package com.jfrog.ide.common.scan;

import com.jfrog.ide.common.configuration.ServerConfig;
import com.jfrog.ide.common.log.ProgressIndicator;
import com.jfrog.ide.common.tree.DependencyNode;
import com.jfrog.ide.common.tree.GeneralInfo;
import com.jfrog.ide.common.tree.IssueNode;
import com.jfrog.ide.common.tree.License;
import com.jfrog.ide.common.tree.LicenseViolationNode;
import com.jfrog.ide.common.tree.ResearchInfo;
import com.jfrog.ide.common.tree.Severity;
import com.jfrog.ide.common.tree.SeverityReason;
import com.jfrog.ide.common.utils.XrayConnectionUtils;
import com.jfrog.xray.client.Xray;
import com.jfrog.xray.client.impl.XrayClient;
import com.jfrog.xray.client.services.common.Cve;
import com.jfrog.xray.client.services.scan.Component;
import com.jfrog.xray.client.services.scan.ExtendedInformation;
import com.jfrog.xray.client.services.scan.GraphResponse;
import com.jfrog.xray.client.services.scan.SeverityReasons;
import com.jfrog.xray.client.services.scan.Violation;
import com.jfrog.xray.client.services.scan.Vulnerability;
import com.jfrog.xray.client.services.scan.XrayScanProgress;
import com.jfrog.xray.client.services.system.Version;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.CancellationException;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.ListUtils;
import org.apache.commons.lang3.StringUtils;
import org.jfrog.build.api.util.Log;
import org.jfrog.build.extractor.scan.DependencyTree;

/* loaded from: input_file:com/jfrog/ide/common/scan/GraphScanLogic.class */
public class GraphScanLogic implements ScanLogic {
    public static final String MINIMAL_XRAY_VERSION_SUPPORTED_FOR_GRAPH_SCAN = "3.29.0";
    private String pkgType;
    private Log log;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/jfrog/ide/common/scan/GraphScanLogic$XrayScanProgressImpl.class */
    public static class XrayScanProgressImpl implements XrayScanProgress {
        private final ProgressIndicator indicator;

        public XrayScanProgressImpl(ProgressIndicator progressIndicator) {
            this.indicator = progressIndicator;
        }

        public void setFraction(double d) {
            this.indicator.setFraction(d);
        }
    }

    public GraphScanLogic(String str, Log log) {
        this.pkgType = str;
        this.log = log;
    }

    @Override // com.jfrog.ide.common.scan.ScanLogic
    public Map<String, DependencyNode> scanArtifacts(DependencyTree dependencyTree, ServerConfig serverConfig, ProgressIndicator progressIndicator, ComponentPrefix componentPrefix, Runnable runnable) throws IOException, InterruptedException {
        progressIndicator.setIndeterminate(true);
        dependencyTree.setPrefix(componentPrefix.toString());
        DependencyTree createScanTree = createScanTree(dependencyTree);
        if (createScanTree.isLeaf()) {
            this.log.debug("No components found to scan.");
            return null;
        }
        try {
            XrayClient build = XrayConnectionUtils.createXrayClientBuilder(serverConfig, this.log).build();
            if (!isSupportedInXrayVersion((Xray) build)) {
                return null;
            }
            this.log.debug("Starting to scan, sending a dependency graph to Xray");
            runnable.run();
            Map<String, DependencyNode> scan = scan(build, createScanTree, serverConfig, runnable, progressIndicator);
            progressIndicator.setFraction(1.0d);
            return scan;
        } catch (CancellationException e) {
            this.log.info("Xray scan was canceled.");
            return null;
        }
    }

    DependencyTree createScanTree(DependencyTree dependencyTree) {
        DependencyTree dependencyTree2 = new DependencyTree(dependencyTree.getUserObject());
        populateScanTree(dependencyTree, dependencyTree2, new HashSet());
        return dependencyTree2;
    }

    private void populateScanTree(DependencyTree dependencyTree, DependencyTree dependencyTree2, Set<String> set) {
        Iterator it = dependencyTree.getChildren().iterator();
        while (it.hasNext()) {
            DependencyTree dependencyTree3 = (DependencyTree) it.next();
            if (dependencyTree3.isMetadata()) {
                populateScanTree(dependencyTree3, dependencyTree2, set);
            } else {
                String dependencyTree4 = dependencyTree3.toString();
                if (dependencyTree3.getParent().isMetadata()) {
                    String substringAfter = StringUtils.contains(dependencyTree4, "://") ? StringUtils.substringAfter(dependencyTree4, "://") : dependencyTree4;
                }
                if (set.add(dependencyTree3.getComponentId())) {
                    dependencyTree2.add(new DependencyTree(dependencyTree3.getComponentId()));
                }
                populateScanTree(dependencyTree3, dependencyTree2, set);
            }
        }
    }

    public static boolean isSupportedInXrayVersion(Version version) {
        return version.isAtLeast(MINIMAL_XRAY_VERSION_SUPPORTED_FOR_GRAPH_SCAN);
    }

    private boolean isSupportedInXrayVersion(Xray xray) {
        try {
            if (isSupportedInXrayVersion(xray.system().version())) {
                return true;
            }
            this.log.error("Unsupported JFrog Xray version: Required JFrog Xray version 3.29.0 and above.");
            return false;
        } catch (IOException e) {
            this.log.error("JFrog Xray Scan failed. Please check your credentials.", e);
            return false;
        }
    }

    private Map<String, DependencyNode> scan(Xray xray, DependencyTree dependencyTree, ServerConfig serverConfig, Runnable runnable, ProgressIndicator progressIndicator) throws IOException, InterruptedException {
        GraphResponse graph = xray.scan().graph(dependencyTree, new XrayScanProgressImpl(progressIndicator), runnable, serverConfig.getPolicyType() == ServerConfig.PolicyType.PROJECT ? serverConfig.getProject() : "", serverConfig.getPolicyType() == ServerConfig.PolicyType.WATCHES ? StringUtils.split(serverConfig.getWatches(), ",") : null);
        HashMap hashMap = new HashMap();
        ListUtils.emptyIfNull(graph.getViolations()).stream().filter((v0) -> {
            return Objects.nonNull(v0);
        }).filter(violation -> {
            return violation.getComponents() != null;
        }).forEach(violation2 -> {
            addViolationResult(hashMap, violation2);
        });
        ListUtils.emptyIfNull(graph.getVulnerabilities()).stream().filter((v0) -> {
            return Objects.nonNull(v0);
        }).filter(vulnerability -> {
            return vulnerability.getComponents() != null;
        }).forEach(vulnerability2 -> {
            addVulnerabilityResult(hashMap, vulnerability2);
        });
        ListUtils.emptyIfNull(graph.getLicenses()).stream().filter((v0) -> {
            return Objects.nonNull(v0);
        }).filter(license -> {
            return license.getComponents() != null;
        }).forEach(license2 -> {
            license2.getComponents().forEach((str, component) -> {
                DependencyNode dependencyNode = (DependencyNode) hashMap.get(str);
                if (dependencyNode == null) {
                    return;
                }
                String str = null;
                if (!CollectionUtils.isEmpty(license2.getReferences())) {
                    str = (String) license2.getReferences().get(0);
                }
                dependencyNode.addLicense(new License(license2.getLicenseKey(), str));
            });
        });
        hashMap.values().forEach((v0) -> {
            v0.sortChildren();
        });
        return hashMap;
    }

    private void addViolationResult(Map<String, DependencyNode> map, Violation violation) {
        if (StringUtils.isBlank(violation.getLicenseKey())) {
            addSecurityViolationResult(map, violation);
        } else {
            addLicenseViolationResult(map, violation);
        }
    }

    private void addSecurityViolationResult(Map<String, DependencyNode> map, Violation violation) {
        addVulnerabilityResult(map, violation, violation.getWatchName());
    }

    private void addVulnerabilityResult(Map<String, DependencyNode> map, Vulnerability vulnerability) {
        addVulnerabilityResult(map, vulnerability, null);
    }

    private void addVulnerabilityResult(Map<String, DependencyNode> map, Vulnerability vulnerability, String str) {
        for (Map.Entry<String, ? extends Component> entry : vulnerability.getComponents().entrySet()) {
            DependencyNode dependency = getDependency(map, entry);
            if (vulnerability.getCves() == null || vulnerability.getCves().size() == 0) {
                dependency.addVulnerabilityOrViolation(convertToIssue(vulnerability, entry.getValue(), null, str));
            } else {
                Iterator it = vulnerability.getCves().iterator();
                while (it.hasNext()) {
                    dependency.addVulnerabilityOrViolation(convertToIssue(vulnerability, entry.getValue(), (Cve) it.next(), str));
                }
            }
        }
    }

    private IssueNode convertToIssue(Vulnerability vulnerability, Component component, Cve cve, String str) {
        ResearchInfo researchInfo = null;
        if (vulnerability.getExtendedInformation() != null) {
            ExtendedInformation extendedInformation = vulnerability.getExtendedInformation();
            researchInfo = new ResearchInfo(Severity.valueOf(extendedInformation.getJFrogResearchSeverity()), extendedInformation.getShortDescription(), extendedInformation.getFullDescription(), extendedInformation.getRemediation(), convertSeverityReasons(extendedInformation.getJFrogResearchSeverityReasons()));
        }
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = null;
        if (cve != null) {
            str2 = cve.getId();
            str3 = cve.getCvssV2Score();
            str4 = cve.getCvssV2Vector();
            str5 = cve.getCvssV3Score();
            str6 = cve.getCvssV3Vector();
        }
        List list = null;
        if (str != null) {
            list = Collections.singletonList(str);
        }
        return new IssueNode(vulnerability.getIssueId(), Severity.valueOf(vulnerability.getSeverity()), (String) StringUtils.defaultIfBlank(vulnerability.getSummary(), "N/A"), component.getFixedVersions(), component.getInfectedVersions(), new com.jfrog.ide.common.tree.Cve(str2, str3, str4, str5, str6), vulnerability.getEdited(), list, vulnerability.getReferences(), researchInfo);
    }

    private void addLicenseViolationResult(Map<String, DependencyNode> map, Violation violation) {
        Iterator it = violation.getComponents().entrySet().iterator();
        while (it.hasNext()) {
            DependencyNode dependency = getDependency(map, (Map.Entry) it.next());
            List list = null;
            if (violation.getWatchName() != null) {
                list = Collections.singletonList(violation.getWatchName());
            }
            dependency.addVulnerabilityOrViolation(new LicenseViolationNode(violation.getLicenseName(), violation.getLicenseKey(), violation.getReferences(), Severity.valueOf(violation.getSeverity()), violation.getUpdated(), list));
        }
    }

    private DependencyNode getDependency(Map<String, DependencyNode> map, Map.Entry<String, ? extends Component> entry) {
        String key = entry.getKey();
        map.putIfAbsent(key, new DependencyNode(new GeneralInfo().componentId(key).pkgType(this.pkgType)));
        return map.get(key);
    }

    private SeverityReason[] convertSeverityReasons(SeverityReasons[] severityReasonsArr) {
        if (severityReasonsArr == null) {
            return null;
        }
        return (SeverityReason[]) Arrays.stream(severityReasonsArr).map(severityReasons -> {
            return new SeverityReason(severityReasons.getName(), severityReasons.getDescription(), severityReasons.isPositive());
        }).toArray(i -> {
            return new SeverityReason[i];
        });
    }

    public String getPkgType() {
        return this.pkgType;
    }

    public Log getLog() {
        return this.log;
    }

    public void setPkgType(String str) {
        this.pkgType = str;
    }

    public void setLog(Log log) {
        this.log = log;
    }
}
