package com.vaadin.appsec.backend;

import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.vaadin.appsec.backend.model.osv.request.QueryBatchRequestPayload;
import com.vaadin.appsec.backend.model.osv.response.OpenSourceVulnerability;
import com.vaadin.appsec.backend.model.osv.response.QueryBatchResponse;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.SocketTimeoutException;
import java.net.URI;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/vaadin/appsec/backend/OpenSourceVulnerabilityClient.class */
class OpenSourceVulnerabilityClient {
    private static final Logger LOGGER = LoggerFactory.getLogger(OpenSourceVulnerabilityClient.class);
    private static final String QUERY_BATCH_URL = "https://api.osv.dev/v1/querybatch";
    private static final String VULNERABILITY_URL = "https://api.osv.dev/v1/vulns/";
    private final ObjectMapper mapper = new ObjectMapper().setSerializationInclusion(JsonInclude.Include.NON_NULL);
    private final RateLimiter rateLimiter;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSourceVulnerabilityClient(int i) {
        this.rateLimiter = new RateLimiter(i);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public QueryBatchResponse queryBatch(QueryBatchRequestPayload queryBatchRequestPayload) throws AppSecException {
        LOGGER.debug("Performing a batch query to the OSV API...");
        HttpURLConnection createHttpURLConnection = createHttpURLConnection(getQueryBatchUrl(), "POST");
        rateLimit();
        try {
            OutputStream outputStream = createHttpURLConnection.getOutputStream();
            try {
                this.mapper.writeValue(outputStream, queryBatchRequestPayload);
                if (outputStream != null) {
                    outputStream.close();
                }
                try {
                    InputStream inputStream = createHttpURLConnection.getInputStream();
                    try {
                        QueryBatchResponse queryBatchResponse = (QueryBatchResponse) this.mapper.readValue(inputStream, QueryBatchResponse.class);
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        return queryBatchResponse;
                    } finally {
                    }
                } catch (IOException e) {
                    throw new AppSecException("Failed to read OSV API query batch response", e);
                }
            } finally {
            }
        } catch (IOException e2) {
            throw new AppSecException("Failed to write OSV API query batch request payload", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenSourceVulnerability queryVulnerability(String str) throws AppSecException {
        LOGGER.debug("Performing a vulnerability query to the OSV API...");
        HttpURLConnection createHttpURLConnection = createHttpURLConnection(getVulnerabilityUrl().concat(str), "GET");
        rateLimit();
        try {
            InputStream inputStream = createHttpURLConnection.getInputStream();
            try {
                OpenSourceVulnerability openSourceVulnerability = (OpenSourceVulnerability) this.mapper.readValue(inputStream, OpenSourceVulnerability.class);
                if (inputStream != null) {
                    inputStream.close();
                }
                return openSourceVulnerability;
            } finally {
            }
        } catch (IOException e) {
            throw new AppSecException("Failed to read OSV API query response", e);
        }
    }

    private HttpURLConnection createHttpURLConnection(String str, String str2) {
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) URI.create(str).toURL().openConnection();
            httpURLConnection.setRequestMethod(str2);
            httpURLConnection.setRequestProperty("Content-Type", "application/json");
            httpURLConnection.setRequestProperty("Accept", "application/json");
            httpURLConnection.setDoOutput(true);
            httpURLConnection.setConnectTimeout(5000);
            return httpURLConnection;
        } catch (SocketTimeoutException e) {
            throw new AppSecException("Connection to OSV API server has timed out", e);
        } catch (IOException e2) {
            throw new AppSecException("Failed to create connection to OSV API with URL: " + str, e2);
        }
    }

    String getQueryBatchUrl() {
        return QUERY_BATCH_URL;
    }

    String getVulnerabilityUrl() {
        return VULNERABILITY_URL;
    }

    private void rateLimit() {
        try {
            this.rateLimiter.limit();
        } catch (InterruptedException e) {
            throw new AppSecException("OpenSourceVulnerabilityClient rate limit exceeded", e);
        }
    }
}
