package org.owasp.dependencycheck.analyzer;

import java.io.File;
import java.io.FileFilter;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.filefilter.NameFileFilter;
import org.apache.commons.io.filefilter.SuffixFileFilter;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.data.update.cpe.CPEHandler;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.EvidenceCollection;
import org.owasp.dependencycheck.exception.InitializationException;
import org.owasp.dependencycheck.utils.FileFilterBuilder;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.UrlStringUtils;

@Experimental
/* loaded from: input_file:WEB-INF/lib/dependency-check-core-1.4.3.jar:org/owasp/dependencycheck/analyzer/PythonPackageAnalyzer.class */
public class PythonPackageAnalyzer extends AbstractFileTypeAnalyzer {
    private static final int REGEX_OPTIONS = 34;
    private static final Pattern MODULE_DOCSTRING = Pattern.compile("^(['\\\"]{3})(.*?)\\1", 34);
    private static final Pattern VERSION_PATTERN = Pattern.compile("\\b(__)?version(__)? *= *(['\"]+)(\\d+\\.\\d+.*?)\\3", 34);
    private static final Pattern TITLE_PATTERN = compileAssignPattern(CPEHandler.Element.TITLE);
    private static final Pattern SUMMARY_PATTERN = compileAssignPattern("summary");
    private static final Pattern URI_PATTERN = compileAssignPattern("ur[il]");
    private static final Pattern HOMEPAGE_PATTERN = compileAssignPattern("home_?page");
    private static final Pattern AUTHOR_PATTERN = compileAssignPattern("author");
    private static final FileFilter INIT_PY_FILTER = new NameFileFilter("__init__.py");
    private static final FileFilter PY_FILTER = new SuffixFileFilter(".py");
    private static final String EXTENSIONS = "py";
    private static final FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(EXTENSIONS).build();

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return "Python Package Analyzer";
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return AnalysisPhase.INFORMATION_COLLECTION;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected FileFilter getFileFilter() {
        return FILTER;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void initializeFileTypeAnalyzer() throws InitializationException {
    }

    private static Pattern compileAssignPattern(String str) {
        return Pattern.compile(String.format("\\b(__)?%s(__)?\\b *= *(['\"]+)(.*?)\\3", str), 34);
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException {
        File actualFile = dependency.getActualFile();
        File parentFile = actualFile.getParentFile();
        String name = parentFile.getName();
        if (!INIT_PY_FILTER.accept(actualFile)) {
            ArrayList arrayList = new ArrayList(engine.getDependencies());
            arrayList.remove(dependency);
            engine.setDependencies(arrayList);
            return;
        }
        dependency.setDisplayFileName(name + "/__init__.py");
        dependency.getProductEvidence().addEvidence(actualFile.getName(), "PackageName", name, Confidence.HIGHEST);
        File[] listFiles = parentFile.listFiles(PY_FILTER);
        if (listFiles != null) {
            for (File file : listFiles) {
                analyzeFileContents(dependency, file);
            }
        }
    }

    private boolean analyzeFileContents(Dependency dependency, File file) throws AnalysisException {
        try {
            String trim = FileUtils.readFileToString(file, Charset.defaultCharset()).trim();
            boolean z = false;
            if (!trim.isEmpty()) {
                String name = file.getName();
                boolean gatherEvidence = gatherEvidence(VERSION_PATTERN, trim, name, dependency.getVersionEvidence(), "SourceVersion", Confidence.MEDIUM) | addSummaryInfo(dependency, SUMMARY_PATTERN, 4, trim, name, "summary");
                if (INIT_PY_FILTER.accept(file)) {
                    gatherEvidence |= addSummaryInfo(dependency, MODULE_DOCSTRING, 2, trim, name, "docstring");
                }
                boolean gatherEvidence2 = gatherEvidence | gatherEvidence(TITLE_PATTERN, trim, name, dependency.getProductEvidence(), "SourceTitle", Confidence.LOW);
                EvidenceCollection vendorEvidence = dependency.getVendorEvidence();
                z = gatherEvidence2 | gatherEvidence(AUTHOR_PATTERN, trim, name, vendorEvidence, "SourceAuthor", Confidence.MEDIUM) | gatherHomePageEvidence(URI_PATTERN, vendorEvidence, name, "URL", trim) | gatherHomePageEvidence(HOMEPAGE_PATTERN, vendorEvidence, name, "HomePage", trim);
            }
            return z;
        } catch (IOException e) {
            throw new AnalysisException("Problem occurred while reading dependency file.", e);
        }
    }

    private boolean addSummaryInfo(Dependency dependency, Pattern pattern, int i, String str, String str2, String str3) {
        Matcher matcher = pattern.matcher(str);
        boolean find = matcher.find();
        if (find) {
            JarAnalyzer.addDescription(dependency, matcher.group(i), str2, str3);
        }
        return find;
    }

    private boolean gatherHomePageEvidence(Pattern pattern, EvidenceCollection evidenceCollection, String str, String str2, String str3) {
        Matcher matcher = pattern.matcher(str3);
        boolean z = false;
        if (matcher.find()) {
            String group = matcher.group(4);
            if (UrlStringUtils.isUrl(group)) {
                z = true;
                evidenceCollection.addEvidence(str, str2, group, Confidence.MEDIUM);
            }
        }
        return z;
    }

    private boolean gatherEvidence(Pattern pattern, String str, String str2, EvidenceCollection evidenceCollection, String str3, Confidence confidence) {
        Matcher matcher = pattern.matcher(str);
        boolean find = matcher.find();
        if (find) {
            evidenceCollection.addEvidence(str2, str3, matcher.group(4), confidence);
        }
        return find;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return Settings.KEYS.ANALYZER_PYTHON_PACKAGE_ENABLED;
    }
}
