package com.meterian.scanners.javascript.h3xe;

import com.esotericsoftware.minlog.Log;
import com.google.common.base.Strings;
import com.h3xstream.retirejs.repo.JsLibrary;
import com.h3xstream.retirejs.repo.JsLibraryResult;
import com.h3xstream.retirejs.repo.JsVulnerability;
import com.meterian.common.concepts.bare.BareComponent;
import com.meterian.common.functions.CollectionFunctions;
import com.meterian.common.functions.StringFunctions;
import com.meterian.common.io.SmartDownloader;
import com.meterian.scanners.javascript.JsFile;
import com.meterian.scanners.javascript.JsHeaderParser;
import com.meterian.scanners.javascript.JsHeaderParserOffline;
import com.meterian.scanners.javascript.resolvers.NameResolver;
import java.io.File;
import java.io.FileFilter;
import java.io.IOException;
import java.nio.file.Files;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: input_file:com/meterian/scanners/javascript/h3xe/OurScannerFacade.class */
public class OurScannerFacade {
    private final OurVulnerabilitiesRepository repo;
    private final JsHeaderParserOffline parser = new JsHeaderParserOffline();

    public OurScannerFacade(OurVulnerabilitiesRepository ourVulnerabilitiesRepository) throws IOException {
        this.repo = ourVulnerabilitiesRepository;
    }

    public List<OurJsLibraryResult> scanComponent(NameResolver nameResolver, BareComponent bareComponent) {
        List<JsLibraryResult> findByNameAndVersion = this.repo.findByNameAndVersion(bareComponent.name, bareComponent.version);
        if (findByNameAndVersion.isEmpty()) {
            for (String str : nameResolver.getLibraryAliases(bareComponent.name)) {
                findByNameAndVersion = this.repo.findByNameAndVersion(str, bareComponent.version);
                if (!findByNameAndVersion.isEmpty()) {
                    break;
                }
            }
        }
        return (List) findByNameAndVersion.stream().map(jsLibraryResult -> {
            return new OurJsLibraryResult(jsLibraryResult, JsFile.EMPTY, null);
        }).collect(Collectors.toList());
    }

    public List<OurJsLibraryResult> scanHtml(String str, byte[] bArr, int i) {
        String str2 = new String(bArr, i, bArr.length - i);
        ArrayList arrayList = new ArrayList();
        File parentFile = new File(str).getParentFile();
        Iterator<String> it = findScriptUrl(str2).iterator();
        while (it.hasNext()) {
            arrayList.addAll(scanPath(parentFile, it.next()));
        }
        return arrayList;
    }

    private List<String> findScriptUrl(String str) {
        String[] split = str.split("</");
        ArrayList arrayList = new ArrayList();
        for (String str2 : split) {
            if (str2.contains("<script") || str2.contains("<SCRIPT")) {
                Matcher matcher = Pattern.compile("<[sS][cC][rR][iI][pP][tT][^>]*[sS][rR][cC]=[\"']([^>]*)[\"']").matcher(str2);
                if (matcher.find()) {
                    arrayList.add(cleanup(matcher.group(1)));
                }
            }
        }
        return arrayList;
    }

    private String cleanup(String str) {
        int indexOf = str.indexOf(34);
        if (indexOf == -1) {
            return str;
        }
        String substring = str.substring(0, indexOf);
        Log.debug("URL cleaned up from '" + str + "' to '" + substring + "'");
        return substring;
    }

    public List<OurJsLibraryResult> scanPath(File file, String str) {
        String computeRealPath = computeRealPath(file, str);
        byte[] bArr = JsFile.NO_BYTES;
        try {
            File file2 = new File(computeRealPath);
            if (file2.exists()) {
                bArr = Files.readAllBytes(file2.toPath());
            }
        } catch (Exception e) {
            Log.debug("Cannot  read file " + str);
        }
        return scanScript(computeRealPath, bArr, 0);
    }

    private String computeRealPath(File file, String str) {
        String str2 = str;
        if (!new File(str).exists()) {
            File file2 = new File(file, str);
            if (file2.exists()) {
                str2 = file2.toString();
            }
        }
        return str2;
    }

    public List<OurJsLibraryResult> scanScript(String str, byte[] bArr, int i) {
        JsFile create = JsFile.create(str, bArr, SmartDownloader.ENCODING);
        ArrayList arrayList = new ArrayList();
        List<JsLibraryResult> findByUri = this.repo.findByUri(str);
        if (findByUri.size() == 0) {
            Log.debug(String.format("No path matching the script (%s)", str));
            String filename = this.parser.getFilename(str);
            findByUri = this.repo.findByFilename(filename);
            if (findByUri.size() == 0) {
                Log.debug(String.format("No filename matching the script (%s)", filename));
                findByUri = findByHash(create);
                if (findByUri.size() == 0) {
                    Log.debug(String.format("No hash matching %s (%s)", Arrays.asList(create.sha1s), str));
                    findByUri = this.repo.findByFileContent(create.header);
                    if (findByUri.size() == 0) {
                        Log.debug(String.format("No content matching the script \"%s\"", str));
                        recordLibraries(str, create, arrayList);
                    }
                }
            }
        }
        HashSet hashSet = new HashSet();
        for (JsLibraryResult jsLibraryResult : findByUri) {
            String str2 = jsLibraryResult.getLibrary().getName() + jsLibraryResult.getDetectedVersion() + id(jsLibraryResult.getVuln());
            if (!hashSet.contains(str2)) {
                hashSet.add(str2);
                arrayList.add(new OurJsLibraryResult(jsLibraryResult, create, jsLibraryResult.getLibrary().getName()));
            }
        }
        return arrayList;
    }

    private String id(JsVulnerability jsVulnerability) {
        return Strings.nullToEmpty((String) CollectionFunctions.elementAt(jsVulnerability.getInfo(), 0));
    }

    private void recordLibraries(String str, JsFile jsFile, List<OurJsLibraryResult> list) {
        JsHeaderParser.Info combineAddingMissingInfo = this.parser.parseFromHeader(jsFile.header).combineAddingMissingInfo(this.parser.parseFromPath(str));
        if (StringFunctions.isEmpty(combineAddingMissingInfo.name)) {
            Log.debug("Disregarding path=\"" + str + "\"/header=\"" + jsFile.header + "\" - no info detected (" + combineAddingMissingInfo + ")");
            return;
        }
        if (combineAddingMissingInfo.name.indexOf(32) != -1) {
            Log.debug("Disregarding possible library \"" + combineAddingMissingInfo.name + "\" - name contains spaces");
        } else {
            if (!isValid(combineAddingMissingInfo.name)) {
                Log.debug("Disregarding possible library \"" + combineAddingMissingInfo.name + "\" - name invalid");
                return;
            }
            OurJsLibraryResult ourJsLibraryResult = new OurJsLibraryResult(new JsLibraryResult(newJsLibrary(combineAddingMissingInfo.name), null, combineAddingMissingInfo.version, null, null), jsFile, combineAddingMissingInfo.name);
            ourJsLibraryResult.addLocation(str);
            list.add(ourJsLibraryResult);
        }
    }

    private boolean isValid(String str) {
        return !"min".equals(str);
    }

    private List<JsLibraryResult> findByHash(JsFile jsFile) {
        if (jsFile.contents.length == 0) {
            return Collections.emptyList();
        }
        List<JsLibraryResult> emptyList = Collections.emptyList();
        for (String str : jsFile.sha1s) {
            emptyList = this.repo.findByHash(str);
            if (emptyList.size() != 0) {
                break;
            }
        }
        return emptyList;
    }

    private JsLibrary newJsLibrary(String str) {
        JsLibrary jsLibrary = new JsLibrary();
        String str2 = str;
        String[] strArr = JsHeaderParserOffline.FILE_ENDS;
        int length = strArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            String str3 = strArr[i];
            if (str.endsWith(str3)) {
                str2 = str.substring(0, str.length() - str3.length());
                break;
            }
            i++;
        }
        jsLibrary.setName(str2.toLowerCase());
        return jsLibrary;
    }

    public static void main(String[] strArr) throws Exception {
        dump(new File("/home/bbossola/projects/rocksolid/tmp.websites/paragonbrokers/www.paragonbrokers.com/wp-content/themes/salient/js/appear.js?ver=1.0"));
        for (File file : new File("/home/bbossola/Downloads/").listFiles(new FileFilter() { // from class: com.meterian.scanners.javascript.h3xe.OurScannerFacade.1
            @Override // java.io.FileFilter
            public boolean accept(File file2) {
                return file2.toString().endsWith(".js");
            }
        })) {
            dump(file);
        }
    }

    private static void dump(File file) throws IOException {
        byte[] readAllBytes = Files.readAllBytes(file.toPath());
        System.err.println("sha=" + hash(readAllBytes, 0, MessageDigestAlgorithms.SHA_1) + ", md5=" + hash(readAllBytes, 0, MessageDigestAlgorithms.MD5) + ", bytes=" + readAllBytes.length + ", " + file.getName());
    }

    public static String hash(byte[] bArr, int i, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(bArr, i, bArr.length - i);
            return toHex(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    private static String toHex(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append(String.format("%02x", Byte.valueOf(b)));
        }
        return sb.toString();
    }
}
