package com.cx.plugin;

import com.cx.plugin.configuration.CommonClientFactory;
import com.cx.plugin.dto.MavenScanResults;
import com.cx.plugin.utils.CxPluginUtils;
import com.cx.restclient.CxClientDelegator;
import com.cx.restclient.configuration.CxScanConfig;
import com.cx.restclient.dto.Results;
import com.cx.restclient.dto.ScanResults;
import com.cx.restclient.dto.ScannerType;
import com.cx.restclient.dto.scansummary.ScanSummary;
import com.cx.restclient.exception.CxClientException;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugin.descriptor.PluginDescriptor;
import org.apache.maven.plugins.annotations.Component;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.plugins.annotations.ResolutionScope;
import org.apache.maven.project.MavenProject;
import org.apache.maven.settings.Server;
import org.apache.maven.settings.Settings;
import org.codehaus.plexus.archiver.Archiver;
import org.codehaus.plexus.archiver.zip.ZipArchiver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.impl.MavenLoggerAdapter;
import org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher;
import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException;

@Mojo(name = "scan", aggregator = true, requiresDependencyResolution = ResolutionScope.TEST, inheritByDefault = false)
/* loaded from: input_file:com/cx/plugin/CxScanPlugin.class */
public class CxScanPlugin extends AbstractMojo {
    private static Logger log = LoggerFactory.getLogger(CxScanPlugin.class);
    public static final String PLUGIN_ORIGIN = "Maven";
    public static final String SOURCES_ZIP_NAME = "sources";
    public static final String HTML_REPORT = "htmlReport";

    @Parameter(required = false, property = "cx.username")
    private String username;

    @Parameter(required = false, property = "cx.password")
    private String password;

    @Parameter(defaultValue = "http://localhost", property = "cx.url")
    private URL url;

    @Parameter(defaultValue = "${project.name}", property = "cx.projectName")
    private String projectName;

    @Parameter(property = "cx.fullTeamPath", defaultValue = "\\CxServer")
    private String fullTeamPath;

    @Parameter(defaultValue = "Checkmarx Default", property = "cx.preset")
    private String preset;

    @Parameter(defaultValue = "true", property = "cx.isIncrementalScan")
    private boolean isIncrementalScan;

    @Parameter(property = "cx.comment")
    private String comment;

    @Parameter(defaultValue = "true", property = "cx.isSynchronous")
    private boolean isSynchronous;

    @Parameter(defaultValue = "true", property = "cx.generatePDFReport")
    private boolean generatePDFReport;

    @Parameter(defaultValue = "-1", property = "cx.highSeveritiesThreshold")
    private int highSeveritiesThreshold;

    @Parameter(defaultValue = "-1", property = "cx.mediumSeveritiesThreshold")
    private int mediumSeveritiesThreshold;

    @Parameter(defaultValue = "-1", property = "cx.lowSeveritiesThreshold")
    private int lowSeveritiesThreshold;

    @Parameter(defaultValue = "0", property = "cx.scanTimeoutInMinutes")
    private int scanTimeoutInMinutes;

    @Parameter(defaultValue = "false", property = "cx.osaEnabled")
    private boolean osaEnabled;

    @Parameter(defaultValue = "-1", property = "cx.osaHighSeveritiesThreshold")
    private int osaHighSeveritiesThreshold;

    @Parameter(defaultValue = "-1", property = "cx.osaMediumSeveritiesThreshold")
    private int osaMediumSeveritiesThreshold;

    @Parameter(defaultValue = "-1", property = "cx.osaLowSeveritiesThreshold")
    private int osaLowSeveritiesThreshold;

    @Parameter(defaultValue = "true", property = "cx.osaGeneratePDFReport")
    @Deprecated
    private boolean osaGeneratePDFReport;

    @Parameter(defaultValue = "true", property = "cx.osaGenerateHTMLReport")
    @Deprecated
    private boolean osaGenerateHTMLReport;

    @Parameter(defaultValue = "true", property = "cx.osaGenerateJsonReport")
    private boolean osaGenerateJsonReport;

    @Parameter(defaultValue = "false", property = "cx.enablePolicyViolations")
    private boolean enablePolicyViolations;

    @Parameter(defaultValue = "${project.build.directory}/checkmarx", property = "cx.outputDirectory")
    private File outputDirectory;

    @Parameter(defaultValue = "false", property = "cx.disableCertificateVerification")
    private boolean disableCertificateVerification;

    @Parameter(defaultValue = "${project}", readonly = true, required = true)
    private MavenProject project;

    @Parameter(defaultValue = "${reactorProjects}", readonly = true)
    private List<MavenProject> reactorProjects;

    @Parameter(defaultValue = "${settings}", readonly = true, required = true)
    private Settings settings;

    @Parameter(property = "serverId")
    private String serverId;

    @Component(role = SecDispatcher.class, hint = "default")
    private DefaultSecDispatcher securityDispatcher;

    @Component(role = Archiver.class, hint = "zip")
    private ZipArchiver zipArchiver;
    private String pluginVersion;

    @Parameter(property = "cx.folderExclusions")
    private String[] folderExclusions = new String[0];

    @Parameter(property = "cx.fileExclusions")
    private String[] fileExclusions = new String[0];

    @Parameter(property = "cx.osaExclusions")
    @Deprecated
    private String[] osaExclusions = new String[0];

    @Parameter(property = "cx.osaIgnoreScopes")
    private String[] osaIgnoreScopes = new String[0];

    public void execute() throws MojoExecutionException, MojoFailureException {
        MavenLoggerAdapter.setLogger(getLog());
        CxPluginUtils.printLogo(log);
        try {
            PluginDescriptor pluginDescriptor = (PluginDescriptor) getPluginContext().get("pluginDescriptor");
            if (pluginDescriptor != null) {
                this.pluginVersion = pluginDescriptor.getVersion();
            }
            CxScanConfig resolveConfigurationMap = resolveConfigurationMap();
            CxClientDelegator clientDelegatorInstance = CommonClientFactory.getClientDelegatorInstance(resolveConfigurationMap, log);
            CxPluginUtils.printConfiguration(resolveConfigurationMap, this.osaIgnoreScopes, this.pluginVersion, log);
            if (!resolveConfigurationMap.isSastEnabled() && !resolveConfigurationMap.isOsaEnabled()) {
                throw new MojoFailureException("Both SAST and OSA are disabled. exiting");
            }
            MavenScanResults mavenScanResults = new MavenScanResults();
            ArrayList arrayList = new ArrayList();
            try {
                CommonClientFactory.getInstance(resolveConfigurationMap, log);
                arrayList.add(clientDelegatorInstance.init());
                if (resolveConfigurationMap.isOsaEnabled()) {
                    File file = null;
                    try {
                        try {
                            file = createDummyFileForOSA();
                            resolveConfigurationMap.setOsaFsaConfig(CxPluginUtils.generateOSAScanConfiguration(this.project.getBasedir().getAbsolutePath(), this.osaIgnoreScopes, file.getName()));
                            FileUtils.deleteQuietly(file);
                        } catch (CxClientException | IOException e) {
                            mavenScanResults.setException(e);
                            log.warn(e.getMessage());
                            FileUtils.deleteQuietly(file);
                        }
                    } catch (Throwable th) {
                        FileUtils.deleteQuietly(file);
                        throw th;
                    }
                }
                if (resolveConfigurationMap.isSastEnabled()) {
                    log.info("Zipping sources");
                    resolveConfigurationMap.setZipFile(CxPluginUtils.zipSources(this.reactorProjects, this.zipArchiver, this.outputDirectory, log));
                }
                ScanResults initiateScan = clientDelegatorInstance.initiateScan();
                arrayList.add(initiateScan);
                ScanResults waitForScanResults = resolveConfigurationMap.getSynchronous().booleanValue() ? clientDelegatorInstance.waitForScanResults() : clientDelegatorInstance.getLatestScanResults();
                mavenScanResults.put(ScannerType.SAST, waitForScanResults.getSastResults());
                if (resolveConfigurationMap.isOsaEnabled()) {
                    mavenScanResults.put(ScannerType.OSA, waitForScanResults.getOsaResults());
                }
                arrayList.add(waitForScanResults);
                if (resolveConfigurationMap.getEnablePolicyViolations()) {
                    clientDelegatorInstance.printIsProjectViolated(waitForScanResults);
                }
                ScanSummary scanSummary = new ScanSummary(resolveConfigurationMap, mavenScanResults.getSastResults(), mavenScanResults.getOsaResults(), mavenScanResults.getScaResults());
                if (scanSummary.hasErrors() || mavenScanResults.getGeneralException() != null || ((resolveConfigurationMap.isSastEnabled() && (mavenScanResults.getSastResults() == null || mavenScanResults.getSastResults().getException() != null)) || (resolveConfigurationMap.isOsaEnabled() && (mavenScanResults.getOsaResults() == null || mavenScanResults.getOsaResults().getException() != null)))) {
                    StringBuilder sb = new StringBuilder();
                    if (resolveConfigurationMap.isSastEnabled() && (mavenScanResults.getSastResults() == null || !mavenScanResults.getSastResults().isSastResultsReady())) {
                        sb.append("CxSAST scan results are not found. Scan might have failed at the server or aborted by the server.\n");
                    }
                    if (resolveConfigurationMap.isOsaEnabled() && (mavenScanResults.getOsaResults() == null || !mavenScanResults.getOsaResults().isOsaResultsReady())) {
                        sb.append("CxSAST OSA scan results are not found. Scan might have failed at the server or aborted by the server.\n");
                    }
                    if (scanSummary.hasErrors() && sb.toString().isEmpty()) {
                        sb.append(scanSummary.toString());
                    } else if (scanSummary.hasErrors()) {
                        sb.append("\n").append(scanSummary.toString());
                    }
                    CxPluginUtils.printBuildFailure(sb.toString(), mavenScanResults, log);
                }
                if (!resolveConfigurationMap.getSynchronous().booleanValue()) {
                    mavenScanResults.getSummary().put(HTML_REPORT, clientDelegatorInstance.generateHTMLSummary(getFinalScanResults(arrayList)));
                    if (mavenScanResults.getException() != null || mavenScanResults.getGeneralException() != null) {
                        CxPluginUtils.printBuildFailure(null, mavenScanResults, log);
                    }
                }
                if (resolveConfigurationMap.getSynchronous().booleanValue() && resolveConfigurationMap.isSastEnabled() && ((initiateScan.getSastResults() != null && initiateScan.getSastResults().getException() != null && initiateScan.getSastResults().getScanId() > 0) || (waitForScanResults.getSastResults() != null && waitForScanResults.getSastResults().getException() != null))) {
                    cancelScan(clientDelegatorInstance);
                }
            } catch (Exception e2) {
                if (!e2.getMessage().contains("Server is unavailable")) {
                    throw new MojoFailureException(e2.getMessage(), e2);
                }
                try {
                    clientDelegatorInstance.getSastClient().login();
                    throw new MojoFailureException(e2.getMessage() + ": Connection Failed.\nValidate the provided login credentials and server URL are correct.\nIn addition, make sure the installed plugin version is compatible with the CxSAST version according to CxSAST release notes.");
                } catch (CxClientException e3) {
                    throw new MojoFailureException(e3.getMessage());
                }
            }
        } catch (Exception e4) {
            log.error("Interrupted exception: " + e4.getMessage(), e4);
            throw new MojoExecutionException(e4.getMessage());
        }
    }

    private ScanResults getFinalScanResults(List<ScanResults> list) {
        ScanResults scanResults = new ScanResults();
        for (int i = 0; i < list.size(); i++) {
            for (Map.Entry entry : list.get(i).getResults().entrySet()) {
                if (entry != null && entry.getValue() != null && ((Results) entry.getValue()).getException() != null && scanResults.get((ScannerType) entry.getKey()) == null) {
                    scanResults.put((ScannerType) entry.getKey(), (Results) entry.getValue());
                }
                if (i == list.size() - 1 && entry != null && entry.getValue() != null && ((Results) entry.getValue()).getException() == null) {
                    scanResults.put((ScannerType) entry.getKey(), (Results) entry.getValue());
                }
            }
        }
        return scanResults;
    }

    private void cancelScan(CxClientDelegator cxClientDelegator) {
        try {
            cxClientDelegator.getSastClient().cancelSASTScan();
        } catch (Exception e) {
        }
    }

    private File createDummyFileForOSA() throws IOException {
        File file = new File(this.project.getBasedir().getAbsolutePath(), "dummy" + RandomStringUtils.randomNumeric(4) + ".java");
        file.createNewFile();
        return file;
    }

    private CxScanConfig resolveConfigurationMap() throws MojoExecutionException {
        String str = "";
        CxScanConfig cxScanConfig = new CxScanConfig();
        cxScanConfig.setCxOrigin("Maven");
        cxScanConfig.setSastEnabled(true);
        cxScanConfig.setDisableCertificateValidation(this.disableCertificateVerification);
        loadUserInfoFromSettings();
        cxScanConfig.setUsername(this.username);
        cxScanConfig.setPassword(this.password);
        cxScanConfig.setUrl(this.url.toString());
        cxScanConfig.setReportsDir(this.outputDirectory);
        cxScanConfig.setProjectName(this.projectName);
        cxScanConfig.setTeamPath(this.fullTeamPath);
        cxScanConfig.setPresetName(this.preset);
        cxScanConfig.setSastScanTimeoutInMinutes(Integer.valueOf(this.scanTimeoutInMinutes));
        cxScanConfig.setScanComment(this.comment);
        cxScanConfig.setIncremental(Boolean.valueOf(this.isIncrementalScan));
        cxScanConfig.setSynchronous(Boolean.valueOf(this.isSynchronous));
        cxScanConfig.setSastThresholdsEnabled(Boolean.valueOf(this.highSeveritiesThreshold > 0 || this.mediumSeveritiesThreshold > 0 || this.lowSeveritiesThreshold > 0));
        cxScanConfig.setSastHighThreshold(Integer.valueOf(this.highSeveritiesThreshold));
        cxScanConfig.setSastMediumThreshold(Integer.valueOf(this.mediumSeveritiesThreshold));
        cxScanConfig.setSastLowThreshold(Integer.valueOf(this.lowSeveritiesThreshold));
        cxScanConfig.setGeneratePDFReport(Boolean.valueOf(this.generatePDFReport));
        for (String str2 : this.folderExclusions) {
            str = str + str2 + ",";
        }
        if (!str.equals("")) {
            str = str.substring(0, str.length() - 1);
        }
        cxScanConfig.setSastFolderExclusions(str);
        if (this.osaEnabled) {
            cxScanConfig.addScannerType(ScannerType.OSA);
        }
        boolean z = this.osaHighSeveritiesThreshold > 0 || this.osaMediumSeveritiesThreshold > 0 || this.osaLowSeveritiesThreshold > 0;
        cxScanConfig.setOsaGenerateJsonReport(Boolean.valueOf(this.osaGenerateJsonReport));
        cxScanConfig.setOsaThresholdsEnabled(Boolean.valueOf(z));
        cxScanConfig.setOsaHighThreshold(Integer.valueOf(this.osaHighSeveritiesThreshold));
        cxScanConfig.setOsaMediumThreshold(Integer.valueOf(this.osaMediumSeveritiesThreshold));
        cxScanConfig.setOsaLowThreshold(Integer.valueOf(this.osaLowSeveritiesThreshold));
        cxScanConfig.setEnablePolicyViolations(this.enablePolicyViolations);
        return cxScanConfig;
    }

    private void loadUserInfoFromSettings() throws MojoExecutionException {
        Server server;
        if (this.serverId == null) {
            return;
        }
        if ((this.username == null || this.password == null) && this.settings != null && (server = this.settings.getServer(this.serverId)) != null) {
            if (this.username == null) {
                this.username = server.getUsername();
            }
            if (this.password == null && server.getPassword() != null) {
                try {
                    this.password = this.securityDispatcher.decrypt(server.getPassword());
                } catch (SecDispatcherException e) {
                    try {
                        this.securityDispatcher.setConfigurationFile(System.getProperty("user.home") + "\\.m2\\settings-security.xml");
                        this.password = this.securityDispatcher.decrypt(server.getPassword());
                    } catch (Exception e2) {
                        throw new MojoExecutionException(e2.getMessage());
                    }
                }
            }
        }
        if (this.username == null) {
            this.username = "";
        }
        if (this.password == null) {
            this.password = "";
        }
    }
}
