package edu.hm.hafner.analysis.parser;

import edu.hm.hafner.analysis.Issue;
import edu.hm.hafner.analysis.IssueBuilder;
import edu.hm.hafner.analysis.Report;
import edu.hm.hafner.analysis.Severity;
import edu.umd.cs.findbugs.annotations.CheckForNull;
import org.json.JSONArray;
import org.json.JSONObject;

/* loaded from: input_file:edu/hm/hafner/analysis/parser/OwaspDependencyCheckParser.class */
public class OwaspDependencyCheckParser extends JsonIssueParser {
    private static final long serialVersionUID = -1369431674771459756L;
    private static final String NDIST_NVD_DETAIL_URL_TEMPLATE = "https://nvd.nist.gov/vuln/detail/%1$s";
    private static final String LINK_TEMPLATE = String.format("<a href=\"%1$s\">%1$s</a>", NDIST_NVD_DETAIL_URL_TEMPLATE);
    private static final String DEPENDENCIES = "dependencies";
    private static final String VULNERABILITIES = "vulnerabilities";
    private static final String SEVERITY = "severity";
    private static final String NAME = "name";
    private static final String CVSSV2 = "cvssv2";
    private static final String CVSSV3 = "cvssv3";
    private static final String ACCESS_VECTOR = "accessVector";
    private static final String ATTACK_VECTOR = "attackVector";
    private static final String DESCRIPTION = "description";

    @Override // edu.hm.hafner.analysis.parser.JsonIssueParser
    protected void parseJsonObject(Report report, JSONObject jSONObject, IssueBuilder issueBuilder) {
        JSONArray jSONArray = jSONObject.getJSONArray(DEPENDENCIES);
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONObject jSONObject2 = jSONArray.getJSONObject(i);
            if (jSONObject2.has(VULNERABILITIES)) {
                issueBuilder.setFileName(jSONObject2.getString("fileName"));
                JSONArray jSONArray2 = jSONObject2.getJSONArray(VULNERABILITIES);
                for (int i2 = 0; i2 < jSONArray2.length(); i2++) {
                    report.add(createIssueFromVulnerability(jSONArray2.getJSONObject(i2), issueBuilder));
                }
            }
        }
    }

    private Issue createIssueFromVulnerability(JSONObject jSONObject, IssueBuilder issueBuilder) {
        String string = jSONObject.getString(NAME);
        return issueBuilder.setSeverity(mapSeverity(jSONObject.getString(SEVERITY))).setCategory(determineCategory(jSONObject)).setType(string).setMessage(jSONObject.getString(DESCRIPTION)).setDescription(String.format(LINK_TEMPLATE, string)).build();
    }

    @CheckForNull
    private String determineCategory(JSONObject jSONObject) {
        String optString;
        JSONObject optJSONObject = jSONObject.optJSONObject(CVSSV3);
        if (optJSONObject != null && (optString = optJSONObject.optString(ATTACK_VECTOR, null)) != null) {
            return optString;
        }
        JSONObject optJSONObject2 = jSONObject.optJSONObject(CVSSV2);
        if (optJSONObject2 != null) {
            return optJSONObject2.optString(ACCESS_VECTOR, null);
        }
        return null;
    }

    private Severity mapSeverity(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -2024701067:
                if (str.equals("MEDIUM")) {
                    z = true;
                    break;
                }
                break;
            case -1560189025:
                if (str.equals("CRITICAL")) {
                    z = 2;
                    break;
                }
                break;
            case 75572:
                if (str.equals("LOW")) {
                    z = false;
                    break;
                }
                break;
            case 2217378:
                if (str.equals("HIGH")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return Severity.WARNING_LOW;
            case true:
                return Severity.WARNING_NORMAL;
            case true:
                return Severity.ERROR;
            case true:
            default:
                return Severity.WARNING_HIGH;
        }
    }
}
