package io.codemodder.codemods.codeql;

import com.contrastsecurity.sarif.Location;
import com.contrastsecurity.sarif.Region;
import com.contrastsecurity.sarif.Result;
import io.codemodder.Codemod;
import io.codemodder.CodemodChange;
import io.codemodder.CodemodExecutionPriority;
import io.codemodder.CodemodFileScanningResult;
import io.codemodder.CodemodInvocationContext;
import io.codemodder.FixOnlyCodeChanger;
import io.codemodder.Importance;
import io.codemodder.ReviewGuidance;
import io.codemodder.RuleSarif;
import io.codemodder.SarifFindingKeyUtil;
import io.codemodder.SarifPluginRawFileChanger;
import io.codemodder.XPathStreamProcessChange;
import io.codemodder.XPathStreamProcessor;
import io.codemodder.codetf.DetectorRule;
import io.codemodder.codetf.FixedFinding;
import io.codemodder.providers.sarif.codeql.ProvidedCodeQLScan;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardCopyOption;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import javax.inject.Inject;
import javax.xml.stream.XMLEventFactory;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.XMLEventWriter;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.XMLEvent;
import org.dom4j.DocumentException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xml.sax.SAXException;

@Codemod(id = "codeql:java/maven-non-https-url", reviewGuidance = ReviewGuidance.MERGE_WITHOUT_REVIEW, importance = Importance.MEDIUM, executionPriority = CodemodExecutionPriority.HIGH)
/* loaded from: input_file:io/codemodder/codemods/codeql/CodeQLMavenSecureURLCodemod.class */
public final class CodeQLMavenSecureURLCodemod extends SarifPluginRawFileChanger implements FixOnlyCodeChanger {
    private final XPathStreamProcessor processor;
    private static final Logger LOG = LoggerFactory.getLogger(CodeQLMavenSecureURLCodemod.class);

    @Inject
    CodeQLMavenSecureURLCodemod(@ProvidedCodeQLScan(ruleId = "java/maven/non-https-url") RuleSarif ruleSarif, XPathStreamProcessor xPathStreamProcessor) {
        super(ruleSarif);
        this.processor = (XPathStreamProcessor) Objects.requireNonNull(xPathStreamProcessor);
    }

    public String vendorName() {
        return "CodeQL";
    }

    public DetectorRule detectorRule() {
        return new DetectorRule("non-https-url", "Failure to use HTTPS or SFTP URL in Maven artifact upload/download", "https://codeql.github.com/codeql-query-help/java/java-maven-non-https-url");
    }

    public CodemodFileScanningResult onFileFound(CodemodInvocationContext codemodInvocationContext, List<Result> list) {
        try {
            return processXml(codemodInvocationContext.path(), list);
        } catch (SAXException | DocumentException | IOException | XMLStreamException e) {
            LOG.error("Problem transforming xml file: {}", codemodInvocationContext.path());
            return CodemodFileScanningResult.none();
        }
    }

    private CodemodFileScanningResult processXml(Path path, List<Result> list) throws SAXException, IOException, DocumentException, XMLStreamException {
        Optional process = this.processor.process(path, "//*[local-name()='repository']/*[local-name()='url'] | //*[local-name()='pluginRepository']/*[local-name()='url'] | //*[local-name()='snapshotRepository']/*[local-name()='url']", CodeQLMavenSecureURLCodemod::handle);
        if (process.isEmpty()) {
            return CodemodFileScanningResult.none();
        }
        XPathStreamProcessChange xPathStreamProcessChange = (XPathStreamProcessChange) process.get();
        List list2 = xPathStreamProcessChange.linesAffected().stream().map(num -> {
            Optional findFirst = list.stream().filter(result -> {
                Region region = ((Location) result.getLocations().get(0)).getPhysicalLocation().getRegion();
                Integer startLine = region.getStartLine();
                Integer endLine = region.getEndLine();
                return startLine == num || (startLine.intValue() <= num.intValue() && endLine != null && endLine.intValue() >= num.intValue());
            }).findFirst();
            if (!findFirst.isPresent()) {
                return CodemodChange.from(num.intValue());
            }
            return CodemodChange.from(((Location) ((Result) findFirst.get()).getLocations().get(0)).getPhysicalLocation().getRegion().getStartLine().intValue(), new FixedFinding(SarifFindingKeyUtil.buildFindingId((Result) findFirst.get()), detectorRule()));
        }).toList();
        Files.copy(xPathStreamProcessChange.transformedXml(), path, StandardCopyOption.REPLACE_EXISTING);
        return CodemodFileScanningResult.withOnlyChanges(list2);
    }

    private static void handle(XMLEventReader xMLEventReader, XMLEventWriter xMLEventWriter, XMLEvent xMLEvent) throws XMLStreamException {
        XMLEventFactory newInstance = XMLEventFactory.newInstance();
        xMLEventWriter.add(xMLEvent);
        XMLEvent nextEvent = xMLEventReader.nextEvent();
        String data = nextEvent.asCharacters().getData();
        if (data.startsWith("http:")) {
            xMLEventWriter.add(newInstance.createCharacters("https:" + data.substring(5)));
        } else if (data.startsWith("ftp:")) {
            xMLEventWriter.add(newInstance.createCharacters("ftps:" + data.substring(4)));
        } else {
            xMLEventWriter.add(nextEvent);
        }
    }
}
