package com.sonatype.insight.scan.file;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
import com.github.packageurl.MalformedPackageURLException;
import com.github.packageurl.PackageURLBuilder;
import com.sonatype.clm.dto.model.component.ComponentIdentifier;
import de.schlichtherle.truezip.file.TFile;
import de.schlichtherle.truezip.file.TFileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.cyclonedx.exception.GeneratorException;
import org.cyclonedx.model.Component;
import org.slf4j.Logger;
import org.spdx.library.SpdxConstants;

/* loaded from: input_file:com/sonatype/insight/scan/file/PubSpecLockProcessor.class */
public class PubSpecLockProcessor {
    private final Logger log;
    private final FileVisitor fileVisitor;

    public PubSpecLockProcessor(FileVisitor fileVisitor) {
        this.fileVisitor = fileVisitor;
        this.log = fileVisitor.log;
    }

    public String process(TFile tFile) {
        this.log.debug("Processing pubspec.lock file: {}", tFile.getAbsolutePath());
        try {
            InputStreamReader inputStreamReader = new InputStreamReader(new TFileInputStream(tFile), StandardCharsets.UTF_8);
            Throwable th = null;
            try {
                try {
                    JsonNode readTree = new ObjectMapper(new YAMLFactory()).readTree(inputStreamReader);
                    if (inputStreamReader != null) {
                        if (0 != 0) {
                            try {
                                inputStreamReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            inputStreamReader.close();
                        }
                    }
                    ArrayList arrayList = new ArrayList();
                    Iterator<Map.Entry<String, JsonNode>> fields = readTree.fields();
                    while (fields.hasNext()) {
                        Map.Entry<String, JsonNode> next = fields.next();
                        if (SpdxConstants.PROP_DOCUMENT_PACKAGES.equals(next.getKey())) {
                            next.getValue().fields().forEachRemaining(entry -> {
                                Component createBasicComponent;
                                String fieldValue = getFieldValue((JsonNode) entry.getValue(), "dependency");
                                if (fieldValue == null || fieldValue.endsWith(" dev")) {
                                    return;
                                }
                                String str = (String) entry.getKey();
                                String fieldValue2 = getFieldValue((JsonNode) entry.getValue(), "version");
                                if (StringUtils.isAnyBlank(str, fieldValue2)) {
                                    this.log.debug("Unable to determine the dependency name and/or exact version for {}.", entry);
                                } else {
                                    if (!isNotSensitiveContent(str) || (createBasicComponent = createBasicComponent(str, fieldValue2)) == null) {
                                        return;
                                    }
                                    arrayList.add(createBasicComponent);
                                }
                            });
                        }
                    }
                    try {
                        return SbomUtils.createSbomJsonString(arrayList);
                    } catch (GeneratorException e) {
                        throw new RuntimeException(e);
                    }
                } finally {
                }
            } finally {
            }
        } catch (IOException e2) {
            this.log.error("Failed to process pubspec.lock file as yaml: {}", e2.getMessage(), e2);
            return null;
        }
    }

    private String getFieldValue(JsonNode jsonNode, String str) {
        JsonNode jsonNode2 = jsonNode.get(str);
        if (jsonNode2 != null) {
            return jsonNode2.asText();
        }
        return null;
    }

    private Component createBasicComponent(String str, String str2) {
        Component createLibraryComponent = SbomUtils.createLibraryComponent(str, str2);
        try {
            createLibraryComponent.setPurl(PackageURLBuilder.aPackageURL().withType(ComponentIdentifier.FORMAT_PUB).withName(createLibraryComponent.getName()).withVersion(createLibraryComponent.getVersion()).build().canonicalize());
            return createLibraryComponent;
        } catch (MalformedPackageURLException e) {
            this.log.debug("Invalid coordinates found in the pubspec.yaml file", (Throwable) e);
            return null;
        }
    }

    private boolean isNotSensitiveContent(String str) {
        return this.fileVisitor.includeResourceName(str);
    }
}
