package org.owasp.dependencycheck.analyzer;

import java.io.FileFilter;
import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.io.FileUtils;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.EvidenceCollection;
import org.owasp.dependencycheck.utils.FileFilterBuilder;
import org.owasp.dependencycheck.xml.pom.PomHandler;

/* loaded from: input_file:org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzer.class */
public class RubyGemspecAnalyzer extends AbstractFileTypeAnalyzer {
    private static final String ANALYZER_NAME = "Ruby Gemspec Analyzer";
    private static final String EMAIL = "email";
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INFORMATION_COLLECTION;
    private static final String GEMSPEC = "gemspec";
    private static final FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(GEMSPEC).addFilenames("Rakefile").build();
    private static final Pattern GEMSPEC_BLOCK_INIT = Pattern.compile("Gem::Specification\\.new\\s+?do\\s+?\\|(.+?)\\|");

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected FileFilter getFileFilter() {
        return FILTER;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void initializeFileTypeAnalyzer() throws Exception {
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return "analyzer.ruby.gemspec.enabled";
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException {
        try {
            String readFileToString = FileUtils.readFileToString(dependency.getActualFile());
            Matcher matcher = GEMSPEC_BLOCK_INIT.matcher(readFileToString);
            if (matcher.find()) {
                String substring = readFileToString.substring(matcher.end());
                String group = matcher.group(1);
                EvidenceCollection vendorEvidence = dependency.getVendorEvidence();
                addStringEvidence(vendorEvidence, substring, group, "author", Confidence.HIGHEST);
                addListEvidence(vendorEvidence, substring, group, "authors", Confidence.HIGHEST);
                if (addStringEvidence(vendorEvidence, substring, group, EMAIL, Confidence.MEDIUM).isEmpty()) {
                    addListEvidence(vendorEvidence, substring, group, EMAIL, Confidence.MEDIUM);
                }
                addStringEvidence(vendorEvidence, substring, group, "homepage", Confidence.MEDIUM);
                EvidenceCollection productEvidence = dependency.getProductEvidence();
                String addStringEvidence = addStringEvidence(productEvidence, substring, group, PomHandler.NAME, Confidence.HIGHEST);
                if (!addStringEvidence.isEmpty()) {
                    vendorEvidence.addEvidence(GEMSPEC, "name_project", addStringEvidence + "_project", Confidence.LOW);
                }
                addStringEvidence(productEvidence, substring, group, "summary", Confidence.LOW);
                addStringEvidence(dependency.getVersionEvidence(), substring, group, "version", Confidence.HIGHEST);
            }
        } catch (IOException e) {
            throw new AnalysisException("Problem occurred while reading dependency file.", e);
        }
    }

    private void addListEvidence(EvidenceCollection evidenceCollection, String str, String str2, String str3, Confidence confidence) {
        Matcher matcher = Pattern.compile(String.format("\\s+?%s\\.%s\\s*?=\\s*?\\[(.*?)\\]", str2, str3)).matcher(str);
        if (matcher.find()) {
            evidenceCollection.addEvidence(GEMSPEC, str3, matcher.group(1).replaceAll("['\"]", " ").trim(), confidence);
        }
    }

    private String addStringEvidence(EvidenceCollection evidenceCollection, String str, String str2, String str3, Confidence confidence) {
        Matcher matcher = Pattern.compile(String.format("\\s+?%s\\.%s\\s*?=\\s*?(['\"])(.*?)\\1", str2, str3)).matcher(str);
        String str4 = "";
        if (matcher.find()) {
            str4 = matcher.group(2);
            evidenceCollection.addEvidence(GEMSPEC, str3, str4, confidence);
        }
        return str4;
    }
}
