package org.owasp.dependencycheck.data.artifactory;

import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.JsonPrimitive;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.annotation.concurrent.ThreadSafe;
import org.apache.commons.jcs.engine.CacheConstants;
import org.apache.velocity.runtime.RuntimeConstants;
import org.owasp.dependencycheck.data.nexus.MavenArtifact;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.utils.Checksum;
import org.owasp.dependencycheck.utils.InvalidSettingException;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.URLConnectionFactory;
import org.owasp.dependencycheck.xml.pom.PomHandler;
import org.owasp.dependencycheck.xml.suppression.SuppressionHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ThreadSafe
/* loaded from: input_file:WEB-INF/lib/dependency-check-core-5.3.2.jar:org/owasp/dependencycheck/data/artifactory/ArtifactorySearch.class */
public class ArtifactorySearch {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) ArtifactorySearch.class);
    private static final Pattern PATH_PATTERN = Pattern.compile("^/(?<groupId>.+)/(?<artifactId>[^/]+)/(?<version>[^/]+)/[^/]+$");
    private static final String WHILE_ACTUAL_IS = " while actual is ";
    private final String rootURL;
    private final boolean useProxy;
    private final Settings settings;

    public ArtifactorySearch(Settings settings) {
        this.settings = settings;
        String string = settings.getString(Settings.KEYS.ANALYZER_ARTIFACTORY_URL);
        this.rootURL = string;
        LOGGER.debug("Artifactory Search URL {}", string);
        if (null == settings.getString(Settings.KEYS.PROXY_SERVER)) {
            this.useProxy = false;
            LOGGER.debug("Not using proxy");
            return;
        }
        boolean z = false;
        try {
            z = settings.getBoolean(Settings.KEYS.ANALYZER_ARTIFACTORY_USES_PROXY);
        } catch (InvalidSettingException e) {
            LOGGER.error("Settings {} is invalid, only, true/false is valid", Settings.KEYS.ANALYZER_ARTIFACTORY_USES_PROXY, e);
        }
        this.useProxy = z;
        LOGGER.debug("Using proxy? {}", Boolean.valueOf(this.useProxy));
    }

    public List<MavenArtifact> search(Dependency dependency) throws IOException {
        URL buildUrl = buildUrl(dependency.getSha1sum());
        HttpURLConnection connect = connect(buildUrl);
        int responseCode = connect.getResponseCode();
        if (responseCode == 200) {
            return processResponse(dependency, connect);
        }
        throw new IOException("Could not connect to Artifactory " + buildUrl + " (" + responseCode + "): " + connect.getResponseMessage());
    }

    private HttpURLConnection connect(URL url) throws IOException {
        LOGGER.debug("Searching Artifactory url {}", url);
        HttpURLConnection createHttpURLConnection = new URLConnectionFactory(this.settings).createHttpURLConnection(url, this.useProxy);
        createHttpURLConnection.setDoOutput(true);
        createHttpURLConnection.addRequestProperty("X-Result-Detail", "info");
        String string = this.settings.getString(Settings.KEYS.ANALYZER_ARTIFACTORY_API_USERNAME);
        String string2 = this.settings.getString(Settings.KEYS.ANALYZER_ARTIFACTORY_API_TOKEN);
        if (string == null || string2 == null) {
            String string3 = this.settings.getString(Settings.KEYS.ANALYZER_ARTIFACTORY_BEARER_TOKEN);
            if (string3 != null) {
                createHttpURLConnection.addRequestProperty("Authorization", "Bearer " + string3);
            }
        } else {
            createHttpURLConnection.addRequestProperty("Authorization", "Basic " + Base64.getEncoder().encodeToString((string + CacheConstants.NAME_COMPONENT_DELIMITER + string2).getBytes(StandardCharsets.UTF_8)));
        }
        createHttpURLConnection.connect();
        return createHttpURLConnection;
    }

    private URL buildUrl(String str) throws MalformedURLException {
        return new URL(this.rootURL + "/api/search/checksum?sha1=" + str);
    }

    protected List<MavenArtifact> processResponse(Dependency dependency, HttpURLConnection httpURLConnection) throws IOException {
        InputStreamReader inputStreamReader = new InputStreamReader(httpURLConnection.getInputStream(), StandardCharsets.UTF_8);
        Throwable th = null;
        try {
            try {
                JsonObject asJsonObject = JsonParser.parseReader(inputStreamReader).getAsJsonObject();
                if (0 != 0) {
                    try {
                        inputStreamReader.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    inputStreamReader.close();
                }
                JsonArray asJsonArray = asJsonObject.getAsJsonArray("results");
                int size = asJsonArray.size();
                if (size == 0) {
                    throw new FileNotFoundException("Artifact " + dependency + " not found in Artifactory");
                }
                ArrayList arrayList = new ArrayList(size);
                Iterator<JsonElement> it = asJsonArray.iterator();
                while (it.hasNext()) {
                    JsonElement next = it.next();
                    JsonObject asJsonObject2 = next.getAsJsonObject().getAsJsonObject("checksums");
                    JsonPrimitive asJsonPrimitive = asJsonObject2.getAsJsonPrimitive("sha256");
                    checkHashes(dependency, asJsonObject2.getAsJsonPrimitive(SuppressionHandler.SHA1).getAsString(), asJsonPrimitive == null ? null : asJsonPrimitive.getAsString(), asJsonObject2.getAsJsonPrimitive("md5").getAsString());
                    String asString = next.getAsJsonObject().getAsJsonPrimitive("downloadUri").getAsString();
                    String asString2 = next.getAsJsonObject().getAsJsonPrimitive(RuntimeConstants.RESOURCE_LOADER_PATHS).getAsString();
                    Matcher matcher = PATH_PATTERN.matcher(asString2);
                    if (!matcher.matches()) {
                        throw new IllegalStateException("Cannot extract the Maven information from the path retrieved in Artifactory " + asString2);
                    }
                    String replace = matcher.group(PomHandler.GROUPID).replace('/', '.');
                    String group = matcher.group(PomHandler.ARTIFACTID);
                    String group2 = matcher.group("version");
                    arrayList.add(new MavenArtifact(replace, group, group2, asString, MavenArtifact.derivePomUrl(group, group2, asString)));
                }
                return arrayList;
            } finally {
            }
        } catch (Throwable th3) {
            if (th != null) {
                try {
                    inputStreamReader.close();
                } catch (Throwable th4) {
                    th.addSuppressed(th4);
                }
            } else {
                inputStreamReader.close();
            }
            throw th3;
        }
    }

    private void checkHashes(Dependency dependency, String str, String str2, String str3) throws FileNotFoundException {
        String md5sum = dependency.getMd5sum();
        if (!str3.equals(md5sum)) {
            throw new FileNotFoundException("Artifact found by API is not matching the md5 of the artifact (repository hash is " + str3 + WHILE_ACTUAL_IS + md5sum + ") !");
        }
        String sha1sum = dependency.getSha1sum();
        if (!str.equals(sha1sum)) {
            throw new FileNotFoundException("Artifact found by API is not matching the SHA1 of the artifact (repository hash is " + str + WHILE_ACTUAL_IS + sha1sum + ") !");
        }
        String sha256sum = dependency.getSha256sum();
        if (str2 != null && !str2.equals(sha256sum)) {
            throw new FileNotFoundException("Artifact found by API is not matching the SHA-256 of the artifact (repository hash is " + str2 + WHILE_ACTUAL_IS + sha256sum + ") !");
        }
    }

    public boolean preflightRequest() {
        try {
            URL buildUrl = buildUrl(Checksum.getSHA1Checksum(UUID.randomUUID().toString()));
            HttpURLConnection connect = connect(buildUrl);
            if (connect.getResponseCode() == 200) {
                return true;
            }
            LOGGER.warn("Expected 200 result from Artifactory ({}), got {}", buildUrl, Integer.valueOf(connect.getResponseCode()));
            return false;
        } catch (IOException e) {
            LOGGER.error("Cannot connect to Artifactory", (Throwable) e);
            return false;
        }
    }
}
