package io.snyk.maven.plugins;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugins.annotations.Component;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.project.MavenProject;
import org.apache.maven.settings.Settings;
import org.eclipse.aether.RepositorySystem;
import org.eclipse.aether.RepositorySystemSession;
import org.eclipse.aether.repository.RemoteRepository;
import org.json.simple.JSONArray;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;

@Mojo(name = "test")
/* loaded from: input_file:io/snyk/maven/plugins/SnykTest.class */
public class SnykTest extends AbstractMojo {

    @Parameter(property = "project", required = true, readonly = true)
    private MavenProject project;

    @Component
    private RepositorySystem repoSystem;

    @Parameter(defaultValue = "${repositorySystemSession}", readonly = true)
    private RepositorySystemSession repoSession;

    @Parameter(defaultValue = "${project.remoteProjectRepositories}", readonly = true)
    private List<RemoteRepository> remoteProjectRepositories;

    @Parameter(defaultValue = "${project.remotePluginRepositories}", readonly = true)
    private List<RemoteRepository> remotePluginRepositories;

    @Parameter(defaultValue = "${settings}", readonly = true, required = true)
    private Settings settings;

    @Parameter
    private String apiToken = "";

    @Parameter
    private String org = "";

    @Parameter
    private String failOnSeverity = "low";

    @Parameter
    private String endpoint = Constants.DEFAULT_ENDPOINT;

    @Parameter
    private boolean includeProvidedDependencies = true;
    private String baseUrl = "";
    private static int SEVERITY_LOW = 100;
    private static int SEVERITY_MEDIUM = 200;
    private static int SEVERITY_HIGH = 300;
    private static final Map<String, Integer> severityMap = new HashMap();

    public void execute() throws MojoFailureException {
        try {
            executeInternal();
        } catch (MojoFailureException e) {
            throw e;
        } catch (Throwable th) {
            if (getLog().isDebugEnabled()) {
                getLog().error(Constants.ERROR_GENERAL, th);
            } else {
                getLog().error(Constants.ERROR_GENERAL);
                getLog().error(Constants.ERROR_RERUN_WITH_DEBUG);
            }
        }
    }

    private void executeInternal() throws MojoFailureException, IOException {
        if (validateParameters()) {
            Iterator<RemoteRepository> it = this.remoteProjectRepositories.iterator();
            while (it.hasNext()) {
                getLog().debug("Remote project repository: " + it.next());
            }
            Iterator<RemoteRepository> it2 = this.remotePluginRepositories.iterator();
            while (it2.hasNext()) {
                getLog().debug("Remote plugin repository: " + it2.next());
            }
            ArrayList arrayList = new ArrayList(this.remoteProjectRepositories);
            arrayList.addAll(this.remotePluginRepositories);
            parseResponse(sendDataToSnyk(new ProjectTraversal(this.project, this.repoSystem, this.repoSession, arrayList, this.includeProvidedDependencies).getTree()));
        }
    }

    private boolean validateParameters() {
        boolean z = true;
        if (this.apiToken.isEmpty()) {
            Constants.displayAuthError(getLog());
            z = false;
        }
        this.baseUrl = Constants.parseEndpoint(this.endpoint);
        return z;
    }

    private HttpResponse sendDataToSnyk(JSONObject jSONObject) throws IOException {
        HttpPost httpPost = new HttpPost(this.baseUrl + "/api/vuln/maven/?applyPolicy=true");
        httpPost.addHeader("authorization", "token " + this.apiToken);
        httpPost.addHeader("x-is-ci", "false");
        httpPost.addHeader("content-type", "application/json");
        String readPolicyFile = SnykPolicy.readPolicyFile(this.project);
        if (readPolicyFile != null) {
            jSONObject.put("policy", readPolicyFile);
        }
        httpPost.setEntity(new StringEntity(jSONObject.toString()));
        return new HttpClientHelper(getLog(), this.settings).buildHttpClient().execute(httpPost);
    }

    private void parseResponse(HttpResponse httpResponse) throws MojoFailureException {
        if (httpResponse.getStatusLine().getStatusCode() >= 400) {
            processError(httpResponse);
            return;
        }
        JSONObject parseResponseBody = parseResponseBody(httpResponse);
        if (parseResponseBody.get("ok") != null && ((Boolean) parseResponseBody.get("ok")).booleanValue()) {
            getLog().info("✓ Tested " + parseResponseBody.get("dependencyCount") + " dependencies for known vulnerabilities, no vulnerable paths found.");
        } else if (parseResponseBody.get("vulnerabilities") != null) {
            processVulns(parseResponseBody);
        } else {
            getLog().info((String) parseResponseBody.get("summary"));
        }
    }

    private void processError(HttpResponse httpResponse) {
        if (httpResponse.getStatusLine().toString().contains("401")) {
            Constants.displayAuthError(getLog());
        } else {
            getLog().error("Bad response from Snyk: " + httpResponse.getStatusLine().toString());
        }
    }

    private JSONObject parseResponseBody(HttpResponse httpResponse) {
        try {
            return (JSONObject) new JSONParser().parse(new BufferedReader(new InputStreamReader(httpResponse.getEntity().getContent())));
        } catch (IOException | ParseException e) {
            return null;
        }
    }

    private void processVulns(JSONObject jSONObject) throws MojoFailureException {
        HashSet hashSet = new HashSet();
        JSONArray jSONArray = (JSONArray) jSONObject.get("vulnerabilities");
        int i = SEVERITY_LOW;
        Iterator it = jSONArray.iterator();
        while (it.hasNext()) {
            JSONObject jSONObject2 = (JSONObject) it.next();
            hashSet.add((String) jSONObject2.get("id"));
            Integer num = severityMap.get(jSONObject2.get("severity"));
            if (num != null && num.intValue() > i) {
                i = num.intValue();
            }
            printVuln(jSONObject2);
        }
        getLog().warn("Tested " + jSONObject.get("dependencyCount") + " dependencies for known vulnerabilities, found " + hashSet.size() + " vulnerabilities, " + jSONArray.size() + " vulnerable paths.");
        if (!severityMap.containsKey(this.failOnSeverity) || i < severityMap.get(this.failOnSeverity).intValue()) {
            return;
        }
        String lowerCase = this.failOnSeverity.toLowerCase();
        String str = "Found vulnerabilities with severity " + lowerCase;
        if (!lowerCase.equals("high")) {
            str = str + " or higher";
        }
        throw new MojoFailureException(str + ".");
    }

    private void printVuln(JSONObject jSONObject) {
        getLog().warn("✗ " + jSONObject.get("severity") + " severity vulnerability found on " + jSONObject.get("moduleName") + "@" + jSONObject.get("version"));
        getLog().warn("- desc: " + jSONObject.get("title"));
        getLog().warn("- info: " + this.baseUrl + "/vuln/" + jSONObject.get("id"));
        if (jSONObject.get("from") != null) {
            JSONArray jSONArray = (JSONArray) jSONObject.get("from");
            String str = "";
            for (int i = 0; i < jSONArray.size(); i++) {
                str = str + jSONArray.get(i) + " > ";
            }
            getLog().warn("- from: " + str.substring(0, str.length() - 3));
        }
        getLog().warn("");
    }

    static {
        severityMap.put("low", Integer.valueOf(SEVERITY_LOW));
        severityMap.put("medium", Integer.valueOf(SEVERITY_MEDIUM));
        severityMap.put("high", Integer.valueOf(SEVERITY_HIGH));
    }
}
