package com.aspectsecurity.contrast;

import com.contrastsecurity.exceptions.UnauthorizedException;
import com.contrastsecurity.http.RuleSeverity;
import com.contrastsecurity.http.ServerFilterForm;
import com.contrastsecurity.http.TraceFilterForm;
import com.contrastsecurity.models.Application;
import com.contrastsecurity.models.Server;
import com.contrastsecurity.models.Servers;
import com.contrastsecurity.models.Trace;
import com.contrastsecurity.models.Traces;
import com.contrastsecurity.sdk.ContrastSDK;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.EnumSet;
import java.util.Iterator;
import java.util.List;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugins.annotations.Mojo;

@Mojo(name = "verify", requiresOnline = true)
/* loaded from: input_file:com/aspectsecurity/contrast/VerifyContrastMavenPluginMojo.class */
public class VerifyContrastMavenPluginMojo extends AbstractContrastMavenPluginMojo {
    private static final List<String> SEVERITIES = Arrays.asList("Note", "Low", "Medium", "High", "Critical");

    @Override // com.aspectsecurity.contrast.AbstractContrastMavenPluginMojo
    public void execute() throws MojoExecutionException {
        getLog().info("Checking for new vulnerabilities...");
        ContrastSDK connectToTeamServer = connectToTeamServer();
        getLog().info("Successfully authenticated to TeamServer.");
        String applicationId = getApplicationId(connectToTeamServer, this.appName);
        long serverId = getServerId(connectToTeamServer, applicationId);
        TraceFilterForm traceFilterForm = new TraceFilterForm();
        traceFilterForm.setSeverities(getSeverityList(this.minSeverity));
        traceFilterForm.setStartDate(verifyDateTime);
        traceFilterForm.setServerIds(Arrays.asList(Long.valueOf(serverId)));
        getLog().info("Sending vulnerability request to TeamServer.");
        try {
            Traces traces = connectToTeamServer.getTraces(this.orgUuid, applicationId, traceFilterForm);
            if (traces == null || traces.getCount().intValue() <= 0) {
                getLog().info("No new vulnerabilities were found!");
                getLog().info("Finished verifying your application.");
            } else {
                getLog().info(traces.getCount() + " new vulnerability(s) were found! Printing vulnerability report.");
                Iterator it = traces.getTraces().iterator();
                while (it.hasNext()) {
                    getLog().info(generateTraceReport((Trace) it.next()));
                }
                throw new MojoExecutionException("Your application is vulnerable. Please see the above report for new vulnerabilities.");
            }
        } catch (IOException e) {
            throw new MojoExecutionException("Unable to retrieve the traces.", e);
        } catch (UnauthorizedException e2) {
            throw new MojoExecutionException("Unable to connect to TeamServer.", e2);
        }
    }

    private long getServerId(ContrastSDK contrastSDK, String str) throws MojoExecutionException {
        ServerFilterForm serverFilterForm = new ServerFilterForm();
        serverFilterForm.setApplicationIds(Arrays.asList(str));
        serverFilterForm.setQ(this.serverName);
        try {
            Servers serversWithFilter = contrastSDK.getServersWithFilter(this.orgUuid, serverFilterForm);
            if (serversWithFilter.getServers().isEmpty()) {
                throw new MojoExecutionException("Server with name '" + this.serverName + "' not found.");
            }
            return ((Server) serversWithFilter.getServers().get(0)).getServerId();
        } catch (UnauthorizedException e) {
            throw new MojoExecutionException("Unable to connect to TeamServer.", e);
        } catch (IOException e2) {
            throw new MojoExecutionException("Unable to retrieve the servers.", e2);
        }
    }

    private String getApplicationId(ContrastSDK contrastSDK, String str) throws MojoExecutionException {
        try {
            for (Application application : contrastSDK.getApplications(this.orgUuid).getApplications()) {
                if (str.equals(application.getName())) {
                    return application.getId();
                }
            }
            throw new MojoExecutionException("Application with name '" + str + "' not found.");
        } catch (UnauthorizedException e) {
            throw new MojoExecutionException("Unable to connect to TeamServer.", e);
        } catch (IOException e2) {
            throw new MojoExecutionException("Unable to retrieve the applications.", e2);
        }
    }

    private String generateTraceReport(Trace trace) {
        return "Trace: " + trace.getTitle() + "\nTrace Uuid: " + trace.getUuid() + "\nTrace Severity: " + trace.getSeverity() + "\nTrace Likelihood: " + trace.getLikelihood() + "\n";
    }

    private static EnumSet<RuleSeverity> getSeverityList(String str) {
        List<String> subList = SEVERITIES.subList(SEVERITIES.indexOf(str), SEVERITIES.size());
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = subList.iterator();
        while (it.hasNext()) {
            arrayList.add(RuleSeverity.valueOf(it.next()));
        }
        return EnumSet.copyOf((Collection) arrayList);
    }
}
