package org.owasp.dependencycheck.analyzer;

import java.io.File;
import java.io.FileFilter;
import java.io.IOException;
import java.util.Map;
import javax.json.Json;
import javax.json.JsonException;
import javax.json.JsonObject;
import javax.json.JsonReader;
import javax.json.JsonString;
import javax.json.JsonValue;
import org.apache.commons.io.FileUtils;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.EvidenceCollection;
import org.owasp.dependencycheck.exception.InitializationException;
import org.owasp.dependencycheck.utils.FileFilterBuilder;
import org.owasp.dependencycheck.xml.pom.PomHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Experimental
/* loaded from: input_file:org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.class */
public class NodePackageAnalyzer extends AbstractFileTypeAnalyzer {
    private static final String ANALYZER_NAME = "Node.js Package Analyzer";
    private static final Logger LOGGER = LoggerFactory.getLogger(NodePackageAnalyzer.class);
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INFORMATION_COLLECTION;
    public static final String PACKAGE_JSON = "package.json";
    private static final FileFilter PACKAGE_JSON_FILTER = FileFilterBuilder.newInstance().addFilenames(PACKAGE_JSON).build();

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected FileFilter getFileFilter() {
        return PACKAGE_JSON_FILTER;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void initializeFileTypeAnalyzer() throws InitializationException {
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return "analyzer.node.package.enabled";
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
        File actualFile = dependency.getActualFile();
        try {
            JsonReader createReader = Json.createReader(FileUtils.openInputStream(actualFile));
            Throwable th = null;
            try {
                try {
                    JsonObject readObject = createReader.readObject();
                    EvidenceCollection productEvidence = dependency.getProductEvidence();
                    EvidenceCollection vendorEvidence = dependency.getVendorEvidence();
                    if (readObject.containsKey(PomHandler.NAME)) {
                        Object obj = readObject.get(PomHandler.NAME);
                        if (obj instanceof JsonString) {
                            String string = ((JsonString) obj).getString();
                            productEvidence.addEvidence(PACKAGE_JSON, PomHandler.NAME, string, Confidence.HIGHEST);
                            vendorEvidence.addEvidence(PACKAGE_JSON, "name_project", String.format("%s_project", string), Confidence.LOW);
                        } else {
                            LOGGER.warn("JSON value not string as expected: {}", obj);
                        }
                    }
                    addToEvidence(readObject, productEvidence, PomHandler.DESCRIPTION);
                    addToEvidence(readObject, vendorEvidence, "author");
                    addToEvidence(readObject, dependency.getVersionEvidence(), "version");
                    dependency.setDisplayFileName(String.format("%s/%s", actualFile.getParentFile().getName(), actualFile.getName()));
                    if (createReader != null) {
                        if (0 != 0) {
                            try {
                                createReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            createReader.close();
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } catch (Throwable th4) {
                if (createReader != null) {
                    if (th != null) {
                        try {
                            createReader.close();
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                        }
                    } else {
                        createReader.close();
                    }
                }
                throw th4;
            }
        } catch (IOException e) {
            throw new AnalysisException("Problem occurred while reading dependency file.", e);
        } catch (JsonException e2) {
            LOGGER.warn("Failed to parse package.json file.", e2);
        }
    }

    private void addToEvidence(JsonObject jsonObject, EvidenceCollection evidenceCollection, String str) {
        if (jsonObject.containsKey(str)) {
            JsonString jsonString = (JsonValue) jsonObject.get(str);
            if (jsonString instanceof JsonString) {
                evidenceCollection.addEvidence(PACKAGE_JSON, str, jsonString.getString(), Confidence.HIGHEST);
                return;
            }
            if (!(jsonString instanceof JsonObject)) {
                LOGGER.warn("JSON value not string or JSON object as expected: {}", jsonString);
                return;
            }
            for (Map.Entry entry : ((JsonObject) jsonString).entrySet()) {
                String str2 = (String) entry.getKey();
                JsonString jsonString2 = (JsonValue) entry.getValue();
                if (jsonString2 instanceof JsonString) {
                    evidenceCollection.addEvidence(PACKAGE_JSON, String.format("%s.%s", str, str2), jsonString2.getString(), Confidence.HIGHEST);
                } else {
                    LOGGER.warn("JSON sub-value not string as expected: {}", jsonString2);
                }
            }
        }
    }
}
