OssindexClientFactory.java

  1. /*
  2.  * This file is part of dependency-check-core.
  3.  *
  4.  * Licensed under the Apache License, Version 2.0 (the "License");
  5.  * you may not use this file except in compliance with the License.
  6.  * You may obtain a copy of the License at
  7.  *
  8.  *     http://www.apache.org/licenses/LICENSE-2.0
  9.  *
  10.  * Unless required by applicable law or agreed to in writing, software
  11.  * distributed under the License is distributed on an "AS IS" BASIS,
  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13.  * See the License for the specific language governing permissions and
  14.  * limitations under the License.
  15.  *
  16.  * Copyright (c) 2019 Jason Dillon. All Rights Reserved.
  17.  */
  18. package org.owasp.dependencycheck.data.ossindex;

  20. import java.io.File;
  21. import org.sonatype.goodies.packageurl.RenderFlavor;
  22. import org.sonatype.ossindex.service.client.OssindexClient;
  23. import org.sonatype.ossindex.service.client.OssindexClientConfiguration;
  24. import org.sonatype.ossindex.service.client.marshal.Marshaller;
  25. import org.sonatype.ossindex.service.client.marshal.GsonMarshaller;
  26. import org.sonatype.ossindex.service.client.internal.OssindexClientImpl;
  27. import org.sonatype.ossindex.service.client.transport.Transport;
  28. import org.sonatype.ossindex.service.client.transport.UserAgentSupplier;
  29. import org.owasp.dependencycheck.utils.Settings;

  31. import java.io.IOException;
  32. import org.joda.time.Duration;
  33. import org.slf4j.Logger;
  34. import org.slf4j.LoggerFactory;
  35. import org.sonatype.ossindex.service.client.cache.DirectoryCache;
  36. import org.sonatype.ossindex.service.client.transport.AuthConfiguration;

  38. /**
  39.  * Produces {@link OssindexClient} instances.
  40.  *
  41.  * @author Jason Dillon
  42.  * @since 5.0.0
  43.  */
  44. public final class OssindexClientFactory {

  46.     /**
  47.      * Static logger.
  48.      */
  49.     private static final Logger LOGGER = LoggerFactory.getLogger(OssindexClientFactory.class);

  51.     static {
  52.         // prefer pkg scheme vs scheme-less variant
  53.         RenderFlavor.setDefault(RenderFlavor.SCHEME);
  54.     }

  56.     /**
  57.      * Private constructor for utility class.
  58.      */
  59.     private OssindexClientFactory() {
  60.         //private constructor for utility class
  61.     }

  63.     /**
  64.      * Constructs a new OSS Index Client.
  65.      *
  66.      * @param settings the configured settings
  67.      * @return a new OSS Index Client
  68.      */
  69.     public static OssindexClient create(final Settings settings) {
  70.         final OssindexClientConfiguration config = new OssindexClientConfiguration();

  72.         final String baseUrl = settings.getString(Settings.KEYS.ANALYZER_OSSINDEX_URL, null);
  73.         if (baseUrl != null) {
  74.             config.setBaseUrl(baseUrl);
  75.         }

  77.         final String username = settings.getString(Settings.KEYS.ANALYZER_OSSINDEX_USER);
  78.         final String password = settings.getString(Settings.KEYS.ANALYZER_OSSINDEX_PASSWORD);

  80.         if (username != null && password != null) {
  81.             final AuthConfiguration auth = new AuthConfiguration(username, password);
  82.             config.setAuthConfiguration(auth);
  83.         }

  85.         final int batchSize = settings.getInt(Settings.KEYS.ANALYZER_OSSINDEX_BATCH_SIZE, OssindexClientConfiguration.DEFAULT_BATCH_SIZE);
  86.         config.setBatchSize(batchSize);

  88.         if (settings.getBoolean(Settings.KEYS.ANALYZER_OSSINDEX_USE_CACHE, true)) {
  89.             final DirectoryCache.Configuration cache = new DirectoryCache.Configuration();
  90.             final File data;
  91.             try {
  92.                 data = settings.getDataDirectory();
  93.                 final File cacheDir = new File(data, "oss_cache");
  94.                 if (cacheDir.isDirectory() || cacheDir.mkdirs()) {
  95.                     cache.setBaseDir(cacheDir.toPath());
  96.                     cache.setExpireAfter(Duration.standardHours(24));
  97.                     config.setCacheConfiguration(cache);
  98.                     LOGGER.debug("OSS Index Cache: {}", cache);
  99.                 } else {
  100.                     LOGGER.warn("Unable to use a cache for the OSS Index");
  101.                 }
  102.             } catch (IOException ex) {
  103.                 LOGGER.warn("Unable to use a cache for the OSS Index", ex);
  104.             }
  105.         }
  106.         // customize User-Agent for use with dependency-check
  107.         final UserAgentSupplier userAgent = new UserAgentSupplier(
  108.                 "dependency-check",
  109.                 settings.getString(Settings.KEYS.APPLICATION_VERSION, "unknown")
  110.         );

  112.         final Transport transport = new ODCConnectionTransport(config, userAgent);

  114.         final Marshaller marshaller = new GsonMarshaller();

  116.         return new OssindexClientImpl(config, transport, marshaller);
  117.     }
  118. }
Created with JaCoCo 0.8.12.202403310830