• Home
• com.hcl.security
• appscan-maven-plugin
• 1.0.15
• source code
• MavenJavaTarget.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.hcl.appscan.maven.plugin.targets.MavenJavaTarget Maven / Gradle / Ivy

/**
 * © Copyright IBM Corporation 2016.
 * © Copyright HCL Technologies Ltd. 2017, 2024. 
 * LICENSE: Apache License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0
 */

package com.hcl.appscan.maven.plugin.targets;

import java.io.File;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import org.apache.maven.artifact.Artifact;
import org.apache.maven.project.MavenProject;

import com.hcl.appscan.maven.plugin.IMavenConstants;
import com.hcl.appscan.maven.plugin.util.MavenUtil;
import com.hcl.appscan.sdk.scanners.sast.targets.JavaTarget;

public class MavenJavaTarget extends JavaTarget implements IMavenConstants{
	
	private MavenProject m_project;
	
	public MavenJavaTarget(MavenProject project) {
		m_project = project;
	}
	
	@Override
	public String getClasspath() {
		String classpath = ""; //$NON-NLS-1$	

		for(Artifact dependency : m_project.getArtifacts()) {
			if(dependency.getFile() != null && dependency.getScope() != Artifact.SCOPE_TEST)
				classpath += dependency.getFile().getAbsolutePath() + File.pathSeparator;
		}
		return classpath;
	}
	
	@Override
	public String getJava() {
		String jdk = System.getenv(VAR_JAVA_HOME);
		return jdk == null ? System.getProperty(PROP_JAVA_HOME) : jdk;
	}
	
	@Override
	public File getTargetFile() {
		String packaging = m_project.getPackaging();
		if(!packaging.equalsIgnoreCase(JAR) && !packaging.equalsIgnoreCase(HPI))
			return new File(m_project.getBuild().getOutputDirectory());
		
		String finalName = MavenUtil.getPluginConfigurationProperty(m_project, JAR_KEY, FINAL_NAME);
		if(finalName == null)
			finalName = m_project.getBuild().getFinalName();
		
		String outputDirectory = MavenUtil.getPluginConfigurationProperty(m_project, JAR_KEY, OUTPUT_DIRECTORY);
		if(outputDirectory != null) {
			outputDirectory = new File(m_project.getBasedir(), outputDirectory).getAbsolutePath();
		}
		else {
			outputDirectory = m_project.getBuild().getDirectory();
		}
		
		return new File(outputDirectory, finalName + JAR_EXTENSION);
	}
	
	@Override
	public Map getProperties() {
		Map buildInfos = super.getProperties();
		buildInfos.put("package_includes", getNamespaces());
		return buildInfos;
	}
	
	private String getNamespaces() {
		//Allow user to override automatic namespace detection.
		String namespaceOverride = System.getProperty(NAMESPACES);
		if(namespaceOverride != null && !namespaceOverride.equalsIgnoreCase("true"))
			return namespaceOverride.replaceAll("[^A-Za-z0-9;.]", "");
	
		//From each source root, get the first 2 directories and use as a whitelist for packages that we'll scan.
		String separator = ";";
		String ret = "";
		Set namespaces = new HashSet();
		
		for(String root : m_project.getCompileSourceRoots()) {
			File sourceRoot = new File(root);
			if(sourceRoot.isDirectory()) {
				for(File child : sourceRoot.listFiles())
					namespaces.addAll(getNamespaces(child));
			}
		}
		
		for(String namespace : namespaces)
			ret += namespace + separator;
		
		return ret.endsWith(separator) ? ret.substring(0, ret.length() - 1) : ret;
	}
	
	private Set getNamespaces(File parent) {
		Set namespaces = new HashSet();
		
		if(parent.isDirectory()) {
			for(File child : parent.listFiles()) {
				if(child.isDirectory())
					namespaces.add(parent.getName() + "." + child.getName());
			}
		}
		
		return namespaces;
	}
}