package com.cx.restclient.ast;

import com.checkmarx.sdk.exception.ASTRuntimeException;
import com.cx.restclient.ast.dto.common.ASTConfig;
import com.cx.restclient.ast.dto.common.HandlerRef;
import com.cx.restclient.ast.dto.common.RemoteRepositoryInfo;
import com.cx.restclient.ast.dto.common.ScanConfig;
import com.cx.restclient.ast.dto.sast.AstSastConfig;
import com.cx.restclient.ast.dto.sast.AstSastResults;
import com.cx.restclient.ast.dto.sast.SastScanConfigValue;
import com.cx.restclient.ast.dto.sast.report.AstSastSummaryResults;
import com.cx.restclient.ast.dto.sast.report.Finding;
import com.cx.restclient.ast.dto.sast.report.QueryDescription;
import com.cx.restclient.ast.dto.sast.report.ScanResultsResponse;
import com.cx.restclient.ast.dto.sast.report.SeverityCounter;
import com.cx.restclient.ast.dto.sast.report.SingleScanSummary;
import com.cx.restclient.ast.dto.sast.report.SummaryResponse;
import com.cx.restclient.ast.dto.sca.ClientType;
import com.cx.restclient.common.Scanner;
import com.cx.restclient.common.State;
import com.cx.restclient.common.UrlUtils;
import com.cx.restclient.common.zip.CxZipUtils;
import com.cx.restclient.configuration.CxScanConfig;
import com.cx.restclient.dto.LoginSettings;
import com.cx.restclient.dto.PathFilter;
import com.cx.restclient.dto.Results;
import com.cx.restclient.dto.ScannerType;
import com.cx.restclient.dto.SourceLocationType;
import com.cx.restclient.dto.scansummary.Severity;
import com.cx.restclient.exception.CxHTTPClientException;
import com.cx.restclient.httpClient.utils.ContentType;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.lang3.EnumUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.message.BasicNameValuePair;
import org.slf4j.Logger;

/* loaded from: input_file:com/cx/restclient/ast/AstSastClient.class */
public class AstSastClient extends AstClient implements Scanner {
    private static final String ENGINE_TYPE_FOR_API = "sast";
    private static final String REF_TYPE_BRANCH = "branch";
    private static final String SUMMARY_PATH = "/api/scan-summary";
    private static final String SCAN_RESULTS_PATH = "/api/results";
    private static final String AUTH_PATH = "/auth/realms/organization/protocol/openid-connect/token";
    private static final String WEB_PROJECT_PATH = "/#/projects/%s/overview";
    private static final String URL_PARSING_EXCEPTION = "URL parsing exception.";
    private static final String DESCRIPTIONS_PATH = "/api/queries/descriptions";
    private static final int DEFAULT_PAGE_SIZE = 1000;
    private static final int NO_FINDINGS_CODE = 4004;
    private static final ObjectMapper objectMapper = new ObjectMapper();
    private static final String API_VERSION = "*/*; version=0.1";
    private static final String SCAN_ID_PARAM_NAME = "scan-id";
    private static final String OFFSET_PARAM_NAME = "offset";
    private static final String LIMIT_PARAM_NAME = "limit";
    private static final String ID_PARAM_NAME = "ids";
    private static final int URL_MAX_CHAR_SIZE = 1490;
    private String scanId;

    public AstSastClient(CxScanConfig cxScanConfig, Logger logger) {
        super(cxScanConfig, logger);
        AstSastConfig astSastConfig = this.config.getAstSastConfig();
        validate(astSastConfig);
        this.httpClient = createHttpClient(StringUtils.stripEnd(astSastConfig.getApiUrl(), "/"));
        this.httpClient.addCustomHeader("Accept", API_VERSION);
    }

    @Override // com.cx.restclient.common.Scanner
    public Results init() {
        this.log.debug("Initializing {} client.", getScannerDisplayName());
        AstSastResults astSastResults = new AstSastResults();
        try {
            this.httpClient.login(getLoginSettings(getClientType()));
        } catch (Exception e) {
            super.handleInitError(e, astSastResults);
        }
        return astSastResults;
    }

    private LoginSettings getLoginSettings(ClientType clientType) throws MalformedURLException {
        return LoginSettings.builder().accessControlBaseUrl(UrlUtils.parseURLToString(this.config.getAstSastConfig().getApiUrl(), AUTH_PATH)).clientTypeForPasswordAuth(clientType).build();
    }

    private ClientType getClientType() {
        AstSastConfig astSastConfig = this.config.getAstSastConfig();
        return ClientType.builder().clientId(astSastConfig.getClientId()).clientSecret(astSastConfig.getClientSecret()).scopes("ast-api").grantType("client_credentials").build();
    }

    @Override // com.cx.restclient.ast.AstClient
    protected String getScannerDisplayName() {
        return ScannerType.AST_SAST.getDisplayName();
    }

    @Override // com.cx.restclient.ast.AstClient
    protected void uploadArchive(byte[] bArr, String str) throws IOException {
        this.log.info("Uploading the zipped data.");
        ByteArrayEntity byteArrayEntity = new ByteArrayEntity(bArr);
        String rootUri = this.httpClient.getRootUri();
        this.httpClient.setRootUri(str);
        try {
            this.httpClient.putRequest("", "", byteArrayEntity, JsonNode.class, 200, "upload ZIP file");
            this.httpClient.setRootUri(rootUri);
        } catch (Throwable th) {
            this.httpClient.setRootUri(rootUri);
            throw th;
        }
    }

    @Override // com.cx.restclient.common.Scanner
    public Results initiateScan() {
        this.log.info("----------------------------------- Initiating {} Scan:------------------------------------", getScannerDisplayName());
        AstSastResults astSastResults = new AstSastResults();
        this.scanId = null;
        AstSastConfig astSastConfig = this.config.getAstSastConfig();
        try {
            this.scanId = extractScanIdFrom(astSastConfig.getSourceLocationType() == SourceLocationType.REMOTE_REPOSITORY ? submitSourcesFromRemoteRepo(astSastConfig, this.config.getProjectName()) : submitAllSourcesFromLocalDir(this.config.getProjectName(), astSastConfig.getZipFilePath()));
            astSastResults.setScanId(this.scanId);
        } catch (Exception e) {
            this.log.error(e.getMessage());
            setState(State.FAILED);
            astSastResults.setException(new ASTRuntimeException("Error creating scan.", e));
        }
        return astSastResults;
    }

    @Override // com.cx.restclient.ast.AstClient
    protected HttpResponse submitAllSourcesFromLocalDir(String str, String str2) throws IOException {
        this.log.info("Using local directory flow.");
        return initiateScanForUpload(str, CxZipUtils.getZippedSources(this.config, new PathFilter("", "", this.log), this.config.getSourceDir(), this.log), str2);
    }

    @Override // com.cx.restclient.ast.AstClient
    protected ScanConfig getScanConfig() {
        String presetName = this.config.getAstSastConfig().getPresetName();
        if (StringUtils.isEmpty(presetName)) {
            throw new ASTRuntimeException("Scan preset must be specified.");
        }
        return ScanConfig.builder().type("sast").value(SastScanConfigValue.builder().incremental(Boolean.toString(this.config.getAstSastConfig().isIncremental())).presetName(presetName).build()).build();
    }

    @Override // com.cx.restclient.ast.AstClient
    protected HandlerRef getBranchToScan(RemoteRepositoryInfo remoteRepositoryInfo) {
        return HandlerRef.builder().type(REF_TYPE_BRANCH).value(remoteRepositoryInfo.getBranch()).build();
    }

    @Override // com.cx.restclient.common.Scanner
    public Results waitForScanResults() {
        AstSastResults astSastResults;
        try {
            waitForScanToFinish(this.scanId);
            astSastResults = retrieveScanResults();
        } catch (ASTRuntimeException e) {
            this.log.error(e.getMessage());
            astSastResults = new AstSastResults();
            astSastResults.setException(e);
        }
        return astSastResults;
    }

    private AstSastResults retrieveScanResults() {
        try {
            AstSastResults astSastResults = new AstSastResults();
            astSastResults.setScanId(this.scanId);
            astSastResults.setSummary(getSummary());
            astSastResults.setFindings(getFindings());
            astSastResults.setWebReportLink(getWebReportLink(this.config.getAstSastConfig().getWebAppUrl()));
            return astSastResults;
        } catch (IOException e) {
            throw new ASTRuntimeException(String.format("Error getting %s scan results.", getScannerDisplayName()), e);
        }
    }

    @Override // com.cx.restclient.ast.AstClient
    protected String getWebReportPath() throws UnsupportedEncodingException {
        return String.format(WEB_PROJECT_PATH, URLEncoder.encode(this.config.getProjectName(), ENCODING));
    }

    private AstSastSummaryResults getSummary() {
        AstSastSummaryResults astSastSummaryResults = new AstSastSummaryResults();
        SingleScanSummary nativeSummary = getNativeSummary(getSummaryResponse(getRelativeSummaryUrl()));
        setFindingCountsPerSeverity(nativeSummary.getSeverityCounters(), astSastSummaryResults);
        astSastSummaryResults.setStatusCounters(nativeSummary.getStatusCounters());
        astSastSummaryResults.setTotalCounter(nativeSummary.getTotalCounter());
        return astSastSummaryResults;
    }

    private List<Finding> getFindings() throws IOException {
        ScanResultsResponse scanResultsResponse;
        int i = 0;
        int resultsPageSize = this.config.getAstSastConfig().getResultsPageSize();
        if (resultsPageSize <= 0) {
            resultsPageSize = DEFAULT_PAGE_SIZE;
        }
        ArrayList arrayList = new ArrayList();
        do {
            scanResultsResponse = getScanResultsResponse(getRelativeResultsUrl(i, resultsPageSize));
            List<Finding> results = scanResultsResponse.getResults();
            arrayList.addAll(results);
            i += results.size();
        } while (i < scanResultsResponse.getTotalCount());
        this.log.info(String.format("Total findings: %d", Integer.valueOf(arrayList.size())));
        try {
            populateAdditionalFields(arrayList);
        } catch (ASTRuntimeException e) {
            this.log.error(e.getMessage());
        }
        return arrayList;
    }

    private void populateAdditionalFields(List<Finding> list) throws IOException {
        HashMap hashMap = new HashMap();
        Set<String> set = (Set) list.stream().map(finding -> {
            return finding.getQueryID();
        }).collect(Collectors.toSet());
        while (set.size() > 0) {
            Set<String> hashSet = new HashSet<>();
            hashMap.putAll((Map) processQueryIDs(set, hashSet).stream().collect(Collectors.toMap((v0) -> {
                return v0.getQueryId();
            }, queryDescription -> {
                return queryDescription;
            })));
            set.removeAll(hashSet);
        }
        this.log.info(String.format("QueryIds with descriptions size: {} ", Integer.valueOf(hashMap.size())));
        list.stream().forEach(finding2 -> {
            finding2.setDescription(((QueryDescription) hashMap.get(finding2.getQueryID())).getResultDescription());
        });
    }

    private String prepareURL(Set<String> set, Set<String> set2) {
        try {
            int length = new URIBuilder().setPath(DESCRIPTIONS_PATH).setParameter(SCAN_ID_PARAM_NAME, this.scanId).build().toString().length();
            URIBuilder uRIBuilder = new URIBuilder();
            uRIBuilder.setPath(DESCRIPTIONS_PATH);
            int i = URL_MAX_CHAR_SIZE - length;
            LinkedList linkedList = new LinkedList();
            for (String str : set) {
                i = ((i - ID_PARAM_NAME.length()) - 2) - str.length();
                if (i > 0) {
                    set2.add(str);
                    linkedList.add(new BasicNameValuePair(ID_PARAM_NAME, str));
                }
            }
            uRIBuilder.setParameters(linkedList);
            String uri = uRIBuilder.setParameter(SCAN_ID_PARAM_NAME, this.scanId).build().toString();
            this.log.debug(String.format("Getting descriptions from %s", uri));
            return uri;
        } catch (URISyntaxException e) {
            throw new ASTRuntimeException(URL_PARSING_EXCEPTION, e);
        }
    }

    private String getRelativeResultsUrl(int i, int i2) {
        try {
            String uri = new URIBuilder().setPath(SCAN_RESULTS_PATH).setParameter(SCAN_ID_PARAM_NAME, this.scanId).setParameter(OFFSET_PARAM_NAME, Integer.toString(i)).setParameter(LIMIT_PARAM_NAME, Integer.toString(i2)).build().toString();
            if (this.log.isDebugEnabled()) {
                this.log.debug(String.format("Getting findings from %s", uri));
            }
            return uri;
        } catch (URISyntaxException e) {
            throw new ASTRuntimeException(URL_PARSING_EXCEPTION, e);
        }
    }

    private List<QueryDescription> processQueryIDs(Set<String> set, Set<String> set2) throws IOException {
        return (List) this.httpClient.getRequest(prepareURL(set, set2), ContentType.CONTENT_TYPE_APPLICATION_JSON, QueryDescription.class, 200, "retrieving queries description", true);
    }

    private ScanResultsResponse getScanResultsResponse(String str) throws IOException {
        return (ScanResultsResponse) this.httpClient.getRequest(str, ContentType.CONTENT_TYPE_APPLICATION_JSON, ScanResultsResponse.class, 200, "retrieving scan results", false);
    }

    private SummaryResponse getSummaryResponse(String str) {
        SummaryResponse emptySummaryIfApplicable;
        try {
            emptySummaryIfApplicable = (SummaryResponse) this.httpClient.getRequest(str, ContentType.CONTENT_TYPE_APPLICATION_JSON, SummaryResponse.class, 200, "retrieving scan summary", false);
        } catch (Exception e) {
            emptySummaryIfApplicable = getEmptySummaryIfApplicable(e);
        }
        return emptySummaryIfApplicable;
    }

    private SummaryResponse getEmptySummaryIfApplicable(Exception exc) {
        if (!noFindingsWereDetected(exc)) {
            throw new ASTRuntimeException("Error getting scan summary.", exc);
        }
        SummaryResponse summaryResponse = new SummaryResponse();
        summaryResponse.getScansSummaries().add(new SingleScanSummary());
        return summaryResponse;
    }

    private boolean noFindingsWereDetected(Exception exc) {
        boolean z = false;
        if (exc instanceof CxHTTPClientException) {
            CxHTTPClientException cxHTTPClientException = (CxHTTPClientException) exc;
            if (cxHTTPClientException.getStatusCode() == 404 && StringUtils.isNotEmpty(cxHTTPClientException.getResponseBody())) {
                try {
                    z = objectMapper.readTree(cxHTTPClientException.getResponseBody()).get("code").asInt() == NO_FINDINGS_CODE;
                } catch (Exception e) {
                    this.log.warn("Error parsing the 'Not found' response.", e);
                }
            }
        }
        return z;
    }

    private String getRelativeSummaryUrl() {
        try {
            String uri = new URIBuilder().setPath(SUMMARY_PATH).setParameter("scan-ids", this.scanId).build().toString();
            if (this.log.isDebugEnabled()) {
                this.log.debug(String.format("Getting summary from %s", uri));
            }
            return uri;
        } catch (URISyntaxException e) {
            throw new ASTRuntimeException(URL_PARSING_EXCEPTION, e);
        }
    }

    private static void setFindingCountsPerSeverity(List<SeverityCounter> list, AstSastSummaryResults astSastSummaryResults) {
        if (list == null) {
            return;
        }
        for (SeverityCounter severityCounter : list) {
            Severity severity = (Severity) EnumUtils.getEnum(Severity.class, severityCounter.getSeverity());
            int counter = severityCounter.getCounter();
            if (severity != null) {
                if (severity == Severity.HIGH) {
                    astSastSummaryResults.setHighVulnerabilityCount(counter);
                } else if (severity == Severity.MEDIUM) {
                    astSastSummaryResults.setMediumVulnerabilityCount(counter);
                } else if (severity == Severity.LOW) {
                    astSastSummaryResults.setLowVulnerabilityCount(counter);
                }
            }
        }
    }

    private static SingleScanSummary getNativeSummary(SummaryResponse summaryResponse) {
        return (SingleScanSummary) Optional.ofNullable(summaryResponse).map((v0) -> {
            return v0.getScansSummaries();
        }).filter(list -> {
            return list.size() == 1;
        }).map(list2 -> {
            return (SingleScanSummary) list2.get(0);
        }).orElseThrow(() -> {
            return new ASTRuntimeException("Invalid summary response.");
        });
    }

    @Override // com.cx.restclient.common.Scanner
    public Results getLatestScanResults() {
        this.log.error("Unsupported Operation.");
        AstSastResults astSastResults = new AstSastResults();
        astSastResults.setException(new ASTRuntimeException(new UnsupportedOperationException()));
        return astSastResults;
    }

    @Override // com.cx.restclient.common.Scanner
    public void close() {
        Optional.ofNullable(this.httpClient).ifPresent((v0) -> {
            v0.close();
        });
    }

    private void validate(ASTConfig aSTConfig) {
        this.log.debug("Validating config.");
        String str = null;
        if (aSTConfig == null) {
            str = "%s config must be provided.";
        } else if (StringUtils.isBlank(aSTConfig.getApiUrl())) {
            str = "%s API URL must be provided.";
        }
        if (str != null) {
            throw new IllegalArgumentException(String.format(str, getScannerDisplayName()));
        }
    }
}
