package org.jenkinsci.plugins.arachni;

import de.irissmann.arachni.client.ArachniClient;
import de.irissmann.arachni.client.Scan;
import de.irissmann.arachni.client.request.ScanRequest;
import de.irissmann.arachni.client.request.ScanRequestBuilder;
import de.irissmann.arachni.client.request.Scope;
import de.irissmann.arachni.client.response.ScanResponse;
import de.irissmann.arachni.client.rest.ArachniRestClientBuilder;
import de.irissmann.arachni.client.rest.ArachniUtils;
import hudson.AbortException;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractProject;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.FormValidation;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
import java.net.MalformedURLException;
import java.net.URL;
import jenkins.tasks.SimpleBuildStep;
import org.apache.commons.lang3.StringUtils;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/arachni-scanner.jar:org/jenkinsci/plugins/arachni/ArachniScanner.class */
public class ArachniScanner extends Builder implements SimpleBuildStep {
    Logger log = LoggerFactory.getLogger(ArachniScanner.class);
    private String url;
    private String checks;
    private UserConfigProperty userConfig;
    private ArachniScopeProperty scope;
    private Scan scan;
    private PrintStream console;
    private ArachniClient arachniClient;

    @Extension
    @Symbol({"arachniScanner"})
    /* loaded from: input_file:WEB-INF/lib/arachni-scanner.jar:org/jenkinsci/plugins/arachni/ArachniScanner$DescriptorImpl.class */
    public static class DescriptorImpl extends BuildStepDescriptor<Builder> {
        public DescriptorImpl() {
            load();
        }

        public String getDisplayName() {
            return "Arachni Scanner";
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public FormValidation doCheckUrl(@QueryParameter String str) {
            try {
                new URL(str);
                return FormValidation.ok();
            } catch (MalformedURLException e) {
                return FormValidation.error("URL is not valid.");
            }
        }
    }

    @DataBoundConstructor
    public ArachniScanner(String str, String str2, ArachniScopeProperty arachniScopeProperty, UserConfigProperty userConfigProperty) {
        this.url = str;
        this.checks = str2;
        this.scope = arachniScopeProperty;
        this.userConfig = userConfigProperty;
    }

    public String getUrl() {
        return this.url;
    }

    public String getChecks() {
        return this.checks;
    }

    public ArachniScopeProperty getScope() {
        return this.scope;
    }

    public UserConfigProperty getUserConfig() {
        return this.userConfig;
    }

    public void perform(Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener) throws InterruptedException, IOException {
        ScanResponse monitor;
        this.console = taskListener.getLogger();
        ArachniPluginConfiguration arachniPluginConfiguration = ArachniPluginConfiguration.get();
        String arachniServerUrl = arachniPluginConfiguration.getArachniServerUrl();
        this.console.println("Start Arachni Security Scan");
        this.console.println("Arachni server URL: " + arachniServerUrl);
        this.console.println("Site under scan: " + this.url);
        this.arachniClient = getArachniClient(arachniPluginConfiguration);
        ScanRequestBuilder scope = ScanRequest.create().url(this.url).scope(this.scope != null ? Scope.create().pageLimit(this.scope.getPageLimitAsInt()).addExcludePathPatterns(this.scope.getExcludePathPattern()).build() : null);
        if (StringUtils.isNotBlank(this.checks)) {
            for (String str : this.checks.split(",")) {
                scope.addCheck(str.trim());
            }
        } else {
            scope.addCheck("*");
        }
        ScanRequest build = scope.build();
        String str2 = null;
        if (this.userConfig != null && StringUtils.isNotBlank(this.userConfig.getFilename())) {
            FilePath child = filePath.child(this.userConfig.getFilename());
            this.log.debug("Configuration filename: {}", child.getRemote());
            if (!child.exists()) {
                String format = String.format("Configuration file %s does not exists", this.userConfig.getFilename());
                this.log.warn(format);
                throw new AbortException(format);
            }
            str2 = child.readToString();
        }
        OutputStream outputStream = null;
        try {
            try {
                this.scan = this.arachniClient.performScan(build, str2);
                this.console.println("Scan started with id: " + this.scan.getId());
                this.log.info("Scan started with id: {}", this.scan.getId());
                do {
                    Thread.sleep(5000L);
                    monitor = this.scan.monitor();
                    this.console.println("Status: " + monitor.getStatus() + " - Pages found: " + monitor.getStatistics().getFoundPages() + " - Pages audited: " + monitor.getStatistics().getAuditedPages());
                } while (monitor.isBusy());
                this.console.println("Scan finished for id: " + this.scan.getId());
                this.log.info("Scan finished for id {}", this.scan.getId());
                this.log.debug("Path for arachni results: {}", filePath);
                File file = new File(filePath.getRemote(), "arachni-report-html.zip");
                if (!file.exists() && !file.createNewFile()) {
                    throw new AbortException("Could not create file " + file.toString());
                }
                FileOutputStream fileOutputStream = new FileOutputStream(file);
                this.scan.getReportHtml(fileOutputStream);
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
            } catch (Exception e) {
                this.log.warn("Error when start Arachni Security Scan", e);
                this.console.println(e.getMessage());
                throw new AbortException();
            }
        } catch (Throwable th) {
            if (0 != 0) {
                outputStream.close();
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void shutdownScan() throws IOException {
        if (this.scan == null) {
            return;
        }
        this.log.info("Shutdown scanner for id: {}", this.scan.getId());
        try {
            this.scan.shutdown();
            this.log.info("Shutdown successful.");
        } catch (Exception e) {
            this.log.warn("Error when shutdown Arachni Security Scan", e);
        } finally {
            this.arachniClient.close();
        }
    }

    private ArachniClient getArachniClient(ArachniPluginConfiguration arachniPluginConfiguration) {
        ArachniRestClientBuilder create = ArachniRestClientBuilder.create(arachniPluginConfiguration.getArachniServerUrl());
        if (arachniPluginConfiguration.getBasicAuth()) {
            create.addCredentials(arachniPluginConfiguration.getUser(), arachniPluginConfiguration.getPassword());
        }
        create.setMergeConflictStratey(ArachniUtils.MergeConflictStrategy.PREFER_STRING);
        return create.build();
    }
}
