package com.checkmarx.sdk.utils.scanner.client;

import com.checkmarx.sdk.config.Constants;
import com.checkmarx.sdk.config.ContentType;
import com.checkmarx.sdk.config.RestClientConfig;
import com.checkmarx.sdk.config.ScaProperties;
import com.checkmarx.sdk.dto.HandlerRef;
import com.checkmarx.sdk.dto.LoginSettings;
import com.checkmarx.sdk.dto.PathFilter;
import com.checkmarx.sdk.dto.RemoteRepositoryInfo;
import com.checkmarx.sdk.dto.ResultsBase;
import com.checkmarx.sdk.dto.ScanConfig;
import com.checkmarx.sdk.dto.ScannerType;
import com.checkmarx.sdk.dto.SourceLocationType;
import com.checkmarx.sdk.dto.sast.Filter;
import com.checkmarx.sdk.dto.sca.CreateProjectRequest;
import com.checkmarx.sdk.dto.sca.CxSCAResolvingConfiguration;
import com.checkmarx.sdk.dto.sca.Policy;
import com.checkmarx.sdk.dto.sca.Project;
import com.checkmarx.sdk.dto.sca.SCAResults;
import com.checkmarx.sdk.dto.sca.ScaConfig;
import com.checkmarx.sdk.dto.sca.Summary;
import com.checkmarx.sdk.dto.sca.report.Finding;
import com.checkmarx.sdk.dto.sca.report.Package;
import com.checkmarx.sdk.dto.sca.report.PolicyEvaluation;
import com.checkmarx.sdk.dto.sca.report.ScaSummaryBaseFormat;
import com.checkmarx.sdk.exception.CxHTTPClientException;
import com.checkmarx.sdk.exception.ScannerRuntimeException;
import com.checkmarx.sdk.utils.CxRepoFileHelper;
import com.checkmarx.sdk.utils.State;
import com.checkmarx.sdk.utils.UrlUtils;
import com.checkmarx.sdk.utils.sca.CxSCAFileSystemUtils;
import com.checkmarx.sdk.utils.sca.fingerprints.CxSCAScanFingerprints;
import com.checkmarx.sdk.utils.sca.fingerprints.FingerprintCollector;
import com.checkmarx.sdk.utils.scanner.client.httpClient.CxHttpClient;
import com.checkmarx.sdk.utils.scanner.client.httpClient.HttpClientHelper;
import com.checkmarx.sdk.utils.zip.CxZipUtils;
import com.checkmarx.sdk.utils.zip.NewCxZipFile;
import com.checkmarx.sdk.utils.zip.Zipper;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.MapperFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ArrayNode;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.nio.file.Files;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.EnumMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.entity.ByteArrayEntity;
import org.modelmapper.ModelMapper;
import org.slf4j.Logger;

/* loaded from: input_file:com/checkmarx/sdk/utils/scanner/client/ScaClientHelper.class */
public class ScaClientHelper extends ScanClientHelper implements IScanClientHelper {
    private static final String RISK_MANAGEMENT_API = "/risk-management/";
    private static final String POLICY_MANAGEMENT_API = "/policy-management/";
    private static final String POLICIES_API = "/policy-management/policies";
    private static final String POLICIES_API_BY_ID = "/policy-management/policies/%s";
    private static final String RISK_REPORT_URL = "/risk-management/risk-reports?projectId=%s&size=1";
    private static final String POLICY_EVALUATION_URL = "/policy-management/policy-evaluation?reportId=%s";
    private static final String PROJECTS = "/risk-management/projects";
    private static final String PROJECTS_BY_ID = "/risk-management/projects/%s";
    private static final String SUMMARY_REPORT = "/risk-management/riskReports/%s/summary";
    private static final String FINDINGS = "/risk-management/riskReports/%s/vulnerabilities";
    private static final String PACKAGES = "/risk-management/riskReports/%s/packages";
    private static final String LATEST_SCAN = "/risk-management/riskReports?size=1&projectId=%s";
    private static final String WEB_REPORT = "/#/projects/%s/reports/%s";
    private static final String RESOLVING_CONFIGURATION_API = "/settings/projects/%s/resolving-configuration";
    private static final String REPORT_SCA_PACKAGES = "cxSCAPackages";
    private static final String REPORT_SCA_FINDINGS = "cxSCAVulnerabilities";
    private static final String REPORT_SCA_SUMMARY = "cxSCASummary";
    private static final String JSON_EXTENSION = ".json";
    public static final String AUTHENTICATION = "identity/connect/token";
    private static final String ENGINE_TYPE_FOR_API = "sca";
    private static final String TENANT_HEADER_NAME = "Account-Name";
    public static final String CX_REPORT_LOCATION = File.separator + "Checkmarx" + File.separator + "Reports";
    private static final ObjectMapper caseInsensitiveObjectMapper = new ObjectMapper().configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false).enable(new MapperFeature[]{MapperFeature.ACCEPT_CASE_INSENSITIVE_ENUMS});
    private final ScaConfig scaConfig;
    private final ScaProperties scaProperties;
    private String projectId;
    private String scanId;
    private final FingerprintCollector fingerprintCollector;
    private CxSCAResolvingConfiguration resolvingConfiguration;
    private static final String FINGERPRINT_FILE_NAME = ".cxsca.sig";

    public ScaClientHelper(RestClientConfig restClientConfig, Logger logger, ScaProperties scaProperties) {
        super(restClientConfig, logger);
        this.scaConfig = restClientConfig.getScaConfig();
        this.scaProperties = scaProperties;
        validate(this.scaConfig);
        this.httpClient = createHttpClient(this.scaConfig.getApiUrl());
        this.resolvingConfiguration = null;
        this.fingerprintCollector = new FingerprintCollector(logger);
        this.httpClient.setCustomHeader(TENANT_HEADER_NAME, restClientConfig.getScaConfig().getTenant());
        this.httpClient.setCustomHeader(CxHttpClient.ORIGIN_HEADER, ScanClientHelper.CX_FLOW_SCAN_ORIGIN_NAME);
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.ScanClientHelper
    protected String getScannerDisplayName() {
        return ScannerType.AST_SCA.getDisplayName();
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.ScanClientHelper
    protected ScanConfig getScanConfig() {
        return ScanConfig.builder().type("sca").build();
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.ScanClientHelper
    protected HandlerRef getBranchToScan(RemoteRepositoryInfo remoteRepositoryInfo) {
        if (StringUtils.isNotEmpty(remoteRepositoryInfo.getBranch())) {
            throw new ScannerRuntimeException(String.format("Branch specification is not yet supported by %s.", getScannerDisplayName()));
        }
        return null;
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.ScanClientHelper
    protected URL getEffectiveRepoUrl(RemoteRepositoryInfo remoteRepositoryInfo) {
        URL url;
        URL url2 = remoteRepositoryInfo.getUrl();
        String defaultString = StringUtils.defaultString(remoteRepositoryInfo.getUsername());
        String defaultString2 = StringUtils.defaultString(remoteRepositoryInfo.getPassword());
        try {
            if (StringUtils.isNotEmpty(defaultString) || StringUtils.isNotEmpty(defaultString2)) {
                this.log.info("Adding credentials as the userinfo part of the URL, because {} only supports this kind of authentication.", getScannerDisplayName());
                url = new URIBuilder(url2.toURI()).setUserInfo(defaultString, defaultString2).build().toURL();
            } else {
                url = remoteRepositoryInfo.getUrl();
            }
            return url;
        } catch (Exception e) {
            throw new ScannerRuntimeException("Error getting effective repo URL.");
        }
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.IScanClientHelper
    public ResultsBase init() {
        this.log.debug("Initializing {} client.", getScannerDisplayName());
        SCAResults sCAResults = new SCAResults();
        try {
            login();
        } catch (Exception e) {
            super.handleInitError(e, sCAResults);
        }
        return sCAResults;
    }

    public CxSCAResolvingConfiguration getCxSCAResolvingConfigurationForProject(String str) throws IOException {
        this.log.info("Resolving configuration for project: {}", str);
        return (CxSCAResolvingConfiguration) this.httpClient.getRequest(String.format(RESOLVING_CONFIGURATION_API, URLEncoder.encode(str, Constants.ENCODING)), ContentType.CONTENT_TYPE_APPLICATION_JSON, CxSCAResolvingConfiguration.class, 200, "get CxSCA resolving configuration", false);
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.IScanClientHelper
    public ResultsBase waitForScanResults() {
        SCAResults sCAResults;
        try {
            waitForScanToFinish(this.scanId);
            sCAResults = tryGetScanResults().orElseThrow(() -> {
                return new ScannerRuntimeException("Unable to get scan results: scan not found.");
            });
        } catch (ScannerRuntimeException e) {
            this.log.error(e.getMessage());
            sCAResults = new SCAResults();
            sCAResults.setException(e);
        }
        return sCAResults;
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.ScanClientHelper
    protected void uploadArchive(byte[] bArr, String str) throws IOException {
        this.log.info("Uploading the zipped data.");
        CxHttpClient cxHttpClient = null;
        ByteArrayEntity byteArrayEntity = new ByteArrayEntity(bArr);
        try {
            cxHttpClient = createHttpClient(str);
            cxHttpClient.putRequest("", "", byteArrayEntity, JsonNode.class, 200, "upload ZIP file");
            Optional.ofNullable(cxHttpClient).ifPresent((v0) -> {
                v0.close();
            });
        } catch (Throwable th) {
            Optional.ofNullable(cxHttpClient).ifPresent((v0) -> {
                v0.close();
            });
            throw th;
        }
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.IScanClientHelper
    public ResultsBase initiateScan() {
        this.log.info("----------------------------------- Initiating {} Scan:------------------------------------", getScannerDisplayName());
        SCAResults sCAResults = new SCAResults();
        this.scanId = null;
        this.projectId = null;
        try {
            try {
                ScaConfig scaConfig = this.config.getScaConfig();
                SourceLocationType sourceLocationType = scaConfig.getSourceLocationType();
                this.projectId = resolveRiskManagementProject();
                if (!this.config.getScaConfig().isIncludeSources()) {
                    this.resolvingConfiguration = getCxSCAResolvingConfigurationForProject(this.projectId);
                    this.log.info("Got the following manifest patterns {}", this.resolvingConfiguration.getManifests());
                    this.log.info("Got the following fingerprint patterns {}", this.resolvingConfiguration.getFingerprints());
                }
                this.scanId = extractScanIdFrom(sourceLocationType == SourceLocationType.REMOTE_REPOSITORY ? submitSourcesFromRemoteRepo(scaConfig, this.projectId) : scaConfig.isIncludeSources() ? submitAllSourcesFromLocalDir(this.projectId) : submitManifestsAndFingerprintsFromLocalDir(this.projectId));
                sCAResults.setScanId(this.scanId);
                if (this.config.isClonedRepo() && this.config.getZipFile() != null) {
                    this.log.info("Deleting cloned repo zip file: {}", this.config.getZipFile());
                    FileUtils.deleteQuietly(this.config.getZipFile());
                }
            } catch (Exception e) {
                this.log.error(e.getMessage());
                setState(State.FAILED);
                sCAResults.setException(new ScannerRuntimeException("Error creating scan.", e));
                if (this.config.isClonedRepo() && this.config.getZipFile() != null) {
                    this.log.info("Deleting cloned repo zip file: {}", this.config.getZipFile());
                    FileUtils.deleteQuietly(this.config.getZipFile());
                }
            }
            return sCAResults;
        } catch (Throwable th) {
            if (this.config.isClonedRepo() && this.config.getZipFile() != null) {
                this.log.info("Deleting cloned repo zip file: {}", this.config.getZipFile());
                FileUtils.deleteQuietly(this.config.getZipFile());
            }
            throw th;
        }
    }

    public void deleteProjectById(String str) throws IOException {
        this.log.info("Deleting project with id: {}", str);
        this.httpClient.deleteRequest(String.format(PROJECTS_BY_ID, str), 204, "delete a project");
    }

    public Project getProjectDetailsByProjectId(String str) throws IOException {
        this.log.info("Getting project details by project id: {}", str);
        return (Project) this.httpClient.getRequest(String.format(PROJECTS_BY_ID, str), ContentType.CONTENT_TYPE_APPLICATION_JSON, Project.class, 200, "project details", false);
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.ScanClientHelper
    protected HttpResponse submitAllSourcesFromLocalDir(String str) throws IOException {
        byte[] zippedSources;
        this.log.info("Using local directory flow.");
        String sourceDir = this.config.getSourceDir();
        if (this.config.isClonedRepo()) {
            CxRepoFileHelper cxRepoFileHelper = new CxRepoFileHelper();
            File file = new File(sourceDir);
            String zipClonedRepo = cxRepoFileHelper.zipClonedRepo(file, this.config.getScaConfig().getExcludeFiles());
            cxRepoFileHelper.deleteCloneLocalDir(file);
            this.config.setZipFile(new File(zipClonedRepo));
            zippedSources = FileUtils.readFileToByteArray(new File(zipClonedRepo));
        } else {
            zippedSources = CxZipUtils.getZippedSources(this.config, new PathFilter("", "", this.log), sourceDir, this.log);
        }
        return initiateScanForUpload(str, zippedSources);
    }

    private HttpResponse submitManifestsAndFingerprintsFromLocalDir(String str) throws IOException {
        this.log.info("Using manifest only and fingerprint flow");
        String sourceDir = this.config.getSourceDir();
        PathFilter pathFilter = new PathFilter("", "", this.log);
        if (ArrayUtils.isNotEmpty(pathFilter.getIncludes()) && !ArrayUtils.contains(pathFilter.getIncludes(), "**")) {
            pathFilter.addToIncludes("**");
        }
        HashSet hashSet = new HashSet(Arrays.asList(CxSCAFileSystemUtils.scanAndGetIncludedFiles(sourceDir, pathFilter)));
        PathFilter pathFilter2 = new PathFilter(null, getManifestsIncludePattern(), this.log);
        if (pathFilter2.getIncludes().length == 0) {
            throw new ScannerRuntimeException(String.format("Using manifest only mode requires include filter. Resolving config does not have include patterns defined: %s", getManifestsIncludePattern()));
        }
        Stream stream = Arrays.stream(CxSCAFileSystemUtils.scanAndGetIncludedFiles(sourceDir, pathFilter2));
        hashSet.getClass();
        List<String> list = (List) stream.filter((v1) -> {
            return r1.contains(v1);
        }).collect(Collectors.toList());
        Stream stream2 = Arrays.stream(CxSCAFileSystemUtils.scanAndGetIncludedFiles(sourceDir, new PathFilter(null, getFingerprintsIncludePattern(), this.log)));
        hashSet.getClass();
        CxSCAScanFingerprints collectFingerprints = this.fingerprintCollector.collectFingerprints(sourceDir, (List) stream2.filter((v1) -> {
            return r1.contains(v1);
        }).collect(Collectors.toList()));
        File zipDirectoryAndFingerprints = zipDirectoryAndFingerprints(sourceDir, list, collectFingerprints);
        optionallyWriteFingerprintsToFile(collectFingerprints);
        if (this.config.isClonedRepo()) {
            new CxRepoFileHelper().deleteCloneLocalDir(new File(sourceDir));
            this.config.setZipFile(zipDirectoryAndFingerprints);
        }
        return initiateScanForUpload(str, FileUtils.readFileToByteArray(zipDirectoryAndFingerprints));
    }

    /* JADX WARN: Failed to calculate best type for var: r16v2 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r16v2 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Failed to calculate best type for var: r17v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r17v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 16, insn: 0x00d8: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r16 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:36:0x00d8 */
    /* JADX WARN: Not initialized variable reg: 17, insn: 0x00dd: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r17 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:38:0x00dd */
    /* JADX WARN: Type inference failed for: r16v2, types: [com.checkmarx.sdk.utils.zip.NewCxZipFile] */
    /* JADX WARN: Type inference failed for: r17v0, types: [java.lang.Throwable] */
    private File zipDirectoryAndFingerprints(String str, List<String> list, CxSCAScanFingerprints cxSCAScanFingerprints) throws IOException {
        ?? r16;
        ?? r17;
        File zipFile = this.config.getZipFile();
        if (zipFile != null) {
            return zipFile;
        }
        File zipFile2 = getZipFile();
        this.log.debug("Collecting files to zip archive: {}", zipFile2.getAbsolutePath());
        try {
            try {
                NewCxZipFile newCxZipFile = new NewCxZipFile(zipFile2, CxZipUtils.MAX_ZIP_SIZE_BYTES, this.log);
                Throwable th = null;
                newCxZipFile.addMultipleFilesToArchive(new File(str), list);
                if (newCxZipFile.getFileCount() == 0 && cxSCAScanFingerprints.getFingerprints().isEmpty()) {
                    throw handleFileDeletion(zipFile2);
                }
                if (cxSCAScanFingerprints.getFingerprints().isEmpty()) {
                    this.log.debug("No supported fingerprints found to zip");
                } else {
                    newCxZipFile.zipContentAsFile(FINGERPRINT_FILE_NAME, FingerprintCollector.getFingerprintsAsJsonString(cxSCAScanFingerprints).getBytes());
                }
                this.log.debug("The sources were zipped to {}", zipFile2.getAbsolutePath());
                if (newCxZipFile != null) {
                    if (0 != 0) {
                        try {
                            newCxZipFile.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newCxZipFile.close();
                    }
                }
                return zipFile2;
            } catch (Throwable th3) {
                if (r16 != 0) {
                    if (r17 != 0) {
                        try {
                            r16.close();
                        } catch (Throwable th4) {
                            r17.addSuppressed(th4);
                        }
                    } else {
                        r16.close();
                    }
                }
                throw th3;
            }
        } catch (Zipper.MaxZipSizeReached e) {
            throw handleFileDeletion(zipFile2, new IOException("Reached maximum upload size limit of " + FileUtils.byteCountToDisplaySize(CxZipUtils.MAX_ZIP_SIZE_BYTES)));
        } catch (IOException e2) {
            throw handleFileDeletion(zipFile2, e2);
        }
    }

    private ScannerRuntimeException handleFileDeletion(File file, IOException iOException) {
        try {
            Files.delete(file.toPath());
            return new ScannerRuntimeException(iOException);
        } catch (IOException e) {
            return new ScannerRuntimeException(e);
        }
    }

    private ScannerRuntimeException handleFileDeletion(File file) {
        try {
            Files.delete(file.toPath());
            return new ScannerRuntimeException("No files found to zip and no supported fingerprints found");
        } catch (IOException e) {
            return new ScannerRuntimeException(e.getMessage());
        }
    }

    private String getFingerprintsIncludePattern() {
        return StringUtils.isNotEmpty(this.scaConfig.getFingerprintsIncludePattern()) ? this.scaConfig.getFingerprintsIncludePattern() : this.resolvingConfiguration.getFingerprintsIncludePattern();
    }

    private String getManifestsIncludePattern() {
        return StringUtils.isNotEmpty(this.scaConfig.getManifestsIncludePattern()) ? this.scaConfig.getManifestsIncludePattern() : this.resolvingConfiguration.getManifestsIncludePattern();
    }

    private File getZipFile() throws IOException {
        return StringUtils.isNotEmpty(this.scaConfig.getZipFilePath()) ? new File(this.scaConfig.getZipFilePath()) : File.createTempFile(CxZipUtils.TEMP_FILE_NAME_TO_ZIP, ".bin");
    }

    private void optionallyWriteFingerprintsToFile(CxSCAScanFingerprints cxSCAScanFingerprints) {
        if (StringUtils.isNotEmpty(this.scaConfig.getFingerprintFilePath())) {
            try {
                this.fingerprintCollector.writeScanFingerprintsFile(cxSCAScanFingerprints, this.scaConfig.getFingerprintFilePath());
            } catch (IOException e) {
                this.log.error(String.format("Failed writing fingerprint file to %s", this.scaConfig.getFingerprintFilePath()), e);
            }
        }
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.IScanClientHelper
    public ResultsBase getLatestScanResults() {
        SCAResults sCAResults = new SCAResults();
        try {
            this.log.info("Getting latest scan results.");
            this.projectId = getRiskManagementProjectId(this.config.getProjectName());
            this.scanId = getLatestScanId(this.projectId);
            sCAResults = tryGetScanResults().orElse(null);
        } catch (Exception e) {
            this.log.error(e.getMessage());
            sCAResults.setException(new ScannerRuntimeException("Error getting latest scan results.", e));
        }
        return sCAResults;
    }

    private Optional<SCAResults> tryGetScanResults() {
        SCAResults sCAResults = null;
        if (StringUtils.isNotEmpty(this.scanId)) {
            sCAResults = getScanResults();
        } else {
            this.log.info("Unable to get scan results");
        }
        return Optional.ofNullable(sCAResults);
    }

    private String getLatestScanId(String str) throws IOException {
        String str2 = null;
        if (StringUtils.isNotEmpty(str)) {
            this.log.debug("Getting latest scan ID for project ID: {}", str);
            str2 = (String) Optional.ofNullable((JsonNode) this.httpClient.getRequest(String.format(LATEST_SCAN, URLEncoder.encode(str, Constants.ENCODING)), ContentType.CONTENT_TYPE_APPLICATION_JSON, ArrayNode.class, 200, "scan ID by project ID", false)).map(jsonNode -> {
                return jsonNode.at("/0/riskReportId").textValue();
            }).orElse(null);
        }
        this.log.info(str2 == null ? "Scan not found" : String.format("Scan ID: %s", str2));
        return str2;
    }

    private void printWebReportLink(SCAResults sCAResults) {
        if (StringUtils.isEmpty(sCAResults.getWebReportLink())) {
            return;
        }
        this.log.info("{} scan results location: {}", getScannerDisplayName(), sCAResults.getWebReportLink());
    }

    void testConnection() throws IOException {
        login();
        getRiskManagementProjects();
    }

    public void login() throws IOException {
        this.log.info("Logging into {}", getScannerDisplayName());
        ScaConfig scaConfig = this.config.getScaConfig();
        String accessControlUrl = scaConfig.getAccessControlUrl();
        LoginSettings build = LoginSettings.builder().accessControlBaseUrl(UrlUtils.parseURLToString(accessControlUrl, AUTHENTICATION)).username(scaConfig.getUsername()).password(scaConfig.getPassword()).tenant(scaConfig.getTenant()).build();
        build.setClientTypeForPasswordAuth(new ClientTypeResolver(this.config).determineClientType(accessControlUrl));
        this.httpClient.login(build);
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.IScanClientHelper
    public void close() {
        if (this.httpClient != null) {
            this.httpClient.close();
        }
    }

    public void testScaConnection() {
        try {
            testConnection();
        } catch (IOException e) {
            throw new ScannerRuntimeException(e);
        }
    }

    private String resolveRiskManagementProject() throws IOException {
        String projectName = this.config.getProjectName();
        this.log.info("Getting project by name: '{}'", projectName);
        String riskManagementProjectId = getRiskManagementProjectId(projectName);
        if (riskManagementProjectId == null) {
            this.log.info("Project not found, creating a new one.");
            riskManagementProjectId = createRiskManagementProject(projectName);
            this.log.info("Created a project with ID {}", riskManagementProjectId);
        } else {
            this.log.info("Project already exists with ID {}", riskManagementProjectId);
        }
        return riskManagementProjectId;
    }

    private String getRiskManagementProjectId(String str) throws IOException {
        this.log.info("Getting project ID by name: '{}'", str);
        if (StringUtils.isEmpty(str)) {
            throw new ScannerRuntimeException("Non-empty project name must be provided.");
        }
        String str2 = (String) Optional.ofNullable(sendGetProjectRequest(str)).map((v0) -> {
            return v0.getId();
        }).orElse(null);
        this.log.info(str2 == null ? "Project not found" : String.format("Project ID: %s", str2));
        return str2;
    }

    private Project sendGetProjectRequest(String str) throws IOException {
        Project project;
        try {
            project = (Project) this.httpClient.getRequest(String.format("%s?name=%s", PROJECTS, URLEncoder.encode(str, Constants.ENCODING)), ContentType.CONTENT_TYPE_APPLICATION_JSON, Project.class, 200, "CxSCA project ID by name", false);
        } catch (CxHTTPClientException e) {
            if (e.getStatusCode() != 404) {
                throw e;
            }
            project = null;
        }
        return project;
    }

    private void getRiskManagementProjects() throws IOException {
        this.httpClient.getRequest(PROJECTS, ContentType.CONTENT_TYPE_APPLICATION_JSON, Project.class, 200, "CxSCA projects", true);
    }

    public String createRiskManagementProject(String str) throws IOException {
        CreateProjectRequest createProjectRequest = new CreateProjectRequest();
        createProjectRequest.setName(str);
        determineProjectTeam(createProjectRequest);
        return ((Project) this.httpClient.postRequest(PROJECTS, ContentType.CONTENT_TYPE_APPLICATION_JSON, HttpClientHelper.convertToStringEntity(createProjectRequest), Project.class, 201, "create a project")).getId();
    }

    private void determineProjectTeam(CreateProjectRequest createProjectRequest) {
        String teamForNewProjects = this.scaProperties.getTeamForNewProjects();
        if (!StringUtils.isNotEmpty(teamForNewProjects)) {
            createProjectRequest.setAssignedTeams(null);
        } else {
            this.log.info("Assigning SCA project with team: {}", teamForNewProjects);
            createProjectRequest.setAssignedTeams(Collections.singletonList(teamForNewProjects));
        }
    }

    private SCAResults getScanResults() {
        this.log.debug("Getting results for scan ID {}", this.scanId);
        try {
            SCAResults sCAResults = new SCAResults();
            sCAResults.setScanId(this.scanId);
            ScaSummaryBaseFormat summaryReport = getSummaryReport(this.scanId);
            printSummary(summaryReport, this.scanId);
            Summary summary = (Summary) new ModelMapper().map(summaryReport, Summary.class);
            summary.setFindingCounts(getFindingCountMap(summaryReport));
            sCAResults.setSummary(summary);
            sCAResults.setFindings(getFindings(this.scanId));
            sCAResults.setPackages(getPackages(this.scanId));
            sCAResults.setWebReportLink(getWebReportLink(this.config.getScaConfig().getWebAppUrl()));
            printWebReportLink(sCAResults);
            sCAResults.setScaResultReady(true);
            List<String> scanViolatedPolicies = getScanViolatedPolicies(getPolicyEvaluationByReportId(getRiskReportByProjectId(this.projectId)));
            sCAResults.setPolicyViolated(!scanViolatedPolicies.isEmpty());
            sCAResults.setViolatedPolicies(scanViolatedPolicies);
            this.log.info("Retrieved SCA results successfully.");
            return sCAResults;
        } catch (IOException e) {
            throw new ScannerRuntimeException("Error retrieving CxSCA scan results.", e);
        }
    }

    protected Map<Filter.Severity, Integer> getFindingCountMap(ScaSummaryBaseFormat scaSummaryBaseFormat) {
        EnumMap enumMap = new EnumMap(Filter.Severity.class);
        enumMap.put((EnumMap) Filter.Severity.HIGH, (Filter.Severity) Integer.valueOf(scaSummaryBaseFormat.getHighVulnerabilityCount()));
        enumMap.put((EnumMap) Filter.Severity.MEDIUM, (Filter.Severity) Integer.valueOf(scaSummaryBaseFormat.getMediumVulnerabilityCount()));
        enumMap.put((EnumMap) Filter.Severity.LOW, (Filter.Severity) Integer.valueOf(scaSummaryBaseFormat.getLowVulnerabilityCount()));
        return enumMap;
    }

    @Override // com.checkmarx.sdk.utils.scanner.client.ScanClientHelper
    protected String getWebReportPath() throws UnsupportedEncodingException {
        return String.format(WEB_REPORT, URLEncoder.encode(this.projectId, Constants.ENCODING), URLEncoder.encode(this.scanId, Constants.ENCODING));
    }

    private ScaSummaryBaseFormat getSummaryReport(String str) throws IOException {
        this.log.debug("Getting summary report.");
        return (ScaSummaryBaseFormat) this.httpClient.getRequest(String.format(SUMMARY_REPORT, URLEncoder.encode(str, Constants.ENCODING)), ContentType.CONTENT_TYPE_APPLICATION_JSON, ScaSummaryBaseFormat.class, 200, "CxSCA report summary", false);
    }

    private String getRiskReportByProjectId(String str) throws IOException {
        this.log.debug("Getting risk report by project-id: {}", str);
        return (String) Optional.ofNullable((JsonNode) this.httpClient.getRequest(String.format(RISK_REPORT_URL, str), null, ArrayNode.class, 200, "getting risk report by project-id", false)).map(jsonNode -> {
            return jsonNode.at("/0/riskReportId").textValue();
        }).orElse(null);
    }

    private List<PolicyEvaluation> getPolicyEvaluationByReportId(String str) throws IOException {
        this.log.debug("Getting policy evaluation by report-id: {}", str);
        return Arrays.asList((PolicyEvaluation[]) caseInsensitiveObjectMapper.treeToValue((ArrayNode) this.httpClient.getRequest(String.format(POLICY_EVALUATION_URL, str), ContentType.CONTENT_TYPE_APPLICATION_JSON, ArrayNode.class, 200, "getting policy evaluation be report-id", false), PolicyEvaluation[].class));
    }

    public String createNewPolicy(Policy policy) throws IOException {
        this.log.debug("Creating new policy with name: {} to project-ids: {}", policy.getName(), policy.getProjectIds());
        return ((String) this.httpClient.postRequest(POLICIES_API, ContentType.CONTENT_TYPE_APPLICATION_JSON, HttpClientHelper.convertToStringEntity(policy), String.class, 200, "creating a policy")).replace("\"", "");
    }

    public void deletePolicy(String str) throws IOException {
        this.log.info("Deleting policy with id: {}", str);
        this.httpClient.deleteRequest(String.format(POLICIES_API_BY_ID, str), 200, "delete a policy");
    }

    private List<String> getScanViolatedPolicies(List<PolicyEvaluation> list) {
        ArrayList arrayList = new ArrayList();
        list.forEach(policyEvaluation -> {
            if (policyEvaluation.isViolated() && policyEvaluation.getActions().isBreakBuild()) {
                arrayList.add(policyEvaluation.getName());
            }
        });
        return arrayList;
    }

    private List<Finding> getFindings(String str) throws IOException {
        this.log.debug("Getting findings.");
        return Arrays.asList((Finding[]) caseInsensitiveObjectMapper.treeToValue((ArrayNode) this.httpClient.getRequest(String.format(FINDINGS, URLEncoder.encode(str, Constants.ENCODING)), ContentType.CONTENT_TYPE_APPLICATION_JSON, ArrayNode.class, 200, "CxSCA findings", false), Finding[].class));
    }

    private List<Package> getPackages(String str) throws IOException {
        this.log.debug("Getting packages.");
        return (List) this.httpClient.getRequest(String.format(PACKAGES, URLEncoder.encode(str, Constants.ENCODING)), ContentType.CONTENT_TYPE_APPLICATION_JSON, Package.class, 200, "CxSCA findings", true);
    }

    private void printSummary(ScaSummaryBaseFormat scaSummaryBaseFormat, String str) {
        if (this.log.isInfoEnabled()) {
            this.log.info("----CxSCA risk report summary----");
            this.log.info("Created on: {}", scaSummaryBaseFormat.getCreatedOn());
            this.log.info("Direct packages: {}", Integer.valueOf(scaSummaryBaseFormat.getDirectPackages()));
            this.log.info("High vulnerabilities: {}", Integer.valueOf(scaSummaryBaseFormat.getHighVulnerabilityCount()));
            this.log.info("Medium vulnerabilities: {}", Integer.valueOf(scaSummaryBaseFormat.getMediumVulnerabilityCount()));
            this.log.info("Low vulnerabilities: {}", Integer.valueOf(scaSummaryBaseFormat.getLowVulnerabilityCount()));
            this.log.info("Scan ID: {}", str);
            this.log.info(String.format("Risk score: %.2f", Double.valueOf(scaSummaryBaseFormat.getRiskScore())));
            this.log.info("Total packages: {}", Integer.valueOf(scaSummaryBaseFormat.getTotalPackages()));
            this.log.info("Total outdated packages: {}", Integer.valueOf(scaSummaryBaseFormat.getTotalOutdatedPackages()));
        }
    }

    private void validate(ScaConfig scaConfig) {
        String str = null;
        if (scaConfig == null) {
            str = "%s config must be provided.";
        } else if (StringUtils.isEmpty(scaConfig.getApiUrl())) {
            str = "%s API URL must be provided.";
        } else if (StringUtils.isEmpty(scaConfig.getAccessControlUrl())) {
            str = "%s access control URL must be provided.";
        } else {
            RemoteRepositoryInfo remoteRepositoryInfo = scaConfig.getRemoteRepositoryInfo();
            if (remoteRepositoryInfo == null && scaConfig.getSourceLocationType() == SourceLocationType.REMOTE_REPOSITORY) {
                str = "%s remote repository info must be provided.";
            } else if (remoteRepositoryInfo != null && StringUtils.isNotEmpty(remoteRepositoryInfo.getBranch())) {
                str = "%s doesn't support specifying custom branches. It currently uses the default branch of a repo.";
            }
        }
        if (str != null) {
            throw new IllegalArgumentException(String.format(str, getScannerDisplayName()));
        }
    }

    public static void writeJsonToFile(String str, Object obj, File file, Boolean bool, Logger logger) {
        try {
            String writeValueAsString = new ObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(obj);
            if (bool.booleanValue()) {
                if (!file.isAbsolute()) {
                    file = new File(System.getProperty("user.dir") + CX_REPORT_LOCATION + File.separator + file);
                }
                if (!file.getParentFile().exists()) {
                    file.getParentFile().mkdirs();
                }
                String str2 = str.endsWith(JSON_EXTENSION) ? str : str + JSON_EXTENSION;
                File file2 = new File(file + File.separator + str2);
                FileUtils.writeStringToFile(file2, writeValueAsString);
                logger.info(str2 + " saved under location: " + file2);
            } else {
                String str3 = str + "_" + new SimpleDateFormat("dd_MM_yyyy-HH_mm_ss").format(new Date()) + JSON_EXTENSION;
                FileUtils.writeStringToFile(new File(file + CX_REPORT_LOCATION, str3), writeValueAsString);
                logger.info(str + " saved under location: " + file + CX_REPORT_LOCATION + File.separator + str3);
            }
        } catch (Exception e) {
            logger.warn("Failed to write OSA JSON report (" + str + ") to file: " + e.getMessage());
        }
    }
}
