package com.google.tsunami.workflow;

import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Lists;
import com.google.common.flogger.GoogleLogger;
import com.google.common.util.concurrent.FluentFuture;
import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.MoreExecutors;
import com.google.protobuf.util.Durations;
import com.google.protobuf.util.Timestamps;
import com.google.tsunami.common.TsunamiException;
import com.google.tsunami.common.time.UtcClock;
import com.google.tsunami.plugin.PluginExecutionException;
import com.google.tsunami.plugin.PluginExecutionResult;
import com.google.tsunami.plugin.PluginExecutor;
import com.google.tsunami.plugin.PluginManager;
import com.google.tsunami.plugin.ServiceFingerprinter;
import com.google.tsunami.plugin.VulnDetector;
import com.google.tsunami.proto.DetectionReportList;
import com.google.tsunami.proto.DetectionStatus;
import com.google.tsunami.proto.FingerprintingReport;
import com.google.tsunami.proto.FullDetectionReports;
import com.google.tsunami.proto.NetworkService;
import com.google.tsunami.proto.PortScanningReport;
import com.google.tsunami.proto.ReconnaissanceReport;
import com.google.tsunami.proto.ScanFinding;
import com.google.tsunami.proto.ScanResults;
import com.google.tsunami.proto.ScanStatus;
import com.google.tsunami.proto.ScanTarget;
import com.google.tsunami.proto.TargetInfo;
import java.time.Clock;
import java.time.Duration;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Optional;
import java.util.concurrent.ExecutionException;
import javax.inject.Inject;
import javax.inject.Provider;

/* loaded from: input_file:com/google/tsunami/workflow/DefaultScanningWorkflow.class */
public final class DefaultScanningWorkflow {
    private static final GoogleLogger logger = GoogleLogger.forEnclosingClass();
    private final PluginManager pluginManager;
    private final Clock clock;
    private final Provider<PluginExecutor> pluginExecutorProvider;
    private Instant scanStartTimestamp;
    private ExecutionTracer executionTracer;

    @Inject
    public DefaultScanningWorkflow(PluginManager pluginManager, @UtcClock Clock clock, Provider<PluginExecutor> provider) {
        this.pluginManager = (PluginManager) Preconditions.checkNotNull(pluginManager);
        this.clock = (Clock) Preconditions.checkNotNull(clock);
        this.pluginExecutorProvider = (Provider) Preconditions.checkNotNull(provider);
    }

    public ExecutionTracer getExecutionTracer() {
        return this.executionTracer;
    }

    public ScanResults run(ScanTarget scanTarget) throws ExecutionException, InterruptedException {
        return (ScanResults) runAsync(scanTarget).get();
    }

    public ListenableFuture<ScanResults> runAsync(ScanTarget scanTarget) {
        Preconditions.checkNotNull(scanTarget);
        this.scanStartTimestamp = Instant.now(this.clock);
        this.executionTracer = ExecutionTracer.startWorkflow();
        logger.atInfo().log("Staring Tsunami scanning workflow.");
        return FluentFuture.from(scanPorts(scanTarget)).transformAsync(this::fingerprintNetworkServices, MoreExecutors.directExecutor()).transformAsync(this::detectVulnerabilities, MoreExecutors.directExecutor()).transform(scanResults -> {
            logger.atInfo().log("%s", this.executionTracer.buildLoggableExecutionTrace(scanResults));
            return scanResults;
        }, MoreExecutors.directExecutor()).catching(PluginExecutionException.class, (v1) -> {
            return onExecutionError(v1);
        }, MoreExecutors.directExecutor()).catching(ScanningWorkflowException.class, (v1) -> {
            return onExecutionError(v1);
        }, MoreExecutors.directExecutor());
    }

    private ScanResults onExecutionError(TsunamiException tsunamiException) {
        logger.atSevere().withCause(tsunamiException).log("Tsunami scan failed, aborting workflow!!!");
        return buildScanResultForFailure(tsunamiException);
    }

    private ListenableFuture<PortScanningReport> scanPorts(ScanTarget scanTarget) throws ScanningWorkflowException {
        Optional portScanner = this.pluginManager.getPortScanner();
        if (!portScanner.isPresent()) {
            return Futures.immediateFailedFuture(new ScanningWorkflowException("At least one PortScanner plugin is required"));
        }
        PluginExecutor.PluginExecutorConfig build = PluginExecutor.PluginExecutorConfig.builder().setMatchedPlugin((PluginManager.PluginMatchingResult) portScanner.get()).setPluginExecutionLogic(() -> {
            return ((PluginManager.PluginMatchingResult) portScanner.get()).tsunamiPlugin().scan(scanTarget);
        }).build();
        this.executionTracer.startPortScanning(ImmutableList.of((PluginManager.PluginMatchingResult) portScanner.get()));
        logger.atInfo().log("Starting port scanning phase of the scanning workflow.");
        return FluentFuture.from(((PluginExecutor) this.pluginExecutorProvider.get()).executeAsync(build)).transformAsync(pluginExecutionResult -> {
            return pluginExecutionResult.isSucceeded() ? Futures.immediateFuture((PortScanningReport) pluginExecutionResult.resultData().get()) : Futures.immediateFailedFuture((Throwable) pluginExecutionResult.exception().get());
        }, MoreExecutors.directExecutor());
    }

    private ListenableFuture<ReconnaissanceReport> fingerprintNetworkServices(PortScanningReport portScanningReport) {
        Preconditions.checkNotNull(portScanningReport);
        TargetInfo targetInfo = portScanningReport.getTargetInfo();
        ArrayList newArrayList = Lists.newArrayList();
        ArrayList newArrayList2 = Lists.newArrayList();
        for (NetworkService networkService : portScanningReport.getNetworkServicesList()) {
            Optional serviceFingerprinter = this.pluginManager.getServiceFingerprinter(networkService);
            if (serviceFingerprinter.isPresent()) {
                newArrayList.add((PluginManager.PluginMatchingResult) serviceFingerprinter.get());
            } else {
                newArrayList2.add(networkService);
            }
        }
        this.executionTracer.startServiceFingerprinting(ImmutableList.copyOf(newArrayList));
        logger.atInfo().log("Port scanning phase done, moving to service fingerprinting phase with '%d' fingerprinter(s) selected.", newArrayList.size());
        return FluentFuture.from(Futures.successfulAsList((ImmutableList) newArrayList.stream().map(pluginMatchingResult -> {
            return buildFingerprinterExecutorConfig(targetInfo, pluginMatchingResult);
        }).map(pluginExecutorConfig -> {
            return ((PluginExecutor) this.pluginExecutorProvider.get()).executeAsync(pluginExecutorConfig);
        }).collect(ImmutableList.toImmutableList()))).transform(list -> {
            return ReconnaissanceReport.newBuilder().setTargetInfo(targetInfo).addAllNetworkServices(newArrayList2).addAllNetworkServices(getFingerprintedServices(list)).build();
        }, MoreExecutors.directExecutor());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static PluginExecutor.PluginExecutorConfig<FingerprintingReport> buildFingerprinterExecutorConfig(TargetInfo targetInfo, PluginManager.PluginMatchingResult<ServiceFingerprinter> pluginMatchingResult) {
        return PluginExecutor.PluginExecutorConfig.builder().setMatchedPlugin(pluginMatchingResult).setPluginExecutionLogic(() -> {
            return pluginMatchingResult.tsunamiPlugin().fingerprint(targetInfo, (NetworkService) pluginMatchingResult.matchedServices().get(0));
        }).build();
    }

    private static ImmutableList<NetworkService> getFingerprintedServices(Collection<PluginExecutionResult<FingerprintingReport>> collection) {
        return (ImmutableList) collection.stream().flatMap(pluginExecutionResult -> {
            return pluginExecutionResult.isSucceeded() ? ((FingerprintingReport) pluginExecutionResult.resultData().get()).getNetworkServicesList().stream() : pluginExecutionResult.executorConfig().matchedPlugin().matchedServices().stream();
        }).collect(ImmutableList.toImmutableList());
    }

    private ListenableFuture<ScanResults> detectVulnerabilities(ReconnaissanceReport reconnaissanceReport) {
        Preconditions.checkNotNull(reconnaissanceReport);
        ImmutableList<PluginManager.PluginMatchingResult<VulnDetector>> vulnDetectors = this.pluginManager.getVulnDetectors(reconnaissanceReport);
        this.executionTracer.startVulnerabilityDetecting(vulnDetectors);
        logger.atInfo().log("Service fingerprinting phase done, moving to vuln detection phase.");
        return FluentFuture.from(Futures.successfulAsList((ImmutableList) vulnDetectors.stream().map(pluginMatchingResult -> {
            return PluginExecutor.PluginExecutorConfig.builder().setMatchedPlugin(pluginMatchingResult).setPluginExecutionLogic(() -> {
                return pluginMatchingResult.tsunamiPlugin().detect(reconnaissanceReport.getTargetInfo(), pluginMatchingResult.matchedServices());
            }).build();
        }).map(pluginExecutorConfig -> {
            return ((PluginExecutor) this.pluginExecutorProvider.get()).executeAsync(pluginExecutorConfig);
        }).collect(ImmutableList.toImmutableList()))).transform(list -> {
            return generateScanResults(list, reconnaissanceReport);
        }, MoreExecutors.directExecutor());
    }

    private ScanResults generateScanResults(Collection<PluginExecutionResult<DetectionReportList>> collection, ReconnaissanceReport reconnaissanceReport) {
        ScanStatus scanStatus;
        this.executionTracer.setDone();
        logger.atInfo().log("Tsunami scanning workflow done. Generating scan results.");
        ImmutableList immutableList = (ImmutableList) collection.stream().filter((v0) -> {
            return v0.isSucceeded();
        }).flatMap(pluginExecutionResult -> {
            return ((DetectionReportList) pluginExecutionResult.resultData().get()).getDetectionReportsList().stream();
        }).collect(ImmutableList.toImmutableList());
        ImmutableList immutableList2 = (ImmutableList) collection.stream().filter(pluginExecutionResult2 -> {
            return !pluginExecutionResult2.isSucceeded();
        }).map(pluginExecutionResult3 -> {
            return pluginExecutionResult3.executorConfig().matchedPlugin().pluginId();
        }).collect(ImmutableList.toImmutableList());
        String str = "";
        if (immutableList2.isEmpty()) {
            scanStatus = ScanStatus.SUCCEEDED;
        } else if (immutableList2.size() == collection.size()) {
            scanStatus = ScanStatus.FAILED;
            str = "All VulnDetectors failed.";
        } else {
            scanStatus = ScanStatus.PARTIALLY_SUCCEEDED;
            str = "Failed plugins:\n" + Joiner.on("\n").join(immutableList2);
        }
        return ScanResults.newBuilder().setScanStatus(scanStatus).setStatusMessage(str).addAllScanFindings((Iterable) immutableList.stream().filter(detectionReport -> {
            return detectionReport.getDetectionStatus().equals(DetectionStatus.VULNERABILITY_VERIFIED) || detectionReport.getDetectionStatus().equals(DetectionStatus.VULNERABILITY_PRESENT);
        }).map(detectionReport2 -> {
            return ScanFinding.newBuilder().setTargetInfo(detectionReport2.getTargetInfo()).setNetworkService(detectionReport2.getNetworkService()).setVulnerability(detectionReport2.getVulnerability()).build();
        }).collect(ImmutableList.toImmutableList())).setScanStartTimestamp(Timestamps.fromMillis(this.scanStartTimestamp.toEpochMilli())).setScanDuration(Durations.fromMillis(Duration.between(this.scanStartTimestamp, Instant.now(this.clock)).toMillis())).setFullDetectionReports(FullDetectionReports.newBuilder().addAllDetectionReports(immutableList)).setReconnaissanceReport(reconnaissanceReport).build();
    }

    private ScanResults buildScanResultForFailure(TsunamiException tsunamiException) {
        this.executionTracer.forceDone();
        return ScanResults.newBuilder().setScanStatus(ScanStatus.FAILED).setStatusMessage(tsunamiException.getMessage()).setScanStartTimestamp(Timestamps.fromMillis(this.scanStartTimestamp.toEpochMilli())).setScanDuration(Durations.fromMillis(Duration.between(this.scanStartTimestamp, Instant.now(this.clock)).toMillis())).build();
    }
}
