package edu.hm.hafner.analysis.parser;

import edu.hm.hafner.analysis.Issue;
import edu.hm.hafner.analysis.IssueBuilder;
import edu.hm.hafner.analysis.Report;
import edu.hm.hafner.analysis.Severity;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.text.MessageFormat;
import java.util.Iterator;
import org.json.JSONArray;
import org.json.JSONObject;

/* loaded from: input_file:edu/hm/hafner/analysis/parser/TrivyParser.class */
public class TrivyParser extends JsonIssueParser {
    private static final String VALUE_NOT_SET = "-";
    private static final String TRIVY_VULNERABILITY_LEVEL_TAG_CRITICAL = "critcal";
    private static final String TRIVY_VULNERABILITY_LEVEL_TAG_HIGH = "high";
    private static final String TRIVY_VULNERABILITY_LEVEL_TAG_MEDIUM = "medium";
    private static final String TRIVY_VULNERABILITY_LEVEL_TAG_LOW = "low";
    private static final long serialVersionUID = 1;

    @Override // edu.hm.hafner.analysis.parser.JsonIssueParser
    protected void parseJsonObject(Report report, JSONObject jSONObject, IssueBuilder issueBuilder) {
        JSONArray optJSONArray = jSONObject.optJSONArray("Results");
        if (optJSONArray != null) {
            parseResults(report, optJSONArray, issueBuilder);
        }
    }

    @Override // edu.hm.hafner.analysis.parser.JsonIssueParser
    protected void parseJsonArray(Report report, JSONArray jSONArray, IssueBuilder issueBuilder) {
        parseResults(report, jSONArray, issueBuilder);
    }

    private void parseResults(Report report, JSONArray jSONArray, IssueBuilder issueBuilder) {
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONObject jSONObject = (JSONObject) jSONArray.get(i);
            if (!jSONObject.isNull("Vulnerabilities")) {
                Iterator it = jSONObject.getJSONArray("Vulnerabilities").iterator();
                while (it.hasNext()) {
                    report.add(convertToIssue((JSONObject) it.next(), issueBuilder));
                }
            }
        }
    }

    private Issue convertToIssue(JSONObject jSONObject, IssueBuilder issueBuilder) {
        return issueBuilder.setFileName(jSONObject.optString("PkgName", VALUE_NOT_SET)).setCategory(jSONObject.optString("SeveritySource", VALUE_NOT_SET)).setSeverity(mapSeverity(jSONObject.optString("Severity", "UNKNOWN"))).setType(jSONObject.optString("VulnerabilityID", VALUE_NOT_SET)).setMessage(jSONObject.optString("Title", "UNKNOWN")).setDescription(formatDescription(jSONObject)).buildAndClean();
    }

    @SuppressFBWarnings({"IMPROPER_UNICODE"})
    private Severity mapSeverity(String str) {
        return TRIVY_VULNERABILITY_LEVEL_TAG_LOW.equalsIgnoreCase(str) ? Severity.WARNING_LOW : TRIVY_VULNERABILITY_LEVEL_TAG_MEDIUM.equalsIgnoreCase(str) ? Severity.WARNING_NORMAL : (TRIVY_VULNERABILITY_LEVEL_TAG_HIGH.equalsIgnoreCase(str) || TRIVY_VULNERABILITY_LEVEL_TAG_CRITICAL.equalsIgnoreCase(str)) ? Severity.WARNING_HIGH : Severity.WARNING_HIGH;
    }

    private String formatDescription(JSONObject jSONObject) {
        return MessageFormat.format("<p><div><b>File</b>: {0}</div><div><b>Installed Version:</b> {1}</div><div><b>Fixed Version:</b> {2}</div><div><b>Severity:</b> {3}</div>", jSONObject.optString("PkgName", VALUE_NOT_SET), jSONObject.optString("InstalledVersion", VALUE_NOT_SET), jSONObject.optString("FixedVersion", "still open"), jSONObject.optString("Severity", "UNKOWN")) + "<p>" + jSONObject.optString("Description", "") + "</p>";
    }
}
