package org.whitesource.agent.dependency.resolver.js;

import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.client.urlconnection.URLConnectionClientHandler;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.StringUtils;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.whitesource.agent.DependencyCalculator;
import org.whitesource.agent.api.model.DependencyInfo;
import org.whitesource.agent.dependency.resolver.js.npm.dto.NpmPackageJson;
import org.whitesource.agent.utils.ConnectionFactory;
import org.whitesource.config.utils.ConfigPropertyKeys;
import org.whitesource.utils.Constants;
import org.whitesource.utils.DIHelper;
import org.whitesource.utils.StatusCode;
import org.whitesource.utils.SystemExit;
import org.whitesource.utils.SystemExitLogLevel;
import org.whitesource.utils.files.FilesUtils;
import org.whitesource.utils.files.TempFolders;
import org.whitesource.utils.logger.LoggerFactory;
import org.whitesource.utils.net.WssProxy;

/* loaded from: input_file:org/whitesource/agent/dependency/resolver/js/JsDownloader.class */
public class JsDownloader {
    private static final String VISUALSTUDIO_REGISTRY = "pkgs.visualstudio";
    private static final String DEV_AZURE = "pkgs.dev.azure";
    private static final String ARTIFACTORY_FORWARD_SLASH = "/artifactory/";
    private static final String NPM_REGISTRY1 = "npm/registry/";
    private static final String SCOPED_PACKAGE = "@";
    private static final String URL_SLASH = "%2F";
    private static final String RESOURCE_JSON = "application/json";
    private static final String RESOURCES_TYPES = "application/json,text/html,application/xhtml+xml,application/xml";
    private static final String TIMEOUT_STR = "timed out";
    private static final String VERSIONS = "versions";
    private static final String DIST = "dist";
    private static final String SHASUM = "shasum";
    private static final String AUTHORIZATION = "Authorization";
    private static final String BEARER = "Bearer";
    private static final String BASIC = "Basic";
    private static final int URL_MAX_FAIL = 2;
    private static final int NUM_THREADS = 16;
    private boolean npmIdentifyByNameAndVersion;
    private String npmAccessToken;
    private List<String> unAuthorizedRegistriesDomains;
    private Map<String, Integer> urlsBlackListMap;
    private Map<String, String> resolvedUrlToSha1;
    private Map<String, AddSha1ToDependency> resolvedUrlToThreads;
    private Client client;
    private String tempFolder;
    private static JsDownloader instance;
    private boolean active;
    private static final Logger logger = LoggerFactory.getLogger(JsDownloader.class);
    private static final Object lock = new Object();

    /* loaded from: input_file:org/whitesource/agent/dependency/resolver/js/JsDownloader$AddSha1ToDependency.class */
    class AddSha1ToDependency implements Callable<Void> {
        private final NpmPackageJson packageJson;
        private final List<DependencyInfo> deps = new ArrayList();

        public AddSha1ToDependency(NpmPackageJson npmPackageJson) {
            this.packageJson = npmPackageJson;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public Void call() throws Exception {
            String resolved = this.packageJson.getResolved();
            if (JsDownloader.this.resolvedUrlToSha1.containsKey(resolved)) {
                String str = (String) JsDownloader.this.resolvedUrlToSha1.get(resolved);
                this.deps.forEach(dependencyInfo -> {
                    dependencyInfo.setSha1(str);
                });
                return null;
            }
            String dependencySha1 = JsDownloader.this.getDependencySha1(this.packageJson);
            if (!StringUtils.isNotBlank(dependencySha1)) {
                return null;
            }
            this.deps.forEach(dependencyInfo2 -> {
                dependencyInfo2.setSha1(dependencySha1);
            });
            JsDownloader.this.resolvedUrlToSha1.put(resolved, dependencySha1);
            return null;
        }

        public void addDependency(DependencyInfo dependencyInfo) {
            this.deps.add(dependencyInfo);
        }
    }

    private JsDownloader() {
    }

    public static JsDownloader getInstance() {
        if (instance != null) {
            return instance;
        }
        synchronized (lock) {
            if (instance == null) {
                instance = new JsDownloader();
            }
        }
        return instance;
    }

    public void activate(Map<String, Object> map) {
        if (this.active) {
            return;
        }
        this.active = true;
        this.npmAccessToken = (String) map.get(ConfigPropertyKeys.NPM_ACCESS_TOKEN);
        if (StringUtils.isBlank(this.npmAccessToken)) {
            logger.debug("npm.accessToken is not defined");
        } else {
            logger.debug("npm.accessToken is defined");
        }
        this.npmIdentifyByNameAndVersion = ((Boolean) map.get(ConfigPropertyKeys.NPM_IDENTIFY_BY_NAME_AND_VERSION)).booleanValue();
        this.urlsBlackListMap = Collections.synchronizedMap(new HashMap());
        this.unAuthorizedRegistriesDomains = new LinkedList();
        this.resolvedUrlToSha1 = new HashMap();
        this.resolvedUrlToThreads = new HashMap();
        WssProxy wssProxy = (WssProxy) map.get(Constants.PROXY_CONFIG);
        if (wssProxy.getProxy() != null) {
            this.client = new Client(new URLConnectionClientHandler(new ConnectionFactory(wssProxy.getProxy())));
        } else {
            this.client = Client.create();
        }
    }

    public void runSha1ThreadCollection() {
        if (this.active) {
            ExecutorService newWorkStealingPool = Executors.newWorkStealingPool(16);
            try {
                newWorkStealingPool.invokeAll(this.resolvedUrlToThreads.values());
                newWorkStealingPool.shutdown();
            } catch (InterruptedException e) {
                Thread.currentThread().interrupt();
                SystemExit.exit(StatusCode.ERROR, "One of the threads was interrupted, please try to scan again the project. Error: " + e.getMessage(), SystemExitLogLevel.ERROR, false);
            } finally {
                this.resolvedUrlToThreads.clear();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getDependencySha1(NpmPackageJson npmPackageJson) {
        String sha1 = npmPackageJson.getSha1();
        if (StringUtils.isNotEmpty(sha1)) {
            return sha1;
        }
        String format = MessageFormat.format(JsUtils.NPM_PACKAGE_FORMAT, npmPackageJson.getName(), npmPackageJson.getVersion());
        String resolved = npmPackageJson.getResolved();
        File file = new File(resolved);
        if (file.exists()) {
            try {
                sha1 = DependencyCalculator.calculateSHA1(file);
            } catch (IOException e) {
                logger.debug("Failed to calculate sha1 of: {}", resolved);
            }
        } else if (!this.npmIdentifyByNameAndVersion) {
            npmPackageJson.setRegistryType(getRegistryType(resolved));
            String registryPackageUrl = getRegistryPackageUrl(npmPackageJson);
            String registryPackageDomain = getRegistryPackageDomain(registryPackageUrl);
            if (StringUtils.isEmpty(sha1) && StringUtils.isNotEmpty(registryPackageUrl) && (registryPackageDomain.isEmpty() || !this.unAuthorizedRegistriesDomains.contains(registryPackageDomain))) {
                logger.debug("fetch {}", registryPackageUrl);
                sha1 = getSha1FromRegistryPackageUrl(registryPackageUrl, npmPackageJson.getVersion(), npmPackageJson.getRegistryType(), format, this.npmAccessToken);
            }
            if (StringUtils.isEmpty(sha1) && StringUtils.isNotBlank(npmPackageJson.getResolved())) {
                logger.debug("fallback url - {}", npmPackageJson.getResolved());
                sha1 = getSha1FromRegistryPackageUrl(npmPackageJson.getResolved(), npmPackageJson.getVersion(), npmPackageJson.getRegistryType(), format, this.npmAccessToken);
            }
        }
        String validateSha1 = DIHelper.validateSha1(sha1);
        if (StringUtils.isEmpty(validateSha1)) {
            logger.debug("The package {} does not contain valid shasum/sha1: {}", format, sha1);
        }
        return validateSha1;
    }

    private RegistryType getRegistryType(String str) {
        RegistryType registryType = null;
        if (StringUtils.isNotBlank(str)) {
            registryType = str.contains(ARTIFACTORY_FORWARD_SLASH) ? RegistryType.ARTIFACTORY : str.contains(VISUALSTUDIO_REGISTRY) ? RegistryType.VISUAL_STUDIO : str.contains(DEV_AZURE) ? RegistryType.DEV_AZURE : RegistryType.NPM;
        }
        return registryType;
    }

    private String getRegistryPackageUrl(NpmPackageJson npmPackageJson) {
        String name;
        int indexOf;
        String resolved = npmPackageJson.getResolved();
        RegistryType registryType = npmPackageJson.getRegistryType();
        if (StringUtils.isEmpty(resolved)) {
            return "";
        }
        if (resolved.contains("git+") || resolved.contains("github:")) {
            logger.warn("This configuration - {} (remote repository packages) is not supported by WhiteSource. Please use direct URL package references.", npmPackageJson.getName());
            return "";
        }
        String str = null;
        switch (registryType) {
            case ARTIFACTORY:
                str = resolved.substring(0, resolved.length() - 3) + Constants.JSON;
                break;
            case VISUAL_STUDIO:
                int indexOf2 = resolved.indexOf(NPM_REGISTRY1);
                if (indexOf2 > 0) {
                    String name2 = npmPackageJson.getName();
                    if (name2.contains("@")) {
                        name2 = name2.replace("/", URL_SLASH);
                    }
                    int indexOf3 = resolved.indexOf(name2, indexOf2);
                    if (indexOf3 > 0) {
                        str = resolved.substring(0, indexOf3 + name2.length());
                        break;
                    }
                }
                break;
            case DEV_AZURE:
                int indexOf4 = resolved.indexOf(NPM_REGISTRY1);
                if (indexOf4 > 0 && (indexOf = resolved.indexOf((name = npmPackageJson.getName()), indexOf4)) > 0) {
                    str = resolved.substring(0, indexOf + name.length());
                    break;
                }
                break;
            case NPM:
            default:
                String urlHostName = getUrlHostName(resolved);
                if (StringUtils.isNotBlank(urlHostName)) {
                    str = String.format("https://%s/%s/%s", urlHostName, npmPackageJson.getName(), npmPackageJson.getVersion());
                    break;
                }
                break;
        }
        return str;
    }

    private boolean urlIsNotInBlackList(String str) {
        return this.urlsBlackListMap.getOrDefault(str, 0).intValue() < 2;
    }

    private String getSha1FromRegistryPackageUrl(String str, String str2, RegistryType registryType, String str3, String str4) {
        if (!urlIsNotInBlackList(getUrlHostName(str))) {
            return "";
        }
        String str5 = null;
        if (this.tempFolder == null) {
            this.tempFolder = new FilesUtils().createTmpFolder(false, TempFolders.UNIQUE_NPM_FOLDER);
        }
        File file = new File(this.tempFolder, str3);
        String str6 = null;
        try {
            String str7 = str.endsWith("tgz") ? RESOURCES_TYPES : "application/json";
            WebResource resource = this.client.resource(str);
            ClientResponse clientResponse = StringUtils.isEmpty(str4) ? (ClientResponse) resource.accept(str7).get(ClientResponse.class) : (registryType == RegistryType.VISUAL_STUDIO || registryType == RegistryType.DEV_AZURE) ? (ClientResponse) resource.accept(str7).header("Authorization", "Basic " + new String(Base64.getEncoder().encode(("Bearer:" + str4).getBytes()))).get(ClientResponse.class) : (ClientResponse) resource.accept(str7).header("Authorization", "Bearer " + str4).get(ClientResponse.class);
            if (clientResponse.getStatus() < 200 || clientResponse.getStatus() >= 300) {
                logger.debug("Got {} status code from registry using the url {}.", Integer.valueOf(clientResponse.getStatus()), str);
                if ((clientResponse.getStatus() == 401 || clientResponse.getStatus() == 403) && !getRegistryPackageDomain(str).isEmpty()) {
                    this.unAuthorizedRegistriesDomains.add(str);
                }
            } else if (str.endsWith("tgz")) {
                try {
                    InputStream entityInputStream = clientResponse.getEntityInputStream();
                    Throwable th = null;
                    try {
                        try {
                            FileUtils.copyInputStreamToFile(entityInputStream, file);
                            if (entityInputStream != null) {
                                if (0 != 0) {
                                    try {
                                        entityInputStream.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    entityInputStream.close();
                                }
                            }
                        } catch (Throwable th3) {
                            th = th3;
                            throw th3;
                        }
                    } catch (Throwable th4) {
                        if (entityInputStream != null) {
                            if (th != null) {
                                try {
                                    entityInputStream.close();
                                } catch (Throwable th5) {
                                    th.addSuppressed(th5);
                                }
                            } else {
                                entityInputStream.close();
                            }
                        }
                        throw th4;
                    }
                } catch (Exception e) {
                    logger.debug("failed to copy file to {}", this.tempFolder, e);
                }
            } else {
                str5 = (String) clientResponse.getEntity(String.class);
            }
            if (str5 != null) {
                try {
                    JSONObject jSONObject = new JSONObject(str5);
                    str6 = (registryType == RegistryType.VISUAL_STUDIO || registryType == RegistryType.DEV_AZURE) ? jSONObject.getJSONObject(VERSIONS).getJSONObject(str2).getJSONObject(DIST).getString(SHASUM) : jSONObject.getJSONObject(DIST).getString(SHASUM);
                } catch (Exception e2) {
                    logger.debug("Failed to read json response from url:{}", str);
                }
            } else if (file.exists()) {
                logger.debug("Succeed to download the npm package {}-{}.", str3, str2);
                try {
                    str6 = DependencyCalculator.calculateSHA1(file);
                } catch (IOException e3) {
                    logger.error("Failed to calculate sha1 for {}-{} - {}.", str3, str2, e3.getMessage());
                }
            }
            return str6;
        } catch (Exception e4) {
            logger.warn("Could not reach the registry using the URL: {}. Got an error: {}", str, e4.getMessage());
            if (!e4.getMessage().contains(TIMEOUT_STR)) {
                return "";
            }
            addUrlToBlackList(str);
            return "";
        }
    }

    private synchronized void addUrlToBlackList(String str) {
        String urlHostName = getUrlHostName(str);
        int intValue = this.urlsBlackListMap.getOrDefault(urlHostName, 0).intValue();
        logger.debug("Increment {} to {} in \"black list\" urls, got timed-out", urlHostName, Integer.valueOf(intValue + 1));
        this.urlsBlackListMap.put(urlHostName, Integer.valueOf(intValue + 1));
    }

    private String getUrlHostName(String str) {
        String str2 = "";
        try {
            str2 = new URL(str).getHost();
        } catch (MalformedURLException e) {
            logger.error("getUrlHost failed: {}", e.getMessage());
        }
        return str2;
    }

    private String getRegistryPackageDomain(String str) {
        if (str == null) {
            return "";
        }
        try {
            String host = new URI(str).getHost();
            return host != null ? host.startsWith("www.") ? host.substring(4) : host : "";
        } catch (Exception e) {
            logger.debug("Unable to extract host from {}, error: {}", str, e.getMessage());
            return "";
        }
    }

    public void addToSha1ThreadsCollection(DependencyInfo dependencyInfo, NpmPackageJson npmPackageJson) {
        if (this.active) {
            if (this.resolvedUrlToThreads.containsKey(npmPackageJson.getResolved())) {
                this.resolvedUrlToThreads.get(npmPackageJson.getResolved()).addDependency(dependencyInfo);
                return;
            }
            AddSha1ToDependency addSha1ToDependency = new AddSha1ToDependency(npmPackageJson);
            addSha1ToDependency.addDependency(dependencyInfo);
            this.resolvedUrlToThreads.put(npmPackageJson.getResolved(), addSha1ToDependency);
        }
    }

    public void addToDiscoveredSha1(String str, String str2) {
        if (this.active) {
            this.resolvedUrlToSha1.putIfAbsent(str, str2);
        }
    }
}
