package com.ibm.appscan.jenkins.plugin.builders;

import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.hcl.appscan.sdk.CoreConstants;
import com.hcl.appscan.sdk.app.CloudApplicationProvider;
import com.hcl.appscan.sdk.auth.IAuthenticationProvider;
import com.hcl.appscan.sdk.error.InvalidTargetException;
import com.hcl.appscan.sdk.error.ScannerException;
import com.hcl.appscan.sdk.logging.Message;
import com.hcl.appscan.sdk.logging.StdOutProgress;
import com.hcl.appscan.sdk.results.CloudResultsProvider;
import com.hcl.appscan.sdk.results.IResultsProvider;
import com.hcl.appscan.sdk.results.NonCompliantIssuesResultProvider;
import com.hcl.appscan.sdk.scan.CloudScanServiceProvider;
import com.hcl.appscan.sdk.scan.IScan;
import com.hcl.appscan.sdk.scanners.sast.SASTConstants;
import com.hcl.appscan.sdk.utils.SystemUtil;
import com.ibm.appscan.jenkins.plugin.Messages;
import com.ibm.appscan.jenkins.plugin.ScanFactory;
import com.ibm.appscan.jenkins.plugin.actions.ResultsRetriever;
import com.ibm.appscan.jenkins.plugin.auth.ASoCCredentials;
import com.ibm.appscan.jenkins.plugin.auth.JenkinsAuthenticationProvider;
import com.ibm.appscan.jenkins.plugin.results.FailureCondition;
import com.ibm.appscan.jenkins.plugin.results.ResultsInspector;
import com.ibm.appscan.jenkins.plugin.scanners.Scanner;
import com.ibm.appscan.jenkins.plugin.scanners.ScannerFactory;
import com.ibm.appscan.jenkins.plugin.util.BuildVariableResolver;
import com.ibm.appscan.jenkins.plugin.util.ScanProgress;
import hudson.AbortException;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.init.InitMilestone;
import hudson.init.Initializer;
import hudson.model.AbstractBuild;
import hudson.model.AbstractProject;
import hudson.model.BuildListener;
import hudson.model.ItemGroup;
import hudson.model.Items;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.remoting.Callable;
import hudson.security.ACL;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.BuildStepMonitor;
import hudson.tasks.Builder;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import java.io.File;
import java.io.IOException;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ThreadLocalRandom;
import javax.annotation.Nonnull;
import jenkins.tasks.SimpleBuildStep;
import org.jenkinsci.Symbol;
import org.jenkinsci.remoting.RoleChecker;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;

/* loaded from: input_file:WEB-INF/lib/ibm-application-security.jar:com/ibm/appscan/jenkins/plugin/builders/AppScanBuildStep.class */
public class AppScanBuildStep extends Builder implements SimpleBuildStep, Serializable {
    private static final long serialVersionUID = 1;
    private Scanner m_scanner;
    private String m_name;
    private String m_type;
    private String m_target;
    private String m_application;
    private String m_credentials;
    private List<FailureCondition> m_failureConditions;
    private boolean m_emailNotification;
    private boolean m_wait;
    private boolean m_failBuildNonCompliance;
    private boolean m_failBuild;
    private IAuthenticationProvider m_authProvider;
    private static final File JENKINS_INSTALL_DIR = new File(System.getProperty("user.dir"), ".appscan");

    @Extension
    @Symbol({"appscan"})
    /* loaded from: input_file:WEB-INF/lib/ibm-application-security.jar:com/ibm/appscan/jenkins/plugin/builders/AppScanBuildStep$DescriptorImpl.class */
    public static class DescriptorImpl extends BuildStepDescriptor<Builder> {
        @Initializer(before = InitMilestone.PLUGINS_STARTED)
        public static void createAliases() {
            Items.XSTREAM2.addCompatibilityAlias("com.ibm.appscan.plugin.core.results.CloudResultsProvider", CloudResultsProvider.class);
            Items.XSTREAM2.addCompatibilityAlias("com.ibm.appscan.plugin.core.scan.CloudScanServiceProvider", CloudScanServiceProvider.class);
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public String getDisplayName() {
            return Messages.label_build_step();
        }

        public ListBoxModel doFillCredentialsItems(@QueryParameter String str, @AncestorInPath ItemGroup<?> itemGroup) {
            ListBoxModel listBoxModel = new ListBoxModel();
            boolean z = false;
            for (ASoCCredentials aSoCCredentials : CredentialsProvider.lookupCredentials(ASoCCredentials.class, itemGroup, ACL.SYSTEM, Collections.emptyList())) {
                if (aSoCCredentials.getId().equals(str)) {
                    z = true;
                }
                String description = aSoCCredentials.getDescription();
                listBoxModel.add(new ListBoxModel.Option((description == null || description.equals("")) ? aSoCCredentials.getUsername() + "/******" : description, aSoCCredentials.getId(), aSoCCredentials.getId().equals(str)));
            }
            if (!z) {
                listBoxModel.add(new ListBoxModel.Option("", "", true));
            }
            return listBoxModel;
        }

        public ListBoxModel doFillApplicationItems(@QueryParameter String str, @AncestorInPath ItemGroup<?> itemGroup) {
            Map<String, String> applications = new CloudApplicationProvider(new JenkinsAuthenticationProvider(str, itemGroup)).getApplications();
            ListBoxModel listBoxModel = new ListBoxModel();
            if (applications != null) {
                for (Map.Entry<String, String> entry : sortApplications(applications.entrySet())) {
                    listBoxModel.add(entry.getValue(), entry.getKey());
                }
            }
            return listBoxModel;
        }

        private List<Map.Entry<String, String>> sortApplications(Set<Map.Entry<String, String>> set) {
            ArrayList arrayList = new ArrayList(set);
            if (arrayList.size() > 1) {
                Collections.sort(arrayList, new Comparator<Map.Entry<String, String>>() { // from class: com.ibm.appscan.jenkins.plugin.builders.AppScanBuildStep.DescriptorImpl.1
                    @Override // java.util.Comparator
                    public int compare(Map.Entry<String, String> entry, Map.Entry<String, String> entry2) {
                        return entry.getValue().toLowerCase().compareTo(entry2.getValue().toLowerCase());
                    }
                });
            }
            return arrayList;
        }

        public FormValidation doCheckCredentials(@QueryParameter String str, @AncestorInPath ItemGroup<?> itemGroup) {
            return str.trim().equals("") ? FormValidation.errorWithMarkup(Messages.error_no_creds("/credentials")) : new JenkinsAuthenticationProvider(str, itemGroup).isTokenExpired() ? FormValidation.errorWithMarkup(Messages.error_token_expired("/credentials")) : FormValidation.ok();
        }

        public FormValidation doCheckApplication(@QueryParameter String str) {
            return FormValidation.validateRequired(str);
        }
    }

    @Deprecated
    public AppScanBuildStep(Scanner scanner, String str, String str2, String str3, String str4, String str5, List<FailureCondition> list, boolean z, boolean z2, boolean z3, boolean z4) {
        this.m_scanner = scanner;
        this.m_name = (str == null || str.trim().equals("")) ? str4.replaceAll(" ", "") + ThreadLocalRandom.current().nextInt(0, 10000) : str;
        this.m_type = scanner.getType();
        this.m_target = str3;
        this.m_application = str4;
        this.m_credentials = str5;
        this.m_failureConditions = list;
        this.m_emailNotification = z4;
        this.m_wait = z3;
        this.m_failBuildNonCompliance = z;
        this.m_failBuild = z2;
    }

    @DataBoundConstructor
    public AppScanBuildStep(Scanner scanner, String str, String str2, String str3, String str4) {
        this.m_scanner = scanner;
        this.m_name = (str == null || str.trim().equals("")) ? str3.replaceAll(" ", "") + ThreadLocalRandom.current().nextInt(0, 10000) : str;
        this.m_type = scanner.getType();
        this.m_target = "";
        this.m_application = str3;
        this.m_credentials = str4;
        this.m_emailNotification = false;
        this.m_wait = false;
        this.m_failBuildNonCompliance = false;
        this.m_failBuild = false;
    }

    public Scanner getScanner() {
        return this.m_scanner;
    }

    public String getName() {
        return this.m_name;
    }

    public String getType() {
        return this.m_type;
    }

    @DataBoundSetter
    public void setTarget(String str) {
        this.m_target = str;
    }

    public String getTarget() {
        return this.m_target;
    }

    public String getApplication() {
        return this.m_application;
    }

    public String getCredentials() {
        return this.m_credentials;
    }

    @DataBoundSetter
    public void setFailureConditions(List<FailureCondition> list) {
        this.m_failureConditions = list;
    }

    public List<FailureCondition> getFailureConditions() {
        return this.m_failureConditions == null ? new ArrayList() : this.m_failureConditions;
    }

    @DataBoundSetter
    public void setFailBuild(boolean z) {
        this.m_failBuild = z;
    }

    public boolean getFailBuild() {
        return this.m_failBuild;
    }

    @DataBoundSetter
    public void setWait(boolean z) {
        this.m_wait = z;
    }

    public boolean getWait() {
        return this.m_wait;
    }

    @DataBoundSetter
    public void setFailBuildNonCompliance(boolean z) {
        this.m_failBuildNonCompliance = z;
    }

    public boolean getFailBuildNonCompliance() {
        return this.m_failBuildNonCompliance;
    }

    @DataBoundSetter
    public void setEmail(boolean z) {
        this.m_emailNotification = z;
    }

    public boolean getEmail() {
        return this.m_emailNotification;
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] */
    public DescriptorImpl m13getDescriptor() {
        return super.getDescriptor();
    }

    public boolean perform(AbstractBuild<?, ?> abstractBuild, Launcher launcher, BuildListener buildListener) throws IOException, InterruptedException {
        perform((Run<?, ?>) abstractBuild, launcher, (TaskListener) buildListener);
        return true;
    }

    public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull Launcher launcher, @Nonnull TaskListener taskListener) throws InterruptedException, IOException {
        perform(run, launcher, taskListener);
    }

    public BuildStepMonitor getRequiredMonitorService() {
        return BuildStepMonitor.NONE;
    }

    protected Object readResolve() {
        if (this.m_scanner == null && this.m_type != null) {
            this.m_scanner = ScannerFactory.getScanner(this.m_type, this.m_target);
        }
        return this;
    }

    private Map<String, String> getScanProperties(Run<?, ?> run, TaskListener taskListener) {
        Map<String, String> properties = this.m_scanner.getProperties(run instanceof AbstractBuild ? new BuildVariableResolver((AbstractBuild) run, taskListener) : null);
        properties.put(CoreConstants.SCANNER_TYPE, this.m_scanner.getType());
        properties.put(CoreConstants.APP_ID, this.m_application);
        properties.put(CoreConstants.SCAN_NAME, this.m_name + "_" + SystemUtil.getTimeStamp());
        properties.put("EnableMailNotification", Boolean.toString(this.m_emailNotification));
        properties.put(SASTConstants.APPSCAN_IRGEN_CLIENT, "Jenkins");
        return properties;
    }

    private void shouldFailBuild(IResultsProvider iResultsProvider, Run<?, ?> run) throws AbortException, IOException {
        if (this.m_failBuild || this.m_failBuildNonCompliance) {
            String error_threshold_exceeded = Messages.error_threshold_exceeded();
            try {
                List<FailureCondition> list = this.m_failureConditions;
                if (this.m_failBuildNonCompliance) {
                    list = new ArrayList();
                    list.add(new FailureCondition("total", 0));
                    error_threshold_exceeded = Messages.error_noncompliant_issues();
                }
                if (new ResultsInspector(list, iResultsProvider).shouldFail()) {
                    run.setDescription(error_threshold_exceeded);
                    throw new AbortException(error_threshold_exceeded);
                }
            } catch (NullPointerException e) {
                throw new AbortException(Messages.error_checking_results(iResultsProvider.getStatus()));
            }
        }
    }

    private void perform(Run<?, ?> run, Launcher launcher, TaskListener taskListener) throws InterruptedException, IOException {
        this.m_authProvider = new JenkinsAuthenticationProvider(this.m_credentials, run.getParent().getParent());
        final ScanProgress scanProgress = new ScanProgress(taskListener);
        final boolean z = this.m_wait;
        final IScan createScan = ScanFactory.createScan(getScanProperties(run, taskListener), scanProgress, this.m_authProvider);
        IResultsProvider iResultsProvider = (IResultsProvider) launcher.getChannel().call(new Callable<IResultsProvider, AbortException>() { // from class: com.ibm.appscan.jenkins.plugin.builders.AppScanBuildStep.1
            private static final long serialVersionUID = 1;

            public void checkRoles(RoleChecker roleChecker) {
            }

            /* renamed from: call, reason: merged with bridge method [inline-methods] */
            public IResultsProvider m14call() throws AbortException {
                try {
                    AppScanBuildStep.this.setInstallDir();
                    createScan.run();
                    NonCompliantIssuesResultProvider nonCompliantIssuesResultProvider = new NonCompliantIssuesResultProvider(createScan.getScanId(), createScan.getType(), createScan.getServiceProvider(), scanProgress);
                    nonCompliantIssuesResultProvider.setReportFormat(createScan.getReportFormat());
                    if (z) {
                        scanProgress.setStatus(new Message(0, Messages.analysis_running()));
                        for (String status = nonCompliantIssuesResultProvider.getStatus(); status != null; status = nonCompliantIssuesResultProvider.getStatus()) {
                            if (!status.equalsIgnoreCase(CoreConstants.RUNNING)) {
                                break;
                            }
                            Thread.sleep(60000L);
                        }
                    }
                    return nonCompliantIssuesResultProvider;
                } catch (InvalidTargetException | ScannerException | InterruptedException e) {
                    throw new AbortException(Messages.error_running_scan(e.getLocalizedMessage()));
                }
            }
        });
        iResultsProvider.setProgress(new StdOutProgress());
        run.addAction(new ResultsRetriever(run, iResultsProvider, this.m_name));
        if (this.m_wait) {
            shouldFailBuild(iResultsProvider, run);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setInstallDir() {
        if (!SystemUtil.isWindows() || System.getProperty("user.home").toLowerCase().indexOf("system32") < 0) {
            return;
        }
        System.setProperty(CoreConstants.SACLIENT_INSTALL_DIR, JENKINS_INSTALL_DIR.getPath());
    }
}
