package com.sourceclear.engine.scan;

import com.google.common.base.Optional;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.UnmodifiableIterator;
import com.sourceclear.api.client.Client;
import com.sourceclear.api.client.SourceClearClient;
import com.sourceclear.api.data.evidence.CoordinateType;
import com.sourceclear.api.data.evidence.Coordinates;
import com.sourceclear.api.data.evidence.Evidence;
import com.sourceclear.api.data.evidence.EvidenceType;
import com.sourceclear.api.data.evidence.LanguageType;
import com.sourceclear.api.data.git.MetaGit;
import com.sourceclear.api.data.match.MatchQuery;
import com.sourceclear.api.data.match.MatchResponse;
import com.sourceclear.api.data.methods.ComponentMethodMapper;
import com.sourceclear.api.data.methods.VulnerableMethodUpload;
import com.sourceclear.engine.common.ClassFileVisitor;
import com.sourceclear.engine.common.FileTypeVisitor;
import com.sourceclear.engine.common.PythonFileVisitor;
import com.sourceclear.engine.common.StoredFileVisitor;
import com.sourceclear.engine.common.logging.NoopLogStream;
import com.sourceclear.engine.component.linecount.LineCounter;
import com.sourceclear.engine.methods.VulnerableMethodsCollatorImpl;
import com.sourceclear.util.config.FailureLevel;
import com.sourceclear.util.config.ScanConfig;
import com.sourceclear.util.config.Verbosity;
import com.sourceclear.util.io.EvidenceUtils;
import com.sourceclear.util.io.GitUtils;
import com.sourceclear.util.io.renderers.ScanReport;
import com.sourceclear.util.io.renderers.SummaryRenderer;
import com.srcclr.sdk.LibraryGraphContainer;
import java.io.IOException;
import java.net.URI;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Collection;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.jrubyparser.lexer.LexingCommon;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sourceclear/engine/scan/LibraryGraphContainerScanner.class */
public class LibraryGraphContainerScanner {
    private static final Logger log = LoggerFactory.getLogger(LibraryGraphContainerScanner.class);
    private ScanConfig config;
    private Client client;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.sourceclear.engine.scan.LibraryGraphContainerScanner$1, reason: invalid class name */
    /* loaded from: input_file:com/sourceclear/engine/scan/LibraryGraphContainerScanner$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$sourceclear$api$data$evidence$LanguageType = new int[LanguageType.values().length];

        static {
            try {
                $SwitchMap$com$sourceclear$api$data$evidence$LanguageType[LanguageType.JAVA.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$sourceclear$api$data$evidence$LanguageType[LanguageType.PYTHON.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$sourceclear$api$data$evidence$LanguageType[LanguageType.RUBY.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$sourceclear$api$data$evidence$LanguageType[LanguageType.JS.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public LibraryGraphContainerScanner(ScanConfig scanConfig) {
        this(scanConfig, null);
        if (scanConfig != null) {
            this.client = buildClient();
        }
    }

    public LibraryGraphContainerScanner(ScanConfig scanConfig, Client client) {
        this.config = scanConfig;
        this.client = client;
    }

    public void consumeAndReport(LibraryGraphContainer libraryGraphContainer) throws SrcclrScanFailureException, SrcclrScanUnexpectedCondition {
        ImmutableSet.Builder builder = new ImmutableSet.Builder();
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(libraryGraphContainer.getGraphs());
        builder.addAll(EvidenceUtils.evidenceFromLibraryGraphs(arrayList));
        ImmutableSet<Evidence> build = builder.build();
        String file = this.config.getPathToTop().toString();
        boolean isMethodsSupported = isMethodsSupported(file, build);
        if (!isMethodsSupported) {
            System.err.printf("Couldn't find any files in %s, skipping vulnerable methods check.\n", file);
        }
        long currentTimeMillis = System.currentTimeMillis();
        Long countLoc = countLoc();
        try {
            MatchResponse match = this.client.match(buildMatchQuery(build, isMethodsSupported, countLoc));
            System.out.println();
            System.out.printf(" -> matched in %s seconds.%n%n", Long.valueOf((System.currentTimeMillis() - currentTimeMillis) / 1000));
            ComponentMethodMapper componentMethodMapper = null;
            if (isMethodsSupported) {
                componentMethodMapper = doVulnMethodsScan(match, this.client);
            } else {
                System.out.println("Skipping vulnerable methods scan.");
            }
            ScanReport buildReport = buildReport(build, componentMethodMapper, match, countLoc);
            renderReport(buildReport);
            maybeFailOnVulns(this.config.getFailureThreshold(), buildReport.getVulnerableMethods(), buildReport.getVulnerableComponents());
        } catch (Exception e) {
            throw new SrcclrScanUnexpectedCondition("Encountered problem running the SRC:CLR scan: " + e.getMessage(), e);
        }
    }

    private ComponentMethodMapper doVulnMethodsScan(MatchResponse matchResponse, Client client) {
        VulnerableMethodUpload vulnerableMethodUpload;
        ComponentMethodMapper scanPath = new VulnerableMethodsCollatorImpl(matchResponse.getComponents(), new NoopLogStream()).scanPath(this.config.getPathToTop().toPath());
        if (this.config.getUpload()) {
            boolean z = false;
            if (scanPath == null || scanPath.isEmpty()) {
                vulnerableMethodUpload = new VulnerableMethodUpload(matchResponse.getScanId(), new ComponentMethodMapper());
            } else {
                vulnerableMethodUpload = new VulnerableMethodUpload(matchResponse.getScanId(), scanPath);
            }
            try {
                try {
                    z = client.uploadVulnerableMethods(vulnerableMethodUpload);
                    if (!z) {
                        System.err.println("Vulnerable methods upload failed.");
                    }
                } catch (IOException e) {
                    getLog().error("Encountered error during vulnerable method upload.", e);
                    if (!z) {
                        System.err.println("Vulnerable methods upload failed.");
                    }
                }
            } catch (Throwable th) {
                if (!z) {
                    System.err.println("Vulnerable methods upload failed.");
                }
                throw th;
            }
        }
        return scanPath;
    }

    protected void maybeFailOnVulns(FailureLevel failureLevel, Integer num, int i) throws SrcclrScanFailureException {
        FailureLevel failureLevel2 = null;
        if (num != null && num.intValue() > 0) {
            failureLevel2 = FailureLevel.METHOD;
        } else if (i > 0) {
            failureLevel2 = FailureLevel.COMPONENT;
        }
        if (failureLevel2 != null && failureLevel2.compareTo(failureLevel) >= 0) {
            throw new SrcclrScanFailureException("The current scan found vulnerable " + failureLevel2.toString().toLowerCase() + "s, failing as failureThreshold is set to " + failureLevel + ".");
        }
    }

    private void renderReport(ScanReport scanReport) {
        if (this.config.getReportVerbosity() == Verbosity.SILENT) {
            return;
        }
        new SummaryRenderer(this.config.getClientVersion() != null ? this.config.getClientVersion() : "Unknown", "Unknown", System.out).accept(scanReport);
    }

    private ScanReport buildReport(ImmutableSet<Evidence> immutableSet, ComponentMethodMapper componentMethodMapper, MatchResponse matchResponse, @Nullable Long l) {
        return new ScanReport.Builder().withScanConfig(this.config).withAppBase(URI.create("https://srcclr.com")).withScanPath(this.config.getPathToTop().toString()).withDuration((System.currentTimeMillis() - this.config.getScanStart()) / 1000).withEvidence(immutableSet).withMatchResponse(matchResponse).withMethodScanResult(componentMethodMapper).withUpload(this.config.getUpload()).withLineCount(l).build();
    }

    private Client buildClient() {
        return new SourceClearClient.Builder().withApiToken(this.config.getApiToken()).withBaseURI(this.config.getApiURL()).withClientType(SourceClearClient.Type.CLI).withClientVersion(this.config.getClientVersion()).build();
    }

    private Long countLoc() {
        try {
            return Long.valueOf(LineCounter.countLOC(this.config.getPathToTop()));
        } catch (Exception e) {
            System.err.println("Skipping LoC counting.");
            e.printStackTrace(System.err);
            return null;
        }
    }

    MatchQuery buildMatchQuery(ImmutableSet<Evidence> immutableSet, boolean z, @Nullable Long l) throws Exception {
        MetaGit gitMetaData = GitUtils.getGitMetaData(this.config.getPathToTop(), 30);
        return new MatchQuery.Builder().withMetaGit(gitMetaData).withProjectId(this.config.getUserProjectID()).withScanId(this.config.getScanID()).withEvidence(new ArrayList((Collection) immutableSet)).withProjectName(this.config.getProjectName()).persist(GitUtils.isValidRemote(gitMetaData.getRemote()) && this.config.getUpload()).requestVulnMethods(z).withLinesOfCode(l).build();
    }

    private boolean isMethodsSupported(String str, ImmutableSet<Evidence> immutableSet) {
        CoordinateType coordinateType;
        LanguageType primaryLanguage;
        if (immutableSet == null || immutableSet.size() == 0) {
            return false;
        }
        UnmodifiableIterator it = immutableSet.iterator();
        while (it.hasNext()) {
            Evidence evidence = (Evidence) it.next();
            if (evidence.getEvidenceType() == EvidenceType.JAR) {
                Optional<FileTypeVisitor> vulnMethodVisitorForLanguageType = getVulnMethodVisitorForLanguageType(LanguageType.JAVA);
                return vulnMethodVisitorForLanguageType.isPresent() && internalIsMethodsSupported(str, (StoredFileVisitor) vulnMethodVisitorForLanguageType.get());
            }
            Coordinates coordinates = evidence.getCoordinates();
            if (coordinates != null && (coordinateType = coordinates.getCoordinateType()) != null && (primaryLanguage = coordinateType.getPrimaryLanguage()) != null) {
                Optional<FileTypeVisitor> vulnMethodVisitorForLanguageType2 = getVulnMethodVisitorForLanguageType(primaryLanguage);
                return vulnMethodVisitorForLanguageType2.isPresent() && internalIsMethodsSupported(str, (StoredFileVisitor) vulnMethodVisitorForLanguageType2.get());
            }
        }
        return false;
    }

    private boolean internalIsMethodsSupported(@Nonnull String str, @Nonnull StoredFileVisitor storedFileVisitor) {
        try {
            Files.walkFileTree(Paths.get(str, new String[0]), storedFileVisitor);
            return !storedFileVisitor.getFiles().isEmpty();
        } catch (Exception e) {
            System.err.println("Unable to determine vulnerable methods support, skipping");
            getLog().error("Couldn't scan for class files", e);
            return false;
        }
    }

    private Optional<FileTypeVisitor> getVulnMethodVisitorForLanguageType(@Nonnull LanguageType languageType) {
        switch (AnonymousClass1.$SwitchMap$com$sourceclear$api$data$evidence$LanguageType[languageType.ordinal()]) {
            case 1:
                return Optional.of(ClassFileVisitor.getVisitor());
            case 2:
                return Optional.of(PythonFileVisitor.getVisitor());
            case LexingCommon.SUFFIX_ALL /* 3 */:
            case 4:
            default:
                return Optional.absent();
        }
    }

    public static Logger getLog() {
        return log;
    }
}
