package net.ossindex.gradle.audit;

import com.google.common.base.Strings;
import java.io.File;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import net.ossindex.common.IPackageRequest;
import net.ossindex.common.OssIndexApi;
import net.ossindex.common.OssiPackage;
import net.ossindex.common.PackageCoordinate;
import net.ossindex.common.filter.IVulnerabilityFilter;
import net.ossindex.common.filter.VulnerabilityFilterFactory;
import net.ossindex.gradle.AuditExclusion;
import net.ossindex.gradle.AuditExtensions;
import net.ossindex.gradle.input.GradleArtifact;
import org.gradle.api.GradleException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/ossindex/gradle/audit/DependencyAuditor.class */
public class DependencyAuditor {
    private static final Logger logger = LoggerFactory.getLogger(DependencyAuditor.class);
    private final AuditExtensions config;
    private Map<OssiPackage, OssiPackage> parents = new HashMap();
    private IPackageRequest request;

    public DependencyAuditor(AuditExtensions auditExtensions, Set<GradleArtifact> set, List<Proxy> list) {
        this.config = auditExtensions;
        switch (list.size()) {
            case 0:
                logger.info("Direct OSSI connection (" + list.size() + " proxies configured)");
                break;
            default:
                logger.info("Using proxy (" + list.size() + ")");
                for (Proxy proxy : list) {
                    logger.info("  * " + proxy);
                    OssIndexApi.addProxy(proxy.getScheme(), proxy.getHost(), proxy.getPort(), proxy.getUser(), proxy.getPassword());
                }
                break;
        }
        this.request = OssIndexApi.createPackageRequest();
        configure();
        addArtifactsToAudit(set);
    }

    private void configure() {
        if (this.config != null) {
            IVulnerabilityFilter createVulnerabilityFilter = VulnerabilityFilterFactory.getInstance().createVulnerabilityFilter();
            Iterator<AuditExclusion> it = this.config.getExclusions().iterator();
            while (it.hasNext()) {
                it.next().apply(createVulnerabilityFilter);
            }
            this.request.addVulnerabilityFilter(createVulnerabilityFilter);
            if (!Strings.isNullOrEmpty(this.config.cache)) {
                File file = new File(this.config.cache);
                if (file.exists()) {
                    if (!file.isFile()) {
                        throw new GradleException("cache option must specify a file (" + this.config.cache + ")");
                    }
                    if (!file.canWrite()) {
                        throw new GradleException("cannot write to the specified cache file (" + this.config.cache + ")");
                    }
                }
                File parentFile = file.getParentFile();
                if (parentFile.exists()) {
                    if (!parentFile.canWrite()) {
                        throw new GradleException("cannot write to cache dir (" + this.config.cache + ")");
                    }
                    if (!parentFile.canExecute()) {
                        throw new GradleException("cannot access cache dir, need execute permissions on dir (" + this.config.cache + ")");
                    }
                } else if (!parentFile.mkdirs()) {
                    throw new GradleException("cannot create dir for cache (" + this.config.cache + ")");
                }
                this.request.setCacheFile(file.getAbsolutePath());
            }
            if (!Strings.isNullOrEmpty(this.config.user) && !Strings.isNullOrEmpty(this.config.token)) {
                this.request.setCredentials(this.config.user, this.config.token);
            }
            if (this.config.packagesPerRequest != null) {
                this.request.setMaximumPackagesPerRequest(this.config.packagesPerRequest.intValue());
            }
            if (this.config.cacheTimeout != null) {
                this.request.setCacheTimeout(this.config.cacheTimeout.intValue());
            }
        }
    }

    public Collection<MavenPackageDescriptor> runAudit() {
        OssiPackage ossiPackage;
        try {
            HashSet hashSet = new HashSet();
            for (OssiPackage ossiPackage2 : this.request.run()) {
                MavenPackageDescriptor mavenPackageDescriptor = new MavenPackageDescriptor(ossiPackage2);
                if (this.parents.containsKey(ossiPackage2) && (ossiPackage = this.parents.get(ossiPackage2)) != null) {
                    mavenPackageDescriptor.setParent(new MavenIdWrapper(ossiPackage));
                }
                if (mavenPackageDescriptor.getAllVulnerabilityCount() > 0) {
                    hashSet.add(mavenPackageDescriptor);
                }
            }
            return hashSet;
        } catch (IOException e) {
            if (!e.getMessage().contains("(429)")) {
                throw new GradleException("Error trying to get audit results: " + e.getMessage(), e);
            }
            if (Strings.isNullOrEmpty(this.config.user)) {
                throw new GradleException("Too many requests (429): Use OSS Index credentials for increased rate limit.", e);
            }
            if (!Boolean.FALSE.equals(this.config.rateLimitAsError)) {
                throw new GradleException("Error trying to get audit results: " + e.getMessage(), e);
            }
            logger.info("Too many requests (429) trying to get audit results. Current results have been cached,");
            logger.info("wait 60+ minutes then run again to audit more packages. If you run builds once a day");
            logger.info("and always see this message, you may want to run the build more often or increase the");
            logger.info("cache timeout to 48 or more hours.");
            return Collections.emptyList();
        }
    }

    private void addArtifactsToAudit(Set<GradleArtifact> set) {
        set.forEach(this::addArtifact);
    }

    private void addArtifact(GradleArtifact gradleArtifact) {
        PackageCoordinate buildCoordinate = buildCoordinate(gradleArtifact);
        OssiPackage add = this.request.add(Collections.singletonList(buildCoordinate));
        this.parents.put(add, null);
        gradleArtifact.getAllChildren().forEach(gradleArtifact2 -> {
            addPackageDependencies(add, buildCoordinate, gradleArtifact2);
        });
    }

    private void addPackageDependencies(OssiPackage ossiPackage, PackageCoordinate packageCoordinate, GradleArtifact gradleArtifact) {
        if (this.parents.containsKey(new OssiPackage("maven", gradleArtifact.getGroup(), gradleArtifact.getName(), gradleArtifact.getVersion()))) {
            return;
        }
        this.parents.put(this.request.add(Arrays.asList(packageCoordinate, buildCoordinate(gradleArtifact))), ossiPackage);
    }

    private PackageCoordinate buildCoordinate(GradleArtifact gradleArtifact) {
        return PackageCoordinate.newBuilder().withFormat("maven").withNamespace(gradleArtifact.getGroup()).withName(gradleArtifact.getName()).withVersion(gradleArtifact.getVersion()).build();
    }

    private String toString(PackageCoordinate packageCoordinate) {
        return packageCoordinate.getNamespace() + ":" + packageCoordinate.getNamespace() + ":" + packageCoordinate.getName() + ":" + packageCoordinate.getVersion();
    }
}
