package com.metaeffekt.mirror.download.nvd;

import com.metaeffekt.artifact.analysis.utils.FileUtils;
import com.metaeffekt.artifact.analysis.utils.TimeUtils;
import com.metaeffekt.mirror.Retry;
import com.metaeffekt.mirror.download.Download;
import com.metaeffekt.mirror.download.ResourceLocation;
import com.metaeffekt.mirror.download.documentation.MirrorMetadata;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.atomic.AtomicReference;
import java.util.stream.Collectors;
import org.apache.commons.lang3.ObjectUtils;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@MirrorMetadata(directoryName = "cpe-dict", mavenPropertyName = "nvdCpeDownload")
/* loaded from: input_file:com/metaeffekt/mirror/download/nvd/NvdCpeApiDownload.class */
public class NvdCpeApiDownload extends Download {
    private static final Logger LOG = LoggerFactory.getLogger(NvdCpeApiDownload.class);
    private static final SimpleDateFormat ISO_8601_DATE_FORMAT = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
    private static final int API_DELAY_BETWEEN_AUTHORIZED_REQUESTS = 620;
    private static final int API_DELAY_BETWEEN_UNAUTHORIZED_REQUESTS = 6400;
    private String apiKey;
    private final List<JSONArray> apiResponseDataToBeProcessed;

    /* loaded from: input_file:com/metaeffekt/mirror/download/nvd/NvdCpeApiDownload$ResourceLocationNvd.class */
    public enum ResourceLocationNvd implements ResourceLocation {
        CPE_API_LIST_ALL("https://services.nvd.nist.gov/rest/json/cpes/2.0?startIndex=%d"),
        CPE_API_START_END_DATE("https://services.nvd.nist.gov/rest/json/cpes/2.0?startIndex=%d&lastModStartDate=%s&lastModEndDate=%s"),
        CPE_MATCH_API_LIST_ALL("https://services.nvd.nist.gov/rest/json/cpematch/2.0?startIndex=%d"),
        CPE_MATCH_API_START_END_DATE("https://services.nvd.nist.gov/rest/json/cpematch/2.0?startIndex=%d&lastModStartDate=%s&lastModEndDate=%s");

        private final String defaultValue;

        ResourceLocationNvd(String str) {
            this.defaultValue = str;
        }

        @Override // com.metaeffekt.mirror.download.ResourceLocation
        public String getDefault() {
            return this.defaultValue;
        }
    }

    public NvdCpeApiDownload(File file) {
        super(file, NvdCpeApiDownload.class);
        this.apiResponseDataToBeProcessed = Collections.synchronizedList(new ArrayList());
    }

    public NvdCpeApiDownload setApiKey(String str) {
        this.apiKey = str;
        return this;
    }

    @Override // com.metaeffekt.mirror.download.Download
    protected void performDownload() {
        boolean isFullMirrorRequired = isFullMirrorRequired();
        if (isFullMirrorRequired) {
            LOG.info("Downloading initial NVD data from NVD API");
        } else {
            LOG.info("Existing mirror detected. Downloading incremental NVD data from NVD API");
        }
        long j = this.apiKey == null ? 6400L : 620L;
        this.executor.setSize(4);
        this.executor.setDelay(j);
        LOG.info("Requests {} be authorized with an API key, delay between requests [{}]", this.apiKey == null ? "will not" : "will", TimeUtils.formatTimeDiff(j));
        Date date = new Date(getDownloadDirectoryLastModified());
        Date date2 = new Date(TimeUtils.utcNow());
        downloadCpeDictionaryApiData(isFullMirrorRequired, date, date2);
        downloadCpeMatchApiData(isFullMirrorRequired, date, date2);
    }

    private void downloadCpeDictionaryApiData(boolean z, Date date, Date date2) {
        LOG.info("Downloading NVD CPE Dictionary API data...");
        downloadCpeApiDataFromSource(z, date, date2, ResourceLocationNvd.CPE_API_LIST_ALL, ResourceLocationNvd.CPE_API_START_END_DATE);
        LOG.info("Finished processing NVD CPE Dictionary API data");
    }

    private void downloadCpeMatchApiData(boolean z, Date date, Date date2) {
        LOG.info("Downloading NVD CPE Match API data...");
        downloadCpeApiDataFromSource(z, date, date2, ResourceLocationNvd.CPE_MATCH_API_LIST_ALL, ResourceLocationNvd.CPE_MATCH_API_START_END_DATE);
        LOG.info("Finished processing NVD CPE Match API data");
    }

    private void downloadCpeApiDataFromSource(boolean z, Date date, Date date2, ResourceLocationNvd resourceLocationNvd, ResourceLocationNvd resourceLocationNvd2) {
        createDownloadThreads(z, date, date2, resourceLocationNvd, resourceLocationNvd2);
        for (int i = 0; i < 5; i++) {
            processResponseDataUntilDone();
        }
    }

    private void processResponseDataUntilDone() {
        ArrayList arrayList;
        ArrayList arrayList2;
        this.executor.start();
        do {
            synchronized (this.apiResponseDataToBeProcessed) {
                if (this.apiResponseDataToBeProcessed.size() >= 4) {
                    arrayList = new ArrayList(this.apiResponseDataToBeProcessed);
                    this.apiResponseDataToBeProcessed.clear();
                } else {
                    arrayList = new ArrayList();
                }
            }
            if (!arrayList.isEmpty()) {
                processApiCpeItems(arrayList);
            }
            try {
                Thread.sleep(1000L);
            } catch (InterruptedException e) {
            }
        } while (this.executor.isRunning());
        synchronized (this.apiResponseDataToBeProcessed) {
            if (this.apiResponseDataToBeProcessed.isEmpty()) {
                arrayList2 = new ArrayList();
            } else {
                arrayList2 = new ArrayList(this.apiResponseDataToBeProcessed);
                this.apiResponseDataToBeProcessed.clear();
            }
        }
        if (arrayList2.isEmpty()) {
            return;
        }
        processApiCpeItems(arrayList2);
    }

    private void createDownloadThreads(boolean z, Date date, Date date2, ResourceLocationNvd resourceLocationNvd, ResourceLocationNvd resourceLocationNvd2) {
        this.executor.submit(() -> {
            JSONObject downloadCpeDecideWhatTimeFrame = downloadCpeDecideWhatTimeFrame(z, date, date2, 0, resourceLocationNvd, resourceLocationNvd2);
            int i = downloadCpeDecideWhatTimeFrame.getInt("totalResults");
            int i2 = downloadCpeDecideWhatTimeFrame.getInt("resultsPerPage");
            int i3 = 0;
            if (i == 0) {
                LOG.info("No CPEs found for the given range.");
                return;
            }
            LOG.info("Downloaded CPEs [{}] to [{}] of [{}]", new Object[]{0, Integer.valueOf(0 + i2), Integer.valueOf(i)});
            appendJsonToProcessResponseCache(downloadCpeDecideWhatTimeFrame);
            while (i3 < i) {
                i3 += i2;
                this.executor.submit(() -> {
                    JSONObject downloadCpeDecideWhatTimeFrame2 = downloadCpeDecideWhatTimeFrame(z, date, date2, i3, resourceLocationNvd, resourceLocationNvd2);
                    int i4 = downloadCpeDecideWhatTimeFrame2.getInt("totalResults");
                    LOG.info("Downloaded CPEs [{}] to [{}] of [{}]", new Object[]{Integer.valueOf(i3), Integer.valueOf(i3 + downloadCpeDecideWhatTimeFrame2.getInt("resultsPerPage")), Integer.valueOf(i4)});
                    appendJsonToProcessResponseCache(downloadCpeDecideWhatTimeFrame2);
                });
            }
        });
    }

    private void appendJsonToProcessResponseCache(JSONObject jSONObject) {
        JSONArray jSONArray = (JSONArray) ObjectUtils.firstNonNull(new JSONArray[]{jSONObject.optJSONArray("products"), jSONObject.optJSONArray("matchStrings")});
        if (jSONArray == null) {
            LOG.error("Unable to find 'products' or 'matchStrings' in the JSON response: {}", jSONObject.keySet());
            return;
        }
        synchronized (this.apiResponseDataToBeProcessed) {
            this.apiResponseDataToBeProcessed.add(jSONArray);
        }
    }

    private JSONObject downloadCpeDecideWhatTimeFrame(boolean z, Date date, Date date2, int i, ResourceLocationNvd resourceLocationNvd, ResourceLocationNvd resourceLocationNvd2) {
        AtomicReference atomicReference = new AtomicReference();
        new Retry(() -> {
            if (z) {
                atomicReference.set(downloadCpePage(i, resourceLocationNvd));
            } else {
                atomicReference.set(downloadCpePage(i, date, date2, resourceLocationNvd2));
            }
        }).withDelay(9600).onException(Exception.class).retryCount(8).run();
        return (JSONObject) atomicReference.get();
    }

    private void processApiCpeItems(Collection<JSONArray> collection) {
        ArrayList arrayList = new ArrayList();
        for (JSONArray jSONArray : collection) {
            JSONArray jSONArray2 = new JSONArray();
            for (int i = 0; i < jSONArray.length(); i++) {
                jSONArray2.put(convertCpeMatchToCpeDictItem(unwrapCpeEntry(jSONArray.getJSONObject(i))));
            }
            arrayList.add(jSONArray2);
        }
        HashMap hashMap = new HashMap();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            for (Map.Entry<Integer, JSONArray> entry : sortCpesIntoYears((JSONArray) it.next()).entrySet()) {
                JSONArray computeIfAbsent = hashMap.computeIfAbsent(entry.getKey(), num -> {
                    return new JSONArray();
                });
                for (int i2 = 0; i2 < entry.getValue().length(); i2++) {
                    computeIfAbsent.put(entry.getValue().getJSONObject(i2));
                }
            }
        }
        int sum = collection.stream().mapToInt((v0) -> {
            return v0.length();
        }).sum();
        int sum2 = hashMap.values().stream().mapToInt((v0) -> {
            return v0.length();
        }).sum();
        if (sum != sum2) {
            LOG.error("Dropped at least one CPE whilst sorting CPEs into yearly files: [{}] -> [{}]", Integer.valueOf(sum), Integer.valueOf(sum2));
        }
        processApiCpeItems(hashMap);
    }

    private void processApiCpeItems(Map<Integer, JSONArray> map) {
        if (map.size() == 0) {
            LOG.warn("No CPEs to process from the API.");
            return;
        }
        LOG.info("Processing CPE data from years: [{}]", map.entrySet().stream().sorted(Map.Entry.comparingByValue(Comparator.comparing((v0) -> {
            return v0.length();
        }).reversed())).map(entry -> {
            return entry.getKey() + " = " + ((JSONArray) entry.getValue()).length();
        }).collect(Collectors.joining("; ")));
        for (Map.Entry<Integer, JSONArray> entry2 : map.entrySet()) {
            int intValue = entry2.getKey().intValue();
            JSONArray value = entry2.getValue();
            JSONArray parseCpeItemsFromDownloadedYear = parseCpeItemsFromDownloadedYear(intValue);
            JSONArray mergeCpeItems = mergeCpeItems(Arrays.asList(value, parseCpeItemsFromDownloadedYear));
            LOG.info("Year: [{}], merging existing with downloaded [{} + {} --> {}]", new Object[]{Integer.valueOf(intValue), Integer.valueOf(parseCpeItemsFromDownloadedYear.length()), Integer.valueOf(value.length()), Integer.valueOf(mergeCpeItems.length())});
            File file = new File(this.downloadIntoDirectory, intValue + ".json");
            try {
                FileUtils.write(file, mergeCpeItems.toString(), StandardCharsets.UTF_8);
            } catch (IOException e) {
                throw new RuntimeException("Unable to write NVD CPE year file " + file.getAbsolutePath(), e);
            }
        }
    }

    private JSONObject convertCpeMatchToCpeDictItem(JSONObject jSONObject) {
        return (jSONObject.has("criteria") && jSONObject.has("matchCriteriaId") && jSONObject.has("lastModified") && jSONObject.has("created")) ? new JSONObject().put("deprecated", false).put("cpeName", jSONObject.getString("criteria")).put("cpeNameId", jSONObject.getString("matchCriteriaId")).put("lastModified", jSONObject.getString("lastModified")).put("created", jSONObject.getString("created")) : jSONObject;
    }

    private static JSONObject unwrapCpeEntry(JSONObject jSONObject) {
        return jSONObject.has("cpe") ? jSONObject.getJSONObject("cpe") : jSONObject.has("matchString") ? jSONObject.getJSONObject("matchString") : jSONObject;
    }

    private JSONArray parseCpeItemsFromDownloadedYear(int i) {
        File file = new File(this.downloadIntoDirectory, i + ".json");
        if (!file.exists()) {
            return new JSONArray();
        }
        try {
            return new JSONArray(FileUtils.readFileToString(file, StandardCharsets.UTF_8));
        } catch (IOException e) {
            throw new RuntimeException("Unable to read NVD CPE year file " + file.getAbsolutePath(), e);
        }
    }

    private Map<Integer, JSONArray> sortCpesIntoYears(JSONArray jSONArray) {
        HashMap hashMap = new HashMap();
        if (jSONArray == null) {
            LOG.warn("No CPEs to process from the API while sorting CPEs into years.");
            return hashMap;
        }
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONObject jSONObject = jSONArray.getJSONObject(i);
            if (!jSONObject.has("created")) {
                throw new RuntimeException("CPE entry does not provide 'created' timestamp: " + jSONObject);
            }
            int parseInt = Integer.parseInt(jSONObject.getString("created").substring(0, 4));
            if (parseInt < 1999 || parseInt > 9999) {
                LOG.warn("CPE entry most likely has invalid year [{}]", jSONObject);
            }
            ((JSONArray) hashMap.computeIfAbsent(Integer.valueOf(parseInt), num -> {
                return new JSONArray();
            })).put(jSONObject);
        }
        int length = jSONArray.length();
        int sum = hashMap.values().stream().mapToInt((v0) -> {
            return v0.length();
        }).sum();
        if (length != sum) {
            LOG.warn("CPEs were lost during sorting into years: [{} --> {}]", Integer.valueOf(length), Integer.valueOf(sum));
        }
        return hashMap;
    }

    private JSONArray mergeCpeItems(List<JSONArray> list) {
        JSONArray jSONArray = new JSONArray();
        HashSet hashSet = new HashSet();
        for (JSONArray jSONArray2 : list) {
            for (int i = 0; i < jSONArray2.length(); i++) {
                JSONObject unwrapCpeEntry = unwrapCpeEntry(jSONArray2.getJSONObject(i));
                String str = (String) ObjectUtils.firstNonNull(new String[]{unwrapCpeEntry.optString("cpeNameId", null), unwrapCpeEntry.optString("matchCriteriaId", null)});
                if (hashSet.add(str)) {
                    jSONArray.put(unwrapCpeEntry);
                } else if (str == null) {
                    LOG.warn("CPE entry does not provide 'cpeNameId' or 'matchCriteriaId' - skipping: [{}]", unwrapCpeEntry);
                } else {
                    LOG.debug("CPE entry with ID [{}] already exists - skipping: [{}]", str, unwrapCpeEntry);
                }
            }
        }
        return jSONArray;
    }

    private JSONObject downloadCpePage(int i, ResourceLocationNvd resourceLocationNvd) {
        URL remoteResourceLocationUrl = super.getRemoteResourceLocationUrl(resourceLocationNvd, Integer.valueOf(i));
        List<String> fetchResponseBodyFromUrlAsList = this.downloader.fetchResponseBodyFromUrlAsList(remoteResourceLocationUrl, Collections.singletonMap("apiKey", this.apiKey));
        try {
            return new JSONObject(String.join("", fetchResponseBodyFromUrlAsList));
        } catch (JSONException e) {
            throw new RuntimeException("Unable to parse NVD CPE API response: " + fetchResponseBodyFromUrlAsList + "\nRequest URL: " + remoteResourceLocationUrl, e);
        }
    }

    private JSONObject downloadCpePage(int i, Date date, Date date2, ResourceLocationNvd resourceLocationNvd) {
        if (date2.getTime() - date.getTime() > 10368000000L) {
            throw new IllegalArgumentException("Difference between lastModStartDate and lastModEndDate must not be greater than 120 days");
        }
        URL remoteResourceLocationUrl = super.getRemoteResourceLocationUrl(resourceLocationNvd, Integer.valueOf(i), ISO_8601_DATE_FORMAT.format(date), ISO_8601_DATE_FORMAT.format(date2));
        List<String> fetchResponseBodyFromUrlAsList = this.downloader.fetchResponseBodyFromUrlAsList(remoteResourceLocationUrl, Collections.singletonMap("apiKey", this.apiKey));
        try {
            return new JSONObject(String.join("", fetchResponseBodyFromUrlAsList));
        } catch (JSONException e) {
            throw new RuntimeException("Unable to parse NVD CVE API response: " + fetchResponseBodyFromUrlAsList + "\nRequest URL: " + remoteResourceLocationUrl, e);
        }
    }

    private boolean isFullMirrorRequired() {
        File[] listFiles = this.downloadIntoDirectory.listFiles();
        if (listFiles == null) {
            LOG.info("No CPE JSON files found in download directory, performing full mirror");
            return true;
        }
        List list = (List) Arrays.stream(listFiles).map((v0) -> {
            return v0.getName();
        }).collect(Collectors.toList());
        if (list.stream().noneMatch(str -> {
            return str.endsWith(".json");
        })) {
            LOG.info("No CPE JSON files found in download directory, performing full mirror");
            return true;
        }
        int i = Calendar.getInstance().get(1) - 1;
        for (int i2 = 2007; i2 <= i; i2++) {
            if (!list.contains(i2 + ".json")) {
                LOG.info("Missing CPE JSON file for year [{}], performing full mirror", Integer.valueOf(i2));
                return true;
            }
        }
        if (!super.isUpdatedAgeOlderThan(getDownloadDirectoryLastModified(), 10368000000L)) {
            return false;
        }
        LOG.info("Download directory last modified date is older than 120 days, performing full mirror");
        return true;
    }

    @Override // com.metaeffekt.mirror.download.Download
    protected boolean additionalIsDownloadRequired() {
        if (isFullMirrorRequired()) {
            return true;
        }
        Date date = new Date(getDownloadDirectoryLastModified());
        Date date2 = new Date(TimeUtils.utcNow());
        JSONObject downloadCpePage = downloadCpePage(0, date, date2, ResourceLocationNvd.CPE_MATCH_API_START_END_DATE);
        if (downloadCpePage.has("totalResults") && downloadCpePage.getInt("totalResults") > 0) {
            LOG.info("NVD CPE Match API reports [{}] new/changed entries since last download", Integer.valueOf(downloadCpePage.getInt("totalResults")));
            return true;
        }
        JSONObject downloadCpePage2 = downloadCpePage(0, date, date2, ResourceLocationNvd.CPE_API_START_END_DATE);
        if (!downloadCpePage2.has("totalResults") || downloadCpePage2.getInt("totalResults") <= 0) {
            return false;
        }
        LOG.info("NVD CPE Dictionary API reports [{}] new/changed entries since last download", Integer.valueOf(downloadCpePage2.getInt("totalResults")));
        return true;
    }

    @Override // com.metaeffekt.mirror.download.Download
    public void setRemoteResourceLocation(String str, String str2) {
        super.setRemoteResourceLocation(ResourceLocationNvd.valueOf(str), str2);
    }
}
