package com.sourceclear.engine.scan;

import com.google.common.collect.ImmutableSet;
import com.google.common.collect.UnmodifiableIterator;
import com.sourceclear.api.client.Client;
import com.sourceclear.api.client.SourceClearClient;
import com.sourceclear.api.data.evidence.Coordinates;
import com.sourceclear.api.data.evidence.Evidence;
import com.sourceclear.api.data.match.MatchQuery;
import com.sourceclear.api.data.match.MatchResponse;
import com.sourceclear.api.data.methods.ComponentMethodMapper;
import com.sourceclear.api.data.methods.VulnerableMethodUpload;
import com.sourceclear.engine.common.ClassFileVisitor;
import com.sourceclear.engine.common.logging.NoopLogStream;
import com.sourceclear.engine.component.Utils;
import com.sourceclear.engine.component.linecount.LineCounter;
import com.sourceclear.engine.methods.ClassMethodsEngine;
import com.sourceclear.engine.methods.VulnerableMethodsCollatorImpl;
import com.sourceclear.util.config.FailureLevel;
import com.sourceclear.util.config.ScanConfig;
import com.sourceclear.util.config.Verbosity;
import com.sourceclear.util.io.GitUtils;
import com.sourceclear.util.io.renderers.ComponentRenderer;
import com.sourceclear.util.io.renderers.ScanReport;
import com.sourceclear.util.io.renderers.SummaryRenderer;
import com.srcclr.sdk.ComponentGraphContainer;
import java.io.IOException;
import java.net.URI;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import javax.annotation.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sourceclear/engine/scan/ComponentGraphContainerScanner.class */
public class ComponentGraphContainerScanner {
    static final ClassMethodsEngine METHODS_ENGINE = new ClassMethodsEngine();
    static Logger log = LoggerFactory.getLogger(ComponentGraphContainerScanner.class);
    ScanConfig config;

    public ComponentGraphContainerScanner(ScanConfig scanConfig) {
        this.config = scanConfig;
    }

    public void consumeAndReport(ComponentGraphContainer componentGraphContainer) throws SrcclrScanFailureException, SrcclrScanUnexpectedCondition {
        ImmutableSet.Builder builder = new ImmutableSet.Builder();
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(componentGraphContainer.getGraphs());
        builder.addAll(Utils.fromComponentGraphs(this.config.getLanguage(), arrayList));
        ImmutableSet<Evidence> build = builder.build();
        String file = this.config.getPathToTop().toString();
        boolean isMethodsSupported = isMethodsSupported(file);
        if (!isMethodsSupported) {
            System.err.printf("Couldn't find any built class files in %s, skipping vulnerable methods check.\n", file);
        }
        Client buildClient = buildClient();
        long currentTimeMillis = System.currentTimeMillis();
        Long countLoc = countLoc();
        try {
            MatchResponse match = buildClient.match(buildMatchQuery(build, isMethodsSupported, countLoc));
            System.out.println();
            System.out.printf(" -> matched in %s seconds.%n%n", Long.valueOf((System.currentTimeMillis() - currentTimeMillis) / 1000));
            ComponentMethodMapper componentMethodMapper = null;
            if (isMethodsSupported) {
                HashSet hashSet = new HashSet();
                UnmodifiableIterator it = build.iterator();
                while (it.hasNext()) {
                    hashSet.add(((Evidence) it.next()).getCoordinates());
                }
                componentMethodMapper = doVulnMethodsScan(hashSet, match, buildClient);
            } else {
                System.out.println("Skipping vulnerable methods scan.");
            }
            ScanReport buildReport = buildReport(build, componentMethodMapper, match, countLoc);
            renderReport(buildReport);
            maybeFailOnVulns(this.config.getFailureThreshold(), buildReport.getVulnerableMethods(), buildReport.getVulnerableComponents());
        } catch (Exception e) {
            throw new SrcclrScanUnexpectedCondition("Encountered problem running the SRC:CLR scan: " + e.getMessage(), e);
        }
    }

    private ComponentMethodMapper doVulnMethodsScan(Set<Coordinates> set, MatchResponse matchResponse, Client client) {
        ComponentMethodMapper scanPath = new VulnerableMethodsCollatorImpl(set, matchResponse.getComponents(), METHODS_ENGINE, new NoopLogStream()).scanPath(this.config.getPathToTop().toPath());
        if (this.config.getUpload() && scanPath != null && !scanPath.isEmpty()) {
            boolean z = false;
            try {
                try {
                    z = client.uploadVulnerableMethods(new VulnerableMethodUpload(matchResponse.getScanId(), scanPath));
                    if (!z) {
                        System.err.println("Vulnerable methods upload failed.");
                    }
                } catch (IOException e) {
                    getLog().error("Encountered error during vulnerable method upload.", e);
                    if (!z) {
                        System.err.println("Vulnerable methods upload failed.");
                    }
                }
            } catch (Throwable th) {
                if (!z) {
                    System.err.println("Vulnerable methods upload failed.");
                }
                throw th;
            }
        }
        return scanPath;
    }

    protected void maybeFailOnVulns(FailureLevel failureLevel, Integer num, int i) throws SrcclrScanFailureException {
        FailureLevel failureLevel2 = null;
        if (num != null && num.intValue() > 0) {
            failureLevel2 = FailureLevel.METHOD;
        } else if (i > 0) {
            failureLevel2 = FailureLevel.COMPONENT;
        }
        if (failureLevel2 != null && failureLevel2.compareTo(failureLevel) >= 0) {
            throw new SrcclrScanFailureException("The current scan found vulnerable " + failureLevel2.toString().toLowerCase() + "s, failing as failureThreshold is set to " + failureLevel + ".");
        }
    }

    private void renderReport(ScanReport scanReport) {
        Verbosity reportVerbosity = this.config.getReportVerbosity();
        if (reportVerbosity == Verbosity.SILENT) {
            return;
        }
        new ComponentRenderer(reportVerbosity).accept(scanReport);
        new SummaryRenderer().accept(scanReport);
    }

    private ScanReport buildReport(ImmutableSet<Evidence> immutableSet, ComponentMethodMapper componentMethodMapper, MatchResponse matchResponse, @Nullable Long l) {
        return new ScanReport.Builder().withScanConfig(this.config).withAppBase(URI.create("https://srcclr.com")).withScanPath(this.config.getPathToTop().toString()).withDuration((System.currentTimeMillis() - this.config.getScanStart()) / 1000).withEvidence(immutableSet).withMatchResponse(matchResponse).withMethodScanResult(componentMethodMapper).withUpload(this.config.getUpload()).withLineCount(l).build();
    }

    private Client buildClient() {
        return new SourceClearClient.Builder().withApiToken(this.config.getApiToken()).withBaseURI(this.config.getApiURL()).withClientType(this.config.getClientType()).withClientVersion(this.config.getClientVersion()).build();
    }

    private Long countLoc() {
        try {
            return Long.valueOf(LineCounter.countLOC(this.config.getPathToTop().getAbsolutePath(), new NoopLogStream()));
        } catch (Exception e) {
            System.err.println("Skipping LoC counting.");
            e.printStackTrace(System.err);
            return null;
        }
    }

    protected MatchQuery buildMatchQuery(ImmutableSet<Evidence> immutableSet, boolean z, @Nullable Long l) throws Exception {
        String str = null;
        String str2 = null;
        String str3 = null;
        try {
            str = GitUtils.getBranch(this.config.getPathToTop());
            str2 = GitUtils.getCommitHash(this.config.getPathToTop());
            str3 = GitUtils.getRepoUrl(this.config.getPathToTop());
            if (str3 == null) {
                str3 = this.config.getPathToTop().getCanonicalPath();
            }
        } catch (Exception e) {
            getLog().error("\n ** A problem was encountered in trying to find repo naming information. ", e);
        }
        return new MatchQuery.Builder().withMetaGit(GitUtils.getGitMetaData(this.config.getPathToTop(), 30)).withProjectId(this.config.getUserProjectID()).withScanId(this.config.getScanID()).withEvidence(new ArrayList((Collection) immutableSet)).withBranch(str).withCommitHash(str2).withRepoUrl(str3).withProjectName(this.config.getProjectName()).persist(this.config.getUpload()).requestVulnMethods(z).withLinesOfCode(l).build();
    }

    private boolean isMethodsSupported(String str) {
        try {
            ClassFileVisitor classFileVisitor = new ClassFileVisitor();
            Files.walkFileTree(Paths.get(str, new String[0]), classFileVisitor);
            return !classFileVisitor.getClassFiles().isEmpty();
        } catch (Exception e) {
            System.err.println("Unable to determine vulnerable methods support, skipping");
            getLog().error("Couldn't scan for class files", e);
            return false;
        }
    }

    public static Logger getLog() {
        return log;
    }
}
