package org.owasp.dependencycheck.data.update;

import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import javax.annotation.concurrent.ThreadSafe;
import org.apache.commons.io.IOUtils;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.data.nvdcve.CveDB;
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
import org.owasp.dependencycheck.data.nvdcve.DatabaseProperties;
import org.owasp.dependencycheck.data.update.exception.UpdateException;
import org.owasp.dependencycheck.utils.DateUtil;
import org.owasp.dependencycheck.utils.DependencyVersion;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.utils.URLConnectionFactory;
import org.owasp.dependencycheck.utils.URLConnectionFailureException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ThreadSafe
/* loaded from: input_file:org/owasp/dependencycheck/data/update/EngineVersionCheck.class */
public class EngineVersionCheck implements CachedWebDataSource {
    private static final Logger LOGGER = LoggerFactory.getLogger(EngineVersionCheck.class);
    public static final String ENGINE_VERSION_CHECKED_ON = "VersionCheckOn";
    public static final String CURRENT_ENGINE_RELEASE = "CurrentEngineRelease";
    private String updateToVersion;
    private Settings settings;

    protected EngineVersionCheck(Settings settings) {
        this.settings = settings;
    }

    public EngineVersionCheck() {
    }

    protected String getUpdateToVersion() {
        return this.updateToVersion;
    }

    protected void setUpdateToVersion(String str) {
        this.updateToVersion = str;
    }

    @Override // org.owasp.dependencycheck.data.update.CachedWebDataSource
    public boolean update(Engine engine) throws UpdateException {
        this.settings = engine.getSettings();
        try {
            CveDB database = engine.getDatabase();
            boolean z = this.settings.getBoolean("odc.autoupdate", true);
            boolean z2 = this.settings.getBoolean("updater.versioncheck.enabled", true);
            String string = this.settings.getString("cve.url.original");
            String string2 = this.settings.getString("cve.url.modified");
            if (z2 && z && string != null && string.equals(string2)) {
                LOGGER.debug("Begin Engine Version Check");
                DatabaseProperties databaseProperties = database.getDatabaseProperties();
                long epochValueInSeconds = DateUtil.getEpochValueInSeconds(databaseProperties.getProperty(ENGINE_VERSION_CHECKED_ON, "0"));
                long currentTimeMillis = System.currentTimeMillis() / 1000;
                this.updateToVersion = databaseProperties.getProperty(CURRENT_ENGINE_RELEASE, "");
                String string3 = this.settings.getString("odc.application.version", "0.0.0");
                LOGGER.debug("Last checked: {}", Long.valueOf(epochValueInSeconds));
                LOGGER.debug("Now: {}", Long.valueOf(currentTimeMillis));
                LOGGER.debug("Current version: {}", string3);
                if (shouldUpdate(epochValueInSeconds, currentTimeMillis, databaseProperties, string3)) {
                    LOGGER.warn("A new version of dependency-check is available. Consider updating to version {}.", this.updateToVersion);
                }
            }
            return false;
        } catch (DatabaseException e) {
            LOGGER.debug("Database Exception opening databases to retrieve properties", e);
            throw new UpdateException("Error occurred updating database properties.");
        }
    }

    protected boolean shouldUpdate(long j, long j2, DatabaseProperties databaseProperties, String str) throws UpdateException {
        if (!DateUtil.withinDateRange(j, j2, 30)) {
            LOGGER.debug("Checking web for new version.");
            String currentReleaseVersion = getCurrentReleaseVersion();
            if (currentReleaseVersion != null) {
                DependencyVersion dependencyVersion = new DependencyVersion(currentReleaseVersion);
                if (dependencyVersion.getVersionParts() != null && dependencyVersion.getVersionParts().size() >= 3) {
                    this.updateToVersion = dependencyVersion.toString();
                    if (!currentReleaseVersion.equals(this.updateToVersion)) {
                        databaseProperties.save(CURRENT_ENGINE_RELEASE, this.updateToVersion);
                    }
                    databaseProperties.save(ENGINE_VERSION_CHECKED_ON, Long.toString(j2));
                }
            }
            LOGGER.debug("Current Release: {}", this.updateToVersion);
        }
        if (this.updateToVersion == null) {
            LOGGER.debug("Unable to obtain current release");
            return false;
        }
        if (new DependencyVersion(str).compareTo(new DependencyVersion(this.updateToVersion)) < 0) {
            LOGGER.debug("Upgrade recommended");
            return true;
        }
        LOGGER.debug("Upgrade not needed");
        return false;
    }

    protected String getCurrentReleaseVersion() {
        HttpURLConnection httpURLConnection = null;
        try {
            try {
                httpURLConnection = new URLConnectionFactory(this.settings).createHttpURLConnection(new URL(this.settings.getString("engine.version.url", "http://jeremylong.github.io/DependencyCheck/current.txt")));
                httpURLConnection.connect();
                if (httpURLConnection.getResponseCode() != 200) {
                    if (httpURLConnection != null) {
                        httpURLConnection.disconnect();
                    }
                    return null;
                }
                String trim = new String(IOUtils.toByteArray(httpURLConnection.getInputStream()), StandardCharsets.UTF_8).trim();
                if (httpURLConnection != null) {
                    httpURLConnection.disconnect();
                }
                return trim;
            } catch (MalformedURLException e) {
                LOGGER.debug("Unable to retrieve current release version of dependency-check - malformed url?");
                if (httpURLConnection == null) {
                    return null;
                }
                httpURLConnection.disconnect();
                return null;
            } catch (IOException e2) {
                LOGGER.debug("Unable to retrieve current release version of dependency-check - i/o exception");
                if (httpURLConnection == null) {
                    return null;
                }
                httpURLConnection.disconnect();
                return null;
            } catch (URLConnectionFailureException e3) {
                LOGGER.debug("Unable to retrieve current release version of dependency-check - connection failed");
                if (httpURLConnection == null) {
                    return null;
                }
                httpURLConnection.disconnect();
                return null;
            }
        } catch (Throwable th) {
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
            throw th;
        }
    }

    @Override // org.owasp.dependencycheck.data.update.CachedWebDataSource
    public boolean purge(Engine engine) {
        return true;
    }
}
