package io.codemodder.plugins.llm;

import com.azure.ai.openai.models.ChatRequestSystemMessage;
import com.azure.ai.openai.models.ChatRequestUserMessage;
import com.contrastsecurity.sarif.Location;
import com.contrastsecurity.sarif.Region;
import com.contrastsecurity.sarif.Result;
import com.github.difflib.DiffUtils;
import com.github.difflib.patch.AbstractDelta;
import com.github.difflib.patch.Patch;
import io.codemodder.CodemodChange;
import io.codemodder.CodemodFileScanningResult;
import io.codemodder.CodemodInvocationContext;
import io.codemodder.RuleSarif;
import io.codemodder.codetf.CodeTFAiMetadata;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.util.List;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/codemodder/plugins/llm/SarifToLLMForBinaryVerificationAndFixingCodemod.class */
public abstract class SarifToLLMForBinaryVerificationAndFixingCodemod extends SarifPluginLLMCodemod {
    private final Model model;
    private static final String SYSTEM_MESSAGE_TEMPLATE = "You are a security analyst bot. You are helping analyze Java code to assess its risk to a specific security threat.\n\n%s\n";
    private static final String ANALYZE_USER_MESSAGE_TEMPLATE = "A file with line numbers is provided below. Analyze it and save your threat analysis.\n\nReturn a JSON object with the following properties in this order:\n  - `analysis`: A detailed analysis of how the risk was assessed.\n  - `risk`: The risk of the security threat, either HIGH or LOW.\n--- %s\n%s\n";
    private static final String FIX_USER_MESSAGE_TEMPLATE = "A file with line numbers is provided below. Analyze it. If the risk is HIGH, use these rules to make the MINIMUM number of changes necessary to reduce the file's risk to LOW:\n- Each change MUST be syntactically correct.\n%s\n\nAny code changes to reduce the file's risk to LOW must be stored in a diff patch format. Follow these instructions when creating the patch:\n- Your output must be in the form a unified diff patch that will be applied by your coworkers.\n- The output must be similar to the output of `diff -U0`. Do not include line number ranges.\n- Start each hunk of changes with a `@@ ... @@` line.\n- Each change in a file should be a separate hunk in the diff.\n- It is very important for the change to contain only what is minimally required to fix the problem.\n- Remember that whitespace and indentation changes can be important. Preserve the original formatting and indentation. Do not replace tabs with spaces or vice versa. If the original code uses tabs, use tabs in the patch. Encode tabs using a tab literal (\\\\t). If the original code uses spaces, use spaces in the patch. Do not add spaces where none were present in the original code. **THIS IS ESPECIALLY IMPORTANT AT THE BEGINNING OF DIFF LINES.**\n- The unified diff must be accurate and complete.\n- The unified diff will be applied to the source code by your coworkers.\n\nHere's an example of a unified diff:\n```diff\n--- a/file.txt\n+++ b/file.txt\n@@ ... @@\n for (var i = 0; i < array.length; i++) {\n   This line is unchanged.\n-  This is the original line\n+  This is the replacement line\n }\n Here is another unchanged line.\n@@ ... @@\n-This line has been removed but not replaced.\n This line is unchanged.\n```\n\nNow save your threat analysis.\n\nReturn a JSON object with the following properties in this order:\n  - `analysis`: A detailed analysis of how the risk was assessed.\n  - `risk`: The risk of the security threat, either HIGH or LOW.\n  - `fixDescription`: A short description of the fix. Required if the file is fixed.\n  - `fix`: The fix as a diff patch in unified format. Required if the risk is HIGH.\n--- %s\n%s\n";
    private static final Logger logger = LoggerFactory.getLogger(SarifToLLMForBinaryVerificationAndFixingCodemod.class);

    protected SarifToLLMForBinaryVerificationAndFixingCodemod(RuleSarif ruleSarif, OpenAIService openAIService, Model model) {
        super(ruleSarif, openAIService);
        this.model = (Model) Objects.requireNonNull(model);
    }

    protected SarifToLLMForBinaryVerificationAndFixingCodemod(RuleSarif ruleSarif, OpenAIService openAIService) {
        this(ruleSarif, openAIService, StandardModel.GPT_4_TURBO_2024_04_09);
    }

    public CodemodFileScanningResult onFileFound(CodemodInvocationContext codemodInvocationContext, List<Result> list) {
        logger.debug("processing: {}", codemodInvocationContext.path());
        list.forEach(result -> {
            Region region = ((Location) result.getLocations().get(0)).getPhysicalLocation().getRegion();
            logger.debug("{}:{}", region.getStartLine(), region.getSnippet().getText());
        });
        try {
            FileDescription from = FileDescription.from(codemodInvocationContext.path());
            BinaryThreatAnalysis analyzeThreat = analyzeThreat(from, codemodInvocationContext, list);
            logger.debug("risk: {}", analyzeThreat.getRisk());
            logger.debug("analysis: {}", analyzeThreat.getAnalysis());
            if (analyzeThreat.getRisk() == BinaryThreatRisk.LOW) {
                return CodemodFileScanningResult.none();
            }
            BinaryThreatAnalysisAndFix fixThreat = fixThreat(from, codemodInvocationContext, list);
            logger.debug("{}", fixThreat);
            if (fixThreat.getRisk() == BinaryThreatRisk.LOW) {
                return CodemodFileScanningResult.none();
            }
            if (fixThreat.getFix() == null || fixThreat.getFix().isEmpty()) {
                logger.info("unable to fix: {}", codemodInvocationContext.path());
                return CodemodFileScanningResult.none();
            }
            List<String> applyDiff = LLMDiffs.applyDiff(from.getLines(), fixThreat.getFix());
            Patch<String> diff = DiffUtils.diff(from.getLines(), applyDiff);
            if (diff.getDeltas().isEmpty() || !isPatchExpected(diff)) {
                logger.error("unexpected patch: {}", diff);
                return CodemodFileScanningResult.none();
            }
            try {
                Files.writeString(codemodInvocationContext.path(), String.join(from.getLineSeparator(), applyDiff), from.getCharset(), new OpenOption[0]);
                return CodemodFileScanningResult.from(List.of(CodemodChange.from(((AbstractDelta) diff.getDeltas().get(0)).getSource().getPosition() + 1, fixThreat.getFixDescription())), List.of(), new CodeTFAiMetadata(this.openAI.providerName(), this.model.id(), 0));
            } catch (IOException e) {
                throw new UncheckedIOException(e);
            }
        } catch (IOException e2) {
            logger.error("failed to process: {}", codemodInvocationContext.path(), e2);
            throw new UncheckedIOException(e2);
        } catch (Exception e3) {
            logger.error("failed to process: {}", codemodInvocationContext.path(), e3);
            throw e3;
        }
    }

    protected abstract String getThreatPrompt(CodemodInvocationContext codemodInvocationContext, List<Result> list);

    protected abstract String getFixPrompt();

    protected abstract boolean isPatchExpected(Patch<String> patch);

    private BinaryThreatAnalysis analyzeThreat(FileDescription fileDescription, CodemodInvocationContext codemodInvocationContext, List<Result> list) throws IOException {
        ChatRequestSystemMessage systemMessage = getSystemMessage(codemodInvocationContext, list);
        ChatRequestUserMessage analyzeUserMessage = getAnalyzeUserMessage(fileDescription);
        int i = this.model.tokens(List.of(systemMessage.getContent(), analyzeUserMessage.getContent().toString()));
        if (i > this.model.contextWindow() - 300) {
            return new BinaryThreatAnalysis("Ignoring file: estimated prompt token count (" + i + ") is too high.", BinaryThreatRisk.LOW);
        }
        logger.debug("estimated prompt token count: {}", Integer.valueOf(i));
        return (BinaryThreatAnalysis) this.openAI.getResponseForPrompt(List.of(systemMessage, analyzeUserMessage), this.model, BinaryThreatAnalysis.class);
    }

    private BinaryThreatAnalysisAndFix fixThreat(FileDescription fileDescription, CodemodInvocationContext codemodInvocationContext, List<Result> list) throws IOException {
        return (BinaryThreatAnalysisAndFix) this.openAI.getResponseForPrompt(List.of(getSystemMessage(codemodInvocationContext, list), getFixUserMessage(fileDescription)), this.model, BinaryThreatAnalysisAndFix.class);
    }

    private ChatRequestSystemMessage getSystemMessage(CodemodInvocationContext codemodInvocationContext, List<Result> list) {
        return new ChatRequestSystemMessage(SYSTEM_MESSAGE_TEMPLATE.formatted(getThreatPrompt(codemodInvocationContext, list).strip()).strip());
    }

    private ChatRequestUserMessage getAnalyzeUserMessage(FileDescription fileDescription) {
        return new ChatRequestUserMessage(ANALYZE_USER_MESSAGE_TEMPLATE.formatted(fileDescription.getFileName(), fileDescription.formatLinesWithLineNumbers()).strip());
    }

    private ChatRequestUserMessage getFixUserMessage(FileDescription fileDescription) {
        return new ChatRequestUserMessage(FIX_USER_MESSAGE_TEMPLATE.formatted(getFixPrompt().strip(), fileDescription.getFileName(), fileDescription.formatLinesWithLineNumbers()).strip());
    }
}
