package org.owasp.dependencycheck.data.nexus;

import jakarta.json.Json;
import jakarta.json.JsonArray;
import jakarta.json.JsonObject;
import jakarta.json.JsonReader;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StringReader;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import javax.annotation.concurrent.ThreadSafe;
import org.apache.hc.client5.http.HttpResponseException;
import org.apache.hc.client5.http.impl.classic.AbstractHttpClientResponseHandler;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.core5.http.ContentType;
import org.apache.hc.core5.http.HttpEntity;
import org.apache.hc.core5.http.message.BasicHeader;
import org.jetbrains.annotations.Nullable;
import org.owasp.dependencycheck.utils.DownloadFailedException;
import org.owasp.dependencycheck.utils.Downloader;
import org.owasp.dependencycheck.utils.ForbiddenException;
import org.owasp.dependencycheck.utils.ResourceNotFoundException;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.TooManyRequestsException;
import org.owasp.dependencycheck.xml.pom.PomHandler;
import org.owasp.dependencycheck.xml.suppression.SuppressionHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ThreadSafe
/* loaded from: input_file:org/owasp/dependencycheck/data/nexus/NexusV3Search.class */
public class NexusV3Search implements NexusSearch {
    private final Set<String> acceptedClassifiers = new HashSet();
    private final URL rootURL;
    private final boolean useProxy;
    private final Settings settings;
    private static final Logger LOGGER = LoggerFactory.getLogger(NexusV3Search.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/owasp/dependencycheck/data/nexus/NexusV3Search$NexusV3SearchResponseHandler.class */
    public static final class NexusV3SearchResponseHandler extends AbstractHttpClientResponseHandler<String> {
        private final List<MavenArtifact> matchingArtifacts;
        private final String sha1;
        private final Set<String> acceptedClassifiers;

        private NexusV3SearchResponseHandler(List<MavenArtifact> list, String str, Set<String> set) {
            this.matchingArtifacts = list;
            this.sha1 = str;
            this.acceptedClassifiers = set;
        }

        @Nullable
        /* renamed from: handleEntity, reason: merged with bridge method [inline-methods] */
        public String m80handleEntity(HttpEntity httpEntity) throws IOException {
            InputStream content = httpEntity.getContent();
            try {
                InputStreamReader inputStreamReader = new InputStreamReader(content, StandardCharsets.UTF_8);
                try {
                    BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
                    try {
                        String str = (String) bufferedReader.lines().collect(Collectors.joining("\n"));
                        NexusV3Search.LOGGER.debug("JSON String was >>>{}<<<", str);
                        StringReader stringReader = new StringReader(str);
                        try {
                            JsonReader createReader = Json.createReader(stringReader);
                            try {
                                JsonObject readObject = createReader.readObject();
                                if (createReader != null) {
                                    createReader.close();
                                }
                                stringReader.close();
                                NexusV3Search.LOGGER.debug("Response: {}", readObject);
                                JsonArray jsonArray = readObject.getJsonArray("items");
                                NexusV3Search.LOGGER.debug("Items: {}", jsonArray);
                                String string = readObject.getString("continuationToken", (String) null);
                                boolean z = false;
                                for (int i = 0; i < jsonArray.size() && !z; i++) {
                                    boolean z2 = false;
                                    boolean z3 = false;
                                    String str2 = null;
                                    String str3 = null;
                                    String str4 = null;
                                    String str5 = null;
                                    String str6 = null;
                                    JsonObject jsonObject = jsonArray.getJsonObject(i);
                                    if ("maven2".equals(jsonObject.getString("format", "unknown"))) {
                                        NexusV3Search.LOGGER.debug("Checking Maven2 artifact for {}", jsonObject);
                                        JsonArray jsonArray2 = jsonObject.getJsonArray("assets");
                                        for (int i2 = 0; !z && i2 < jsonArray2.size(); i2++) {
                                            JsonObject jsonObject2 = jsonArray2.getJsonObject(i2);
                                            NexusV3Search.LOGGER.debug("Checking {}", jsonObject2);
                                            JsonObject jsonObject3 = jsonObject2.getJsonObject("checksum");
                                            JsonObject jsonObject4 = jsonObject2.getJsonObject("maven2");
                                            if (jsonObject4 != null) {
                                                boolean z4 = jsonObject3 != null && this.sha1.equals(jsonObject3.getString(SuppressionHandler.SHA1, (String) null));
                                                boolean contains = this.acceptedClassifiers.contains(jsonObject4.getString("classifier", (String) null));
                                                boolean equals = "jar".equals(jsonObject4.getString("extension", (String) null));
                                                NexusV3Search.LOGGER.debug("shaMatch {}", Boolean.valueOf(z4));
                                                NexusV3Search.LOGGER.debug("hasAcceptedClassifier {}", Boolean.valueOf(contains));
                                                NexusV3Search.LOGGER.debug("isAJar {}", Boolean.valueOf(equals));
                                                if (equals && contains && z4) {
                                                    str2 = jsonObject2.getString("downloadUrl");
                                                    str3 = jsonObject4.getString(PomHandler.GROUPID);
                                                    str4 = jsonObject4.getString(PomHandler.ARTIFACTID);
                                                    str5 = jsonObject4.getString("version");
                                                    z2 = true;
                                                } else if ("pom".equals(jsonObject4.getString("extension"))) {
                                                    NexusV3Search.LOGGER.debug("pom found {}", jsonObject2);
                                                    z3 = true;
                                                    str6 = jsonObject2.getString("downloadUrl");
                                                }
                                            }
                                            if (z3 && z2) {
                                                z = true;
                                            }
                                        }
                                        if (z) {
                                            this.matchingArtifacts.add(new MavenArtifact(str3, str4, str5, str2, str6));
                                        } else if (z2) {
                                            MavenArtifact mavenArtifact = new MavenArtifact(str3, str4, str5, str2);
                                            mavenArtifact.setPomUrl(MavenArtifact.derivePomUrl(str4, str5, str2));
                                            this.matchingArtifacts.add(mavenArtifact);
                                            z = true;
                                        }
                                    }
                                }
                                bufferedReader.close();
                                inputStreamReader.close();
                                if (content != null) {
                                    content.close();
                                }
                                return string;
                            } catch (Throwable th) {
                                if (createReader != null) {
                                    try {
                                        createReader.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                }
                                throw th;
                            }
                        } catch (Throwable th3) {
                            try {
                                stringReader.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                            throw th3;
                        }
                    } catch (Throwable th5) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th6) {
                            th5.addSuppressed(th6);
                        }
                        throw th5;
                    }
                } finally {
                }
            } catch (Throwable th7) {
                if (content != null) {
                    try {
                        content.close();
                    } catch (Throwable th8) {
                        th7.addSuppressed(th8);
                    }
                }
                throw th7;
            }
        }
    }

    public NexusV3Search(Settings settings, boolean z) throws MalformedURLException {
        this.settings = settings;
        this.useProxy = z;
        this.acceptedClassifiers.add(null);
        String string = settings.getString("analyzer.nexus.url");
        LOGGER.debug("Nexus Search URL: {}", string);
        this.rootURL = new URL(string);
    }

    @Override // org.owasp.dependencycheck.data.nexus.NexusSearch
    public MavenArtifact searchSha1(String str) throws IOException {
        if (null == str || !str.matches("^[0-9A-Fa-f]{40}$")) {
            throw new IllegalArgumentException("Invalid SHA1 format");
        }
        ArrayList arrayList = new ArrayList(1);
        CloseableHttpClient httpClient = Downloader.getInstance().getHttpClient(this.useProxy);
        try {
            String retrievePageAndAddMatchingArtifact = retrievePageAndAddMatchingArtifact(httpClient, arrayList, str, null);
            while (retrievePageAndAddMatchingArtifact != null) {
                if (!arrayList.isEmpty()) {
                    break;
                }
                retrievePageAndAddMatchingArtifact = retrievePageAndAddMatchingArtifact(httpClient, arrayList, str, retrievePageAndAddMatchingArtifact);
            }
            if (httpClient != null) {
                httpClient.close();
            }
            if (arrayList.isEmpty()) {
                throw new FileNotFoundException("Artifact not found in Nexus");
            }
            return arrayList.get(0);
        } catch (Throwable th) {
            if (httpClient != null) {
                try {
                    httpClient.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private String retrievePageAndAddMatchingArtifact(CloseableHttpClient closeableHttpClient, List<MavenArtifact> list, String str, @Nullable String str2) throws IOException {
        LOGGER.debug("Search with continuation token {}", str2);
        URL url = str2 == null ? new URL(this.rootURL, String.format("v1/search/?sha1=%s", str.toLowerCase())) : new URL(this.rootURL, String.format("v1/search/?sha1=%s&continuationToken=%s", str.toLowerCase(), str2));
        LOGGER.debug("Searching Nexus url {}", url);
        try {
            return (String) Downloader.getInstance().fetchAndHandle(closeableHttpClient, url, new NexusV3SearchResponseHandler(list, str, this.acceptedClassifiers), List.of(new BasicHeader("Accept", ContentType.APPLICATION_JSON)));
        } catch (TooManyRequestsException | ResourceNotFoundException | DownloadFailedException | ForbiddenException e) {
            if (LOGGER.isDebugEnabled()) {
                int i = -1;
                String str3 = "";
                if (e.getCause() instanceof HttpResponseException) {
                    HttpResponseException cause = e.getCause();
                    i = cause.getStatusCode();
                    str3 = cause.getReasonPhrase();
                }
                LOGGER.debug("Could not connect to Nexus received response code: {} {}", Integer.valueOf(i), str3);
            }
            throw new IOException("Could not connect to Nexus", e);
        }
    }

    @Override // org.owasp.dependencycheck.data.nexus.NexusSearch
    public boolean preflightRequest() {
        try {
            String fetchContent = Downloader.getInstance().fetchContent(new URL(this.rootURL, "v1/status"), this.useProxy, StandardCharsets.UTF_8);
            if (fetchContent != null && fetchContent.isEmpty()) {
                return true;
            }
            LOGGER.warn("Expected empty OK response (content-length 0), got {}", fetchContent == null ? "null" : Integer.valueOf(fetchContent.length()));
            return false;
        } catch (IOException | TooManyRequestsException | ResourceNotFoundException e) {
            LOGGER.warn("Pre-flight request to Nexus failed: ", e);
            return false;
        }
    }
}
