package uap.sec.esapi;

import nc.bs.framework.common.RuntimeEnv;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.PreparedString;
import org.owasp.esapi.codecs.CSSCodec;
import org.owasp.esapi.codecs.Codec;
import org.owasp.esapi.codecs.HTMLEntityCodec;
import org.owasp.esapi.codecs.JavaScriptCodec;
import org.owasp.esapi.codecs.OracleCodec;
import org.owasp.esapi.codecs.PercentCodec;
import org.owasp.esapi.errors.EncodingException;

/* loaded from: input_file:uap/sec/esapi/UAPESAPI.class */
public class UAPESAPI {
    public static final char[] EMPTY_CHAR_ARRAY = new char[0];
    public static final Codec UAP_DB_CODEC = new OracleCodec();
    public static final HTMLEntityCodec HTML_CODEC = new HTMLEntityCodec();
    public static final PercentCodec PERCENT_CODEC = new PercentCodec();
    public static final JavaScriptCodec JAVASCRIPT_CODEC = new JavaScriptCodec();
    public static final CSSCodec CSS_CODEC = new CSSCodec();
    private static final char[] IMMUNE_SQL = {' '};

    public static String sqlEncode(String str) {
        if (RuntimeEnv.getInstance().isRunningInServer()) {
            return ESAPI.encoder().encodeForSQL(UAP_DB_CODEC, str);
        }
        throw new UnsupportedOperationException("The operation can only be invoked on the server!");
    }

    public static String clientSqlEncode(String str) {
        if (str == null) {
            return null;
        }
        return UAP_DB_CODEC.encode(IMMUNE_SQL, str);
    }

    public static String sqlPreparedString(String str, String[] strArr) {
        if (!RuntimeEnv.getInstance().isRunningInServer()) {
            throw new UnsupportedOperationException("The operation can only be invoked on the server!");
        }
        PreparedString preparedString = new PreparedString(str, UAP_DB_CODEC);
        for (int i = 0; i < strArr.length; i++) {
            preparedString.set(i + 1, strArr[i]);
        }
        return preparedString.toString();
    }

    public static String htmlEncode(String str) {
        if (RuntimeEnv.getInstance().isRunningInServer()) {
            return ESAPI.encoder().encodeForHTML(str);
        }
        throw new UnsupportedOperationException("The operation can only be invoked on the server!");
    }

    public static String htmlAttributeEncode(String str) {
        if (RuntimeEnv.getInstance().isRunningInServer()) {
            return ESAPI.encoder().encodeForHTMLAttribute(str);
        }
        throw new UnsupportedOperationException("The operation can only be invoked on the server!");
    }

    public static String cssEncode(String str) {
        if (RuntimeEnv.getInstance().isRunningInServer()) {
            return ESAPI.encoder().encodeForCSS(str);
        }
        throw new UnsupportedOperationException("The operation can only be invoked on the server!");
    }

    public static String javaScriptEncode(String str) {
        if (RuntimeEnv.getInstance().isRunningInServer()) {
            return ESAPI.encoder().encodeForJavaScript(str);
        }
        throw new UnsupportedOperationException("The operation can only be invoked on the server!");
    }

    public static String urlEncode(String str) throws Exception {
        if (!RuntimeEnv.getInstance().isRunningInServer()) {
            throw new UnsupportedOperationException("The operation can only be invoked on the server!");
        }
        try {
            return ESAPI.encoder().encodeForURL(str);
        } catch (EncodingException e) {
            throw new Exception((Throwable) e);
        }
    }

    public static String xmlEncode(String str) {
        if (RuntimeEnv.getInstance().isRunningInServer()) {
            return ESAPI.encoder().encodeForXML(str);
        }
        throw new UnsupportedOperationException("The operation can only be invoked on the server!");
    }

    public static String xmlAttributeEncode(String str) {
        if (RuntimeEnv.getInstance().isRunningInServer()) {
            return ESAPI.encoder().encodeForXMLAttribute(str);
        }
        throw new UnsupportedOperationException("The operation can only be invoked on the server!");
    }

    public static String clientSidePreparedString(String str, String[] strArr, Codec[] codecArr, char c) {
        PreparedString preparedString = new PreparedString(str, c, HTML_CODEC);
        for (int i = 0; i < strArr.length; i++) {
            preparedString.set(i + 1, strArr[i], codecArr[i]);
        }
        return preparedString.toString();
    }

    public static String clientSidePreparedString(String str, String[] strArr, Codec[] codecArr) {
        return clientSidePreparedString(str, strArr, codecArr, '?');
    }
}
