package com.sourceclear.plugins;

import com.google.common.collect.ImmutableSet;
import com.sourceclear.api.client.Client;
import com.sourceclear.api.client.SourceClearClient;
import com.sourceclear.api.data.artifact.LibraryArtifactApiModel;
import com.sourceclear.api.data.artifact.LibraryMatchWithArtifactsApiModel;
import com.sourceclear.api.data.evidence.Evidence;
import com.sourceclear.api.data.evidence.LanguageType;
import com.sourceclear.api.data.match.MatchQuery;
import com.sourceclear.api.data.match.MatchResponse;
import com.sourceclear.api.data.methods.MethodCallChains;
import com.sourceclear.api.data.methods.VulnerableMethodUpload;
import com.sourceclear.engine.common.ClassFileVisitor;
import com.sourceclear.engine.common.DependencyGraph;
import com.sourceclear.engine.common.logging.NoopLogStream;
import com.sourceclear.engine.component.Utils;
import com.sourceclear.engine.methods.ClassMethodsEngine;
import com.sourceclear.engine.methods.VulnerableMethodsCollator;
import com.sourceclear.plugins.config.ConfigServiceImpl;
import com.sourceclear.plugins.config.ConsoleConfig;
import com.sourceclear.util.io.GitUtils;
import com.sourceclear.util.io.renderers.ComponentRenderer;
import com.sourceclear.util.io.renderers.ScanReport;
import com.sourceclear.util.io.renderers.SummaryRenderer;
import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import jdk.nashorn.internal.ir.annotations.Immutable;
import org.apache.commons.lang3.StringUtils;
import org.apache.maven.artifact.Artifact;
import org.apache.maven.artifact.resolver.filter.ArtifactFilter;
import org.apache.maven.execution.MavenSession;
import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugins.annotations.Component;
import org.apache.maven.plugins.annotations.InstantiationStrategy;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.plugins.annotations.ResolutionScope;
import org.apache.maven.project.MavenProject;
import org.apache.maven.project.ProjectBuildingRequest;
import org.apache.maven.shared.dependency.graph.DependencyGraphBuilder;
import org.apache.maven.shared.dependency.graph.DependencyGraphBuilderException;

@Mojo(name = "scan", requiresDependencyCollection = ResolutionScope.COMPILE, requiresProject = true, instantiationStrategy = InstantiationStrategy.SINGLETON, threadSafe = false)
/* loaded from: input_file:com/sourceclear/plugins/CaptureMavenMojo.class */
public class CaptureMavenMojo extends AbstractMojo {

    @Parameter(defaultValue = "${session}", required = true, readonly = true)
    private MavenSession session;

    @Parameter(property = "orgToken")
    protected String orgToken;

    @Parameter(property = "orgName")
    private String orgName;

    @Parameter(property = "projectName")
    private String projectName;

    @Parameter(property = "apiURL")
    protected URI apiURL;

    @Parameter(property = "userToken")
    protected String userToken;

    @Parameter(property = "projectID")
    private Long userProjectID;

    @Parameter(property = "shouldUpload", defaultValue = "true")
    private boolean shouldUpload;

    @Parameter(property = "verbose", defaultValue = "false")
    private boolean verbose;

    @Parameter(property = "failureThreshold", defaultValue = "METHOD")
    private FailureLevel failureThreshold;

    @Component(hint = "default")
    private DependencyGraphBuilder dependencyGraphBuilder;
    long scanStart;
    ArrayList<DependencyGraph> projectDependencyTrees = new ArrayList<>();
    MavenProject lastProject = null;
    public static final URI DEFAULT_API_URL = URI.create("https://api.srcclr.com");

    @Immutable
    static final ClassMethodsEngine METHODS_ENGINE = new ClassMethodsEngine();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/sourceclear/plugins/CaptureMavenMojo$FailureLevel.class */
    public enum FailureLevel {
        COMPONENT,
        METHOD,
        NEVER
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/sourceclear/plugins/CaptureMavenMojo$NoTestArtifacts.class */
    public class NoTestArtifacts implements ArtifactFilter {
        NoTestArtifacts() {
        }

        public boolean include(Artifact artifact) {
            return !artifact.getScope().equals("test");
        }
    }

    protected void handleConfig() throws MojoFailureException {
        if (StringUtils.isNotBlank(this.userToken) && StringUtils.isNotBlank(this.orgToken) && this.apiURL != null) {
            return;
        }
        ConfigServiceImpl configServiceImpl = new ConfigServiceImpl();
        if (StringUtils.isBlank(this.userToken)) {
            try {
                this.userToken = configServiceImpl.getSourceClearClientToken();
            } catch (Exception e) {
                getLog().debug("Error in retrieving client token", e);
            }
            if (StringUtils.isBlank(this.userToken)) {
                throw new MojoFailureException("The userToken parameter is required. Specify it with -DuserToken or by setting userToken in a SRC:CLR configuration file.");
            }
        }
        if (StringUtils.isBlank(this.orgToken)) {
            try {
                this.orgToken = configServiceImpl.getSourceClearOrgToken();
            } catch (Exception e2) {
                getLog().debug("Error in retrieving org token", e2);
            }
            if (StringUtils.isBlank(this.orgToken)) {
                this.orgToken = null;
            }
        }
        if (this.apiURL == null) {
            ConsoleConfig consoleConfig = null;
            try {
                consoleConfig = configServiceImpl.getConfiguration();
            } catch (Exception e3) {
                getLog().debug("Error in retrieving URL string: ", e3);
            }
            String str = null;
            if (consoleConfig != null) {
                String apiUrl = consoleConfig.getApiUrl();
                if (StringUtils.isNotBlank(apiUrl)) {
                    str = apiUrl;
                }
            }
            if (StringUtils.isNotBlank(str)) {
                try {
                    this.apiURL = new URI(str);
                } catch (Exception e4) {
                    throw new MojoFailureException("Failure in trying to use specified apiURL:", e4);
                }
            }
        }
        if (this.apiURL == null) {
            this.apiURL = DEFAULT_API_URL;
        }
    }

    private void initialSetup() throws MojoFailureException {
        if (this.lastProject == null) {
            this.scanStart = System.currentTimeMillis();
            handleConfig();
            List sortedProjects = this.session.getProjectDependencyGraph().getSortedProjects();
            this.lastProject = (MavenProject) sortedProjects.get(sortedProjects.size() - 1);
        }
    }

    private DependencyGraph getProjectDependencyGraph() throws MojoExecutionException {
        Path pathToTop = getPathToTop();
        try {
            ProjectBuildingRequest projectBuildingRequest = this.session.getProjectBuildingRequest();
            MavenProject currentProject = this.session.getCurrentProject();
            projectBuildingRequest.setProject(currentProject);
            return new DependencyGraphTranslator(pathToTop.relativize(currentProject.getFile().toPath()).toString()).getSrcclrDependencyGraph(this.dependencyGraphBuilder.buildDependencyGraph(projectBuildingRequest, new NoTestArtifacts()));
        } catch (DependencyGraphBuilderException e) {
            throw new MojoExecutionException("Encountered problem running the SRC:CLR maven plugin", e);
        }
    }

    private Path getPathToTop() {
        return Paths.get(this.session.getTopLevelProject().getFile().getParent(), new String[0]);
    }

    private MatchQuery buildMatchQuery(ImmutableSet<Evidence> immutableSet, boolean z) {
        String str = null;
        String str2 = null;
        String str3 = null;
        File basedir = this.session.getTopLevelProject().getBasedir();
        Path pathToTop = getPathToTop();
        try {
            str = GitUtils.getBranch(basedir);
            str2 = GitUtils.getCommitHash(basedir);
            str3 = GitUtils.getRepoUrl(basedir);
            if (str3 == null) {
                str3 = pathToTop.toFile().getCanonicalPath();
            }
        } catch (Exception e) {
            getLog().error("\n ** A problem was encountered in trying to find repo naming information. ", e);
        }
        return new MatchQuery.Builder().withProjectId(this.userProjectID).withScanId(generateScanId()).withEvidence(new ArrayList(immutableSet)).withBranch(str).withCommitHash(str2).withRepoUrl(str3).withProjectName(this.projectName).withOrganization(this.orgName).persist(this.shouldUpload).requestVulnMethods(z).build();
    }

    private Client buildClient() {
        return new SourceClearClient.Builder().withAuthToken(this.userToken).withOrgToken(this.orgToken).withBaseURI(this.apiURL).build();
    }

    private ScanReport buildReport(ImmutableSet<Evidence> immutableSet, Map<LibraryArtifactApiModel, List<MethodCallChains>> map, MatchResponse matchResponse) {
        ScanReport.Builder withUpload = new ScanReport.Builder().withScanPath(getPathToTop().toString()).withDuration((System.currentTimeMillis() - this.scanStart) / 1000).withEvidence(immutableSet).withMatchResponse(matchResponse).withUpload(this.shouldUpload);
        if (map != null) {
            withUpload.withCallChains(map);
        }
        return withUpload.build();
    }

    private void renderReport(ScanReport scanReport) {
        SummaryRenderer summaryRenderer = new SummaryRenderer();
        new ComponentRenderer(this.verbose).accept(scanReport);
        summaryRenderer.accept(scanReport);
    }

    private void consumeAndReport() throws MojoFailureException, MojoExecutionException {
        ImmutableSet.Builder builder = new ImmutableSet.Builder();
        builder.addAll((Iterable) Utils.fromDependencyGraph(LanguageType.JAVA, (DependencyGraph[]) this.projectDependencyTrees.toArray(new DependencyGraph[this.projectDependencyTrees.size()])));
        ImmutableSet<Evidence> build = builder.build();
        String path = getPathToTop().toString();
        boolean isMethodsSupported = isMethodsSupported(path);
        if (!isMethodsSupported) {
            System.err.printf("Couldn't find any built class files in %s, skipping vulnerable methods check.\n", path);
        }
        Client buildClient = buildClient();
        long currentTimeMillis = System.currentTimeMillis();
        try {
            MatchResponse match = buildClient.match(buildMatchQuery(build, isMethodsSupported));
            Long projectId = this.userProjectID == null ? match.getProjectId() : this.userProjectID;
            if (isMethodsSupported && projectId == null) {
                System.err.println("No projectID found, skipping vulnerable method upload.");
                isMethodsSupported = false;
            }
            System.out.println();
            System.out.printf(" -> matched in %s seconds.%n%n", Long.valueOf((System.currentTimeMillis() - currentTimeMillis) / 1000));
            Map<LibraryArtifactApiModel, List<MethodCallChains>> map = null;
            if (isMethodsSupported) {
                map = doVulnMethodsScan(build, match.getComponents(), buildClient, projectId);
            } else {
                System.out.println("Skipping vulnerable methods scan.");
            }
            ScanReport buildReport = buildReport(build, map, match);
            renderReport(buildReport);
            maybeFailOnVulns(buildReport.getVulnerableMethods(), buildReport.getVulnerableComponents());
        } catch (IOException e) {
            throw new MojoExecutionException("Encountered problem running the SRC:CLR maven plugin", e);
        }
    }

    private Map<LibraryArtifactApiModel, List<MethodCallChains>> doVulnMethodsScan(ImmutableSet<Evidence> immutableSet, List<LibraryMatchWithArtifactsApiModel> list, Client client, Long l) {
        VulnerableMethodsCollator vulnerableMethodsCollator = new VulnerableMethodsCollator(immutableSet, list, METHODS_ENGINE, new NoopLogStream());
        vulnerableMethodsCollator.scanPath(getPathToTop().toFile());
        Map<LibraryArtifactApiModel, List<MethodCallChains>> methodsMap = vulnerableMethodsCollator.getMethodsMap();
        Iterator<List<MethodCallChains>> it = methodsMap.values().iterator();
        while (it.hasNext()) {
            VulnerableMethodUpload vulnerableMethodUpload = new VulnerableMethodUpload(it.next());
            boolean z = false;
            if (this.shouldUpload) {
                try {
                    try {
                        z = client.uploadVulnerableMethodsForProject(l.longValue(), vulnerableMethodUpload);
                        if (!z) {
                            System.err.println("Vulnerable methods upload failed.");
                        }
                    } catch (IOException e) {
                        getLog().error("Encountered error during vulnerable method upload.", e);
                        if (!z) {
                            System.err.println("Vulnerable methods upload failed.");
                        }
                    }
                } catch (Throwable th) {
                    if (!z) {
                        System.err.println("Vulnerable methods upload failed.");
                    }
                    throw th;
                }
            }
        }
        return methodsMap;
    }

    protected void maybeFailOnVulns(Integer num, int i) throws MojoFailureException {
        FailureLevel failureLevel = null;
        if (num != null && num.intValue() > 0) {
            failureLevel = FailureLevel.METHOD;
        } else if (i > 0) {
            failureLevel = FailureLevel.COMPONENT;
        }
        if (failureLevel != null && failureLevel.compareTo(this.failureThreshold) >= 0) {
            throw new MojoFailureException("The current scan found vulnerable " + failureLevel.toString().toLowerCase() + "s, failing as failureThreshold is set to " + this.failureThreshold + ".");
        }
    }

    public void execute() throws MojoExecutionException, MojoFailureException {
        initialSetup();
        this.projectDependencyTrees.add(getProjectDependencyGraph());
        if (this.lastProject.equals(this.session.getCurrentProject())) {
            consumeAndReport();
        }
    }

    private String generateScanId() {
        return String.format("maven-plugin-%s", UUID.randomUUID());
    }

    private boolean isMethodsSupported(String str) {
        try {
            ClassFileVisitor classFileVisitor = new ClassFileVisitor();
            Files.walkFileTree(Paths.get(str, new String[0]), classFileVisitor);
            return !classFileVisitor.getClassFiles().isEmpty();
        } catch (Exception e) {
            System.err.println("Unable to determine vulnerable methods support, skipping");
            getLog().error("Couldn't scan for class files", e);
            return false;
        }
    }
}
