kind.REGULAR_STRING_LITERAL) && PASSWORD_VARIABLE_PATTERN.matcher(str).find()) {
            addIssue(tree);
        }
    }

    private void addIssue(Tree tree) {
        context().newIssue(this, tree, MESSAGE);
    }
}
