package com.bitegarden.sonar.plugins.security.owasp;

import com.bitegarden.sonar.plugins.security.model.SecurityIssue;
import com.bitegarden.sonar.plugins.security.model.SecurityIssueType;
import com.bitegarden.sonar.plugins.security.model.owasp.OwaspBreakdownByCategoryRow;
import com.bitegarden.sonar.plugins.security.model.owasp.OwaspBreakdownByRuleRow;
import com.bitegarden.sonar.plugins.security.model.owasp.OwaspHotspotsBreakdownByRule;
import com.bitegarden.sonar.plugins.security.model.owasp.OwaspReport;
import com.bitegarden.sonar.plugins.security.model.owasp.OwaspVulnerabilitiesBreakdownByCategory;
import com.bitegarden.sonar.plugins.security.util.CweUtils;
import com.bitegarden.sonar.plugins.security.util.OwaspUtils;
import com.bitegarden.sonar.plugins.security.util.ParamUtils;
import com.bitegarden.sonar.plugins.security.util.SecurityPluginUtils;
import es.sonarqube.api.SonarQubeProject;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.atomic.AtomicLong;
import org.sonar.api.utils.log.Logger;
import org.sonar.api.utils.log.Loggers;
import org.sonarqube.ws.Common;
import org.sonarqube.ws.Issues;
import org.sonarqube.ws.client.WsClient;
import org.sonarqube.ws.client.issues.SearchRequest;

/* loaded from: input_file:com/bitegarden/sonar/plugins/security/owasp/Owasp2017.class */
public class Owasp2017 implements OwaspVulnerabilitiesManager {
    private static final Logger LOGGER = Loggers.get(Owasp2017.class);

    @Override // com.bitegarden.sonar.plugins.security.owasp.OwaspVulnerabilitiesManager
    public List<SecurityIssue> getOwaspHotspotsBreakdownList(WsClient wsClient, List<SonarQubeProject> list, String str) {
        return ParamUtils.useIssuesEndpointToObtainHotspots(str) ? CweUtils.getHotspots(list, wsClient, SecurityIssueType.OWASP) : SecurityPluginUtils.getHotspotsForLatestVersion(list, wsClient, SecurityIssueType.OWASP, "2017");
    }

    @Override // com.bitegarden.sonar.plugins.security.owasp.OwaspVulnerabilitiesManager
    public OwaspReport getReport(WsClient wsClient, String str, String str2, String str3, List<SecurityIssue> list) {
        OwaspReport owaspReport = new OwaspReport();
        HashMap hashMap = new HashMap();
        AtomicLong atomicLong = new AtomicLong();
        ArrayList arrayList = new ArrayList();
        List<OwaspBreakdownByRuleRow> owaspBreakdownByRuleRows = OwaspUtils.getOwaspBreakdownByRuleRows(list);
        ParamUtils.OWASP_TOP_10.forEach(str4 -> {
            OwaspBreakdownByCategoryRow owaspBreakdownByCategoryRow = new OwaspBreakdownByCategoryRow();
            HashMap hashMap2 = new HashMap();
            owaspBreakdownByCategoryRow.setCategory(str4.toUpperCase());
            Issues.SearchWsResponse search = wsClient.issues().search(getSearchIssuesRequest(str, str2, str3, str4));
            atomicLong.addAndGet(search.getEffortTotal());
            search.getFacets().getFacetsList().forEach(facet -> {
                facet.getValuesList().forEach(facetValue -> {
                    if ("rules".equals(facet.getProperty())) {
                        Map map = (Map) hashMap.getOrDefault(str4, new HashMap());
                        map.put(facetValue.getVal(), facetValue.getCount() + "");
                        hashMap.put(str4, map);
                    }
                    if ("severities".equals(facet.getProperty())) {
                        hashMap2.put(facetValue.getVal(), Long.valueOf(facetValue.getCount()));
                    }
                    LOGGER.debug("Facet ({}) with value ({}) for category ({})", new Object[]{facetValue.getVal(), Long.valueOf(facetValue.getCount()), str4});
                });
                if ("severities".equals(facet.getProperty())) {
                    owaspBreakdownByCategoryRow.setBlockerVulnerabilities(getFacetValueBySeverity(facet, "BLOCKER"));
                    owaspBreakdownByCategoryRow.setCriticalVulnerabilities(getFacetValueBySeverity(facet, "CRITICAL"));
                    owaspBreakdownByCategoryRow.setMajorVulnerabilities(getFacetValueBySeverity(facet, "MAJOR"));
                    owaspBreakdownByCategoryRow.setMinorVulnerabilities(getFacetValueBySeverity(facet, "MINOR"));
                    owaspBreakdownByCategoryRow.setInfoVulnerabilities(getFacetValueBySeverity(facet, "INFO"));
                }
            });
            owaspBreakdownByRuleRows.forEach(owaspBreakdownByRuleRow -> {
                if (owaspBreakdownByRuleRow.getCategoryList().contains(str4.toUpperCase())) {
                    owaspBreakdownByCategoryRow.setHotspots(owaspBreakdownByCategoryRow.getHotspots() + owaspBreakdownByRuleRow.getHotspots());
                    owaspBreakdownByCategoryRow.setHotspotsIds(owaspBreakdownByRuleRow.getHotspotsIds());
                }
            });
            owaspBreakdownByCategoryRow.setRating(SecurityPluginUtils.getRatingByIssuesSeverity(hashMap2));
            arrayList.add(owaspBreakdownByCategoryRow);
        });
        OwaspHotspotsBreakdownByRule owaspHotspotsBreakdownByRule = new OwaspHotspotsBreakdownByRule();
        owaspHotspotsBreakdownByRule.setOwaspBreakdownByRuleRows(owaspBreakdownByRuleRows);
        OwaspVulnerabilitiesBreakdownByCategory owaspVulnerabilitiesBreakdownByCategory = OwaspUtils.getOwaspVulnerabilitiesBreakdownByCategory(arrayList);
        owaspReport.setSummary(OwaspUtils.getSummary(atomicLong, owaspVulnerabilitiesBreakdownByCategory));
        owaspReport.setOwaspVulnerabilitiesBreakdownByCategory(owaspVulnerabilitiesBreakdownByCategory);
        owaspReport.setOwaspVulnerabilitiesBreakdownByRule(OwaspUtils.getOwaspVulnerabilitiesBreakdownByRule(wsClient, hashMap));
        owaspReport.setOwaspHotspotsBreakdownByRule(owaspHotspotsBreakdownByRule);
        return owaspReport;
    }

    public static long getFacetValueBySeverity(Common.Facet facet, String str) {
        for (Common.FacetValue facetValue : facet.getValuesList()) {
            if (str.equals(facetValue.getVal())) {
                return facetValue.getCount();
            }
        }
        return 0L;
    }

    private static SearchRequest getSearchIssuesRequest(String str, String str2, String str3, String str4) {
        SearchRequest searchRequest = new SearchRequest();
        searchRequest.setResolved("false");
        searchRequest.setOwaspTop10(Collections.singletonList(str4));
        searchRequest.setComponentKeys(Collections.singletonList(str));
        searchRequest.setFacets(Arrays.asList("rules", "severities"));
        if (ParamUtils.hasValue(str3)) {
            searchRequest.setPullRequest(str3);
        } else {
            searchRequest.setBranch(str2);
        }
        return searchRequest;
    }
}
