package org.owasp.dependencycheck.agent;

import java.io.File;
import java.io.IOException;
import java.util.List;
import javax.annotation.concurrent.NotThreadSafe;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
import org.owasp.dependencycheck.data.update.exception.UpdateException;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Identifier;
import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.exception.ExceptionCollection;
import org.owasp.dependencycheck.exception.ReportException;
import org.owasp.dependencycheck.exception.ScanAgentException;
import org.owasp.dependencycheck.reporting.ReportGenerator;
import org.owasp.dependencycheck.utils.Settings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@NotThreadSafe
/* loaded from: input_file:WEB-INF/lib/dependency-check-core-3.0.0.jar:org/owasp/dependencycheck/agent/DependencyCheckScanAgent.class */
public class DependencyCheckScanAgent {
    private static final String NEW_LINE = System.getProperty("line.separator", IOUtils.LINE_SEPARATOR_UNIX).intern();
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DependencyCheckScanAgent.class);
    private List<Dependency> dependencies;
    private String reportOutputDirectory;
    private String proxyServer;
    private String proxyPort;
    private String proxyUsername;
    private String proxyPassword;
    private String connectionTimeout;
    private String suppressionFile;
    private String databasePassword;
    private String centralUrl;
    private String nexusUrl;
    private String databaseDriverName;
    private String databaseDriverPath;
    private String connectionString;
    private String databaseUser;
    private String zipExtensions;
    private String cveUrl12Modified;
    private String cveUrl20Modified;
    private String cveUrl12Base;
    private String cveUrl20Base;
    private String pathToMono;
    private Settings settings;
    private String propertiesFilePath;
    private String applicationName = "Dependency-Check";
    private String dataDirectory = null;
    private float failBuildOnCVSS = 11.0f;
    private boolean autoUpdate = true;
    private boolean updateOnly = false;
    private boolean generateReport = true;
    private ReportGenerator.Format reportFormat = ReportGenerator.Format.HTML;
    private String logFile = null;
    private boolean showSummary = true;
    private boolean centralAnalyzerEnabled = true;
    private boolean nexusAnalyzerEnabled = true;
    private boolean nexusUsesProxy = true;

    public String getApplicationName() {
        return this.applicationName;
    }

    public void setApplicationName(String str) {
        this.applicationName = str;
    }

    public List<Dependency> getDependencies() {
        return this.dependencies;
    }

    public void setDependencies(List<Dependency> list) {
        this.dependencies = list;
    }

    public String getDataDirectory() {
        return this.dataDirectory;
    }

    public void setDataDirectory(String str) {
        this.dataDirectory = str;
    }

    public String getReportOutputDirectory() {
        return this.reportOutputDirectory;
    }

    public void setReportOutputDirectory(String str) {
        this.reportOutputDirectory = str;
    }

    public float getFailBuildOnCVSS() {
        return this.failBuildOnCVSS;
    }

    public void setFailBuildOnCVSS(float f) {
        this.failBuildOnCVSS = f;
    }

    public boolean isAutoUpdate() {
        return this.autoUpdate;
    }

    public void setAutoUpdate(boolean z) {
        this.autoUpdate = z;
    }

    public boolean isUpdateOnly() {
        return this.updateOnly;
    }

    public void setUpdateOnly(boolean z) {
        this.updateOnly = z;
    }

    public boolean isGenerateReport() {
        return this.generateReport;
    }

    public void setGenerateReport(boolean z) {
        this.generateReport = z;
    }

    public ReportGenerator.Format getReportFormat() {
        return this.reportFormat;
    }

    public void setReportFormat(ReportGenerator.Format format) {
        this.reportFormat = format;
    }

    public String getProxyServer() {
        return this.proxyServer;
    }

    public void setProxyServer(String str) {
        this.proxyServer = str;
    }

    @Deprecated
    public String getProxyUrl() {
        return this.proxyServer;
    }

    @Deprecated
    public void setProxyUrl(String str) {
        this.proxyServer = str;
    }

    public String getProxyPort() {
        return this.proxyPort;
    }

    public void setProxyPort(String str) {
        this.proxyPort = str;
    }

    public String getProxyUsername() {
        return this.proxyUsername;
    }

    public void setProxyUsername(String str) {
        this.proxyUsername = str;
    }

    public String getProxyPassword() {
        return this.proxyPassword;
    }

    public void setProxyPassword(String str) {
        this.proxyPassword = str;
    }

    public String getConnectionTimeout() {
        return this.connectionTimeout;
    }

    public void setConnectionTimeout(String str) {
        this.connectionTimeout = str;
    }

    public String getLogFile() {
        return this.logFile;
    }

    public void setLogFile(String str) {
        this.logFile = str;
    }

    public String getSuppressionFile() {
        return this.suppressionFile;
    }

    public void setSuppressionFile(String str) {
        this.suppressionFile = str;
    }

    public boolean isShowSummary() {
        return this.showSummary;
    }

    public void setShowSummary(boolean z) {
        this.showSummary = z;
    }

    public boolean isCentralAnalyzerEnabled() {
        return this.centralAnalyzerEnabled;
    }

    public void setCentralAnalyzerEnabled(boolean z) {
        this.centralAnalyzerEnabled = z;
    }

    public String getCentralUrl() {
        return this.centralUrl;
    }

    public void setCentralUrl(String str) {
        this.centralUrl = str;
    }

    public boolean isNexusAnalyzerEnabled() {
        return this.nexusAnalyzerEnabled;
    }

    public void setNexusAnalyzerEnabled(boolean z) {
        this.nexusAnalyzerEnabled = z;
    }

    public String getNexusUrl() {
        return this.nexusUrl;
    }

    public void setNexusUrl(String str) {
        this.nexusUrl = str;
    }

    public boolean isNexusUsesProxy() {
        return this.nexusUsesProxy;
    }

    public void setNexusUsesProxy(boolean z) {
        this.nexusUsesProxy = z;
    }

    public String getDatabaseDriverName() {
        return this.databaseDriverName;
    }

    public void setDatabaseDriverName(String str) {
        this.databaseDriverName = str;
    }

    public String getDatabaseDriverPath() {
        return this.databaseDriverPath;
    }

    public void setDatabaseDriverPath(String str) {
        this.databaseDriverPath = str;
    }

    public String getConnectionString() {
        return this.connectionString;
    }

    public void setConnectionString(String str) {
        this.connectionString = str;
    }

    public String getDatabaseUser() {
        return this.databaseUser;
    }

    public void setDatabaseUser(String str) {
        this.databaseUser = str;
    }

    public String getDatabasePassword() {
        return this.databasePassword;
    }

    public void setDatabasePassword(String str) {
        this.databasePassword = str;
    }

    public String getZipExtensions() {
        return this.zipExtensions;
    }

    public void setZipExtensions(String str) {
        this.zipExtensions = str;
    }

    public String getCveUrl12Modified() {
        return this.cveUrl12Modified;
    }

    public void setCveUrl12Modified(String str) {
        this.cveUrl12Modified = str;
    }

    public String getCveUrl20Modified() {
        return this.cveUrl20Modified;
    }

    public void setCveUrl20Modified(String str) {
        this.cveUrl20Modified = str;
    }

    public String getCveUrl12Base() {
        return this.cveUrl12Base;
    }

    public void setCveUrl12Base(String str) {
        this.cveUrl12Base = str;
    }

    public String getCveUrl20Base() {
        return this.cveUrl20Base;
    }

    public void setCveUrl20Base(String str) {
        this.cveUrl20Base = str;
    }

    public String getPathToMono() {
        return this.pathToMono;
    }

    public void setPathToMono(String str) {
        this.pathToMono = str;
    }

    public String getPropertiesFilePath() {
        return this.propertiesFilePath;
    }

    public void setPropertiesFilePath(String str) {
        this.propertiesFilePath = str;
    }

    private Engine executeDependencyCheck() throws ExceptionCollection {
        populateSettings();
        try {
            Engine engine = new Engine(this.settings);
            if (this.updateOnly) {
                try {
                    try {
                        engine.doUpdates();
                        engine.close();
                    } catch (UpdateException e) {
                        throw new ExceptionCollection("Unable to perform update", e);
                    }
                } catch (Throwable th) {
                    engine.close();
                    throw th;
                }
            } else {
                engine.setDependencies(this.dependencies);
                engine.analyzeDependencies();
            }
            return engine;
        } catch (DatabaseException e2) {
            throw new ExceptionCollection((Throwable) e2, true);
        }
    }

    private void generateExternalReports(Engine engine, File file) throws ScanAgentException {
        try {
            engine.writeReports(this.applicationName, file, this.reportFormat.name());
        } catch (ReportException e) {
            LOGGER.debug("Unexpected exception occurred during analysis; please see the verbose error log for more details.", (Throwable) e);
            throw new ScanAgentException("Error generating the report", e);
        }
    }

    private void populateSettings() {
        this.settings = new Settings();
        if (this.dataDirectory != null) {
            this.settings.setString(Settings.KEYS.DATA_DIRECTORY, this.dataDirectory);
        } else {
            this.settings.setString(Settings.KEYS.DATA_DIRECTORY, new File(new File(DependencyCheckScanAgent.class.getProtectionDomain().getCodeSource().getLocation().getPath()).getParentFile(), this.settings.getString(Settings.KEYS.DATA_DIRECTORY)).getAbsolutePath());
        }
        if (this.propertiesFilePath != null) {
            try {
                this.settings.mergeProperties(this.propertiesFilePath);
                LOGGER.info("Successfully loaded user-defined properties");
            } catch (IOException e) {
                LOGGER.error("Unable to merge user-defined properties", (Throwable) e);
                LOGGER.error("Continuing execution");
            }
        }
        this.settings.setBoolean(Settings.KEYS.AUTO_UPDATE, this.autoUpdate);
        this.settings.setStringIfNotEmpty("proxy.server", this.proxyServer);
        this.settings.setStringIfNotEmpty(Settings.KEYS.PROXY_PORT, this.proxyPort);
        this.settings.setStringIfNotEmpty(Settings.KEYS.PROXY_USERNAME, this.proxyUsername);
        this.settings.setStringIfNotEmpty(Settings.KEYS.PROXY_PASSWORD, this.proxyPassword);
        this.settings.setStringIfNotEmpty(Settings.KEYS.CONNECTION_TIMEOUT, this.connectionTimeout);
        this.settings.setStringIfNotEmpty(Settings.KEYS.SUPPRESSION_FILE, this.suppressionFile);
        this.settings.setBoolean(Settings.KEYS.ANALYZER_CENTRAL_ENABLED, this.centralAnalyzerEnabled);
        this.settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_CENTRAL_URL, this.centralUrl);
        this.settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, this.nexusAnalyzerEnabled);
        this.settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_NEXUS_URL, this.nexusUrl);
        this.settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_USES_PROXY, this.nexusUsesProxy);
        this.settings.setStringIfNotEmpty(Settings.KEYS.DB_DRIVER_NAME, this.databaseDriverName);
        this.settings.setStringIfNotEmpty(Settings.KEYS.DB_DRIVER_PATH, this.databaseDriverPath);
        this.settings.setStringIfNotEmpty(Settings.KEYS.DB_CONNECTION_STRING, this.connectionString);
        this.settings.setStringIfNotEmpty(Settings.KEYS.DB_USER, this.databaseUser);
        this.settings.setStringIfNotEmpty(Settings.KEYS.DB_PASSWORD, this.databasePassword);
        this.settings.setStringIfNotEmpty(Settings.KEYS.ADDITIONAL_ZIP_EXTENSIONS, this.zipExtensions);
        this.settings.setStringIfNotEmpty(Settings.KEYS.CVE_MODIFIED_12_URL, this.cveUrl12Modified);
        this.settings.setStringIfNotEmpty(Settings.KEYS.CVE_MODIFIED_20_URL, this.cveUrl20Modified);
        this.settings.setStringIfNotEmpty(Settings.KEYS.CVE_SCHEMA_1_2, this.cveUrl12Base);
        this.settings.setStringIfNotEmpty(Settings.KEYS.CVE_SCHEMA_2_0, this.cveUrl20Base);
        this.settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_ASSEMBLY_MONO_PATH, this.pathToMono);
    }

    public Engine execute() throws ScanAgentException {
        Engine engine = null;
        try {
            try {
                engine = executeDependencyCheck();
                if (!this.updateOnly) {
                    if (this.generateReport) {
                        generateExternalReports(engine, new File(this.reportOutputDirectory));
                    }
                    if (this.showSummary) {
                        showSummary(engine.getDependencies());
                    }
                    if (this.failBuildOnCVSS <= 10.0f) {
                        checkForFailure(engine.getDependencies());
                    }
                }
                this.settings.cleanup(true);
                if (engine != null) {
                    engine.close();
                }
                return engine;
            } catch (ExceptionCollection e) {
                if (e.isFatal()) {
                    LOGGER.error("A fatal exception occurred during analysis; analysis has stopped. Please see the debug log for more details.");
                    LOGGER.debug(StringUtils.EMPTY, (Throwable) e);
                }
                throw new ScanAgentException("One or more exceptions occurred during analysis; please see the debug log for more details.", e);
            }
        } catch (Throwable th) {
            this.settings.cleanup(true);
            if (engine != null) {
                engine.close();
            }
            throw th;
        }
    }

    private void checkForFailure(Dependency[] dependencyArr) throws ScanAgentException {
        StringBuilder sb = new StringBuilder();
        for (Dependency dependency : dependencyArr) {
            boolean z = true;
            for (Vulnerability vulnerability : dependency.getVulnerabilities()) {
                if (vulnerability.getCvssScore() >= this.failBuildOnCVSS) {
                    if (z) {
                        z = false;
                        sb.append(NEW_LINE).append(dependency.getFileName()).append(": ");
                        sb.append(vulnerability.getName());
                    } else {
                        sb.append(", ").append(vulnerability.getName());
                    }
                }
            }
        }
        if (sb.length() > 0) {
            throw new ScanAgentException(this.showSummary ? String.format("%n%nDependency-Check Failure:%nOne or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '%.1f': %s%nSee the dependency-check report for more details.%n%n", Float.valueOf(this.failBuildOnCVSS), sb.toString()) : String.format("%n%nDependency-Check Failure:%nOne or more dependencies were identified with vulnerabilities.%n%nSee the dependency-check report for more details.%n%n", new Object[0]));
        }
    }

    private void showSummary(Dependency[] dependencyArr) {
        StringBuilder sb = new StringBuilder();
        for (Dependency dependency : dependencyArr) {
            boolean z = true;
            StringBuilder sb2 = new StringBuilder();
            for (Vulnerability vulnerability : dependency.getVulnerabilities()) {
                if (z) {
                    z = false;
                } else {
                    sb2.append(", ");
                }
                sb2.append(vulnerability.getName());
            }
            if (sb2.length() > 0) {
                sb.append(dependency.getFileName()).append(" (");
                boolean z2 = true;
                for (Identifier identifier : dependency.getIdentifiers()) {
                    if (z2) {
                        z2 = false;
                    } else {
                        sb.append(", ");
                    }
                    sb.append(identifier.getValue());
                }
                sb.append(") : ").append((CharSequence) sb2).append(NEW_LINE);
            }
        }
        if (sb.length() > 0) {
            LOGGER.warn("\n\nOne or more dependencies were identified with known vulnerabilities:\n\n{}\n\nSee the dependency-check report for more details.\n\n", sb.toString());
        }
    }
}
