package com.sourceclear.util.io;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.databind.JsonSerializer;
import com.fasterxml.jackson.databind.SerializerProvider;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import com.google.common.base.Strings;
import com.sourceclear.api.data.HATEOASApiModel;
import com.sourceclear.api.data.artifact.LibraryArtifactApiModel;
import com.sourceclear.api.data.artifact.LibraryMatchWithArtifactsApiModel;
import com.sourceclear.api.data.evidence.LibraryInstanceModel;
import com.sourceclear.api.data.evidence.LibraryModel;
import com.sourceclear.util.fingerprints.VersionMatcher;
import com.srcclr.sdk.CoordinateType;
import com.srcclr.sdk.LanguageType;
import com.srcclr.sdk.Library;
import com.srcclr.sdk.LibraryGraph;
import com.srcclr.sdk.LibraryLicense;
import com.srcclr.sdk.LibraryVersion;
import com.srcclr.sdk.Link;
import com.srcclr.sdk.Record;
import com.srcclr.sdk.RecordMetadata;
import com.srcclr.sdk.RecordType;
import com.srcclr.sdk.Report;
import com.srcclr.sdk.ReportMetadata;
import com.srcclr.sdk.Vulnerability;
import com.srcclr.sdk.VulnerabilityLibrary;
import com.srcclr.sdk.VulnerabilityLibraryDetails;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.TreeMap;
import java.util.TreeSet;
import java.util.function.Function;
import java.util.stream.Collectors;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.commons.lang3.EnumUtils;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;

/* loaded from: input_file:com/sourceclear/util/io/SdkReportComposer.class */
public class SdkReportComposer {
    private static final VersionMatcher versionMatcher = new VersionMatcher();
    private static final Comparator<LibraryInstanceModel> releaseDateComparator = Comparator.comparing((v0) -> {
        return v0.getReleaseDate();
    }, Comparator.nullsLast(Comparator.naturalOrder())).thenComparing((v0) -> {
        return v0.getId();
    }).reversed();
    private final Function<Long, String> libraryUrlGenerator;
    private final Function<Long, String> artifactUrlGenerator;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/sourceclear/util/io/SdkReportComposer$ComponentAndVersion.class */
    public static class ComponentAndVersion {
        private final long componentId;
        private final String version;

        ComponentAndVersion(long j, String str) {
            this.componentId = j;
            this.version = str;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            ComponentAndVersion componentAndVersion = (ComponentAndVersion) obj;
            return this.componentId == componentAndVersion.componentId && Objects.equals(this.version, componentAndVersion.version);
        }

        public int hashCode() {
            return Objects.hash(Long.valueOf(this.componentId), this.version);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/sourceclear/util/io/SdkReportComposer$HashInstance.class */
    public static class HashInstance implements Comparable<HashInstance> {
        private final LibraryInstanceModel instance;

        HashInstance(LibraryInstanceModel libraryInstanceModel) {
            this.instance = libraryInstanceModel;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            return Objects.equals(this.instance.getId(), ((HashInstance) obj).instance.getId());
        }

        public int hashCode() {
            return Objects.hash(this.instance.getId());
        }

        @Override // java.lang.Comparable
        public int compareTo(@Nonnull HashInstance hashInstance) {
            return SdkReportComposer.releaseDateComparator.compare(this.instance, hashInstance.instance);
        }

        LibraryInstanceModel instance() {
            return this.instance;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/sourceclear/util/io/SdkReportComposer$HashLibrary.class */
    public static class HashLibrary implements Comparable<HashLibrary> {
        private final LibraryModel libraryModel;

        HashLibrary(LibraryModel libraryModel) {
            this.libraryModel = libraryModel;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            return Objects.equals(this.libraryModel.getId(), ((HashLibrary) obj).libraryModel.getId());
        }

        public int hashCode() {
            return Objects.hash(this.libraryModel.getId());
        }

        @Override // java.lang.Comparable
        public int compareTo(@Nonnull HashLibrary hashLibrary) {
            return String.format("%s-%d", this.libraryModel.getName(), this.libraryModel.getId()).compareToIgnoreCase(String.format("%s-%d", hashLibrary.libraryModel.getName(), hashLibrary.libraryModel.getId()));
        }
    }

    /* loaded from: input_file:com/sourceclear/util/io/SdkReportComposer$MappedLinksMixIn.class */
    public interface MappedLinksMixIn {
        @JsonProperty("_links")
        @JsonSerialize(using = MappedLinksSerializer.class)
        Collection<Link> getLinks();
    }

    /* loaded from: input_file:com/sourceclear/util/io/SdkReportComposer$MappedLinksSerializer.class */
    private static class MappedLinksSerializer extends JsonSerializer<Collection<Link>> {
        private MappedLinksSerializer() {
        }

        public void serialize(Collection<Link> collection, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException {
            TreeMap treeMap = new TreeMap();
            for (Link link : collection) {
                String rel = link.getRel();
                String href = link.getHref();
                if (StringUtils.isNotBlank(rel) && StringUtils.isNotBlank(href)) {
                    treeMap.put(rel, href);
                }
            }
            jsonGenerator.writeObject(treeMap);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/sourceclear/util/io/SdkReportComposer$MatchList.class */
    public class MatchList {
        private final Map<HashLibrary, Set<HashInstance>> map;
        private LinkedHashMap<Long, Library> libraryMap;
        private Map<ComponentAndVersion, int[]> instanceRefIndexes;
        private final Map<String, LibraryInstanceModel> libraryInstanceRefs;

        private MatchList() {
            this.map = new TreeMap();
            this.libraryInstanceRefs = new HashMap();
        }

        void add(LibraryModel libraryModel, LibraryInstanceModel libraryInstanceModel) {
            if (this.libraryMap != null) {
                throw new IllegalStateException("cannot add new matches after internal data structures already built");
            }
            this.map.computeIfAbsent(new HashLibrary(libraryModel), hashLibrary -> {
                return new TreeSet();
            }).add(new HashInstance(libraryInstanceModel));
            this.libraryInstanceRefs.put(libraryInstanceModel.getCoordVersionHash(), libraryInstanceModel);
        }

        @Nullable
        int[] find(ComponentAndVersion componentAndVersion) {
            build();
            return this.instanceRefIndexes.get(componentAndVersion);
        }

        Collection<Library> build() {
            if (this.libraryMap == null) {
                this.libraryMap = new LinkedHashMap<>();
                this.instanceRefIndexes = new HashMap();
                HashMap hashMap = new HashMap();
                int[] iArr = new int[2];
                this.map.forEach((hashLibrary, set) -> {
                    LibraryModel libraryModel = hashLibrary.libraryModel;
                    String str = (String) SdkReportComposer.this.libraryUrlGenerator.apply(libraryModel.getId());
                    iArr[1] = 0;
                    ArrayList arrayList = new ArrayList(set.size());
                    set.stream().map((v0) -> {
                        return v0.instance();
                    }).forEach(libraryInstanceModel -> {
                        hashMap.computeIfAbsent(libraryModel.getId(), l -> {
                            return libraryInstanceModel;
                        });
                        arrayList.add(new LibraryVersion.Builder().withVersion(libraryInstanceModel.getLibraryVersion()).withPlatform(libraryInstanceModel.getPlatform()).withBytecodeHash(libraryInstanceModel.getBytecodeHash()).withSha1(libraryInstanceModel.getSha1()).withSha2(libraryInstanceModel.getSha2()).withReleaseDate(libraryInstanceModel.getReleaseDate()).withLicenses((List) libraryInstanceModel.getLicenseInfoModels().stream().map(licenseInfoModel -> {
                            return new LibraryLicense.Builder().withName(licenseInfoModel.getName().toString()).withLicense(licenseInfoModel.getLicense()).withFromParentPom(Boolean.valueOf(licenseInfoModel.getGroupId() != null)).build();
                        }).sorted(Comparator.comparing((v0) -> {
                            return v0.getName();
                        }, String.CASE_INSENSITIVE_ORDER)).collect(Collectors.toList())).withLinks(Collections.singletonList(new Link(HATEOASApiModel.REL_REPO_HTML, String.format("%s?version=%s", str, libraryInstanceModel.getLibraryVersion())))).build());
                        this.instanceRefIndexes.put(new ComponentAndVersion(libraryModel.getId().longValue(), libraryInstanceModel.getLibraryVersion()), new int[]{iArr[0], iArr[1]});
                        iArr[1] = iArr[1] + 1;
                    });
                    LibraryInstanceModel libraryInstanceModel2 = (LibraryInstanceModel) hashMap.get(libraryModel.getId());
                    this.libraryMap.put(libraryModel.getId(), new Library.Builder().withName(libraryModel.getName()).withLanguage(EnumUtils.getEnum(LanguageType.class, libraryModel.getLanguageType())).withCoordinateType(EnumUtils.getEnum(CoordinateType.class, libraryModel.getCoordinateType())).withCoordinate1(libraryModel.getCoordinate1()).withCoordinate2(libraryModel.getCoordinate2()).withAuthor(libraryModel.getAuthor()).withAuthorUrl(libraryModel.getAuthorUrl()).withBugTrackerUrl(libraryModel.getBugTrackerUrl()).withCodeRepoType(libraryModel.getCodeRepoType()).withCodeRepoUrl(libraryModel.getCodeRepoUrl()).withLatestRelease(libraryInstanceModel2.getLibraryVersion()).withLatestReleaseDate(libraryInstanceModel2.getReleaseDate()).withDescription(libraryModel.getDescription()).withVersions(arrayList).withLinks(Collections.singletonList(new Link(HATEOASApiModel.REL_REPO_HTML, str))).build());
                    iArr[0] = iArr[0] + 1;
                });
            }
            return this.libraryMap.values();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/sourceclear/util/io/SdkReportComposer$SortableVulnLibrary.class */
    public static class SortableVulnLibrary implements Comparable<SortableVulnLibrary> {
        private final VulnerabilityLibrary vulnerabilityLibrary;
        private final int libraryIdx;
        private final int versionIdx;

        SortableVulnLibrary(VulnerabilityLibrary vulnerabilityLibrary, int i, int i2) {
            this.vulnerabilityLibrary = vulnerabilityLibrary;
            this.libraryIdx = i;
            this.versionIdx = i2;
        }

        @Override // java.lang.Comparable
        public int compareTo(@Nonnull SortableVulnLibrary sortableVulnLibrary) {
            return Comparator.comparingInt(sortableVulnLibrary2 -> {
                return sortableVulnLibrary2.libraryIdx;
            }).thenComparingInt(sortableVulnLibrary3 -> {
                return sortableVulnLibrary3.versionIdx;
            }).compare(this, sortableVulnLibrary);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            SortableVulnLibrary sortableVulnLibrary = (SortableVulnLibrary) obj;
            return this.libraryIdx == sortableVulnLibrary.libraryIdx && this.versionIdx == sortableVulnLibrary.versionIdx;
        }

        public int hashCode() {
            return Objects.hash(Integer.valueOf(this.libraryIdx), Integer.valueOf(this.versionIdx));
        }
    }

    @Nullable
    private static LibraryInstanceModel getMatchingLibraryInstance(LibraryModel libraryModel) {
        return libraryModel.getInstances().stream().findFirst().orElse(null);
    }

    @Nullable
    private static String getArtifactCVE(LibraryArtifactApiModel libraryArtifactApiModel) {
        String cveYear = libraryArtifactApiModel.getCveYear();
        String cveDigits = libraryArtifactApiModel.getCveDigits();
        if (Strings.isNullOrEmpty(cveYear) || Strings.isNullOrEmpty(cveDigits)) {
            return null;
        }
        return String.format("%s-%s", cveYear, cveDigits);
    }

    public SdkReportComposer(Function<Long, String> function, Function<Long, String> function2) {
        this.libraryUrlGenerator = function;
        this.artifactUrlGenerator = function2;
    }

    public Report createSDKReportFromLibrarianMatch(Collection<LibraryMatchWithArtifactsApiModel> collection, Collection<LibraryGraph> collection2, @Nonnull RecordType recordType) {
        Record.Builder withGraphs = new Record.Builder().withGraphs(collection2);
        withGraphs.withMetadata(new RecordMetadata.Builder().withRecordType(recordType).build());
        TreeMap treeMap = new TreeMap(Comparator.comparing((v0) -> {
            return v0.getId();
        }));
        MatchList matchList = new MatchList();
        for (LibraryMatchWithArtifactsApiModel libraryMatchWithArtifactsApiModel : collection) {
            Pair<LibraryModel, LibraryInstanceModel> librarianMatchData = getLibrarianMatchData(libraryMatchWithArtifactsApiModel);
            if (librarianMatchData != null) {
                LibraryModel libraryModel = (LibraryModel) librarianMatchData.getLeft();
                libraryModel.getInstances().stream().findFirst().ifPresent(libraryInstanceModel -> {
                    matchList.add(libraryModel, libraryInstanceModel);
                    libraryMatchWithArtifactsApiModel.getArtifacts().forEach(libraryArtifactApiModel -> {
                        ((Collection) treeMap.computeIfAbsent(libraryArtifactApiModel, libraryArtifactApiModel -> {
                            return new HashSet();
                        })).add(new ComponentAndVersion(libraryModel.getId().longValue(), libraryInstanceModel.getLibraryVersion()));
                    });
                });
            }
        }
        withGraphs.withLibraries(matchList.build());
        addVulnsToRecord(withGraphs, matchList, treeMap);
        return createSingleRecordReport(withGraphs.build());
    }

    @Nullable
    private Pair<LibraryModel, LibraryInstanceModel> getLibrarianMatchData(LibraryMatchWithArtifactsApiModel libraryMatchWithArtifactsApiModel) {
        LibraryInstanceModel matchingLibraryInstance;
        LibraryModel component = libraryMatchWithArtifactsApiModel.getComponent();
        if (component == null || (matchingLibraryInstance = getMatchingLibraryInstance(component)) == null) {
            return null;
        }
        return Pair.of(component, matchingLibraryInstance);
    }

    private void addVulnsToRecord(Record.Builder builder, MatchList matchList, Map<LibraryArtifactApiModel, Collection<ComponentAndVersion>> map) {
        ArrayList arrayList = new ArrayList();
        map.forEach((libraryArtifactApiModel, collection) -> {
            ArrayList arrayList2 = new ArrayList();
            collection.forEach(componentAndVersion -> {
                long j = componentAndVersion.componentId;
                String str = componentAndVersion.version;
                libraryArtifactApiModel.getArtifactComponents().stream().filter(artifactComponent -> {
                    return artifactComponent.getComponentId().longValue() == j;
                }).flatMap(artifactComponent2 -> {
                    return artifactComponent2.getVersionRanges().stream();
                }).filter(versionRange -> {
                    return versionMatcher.matches(versionRange.getVersionRange(), str);
                }).findFirst().ifPresent(versionRange2 -> {
                    int[] find = matchList.find(componentAndVersion);
                    if (find == null) {
                        return;
                    }
                    int i = find[0];
                    int i2 = find[1];
                    arrayList2.add(new SortableVulnLibrary(new VulnerabilityLibrary.Builder().withDetails(Collections.singletonList(new VulnerabilityLibraryDetails.Builder().withFixText(versionRange2.getFixText()).withVersionRange(versionRange2.getVersionRange()).withUpdateToVersion(versionRange2.getUpdateToVersion()).withPatch(versionRange2.getPatch()).build())).withLinks(Collections.singletonList(new Link("ref", String.format("/records/0/libraries/%d/versions/%d", Integer.valueOf(i), Integer.valueOf(i2))))).build(), i, i2));
                });
            });
            TreeSet treeSet = new TreeSet(libraryArtifactApiModel.getVulnerabilityTypes());
            String artifactCVE = getArtifactCVE(libraryArtifactApiModel);
            Float f = (Float) ObjectUtils.firstNonNull(new Float[]{libraryArtifactApiModel.getNvdCvssScore(), libraryArtifactApiModel.getSrcclrCvssScore()});
            arrayList.add(new Vulnerability.Builder().withTitle(libraryArtifactApiModel.getTitle()).withOverview(libraryArtifactApiModel.getOverview()).withCve(artifactCVE).withCvssScore(f).withLanguage(EnumUtils.getEnum(LanguageType.class, StringUtils.upperCase(libraryArtifactApiModel.getLanguage()))).withOverview(libraryArtifactApiModel.getOverview()).withHasExploits(libraryArtifactApiModel.getHasExploits()).withDisclosureDate(libraryArtifactApiModel.getDisclosureDate()).withVulnerabilityTypes(treeSet).withLinks(Collections.singletonList(new Link(HATEOASApiModel.REL_REPO_HTML, this.artifactUrlGenerator.apply(libraryArtifactApiModel.getId())))).withLibraries((List) arrayList2.stream().sorted().map(sortableVulnLibrary -> {
                return sortableVulnLibrary.vulnerabilityLibrary;
            }).collect(Collectors.toList())).build());
        });
        builder.withVulnerabilities(arrayList);
    }

    private Report createSingleRecordReport(Record record) {
        return new Report.Builder().withMetadata(new ReportMetadata.Builder().withRequestDate(new Date()).build()).withRecords(Collections.singletonList(record)).build();
    }
}
