package org.cyclonedx.gradle;

import com.github.packageurl.MalformedPackageURLException;
import com.github.packageurl.PackageURL;
import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.TreeMap;
import java.util.UUID;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.maven.model.Model;
import org.apache.maven.project.MavenProject;
import org.cyclonedx.BomGeneratorFactory;
import org.cyclonedx.CycloneDxSchema;
import org.cyclonedx.exception.GeneratorException;
import org.cyclonedx.generators.xml.BomXmlGenerator;
import org.cyclonedx.gradle.utils.CycloneDxUtils;
import org.cyclonedx.gradle.utils.DependencyUtils;
import org.cyclonedx.model.Bom;
import org.cyclonedx.model.Component;
import org.cyclonedx.model.Dependency;
import org.cyclonedx.model.Hash;
import org.cyclonedx.model.Metadata;
import org.cyclonedx.model.Tool;
import org.cyclonedx.parsers.JsonParser;
import org.cyclonedx.parsers.XmlParser;
import org.cyclonedx.util.BomUtils;
import org.gradle.api.DefaultTask;
import org.gradle.api.GradleException;
import org.gradle.api.Project;
import org.gradle.api.artifacts.Configuration;
import org.gradle.api.artifacts.ResolvedArtifact;
import org.gradle.api.artifacts.ResolvedConfiguration;
import org.gradle.api.artifacts.ResolvedDependency;
import org.gradle.api.file.Directory;
import org.gradle.api.provider.ListProperty;
import org.gradle.api.provider.Property;
import org.gradle.api.tasks.Input;
import org.gradle.api.tasks.OutputDirectory;
import org.gradle.api.tasks.TaskAction;

/* loaded from: input_file:org/cyclonedx/gradle/CycloneDxTask.class */
public class CycloneDxTask extends DefaultTask {
    private static final String MESSAGE_RESOLVING_DEPS = "CycloneDX: Resolving Dependencies";
    private static final String MESSAGE_CREATING_BOM = "CycloneDX: Creating BOM";
    private static final String MESSAGE_CALCULATING_HASHES = "CycloneDX: Calculating Hashes";
    private static final String MESSAGE_WRITING_BOM_XML = "CycloneDX: Writing BOM XML";
    private static final String MESSAGE_WRITING_BOM_JSON = "CycloneDX: Writing BOM JSON";
    private static final String MESSAGE_VALIDATING_BOM = "CycloneDX: Validating BOM";
    private static final String MESSAGE_VALIDATION_FAILURE = "The BOM does not conform to the CycloneDX BOM standard";
    private static final String DEFAULT_PROJECT_TYPE = "library";
    private MavenHelper mavenHelper;
    private final Property<String> componentVersion;
    private final Property<String> outputName;
    private final Property<String> outputFormat;
    private final Property<String> projectType;
    private final Property<Boolean> includeBomSerialNumber;
    private final ListProperty<String> includeConfigs;
    private final ListProperty<String> skipConfigs;
    private final ListProperty<String> skipProjects;
    private final Property<File> destination;
    private final Map<File, List<Hash>> artifactHashes = Collections.synchronizedMap(new HashMap());
    private final Map<String, MavenProject> resolvedMavenProjects = Collections.synchronizedMap(new HashMap());
    private final Property<String> schemaVersion = getProject().getObjects().property(String.class);

    public CycloneDxTask() {
        this.schemaVersion.convention(CycloneDxSchema.Version.VERSION_14.getVersionString());
        this.outputName = getProject().getObjects().property(String.class);
        this.outputName.convention("bom");
        this.outputFormat = getProject().getObjects().property(String.class);
        this.outputFormat.convention("all");
        this.projectType = getProject().getObjects().property(String.class);
        this.projectType.convention(DEFAULT_PROJECT_TYPE);
        this.includeBomSerialNumber = getProject().getObjects().property(Boolean.class);
        this.includeBomSerialNumber.convention(true);
        this.componentVersion = getProject().getObjects().property(String.class);
        this.componentVersion.convention(getProject().getVersion().toString());
        this.includeConfigs = getProject().getObjects().listProperty(String.class);
        this.skipConfigs = getProject().getObjects().listProperty(String.class);
        this.skipProjects = getProject().getObjects().listProperty(String.class);
        this.destination = getProject().getObjects().property(File.class);
        this.destination.convention(((Directory) getProject().getLayout().getBuildDirectory().dir("reports").get()).getAsFile());
    }

    @Input
    public Property<String> getOutputName() {
        return this.outputName;
    }

    public void setOutputName(String str) {
        this.outputName.set(str);
    }

    @Input
    public Property<String> getOutputFormat() {
        return this.outputFormat;
    }

    public void setOutputFormat(String str) {
        this.outputFormat.set(str);
    }

    @Input
    public ListProperty<String> getIncludeConfigs() {
        return this.includeConfigs;
    }

    public void setIncludeConfigs(Collection<String> collection) {
        this.includeConfigs.addAll(collection);
    }

    @Input
    public Property<String> getComponentVersion() {
        return this.componentVersion;
    }

    public void setComponentVersion(String str) {
        this.componentVersion.set(str);
    }

    @Input
    public ListProperty<String> getSkipConfigs() {
        return this.skipConfigs;
    }

    public void setSkipConfigs(Collection<String> collection) {
        this.skipConfigs.addAll(collection);
    }

    @Input
    public ListProperty<String> getSkipProjects() {
        return this.skipProjects;
    }

    public void setSkipProjects(Collection<String> collection) {
        this.skipProjects.addAll(collection);
    }

    @Input
    public Property<String> getSchemaVersion() {
        return this.schemaVersion;
    }

    public void setSchemaVersion(String str) {
        this.schemaVersion.set(str);
    }

    @Input
    public Property<String> getProjectType() {
        return this.projectType;
    }

    public void setProjectType(String str) {
        this.projectType.set(str);
    }

    @Input
    public Property<Boolean> getIncludeBomSerialNumber() {
        return this.includeBomSerialNumber;
    }

    public void setIncludeBomSerialNumber(boolean z) {
        this.includeBomSerialNumber.set(Boolean.valueOf(z));
    }

    @OutputDirectory
    public Property<File> getDestination() {
        return this.destination;
    }

    public void setDestination(File file) {
        this.destination.set(file);
    }

    @TaskAction
    public void createBom() {
        if (!((String) this.outputFormat.get()).trim().equalsIgnoreCase("all") && !((String) this.outputFormat.get()).trim().equalsIgnoreCase("xml") && !((String) this.outputFormat.get()).trim().equalsIgnoreCase("json")) {
            throw new GradleException("Unsupported output format. Must be one of all, xml, or json");
        }
        CycloneDxSchema.Version computeSchemaVersion = computeSchemaVersion();
        logParameters();
        getLogger().info(MESSAGE_RESOLVING_DEPS);
        Set set = (Set) getProject().getSubprojects().stream().map(project -> {
            return project.getGroup() + ":" + project.getName() + ":" + project.getVersion();
        }).collect(Collectors.toSet());
        HashSet hashSet = new HashSet();
        HashMap hashMap = new HashMap();
        Metadata createMetadata = createMetadata();
        Project project2 = getProject();
        Dependency dependency = new Dependency(generatePackageUrl(project2));
        hashMap.put(generatePackageUrl(project2), dependency);
        HashSet hashSet2 = new HashSet();
        hashSet2.add(project2);
        hashSet2.addAll(project2.getSubprojects());
        hashSet2.stream().filter(project3 -> {
            return !shouldSkipProject(project3);
        }).forEach(project4 -> {
            Set<Configuration> set2 = (Set) project4.getConfigurations().stream().filter(configuration -> {
                return shouldIncludeConfiguration(configuration) && !shouldSkipConfiguration(configuration) && DependencyUtils.canBeResolved(configuration);
            }).collect(Collectors.toSet());
            String generatePackageUrl = generatePackageUrl(project4);
            if (!project2.equals(project4)) {
                dependency.addDependency(new Dependency(generatePackageUrl));
                hashSet.add(generateProjectComponent(project4, computeSchemaVersion));
            }
            for (Configuration configuration2 : set2) {
                Set synchronizedSet = Collections.synchronizedSet(new LinkedHashSet());
                ResolvedConfiguration resolvedConfiguration = configuration2.getResolvedConfiguration();
                List synchronizedList = Collections.synchronizedList(new ArrayList());
                Dependency dependency2 = new Dependency(generatePackageUrl);
                for (ResolvedDependency resolvedDependency : configuration2.getResolvedConfiguration().getFirstLevelModuleDependencies()) {
                    ResolvedArtifact jarArtifact = getJarArtifact(resolvedDependency);
                    if (jarArtifact != null) {
                        dependency2.addDependency(new Dependency(generatePackageUrl(jarArtifact)));
                        buildDependencyGraph(hashMap, resolvedDependency, jarArtifact);
                    }
                }
                hashMap.compute(generatePackageUrl, (str, dependency3) -> {
                    if (dependency3 == null) {
                        return dependency2;
                    }
                    if (dependency2.getDependencies() != null) {
                        Stream stream = dependency2.getDependencies().stream();
                        dependency3.getClass();
                        stream.forEach(dependency3::addDependency);
                    }
                    return dependency3;
                });
                resolvedConfiguration.getResolvedArtifacts().forEach(resolvedArtifact -> {
                    String dependencyName = DependencyUtils.getDependencyName(resolvedArtifact);
                    if (set.contains(dependencyName)) {
                        return;
                    }
                    synchronizedList.add(dependencyName);
                    Component convertArtifact = convertArtifact(resolvedArtifact, computeSchemaVersion);
                    augmentComponentMetadata(convertArtifact, dependencyName);
                    synchronizedSet.add(convertArtifact);
                });
                Collections.sort(synchronizedList);
                hashSet.addAll(synchronizedSet);
            }
        });
        writeBom(createMetadata, hashSet, hashMap.values(), computeSchemaVersion);
    }

    private CycloneDxSchema.Version computeSchemaVersion() {
        CycloneDxSchema.Version schemaVersion = CycloneDxUtils.schemaVersion((String) getSchemaVersion().get());
        this.mavenHelper = new MavenHelper(getLogger(), schemaVersion);
        if (schemaVersion == CycloneDxSchema.Version.VERSION_10) {
            setIncludeBomSerialNumber(false);
        }
        return schemaVersion;
    }

    private Map<String, Dependency> buildDependencyGraph(Map<String, Dependency> map, ResolvedDependency resolvedDependency, ResolvedArtifact resolvedArtifact) {
        String generatePackageUrl = generatePackageUrl(resolvedArtifact);
        Dependency dependency = new Dependency(generatePackageUrl);
        if (map.containsKey(generatePackageUrl)) {
            return map;
        }
        map.put(generatePackageUrl, dependency);
        for (ResolvedDependency resolvedDependency2 : resolvedDependency.getChildren()) {
            ResolvedArtifact jarArtifact = getJarArtifact(resolvedDependency2);
            if (jarArtifact != null) {
                dependency.addDependency(new Dependency(generatePackageUrl(jarArtifact)));
                buildDependencyGraph(map, resolvedDependency2, jarArtifact);
            }
        }
        return map;
    }

    private ResolvedArtifact getJarArtifact(ResolvedDependency resolvedDependency) {
        for (ResolvedArtifact resolvedArtifact : resolvedDependency.getModuleArtifacts()) {
            if ("jar".equals(resolvedArtifact.getType())) {
                return resolvedArtifact;
            }
        }
        return null;
    }

    private MavenProject getResolvedMavenProject(String str) {
        synchronized (this.resolvedMavenProjects) {
            if (this.resolvedMavenProjects.containsKey(str)) {
                return this.resolvedMavenProjects.get(str);
            }
            try {
                File file = (File) getProject().getConfigurations().detachedConfiguration(new org.gradle.api.artifacts.Dependency[]{getProject().getDependencies().create(str + "@pom")}).resolve().stream().findFirst().orElse(null);
                if (file != null) {
                    MavenProject readPom = this.mavenHelper.readPom(file);
                    this.resolvedMavenProjects.put(str, readPom);
                    if (readPom != null) {
                        Model resolveEffectivePom = this.mavenHelper.resolveEffectivePom(file, getProject());
                        if (resolveEffectivePom != null) {
                            readPom.setLicenses(resolveEffectivePom.getLicenses());
                        }
                        return readPom;
                    }
                }
            } catch (Exception e) {
                getLogger().error("Unable to resolve POM for " + str + ": " + e);
            }
            this.resolvedMavenProjects.put(str, null);
            return null;
        }
    }

    private void augmentComponentMetadata(Component component, String str) {
        MavenProject resolvedMavenProject = getResolvedMavenProject(str);
        if (resolvedMavenProject != null) {
            if (resolvedMavenProject.getOrganization() != null) {
                component.setPublisher(resolvedMavenProject.getOrganization().getName());
            }
            component.setDescription(resolvedMavenProject.getDescription());
            component.setLicenseChoice(this.mavenHelper.resolveMavenLicenses(resolvedMavenProject.getLicenses()));
            this.mavenHelper.extractMetadata(resolvedMavenProject, component);
        }
    }

    protected Metadata createMetadata() {
        Project project = getProject();
        Properties readPluginProperties = readPluginProperties();
        Metadata metadata = new Metadata();
        Tool tool = new Tool();
        tool.setVendor(readPluginProperties.getProperty("vendor"));
        tool.setName(readPluginProperties.getProperty("name"));
        tool.setVersion(readPluginProperties.getProperty("version"));
        metadata.addTool(tool);
        Component component = new Component();
        component.setGroup(StringUtils.trimToNull(project.getGroup().toString()) != null ? project.getGroup().toString() : null);
        component.setName(project.getName());
        component.setVersion((String) this.componentVersion.get());
        component.setType(resolveProjectType());
        component.setPurl(generatePackageUrl(project));
        component.setBomRef(component.getPurl());
        metadata.setComponent(component);
        return metadata;
    }

    private Properties readPluginProperties() {
        Properties properties = new Properties();
        try {
            properties.load(getClass().getClassLoader().getResourceAsStream("plugin.properties"));
        } catch (IOException | NullPointerException e) {
            getLogger().warn("Unable to load plugin.properties", e);
        }
        return properties;
    }

    private Component.Type resolveProjectType() {
        for (Component.Type type : Component.Type.values()) {
            if (type.getTypeName().equalsIgnoreCase((String) getProjectType().get())) {
                return type;
            }
        }
        getLogger().warn("Invalid project type. Defaulting to 'library'");
        getLogger().warn("Valid types are:");
        for (Component.Type type2 : Component.Type.values()) {
            getLogger().warn("  " + type2.getTypeName());
        }
        return Component.Type.LIBRARY;
    }

    private Component generateProjectComponent(Project project, CycloneDxSchema.Version version) {
        Component component = new Component();
        component.setGroup(project.getGroup().toString());
        component.setName(project.getName());
        component.setVersion(project.getVersion().toString());
        component.setType(Component.Type.LIBRARY);
        String generatePackageUrl = generatePackageUrl(project);
        component.setPurl(generatePackageUrl);
        if (version.getVersion() >= 1.1d) {
            component.setBomRef(generatePackageUrl);
        }
        return component;
    }

    private Component convertArtifact(ResolvedArtifact resolvedArtifact, CycloneDxSchema.Version version) {
        MavenProject extractPom;
        Component component = new Component();
        component.setGroup(resolvedArtifact.getModuleVersion().getId().getGroup());
        component.setName(resolvedArtifact.getModuleVersion().getId().getName());
        component.setVersion(resolvedArtifact.getModuleVersion().getId().getVersion());
        component.setType(Component.Type.LIBRARY);
        getLogger().debug(MESSAGE_CALCULATING_HASHES);
        component.setHashes(this.artifactHashes.computeIfAbsent(resolvedArtifact.getFile(), file -> {
            try {
                return BomUtils.calculateHashes(file, version);
            } catch (IOException e) {
                getLogger().error("Error encountered calculating hashes", e);
                return Collections.emptyList();
            }
        }));
        String generatePackageUrl = generatePackageUrl(resolvedArtifact);
        component.setPurl(generatePackageUrl);
        if (version.getVersion() >= 1.1d) {
            component.setModified(Boolean.valueOf(this.mavenHelper.isModified(resolvedArtifact)));
            component.setBomRef(generatePackageUrl);
        }
        if (this.mavenHelper.isDescribedArtifact(resolvedArtifact) && (extractPom = this.mavenHelper.extractPom(resolvedArtifact)) != null) {
            this.mavenHelper.getClosestMetadata(resolvedArtifact, extractPom, component);
        }
        return component;
    }

    private boolean shouldIncludeConfiguration(Configuration configuration) {
        return ((List) getIncludeConfigs().get()).isEmpty() || ((List) getIncludeConfigs().get()).contains(configuration.getName());
    }

    private boolean shouldSkipConfiguration(Configuration configuration) {
        return ((List) getSkipConfigs().get()).contains(configuration.getName());
    }

    private boolean shouldSkipProject(Project project) {
        return ((List) getSkipProjects().get()).contains(project.getName());
    }

    private String generatePackageUrl(ResolvedArtifact resolvedArtifact) {
        TreeMap<String, String> treeMap = new TreeMap<>();
        treeMap.put("type", "jar");
        if (resolvedArtifact.getClassifier() != null) {
            treeMap.put("classifier", resolvedArtifact.getClassifier());
        }
        return generatePackageUrl(resolvedArtifact.getModuleVersion().getId().getGroup(), resolvedArtifact.getModuleVersion().getId().getName(), resolvedArtifact.getModuleVersion().getId().getVersion(), treeMap);
    }

    private String generatePackageUrl(Project project) {
        TreeMap<String, String> treeMap = new TreeMap<>();
        if (project.getChildProjects().isEmpty()) {
            treeMap.put("type", "jar");
        } else {
            treeMap.put("type", "pom");
        }
        return generatePackageUrl(project.getGroup().toString(), project.getName(), project.getVersion().toString(), treeMap);
    }

    private String generatePackageUrl(String str, String str2, String str3, TreeMap<String, String> treeMap) {
        try {
            return new PackageURL("maven", str, str2, str3, treeMap, (String) null).canonicalize();
        } catch (MalformedPackageURLException e) {
            getLogger().warn("An unexpected issue occurred attempting to create a PackageURL for " + str + ":" + str2 + ":" + str3);
            return null;
        }
    }

    protected void writeBom(Metadata metadata, Set<Component> set, Collection<Dependency> collection, CycloneDxSchema.Version version) throws GradleException {
        try {
            getLogger().info(MESSAGE_CREATING_BOM);
            Bom bom = new Bom();
            boolean booleanParameter = getBooleanParameter("cyclonedx.includeBomSerialNumber", ((Boolean) getIncludeBomSerialNumber().get()).booleanValue());
            if (CycloneDxSchema.Version.VERSION_10 != version && booleanParameter) {
                bom.setSerialNumber("urn:uuid:" + UUID.randomUUID());
            }
            bom.setMetadata(metadata);
            bom.setComponents(new ArrayList(set));
            bom.setDependencies(new ArrayList(collection));
            if (((String) this.outputFormat.get()).equals("all") || ((String) this.outputFormat.get()).equals("xml")) {
                writeXMLBom(version, bom);
            }
            if (CycloneDxUtils.schemaVersion((String) getSchemaVersion().get()).getVersion() >= 1.2d && (((String) this.outputFormat.get()).equals("all") || ((String) this.outputFormat.get()).equals("json"))) {
                writeJSONBom(version, bom);
            }
        } catch (GeneratorException | IOException | ParserConfigurationException e) {
            throw new GradleException("An error occurred executing " + getClass().getName(), e);
        }
    }

    private void writeXMLBom(CycloneDxSchema.Version version, Bom bom) throws GeneratorException, ParserConfigurationException, IOException {
        BomXmlGenerator createXml = BomGeneratorFactory.createXml(version, bom);
        createXml.generate();
        String xmlString = createXml.toXmlString();
        File file = new File((File) getDestination().get(), ((String) getOutputName().get()) + ".xml");
        getLogger().info(MESSAGE_WRITING_BOM_XML);
        FileUtils.write(file, xmlString, StandardCharsets.UTF_8, false);
        getLogger().info(MESSAGE_VALIDATING_BOM);
        try {
            if (new XmlParser().isValid(file, version)) {
            } else {
                throw new GradleException(MESSAGE_VALIDATION_FAILURE);
            }
        } catch (Exception e) {
            throw new GradleException(MESSAGE_VALIDATION_FAILURE, e);
        }
    }

    private void writeJSONBom(CycloneDxSchema.Version version, Bom bom) throws IOException {
        String jsonString = BomGeneratorFactory.createJson(version, bom).toJsonString();
        File file = new File((File) getDestination().get(), ((String) getOutputName().get()) + ".json");
        getLogger().info(MESSAGE_WRITING_BOM_JSON);
        FileUtils.write(file, jsonString, StandardCharsets.UTF_8, false);
        getLogger().info(MESSAGE_VALIDATING_BOM);
        try {
            if (new JsonParser().isValid(file, version)) {
            } else {
                throw new GradleException(MESSAGE_VALIDATION_FAILURE);
            }
        } catch (Exception e) {
            throw new GradleException(MESSAGE_VALIDATION_FAILURE, e);
        }
    }

    private boolean getBooleanParameter(String str, boolean z) {
        Project project = super.getProject();
        if (project.hasProperty(str)) {
            Object obj = project.getProperties().get(str);
            if (obj instanceof String) {
                return Boolean.parseBoolean((String) obj);
            }
        }
        return z;
    }

    protected void logParameters() {
        if (getLogger().isInfoEnabled()) {
            getLogger().info("CycloneDX: Parameters");
            getLogger().info("------------------------------------------------------------------------");
            getLogger().info("schemaVersion          : " + ((String) this.schemaVersion.get()));
            getLogger().info("includeBomSerialNumber : " + this.includeBomSerialNumber.get());
            getLogger().info("includeConfigs         : " + this.includeConfigs.get());
            getLogger().info("skipConfigs            : " + this.skipConfigs.get());
            getLogger().info("skipProjects           : " + this.skipProjects.get());
            getLogger().info("destination            : " + this.destination.get());
            getLogger().info("outputName             : " + ((String) this.outputName.get()));
            getLogger().info("------------------------------------------------------------------------");
        }
    }
}
