package Iodef::Pb::Simple::Plugin::Url;
use base 'Iodef::Pb::Simple::Plugin';

use strict;
use warnings;

use URI::Escape;
use Digest::SHA qw/sha1_hex/;
use Digest::MD5 qw/md5_hex/;
use Encode qw(encode_utf8);

sub process {
    my $self = shift;
    my $data = shift;
    my $iodef = shift;
    
    my $addr = $data->{'address'};
    return unless($addr);
    return unless($addr =~ /^(ftp|https?):\/\//);
    
    $addr = lc($addr);
    $addr =~ s/\/$//;
    my $safe = uri_escape($addr,'\x00-\x1f\x7f-\xff');
    $safe = encode_utf8($addr);
    $addr = $safe;
  
    $data->{'address'} = $safe;
    $data->{'md5'} = md5_hex($safe) unless($data->{'md5'});
    $data->{'sha1'} = sha1_hex($safe) unless($data->{'sha1'});
    
    my @additional_data;
    push(@additional_data,(
        ExtensionType->new({
            dtype       => ExtensionType::DtypeType::dtype_type_string(),
            meaning     => 'url hash',
            formatid    => 'md5',
            content     => $data->{'md5'},
        }),
        ExtensionType->new({
            dtype       => ExtensionType::DtypeType::dtype_type_string(),
            meaning     => 'url hash',
            formatid    => 'sha1',
            content     => $data->{'sha1'},
        })
    ));
    
    my $event = EventDataType->new({
        Flow    => FlowType->new({
            System  => SystemType->new({
                Node    => NodeType->new({
                    Address => AddressType->new({
                        category        => AddressType::AddressCategory::Address_category_ext_value(),
                        ext_category    => 'url',
                        content         => $addr,
                    }),
                }),
                AdditionalData  => \@additional_data,
                category        => SystemType::SystemCategory::System_category_target(),
            }),
        }),
    });
    my $incident = @{$iodef->get_Incident()}[0];
    push(@{$incident->{'EventData'}},$event);
}

1;