from decouple import config
import yaml
import requests
import json
import pandas as pd
import time
from distutils.version import LooseVersion

def make_request(url, headers):
    try:
        response = requests.get(url, headers=headers)
        response.raise_for_status()
    except requests.exceptions.HTTPError as errh:
        return "An Http Error occurred:" + repr(errh)
    except requests.exceptions.ConnectionError as errc:
        return "An Error Connecting to the API occurred:" + repr(errc)
    except requests.exceptions.Timeout as errt:
        return "A Timeout Error occurred:" + repr(errt)
    except requests.exceptions.RequestException as err:
        return "An Unknown Error occurred" + repr(err)
    
    return response

def GatherReportingInfo(DTAPIToken, DTENV,friendlyName):
    
    
    env = DTENV
    DTAPIToken = DTAPIToken

    DTAPIURL= env + "/api/v2/securityProblems/11497873967941161718/remediationItems"
    headers = {
    'Content-Type': 'application/json',
    'Authorization': 'Api-Token ' + DTAPIToken
    }

    
    r = make_request(DTAPIURL,headers)
    
    df = pd.DataFrame()
    mgmt = pd.DataFrame()
    
    for Item in r.json()['remediationItems']:
        row={'Name':Item['name'],'State':Item['vulnerabilityState'],'exposure':Item['assessment']['exposure'],'dataAssets':Item['assessment']['dataAssets'],'firstAffectedTimestamp':time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(Item['firstAffectedTimestamp']/1000))}
        
        if 'resolvedTimestamp' in Item.keys():
            row.update({'Resolved':time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(Item['resolvedTimestamp']/1000))})

        DTAPIURL= env + "/api/v2/entities/" + Item['id']
        r = make_request(DTAPIURL,headers)
        
        for tag in r.json()['tags']:
                    try:
                        row.update({ tag['key']:tag['value']})
                    except:
                        row.update({ tag['key']:tag['key']})

        for vulComp in Item['vulnerableComponents']:
            min_version='9.0.0-0'
            for PGI in vulComp['affectedEntities']:
                DTAPIURL= env + "/api/v2/entities/" + PGI
                r = make_request(DTAPIURL,headers) 
                
                if 'installerVersion' in r.json()['properties']:
                    current_version = r.json()['properties']['installerVersion']
                    print(current_version)
                    if LooseVersion(current_version) < LooseVersion(min_version):
                        min_version=current_version


            row.update({'vulnerableComponent':vulComp['fileName'],'oldestOneAgent':min_version})
        
        
        df = df.append(row,ignore_index=True)
        
    df.to_csv(friendlyName + 'log4j_vulnerability.csv')

with open('./environment.yaml') as file:
    doc = yaml.safe_load(file)

for item, doc in doc.items():
    token = dict(doc[2])
    url = dict(doc[1])
    print("Crawling through: " + item)
    print("Check if token exists in environment...")
    if(config(token.get('env-token-name')) != ""):
        print("Gather data, hold on a minute")
        DTTOKEN = config(token.get('env-token-name'))
        DTURL = url.get('env-url')

        GatherReportingInfo(DTTOKEN,DTURL,item)
        
    else: 
        print("token not found, skipping " + item)