package com.vaadin.appsec.backend;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import com.vaadin.appsec.backend.model.AppSecData;
import com.vaadin.appsec.backend.model.analysis.VulnerabilityAnalysis;
import com.vaadin.appsec.backend.model.dto.Dependency;
import com.vaadin.appsec.backend.model.dto.Vulnerability;
import com.vaadin.appsec.backend.model.osv.response.Ecosystem;
import java.io.File;
import java.io.IOException;
import java.lang.invoke.SerializedLambda;
import java.nio.file.Path;
import java.time.Clock;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import java.util.function.Consumer;
import java.util.stream.Collectors;
import org.cyclonedx.exception.ParseException;
import org.cyclonedx.model.Component;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/vaadin/appsec/backend/AppSecService.class */
public class AppSecService {
    private static final String FLOW_SERVER = "flow-server";
    private final VulnerabilityStore vulnerabilityStore;
    private final AppSecDTOProvider dtoProvider;
    private AppSecConfiguration configuration;
    private AppSecData data;
    private ScheduledFuture<?> scheduledScan;
    private static final Logger LOGGER = LoggerFactory.getLogger(AppSecService.class);
    static final ObjectMapper MAPPER = new ObjectMapper();
    private final List<AppSecScanEventListener> scanEventListeners = new ArrayList();
    private Clock clock = Clock.systemUTC();
    private final BillOfMaterialsStore bomStore = new BillOfMaterialsStore();
    private final GitHubService githubService = new GitHubService();

    /* loaded from: input_file:com/vaadin/appsec/backend/AppSecService$InstanceHolder.class */
    private static final class InstanceHolder {
        static final AppSecService instance = new AppSecService(new AppSecConfiguration());

        private InstanceHolder() {
        }
    }

    public static AppSecService getInstance() {
        return InstanceHolder.instance;
    }

    private AppSecService(AppSecConfiguration appSecConfiguration) {
        this.vulnerabilityStore = new VulnerabilityStore(new OpenSourceVulnerabilityService(appSecConfiguration.getOsvApiRatePerSecond()), this.bomStore);
        this.dtoProvider = new AppSecDTOProvider(this.vulnerabilityStore, this.bomStore);
        this.configuration = appSecConfiguration;
    }

    public void init() {
        cancelScheduledScan();
        Path bomFilePath = this.configuration.getBomFilePath();
        try {
            this.bomStore.readBomFile(bomFilePath, Ecosystem.MAVEN);
            Path bomNpmFilePath = this.configuration.getBomNpmFilePath();
            try {
                this.bomStore.readBomFile(bomNpmFilePath, Ecosystem.NPM);
                readOrCreateDataFile();
            } catch (ParseException e) {
                throw new AppSecException("Cannot parse the npm SBOM file: " + bomNpmFilePath.toAbsolutePath(), e);
            }
        } catch (ParseException e2) {
            throw new AppSecException("Cannot parse the Maven SBOM file: " + bomFilePath.toAbsolutePath(), e2);
        }
    }

    public List<String> getSupportedFlowVersions() {
        Optional<Component> flowServerComponent = getFlowServerComponent();
        if (flowServerComponent.isPresent()) {
            String version = flowServerComponent.get().getVersion();
            if (version.startsWith("23.")) {
                return this.githubService.getFlow23Versions();
            }
            if (version.startsWith("2.")) {
                return this.githubService.getFlow14Versions();
            }
            LOGGER.warn("Not supported flow-server version: " + version);
        } else {
            LOGGER.warn("flow-server dependency not found in Maven SBOM file");
        }
        return Collections.emptyList();
    }

    private Optional<Component> getFlowServerComponent() {
        return this.bomStore.getBom(Ecosystem.MAVEN).getComponents().stream().filter(component -> {
            return FLOW_SERVER.equals(component.getName());
        }).findFirst();
    }

    public VulnerabilityAnalysis getVulnerabilityAnalysis() {
        return this.githubService.getVulnerabilityAnalysis();
    }

    public void scheduleAutomaticScan() {
        checkForInitialization();
        long j = 0;
        long seconds = this.configuration.getAutoScanInterval().getSeconds();
        Instant lastScan = this.data.getLastScan();
        if (lastScan != null) {
            long until = seconds - lastScan.until(this.clock.instant(), ChronoUnit.SECONDS);
            if (until > 0) {
                j = until;
            }
        }
        LOGGER.debug("Scheduling automatic scan every " + seconds + " seconds");
        this.scheduledScan = this.configuration.getTaskExecutor().scheduleAtFixedRate(() -> {
            scanForVulnerabilities().exceptionally(th -> {
                LOGGER.error("There was an error with scheduled scan for vulnerabilities", th);
                return null;
            });
        }, j, seconds, TimeUnit.SECONDS);
    }

    private void cancelScheduledScan() {
        if (this.scheduledScan != null) {
            LOGGER.debug("Cancelling scheduled scan...");
            this.scheduledScan.cancel(false);
        }
    }

    public Registration addScanEventListener(AppSecScanEventListener appSecScanEventListener) {
        this.scanEventListeners.add(appSecScanEventListener);
        return () -> {
            this.scanEventListeners.remove(appSecScanEventListener);
        };
    }

    public CompletableFuture<Void> scanForVulnerabilities() {
        checkForInitialization();
        ScheduledExecutorService taskExecutor = this.configuration.getTaskExecutor();
        VulnerabilityStore vulnerabilityStore = this.vulnerabilityStore;
        Objects.requireNonNull(vulnerabilityStore);
        CompletableFuture supplyAsync = CompletableFuture.supplyAsync(vulnerabilityStore::refresh, taskExecutor);
        GitHubService gitHubService = this.githubService;
        Objects.requireNonNull(gitHubService);
        CompletableFuture<Void> thenRun = supplyAsync.thenRun(gitHubService::updateReleasesCache);
        GitHubService gitHubService2 = this.githubService;
        Objects.requireNonNull(gitHubService2);
        return thenRun.thenRun(gitHubService2::updateAnalysisCache).thenRun(this::updateLastScanTime).thenApply(r5 -> {
            return new AppSecScanEvent(this);
        }).thenAccept((Consumer<? super U>) this::invokeEventListeners);
    }

    private void invokeEventListeners(AppSecScanEvent appSecScanEvent) {
        LOGGER.debug("Invoking {} scan event listeners...", Integer.valueOf(this.scanEventListeners.size()));
        this.scanEventListeners.forEach(appSecScanEventListener -> {
            appSecScanEventListener.scanCompleted(appSecScanEvent);
        });
    }

    public List<Dependency> getDependencies() {
        return this.dtoProvider.getDependencies();
    }

    public List<Vulnerability> getVulnerabilities() {
        return this.dtoProvider.getVulnerabilities();
    }

    public List<Vulnerability> getNewVulnerabilities() {
        return (List) getVulnerabilities().stream().filter(this::newVulnerability).collect(Collectors.toList());
    }

    private boolean newVulnerability(Vulnerability vulnerability) {
        return !getData().getVulnerabilities().containsKey(vulnerability.getIdentifier());
    }

    public synchronized AppSecData getData() {
        if (this.data == null) {
            readOrCreateDataFile();
        }
        return this.data;
    }

    public synchronized void setData(AppSecData appSecData) {
        if (appSecData == null) {
            throw new IllegalArgumentException("The data object cannot be null");
        }
        this.data = appSecData;
        writeDataFile();
    }

    public synchronized AppSecData refresh() {
        this.data = null;
        return getData();
    }

    private synchronized void updateLastScanTime() {
        LOGGER.debug("Updating last scan time...");
        AppSecData data = getData();
        data.setLastScan(this.clock.instant());
        setData(data);
    }

    public AppSecConfiguration getConfiguration() {
        return this.configuration;
    }

    public synchronized void setConfiguration(AppSecConfiguration appSecConfiguration) {
        this.configuration = appSecConfiguration;
        this.data = null;
        cancelScheduledScan();
        LOGGER.debug("Set AppSec configuration: " + appSecConfiguration);
    }

    private void checkForInitialization() {
        if (this.data == null || this.bomStore.getBom(Ecosystem.MAVEN) == null) {
            throw new AppSecException("The service has not been initialized. You should run the init() method after setting a new configuration");
        }
    }

    private void readOrCreateDataFile() {
        File file = this.configuration.getDataFilePath().toFile();
        if (!file.exists()) {
            this.data = new AppSecData();
            LOGGER.debug("AppSec Kit data created");
        } else {
            try {
                this.data = (AppSecData) MAPPER.readValue(file, AppSecData.class);
                LOGGER.debug("Reading AppSec Kit data file " + file.getAbsolutePath());
            } catch (IOException e) {
                throw new AppSecException("Cannot read the AppSec Kit data file: " + this.configuration.getDataFilePath().toString(), e);
            }
        }
    }

    private void writeDataFile() {
        if (this.data != null) {
            File file = this.configuration.getDataFilePath().toFile();
            try {
                MAPPER.writeValue(file, this.data);
                LOGGER.debug("AppSec Kit data file updated " + file.getAbsolutePath());
            } catch (IOException e) {
                throw new AppSecException("Cannot write the AppSec Kit data file: " + this.configuration.getDataFilePath().toString(), e);
            }
        }
    }

    void setClock(Clock clock) {
        this.clock = clock;
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -149664366:
                if (implMethodName.equals("lambda$addScanEventListener$7e97d43e$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/appsec/backend/Registration") && serializedLambda.getFunctionalInterfaceMethodName().equals("remove") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()V") && serializedLambda.getImplClass().equals("com/vaadin/appsec/backend/AppSecService") && serializedLambda.getImplMethodSignature().equals("(Lcom/vaadin/appsec/backend/AppSecScanEventListener;)V")) {
                    AppSecService appSecService = (AppSecService) serializedLambda.getCapturedArg(0);
                    AppSecScanEventListener appSecScanEventListener = (AppSecScanEventListener) serializedLambda.getCapturedArg(1);
                    return () -> {
                        this.scanEventListeners.remove(appSecScanEventListener);
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }

    static {
        MAPPER.registerModule(new JavaTimeModule());
        MAPPER.disable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
    }
}
