package io.jenkins.plugins.DefectDojo;

import edu.umd.cs.findbugs.annotations.NonNull;
import edu.umd.cs.findbugs.annotations.Nullable;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.FilePath;
import hudson.util.Secret;
import io.jenkins.plugins.okhttp.api.JenkinsOkHttpClient;
import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.time.Duration;
import java.time.LocalDate;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import okhttp3.MediaType;
import okhttp3.MultipartBody;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.apache.commons.lang.StringUtils;
import org.springframework.http.HttpStatus;
import org.springframework.retry.RetryPolicy;
import org.springframework.retry.backoff.UniformRandomBackOffPolicy;
import org.springframework.retry.policy.BinaryExceptionClassifierRetryPolicy;
import org.springframework.retry.policy.CompositeRetryPolicy;
import org.springframework.retry.policy.MaxAttemptsRetryPolicy;
import org.springframework.retry.support.RetryTemplate;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:WEB-INF/lib/defectdojo.jar:io/jenkins/plugins/DefectDojo/ApiClient.class */
public class ApiClient {
    private static final String API_URL = "/api/v2";
    static final String API_KEY_HEADER = "Authorization";
    static final String ENGAGEMENT_URL = "/api/v2/engagement/";
    static final String UPLOAD_URL = "/api/v2/import-scan/";
    static final String REUPLOAD_URL = "/api/v2/reimport-scan/";
    static final String PRODUCT_URL = "/api/v2/products/";
    static final String SCAN_TYPE_URL = "/api/v2/test_types";
    static final String TESTS_URL = "/api/v2/tests";
    static final String LOOKUP_TEST_BY_EGAGEMENT_ID_PARAM = "engagement";
    static final String LOOKUP_TEST_PARAM = "scan_type";
    static final String LOOKUP_NAME_PARAM = "name";
    static final String LOOKUP_NAME_EXACT_PARAM = "name_exact";
    static final String LOOKUP_BY_PRODUCT_ID_PARAM = "product";
    static final String LOOKUP_ID_PARAM = "id";
    private final String baseUrl;
    private final Secret apiKey;
    private final ConsoleLogger logger;
    private final OkHttpClient httpClient;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/defectdojo.jar:io/jenkins/plugins/DefectDojo/ApiClient$RetryAction.class */
    public interface RetryAction<T, E extends IOException> {
        T executeWithRetry() throws IOException;
    }

    public ApiClient(@NonNull String str, @NonNull Secret secret, @NonNull ConsoleLogger consoleLogger, int i, int i2) {
        this(str, secret, consoleLogger, () -> {
            return JenkinsOkHttpClient.newClientBuilder(new OkHttpClient()).connectTimeout(Duration.ofSeconds(i)).readTimeout(Duration.ofSeconds(i2)).build();
        });
    }

    ApiClient(@NonNull String str, @NonNull Secret secret, @NonNull ConsoleLogger consoleLogger, @NonNull HttpClientFactory httpClientFactory) {
        this.baseUrl = str;
        this.apiKey = secret;
        this.logger = consoleLogger;
        this.httpClient = httpClientFactory.create();
    }

    @NonNull
    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    public boolean testConnection() throws ApiClientException {
        Request createRequest = createRequest(URI.create(PRODUCT_URL));
        return ((Boolean) executeWithRetry(() -> {
            try {
                Response execute = this.httpClient.newCall(createRequest).execute();
                try {
                    this.logger.log(execute.toString());
                    if (execute.isSuccessful()) {
                        if (execute != null) {
                            execute.close();
                        }
                        return true;
                    }
                    int code = execute.code();
                    this.logger.log(execute.body().string());
                    throw new ApiClientException(Messages.ApiClient_Error_Connection(Integer.valueOf(code), HttpStatus.valueOf(code).getReasonPhrase()));
                } catch (Throwable th) {
                    if (execute != null) {
                        try {
                            execute.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (ApiClientException e) {
                throw e;
            } catch (IOException e2) {
                throw new ApiClientException(Messages.ApiClient_Error_Connection("", ""), e2);
            }
        })).booleanValue();
    }

    @NonNull
    public List<JSONObject> getProducts() throws ApiClientException {
        return getData(PRODUCT_URL);
    }

    @NonNull
    public List<JSONObject> getEngagements(String str) throws ApiClientException {
        return getData("/api/v2/engagement/?product=" + str);
    }

    @NonNull
    public List<JSONObject> getScanTypes() throws ApiClientException {
        return getData(SCAN_TYPE_URL);
    }

    @NonNull
    public String getProductId(String str) throws ApiClientException {
        return getIdFromDojo(createRequest(UriComponentsBuilder.fromUriString(PRODUCT_URL).queryParam(LOOKUP_NAME_EXACT_PARAM, new Object[]{"{productName}"}).build(new Object[]{str})));
    }

    @NonNull
    public String getEngagementId(@Nullable String str, String str2) throws ApiClientException {
        UriComponentsBuilder queryParam = UriComponentsBuilder.fromUriString(ENGAGEMENT_URL).queryParam(LOOKUP_NAME_PARAM, new Object[]{"{engagementName}"});
        URI build = queryParam.build(new Object[]{str2});
        if (str != null) {
            queryParam.queryParam(LOOKUP_BY_PRODUCT_ID_PARAM, new Object[]{"{productId}"});
            build = queryParam.build(new Object[]{str2, str});
        }
        return getIdFromDojo(createRequest(build));
    }

    @NonNull
    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    public Boolean upload(String str, String str2, @Nullable String str3, @Nullable String str4, @Nullable String str5, @NonNull FilePath filePath, @NonNull String str6, boolean z) throws IOException, InterruptedException {
        if (!filePath.exists()) {
            this.logger.log(Messages.Builder_Error_Processing(filePath.getRemote()));
            return false;
        }
        String str7 = null;
        String str8 = UPLOAD_URL;
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(LOOKUP_TEST_PARAM, str6);
        jSONObject.put(LOOKUP_TEST_BY_EGAGEMENT_ID_PARAM, str2);
        jSONObject.put("product_id", str);
        if (StringUtils.isNotBlank(str3)) {
            jSONObject.put("source_code_management_uri", str3);
        }
        if (StringUtils.isNotBlank(str4)) {
            jSONObject.put("branch_tag", str4);
        }
        if (StringUtils.isNotBlank(str5)) {
            jSONObject.put("commit_hash", str5);
        }
        jSONObject.put("do_not_reactivate", "true");
        jSONObject.put("active", "false");
        jSONObject.put("verified", "false");
        jSONObject.put("environment", "");
        jSONObject.put("minimum_severity", "Low");
        RequestBody create = RequestBody.create(new File(filePath.getRemote()), MediaType.parse("application/octet-stream"));
        if (StringUtils.isNotBlank(str2)) {
            str7 = getScanId(str2, str6);
        }
        if (z && StringUtils.isNotBlank(str7)) {
            str8 = REUPLOAD_URL;
            jSONObject.put("test", str7);
            jSONObject.remove("active");
            jSONObject.remove("verified");
        }
        Request createRequest = createRequest(URI.create(str8), "POST", createMultipartBody(jSONObject, create));
        return (Boolean) executeWithRetry(() -> {
            Response execute = this.httpClient.newCall(createRequest).execute();
            try {
                String string = execute.body().string();
                int code = execute.code();
                switch (code) {
                    case 200:
                    case 201:
                    case 202:
                        if (execute != null) {
                            execute.close();
                        }
                        return true;
                    case 400:
                        this.logger.log(Messages.Builder_Payload_Invalid());
                        break;
                    case 401:
                        this.logger.log(Messages.Builder_Unauthorized());
                        break;
                    case 404:
                        this.logger.log(Messages.Builder_Product_NotFound());
                        break;
                    default:
                        this.logger.log(Messages.ApiClient_Error_Connection(Integer.valueOf(code), HttpStatus.valueOf(code).getReasonPhrase()));
                        break;
                }
                this.logger.log(string);
                if (execute != null) {
                    execute.close();
                }
                return false;
            } catch (Throwable th) {
                if (execute != null) {
                    try {
                        execute.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        });
    }

    public String createEngagement(String str, String str2, @Nullable String str3) throws IOException {
        JSONObject fromObject = JSONObject.fromObject("{\"description\": \"Auto-created via Jenkins\",\"engagement_type\":\"Interactive\",\"status\": \"In Progress\",\"deduplication_on_engagement\": \"true\"}");
        LocalDate now = LocalDate.now();
        DateTimeFormatter ofPattern = DateTimeFormatter.ofPattern("yyyy-MM-dd");
        fromObject.put(LOOKUP_NAME_PARAM, str);
        fromObject.put(LOOKUP_BY_PRODUCT_ID_PARAM, str2);
        fromObject.put("target_start", now.format(ofPattern));
        fromObject.put("target_end", now.plusDays(30L).format(ofPattern));
        if (StringUtils.isNotBlank(str3)) {
            fromObject.put("source_code_management_uri", str3);
        }
        Request createRequest = createRequest(URI.create(ENGAGEMENT_URL), "POST", RequestBody.create(fromObject.toString(), MediaType.parse("application/json")));
        return (String) executeWithRetry(() -> {
            Response execute = this.httpClient.newCall(createRequest).execute();
            try {
                String string = execute.body().string();
                int code = execute.code();
                switch (code) {
                    case 201:
                        String obj = JSONObject.fromObject(string).get(LOOKUP_ID_PARAM).toString();
                        if (execute != null) {
                            execute.close();
                        }
                        return obj;
                    case 400:
                        this.logger.log(Messages.Builder_Payload_Invalid());
                        break;
                    case 401:
                        this.logger.log(Messages.Builder_Unauthorized());
                        break;
                    default:
                        this.logger.log(Messages.ApiClient_Error_Connection(Integer.valueOf(code), HttpStatus.valueOf(code).getReasonPhrase()));
                        break;
                }
                this.logger.log(string);
                if (execute != null) {
                    execute.close();
                }
                return null;
            } catch (Throwable th) {
                if (execute != null) {
                    try {
                        execute.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        });
    }

    public String createProduct(String str, @Nullable String str2) throws IOException {
        JSONObject fromObject = JSONObject.fromObject("{\"description\": \"Auto-created via Jenkins\",\"prod_type\":\"1\"}");
        fromObject.put(LOOKUP_NAME_PARAM, str);
        if (StringUtils.isNotBlank(str2)) {
            fromObject.put("origin", str2);
        }
        Request createRequest = createRequest(URI.create(PRODUCT_URL), "POST", RequestBody.create(fromObject.toString(), MediaType.parse("application/json")));
        return (String) executeWithRetry(() -> {
            Response execute = this.httpClient.newCall(createRequest).execute();
            try {
                String string = execute.body().string();
                int code = execute.code();
                switch (code) {
                    case 201:
                        String obj = JSONObject.fromObject(string).get(LOOKUP_ID_PARAM).toString();
                        if (execute != null) {
                            execute.close();
                        }
                        return obj;
                    case 400:
                        this.logger.log(Messages.Builder_Payload_Invalid());
                        break;
                    case 401:
                        this.logger.log(Messages.Builder_Unauthorized());
                        break;
                    default:
                        this.logger.log(Messages.ApiClient_Error_Connection(Integer.valueOf(code), HttpStatus.valueOf(code).getReasonPhrase()));
                        break;
                }
                this.logger.log(string);
                if (execute != null) {
                    execute.close();
                }
                return null;
            } catch (Throwable th) {
                if (execute != null) {
                    try {
                        execute.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        });
    }

    @NonNull
    private List<JSONObject> getData(String str) throws ApiClientException {
        ArrayList arrayList = new ArrayList();
        int i = 0;
        boolean z = true;
        while (z) {
            int i2 = i;
            i += 500;
            Stream stream = getPaged(i2, i, str).stream();
            Class<JSONObject> cls = JSONObject.class;
            Objects.requireNonNull(JSONObject.class);
            List list = (List) stream.map(cls::cast).collect(Collectors.toList());
            z = !list.isEmpty();
            arrayList.addAll(list);
        }
        return arrayList;
    }

    @NonNull
    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    private List<Object> getPaged(int i, int i2, String str) throws ApiClientException {
        Request createRequest = createRequest(UriComponentsBuilder.fromUriString(str).queryParam("limit", new Object[]{"{limit}"}).queryParam("offset", new Object[]{"{offset}"}).build(new Object[]{Integer.valueOf(i2), Integer.valueOf(i)}));
        return (List) executeWithRetry(() -> {
            try {
                Response execute = this.httpClient.newCall(createRequest).execute();
                try {
                    if (execute.isSuccessful()) {
                        JSONArray requestResult = getRequestResult(execute.body().string());
                        if (execute != null) {
                            execute.close();
                        }
                        return requestResult;
                    }
                    JSONArray jSONArray = new JSONArray();
                    if (execute != null) {
                        execute.close();
                    }
                    return jSONArray;
                } finally {
                }
            } catch (IOException e) {
                throw new ApiClientException(Messages.ApiClient_Error_Connection("", ""), e);
            }
        });
    }

    @NonNull
    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    private String getScanId(@NonNull String str, @NonNull String str2) throws ApiClientException {
        return getIdFromDojo(createRequest(UriComponentsBuilder.fromUriString(TESTS_URL).queryParam(LOOKUP_TEST_BY_EGAGEMENT_ID_PARAM, new Object[]{"{id}"}).queryParam(LOOKUP_TEST_PARAM, new Object[]{"{scanType}"}).build(new Object[]{str, str2})));
    }

    private String getIdFromDojo(Request request) throws ApiClientException {
        return (String) executeWithRetry(() -> {
            try {
                Response execute = this.httpClient.newCall(request).execute();
                try {
                    String string = execute.body().string();
                    if (!execute.isSuccessful()) {
                        this.logger.log(string);
                    }
                    JSONArray requestResult = getRequestResult(string);
                    if (requestResult.size() <= 0) {
                        if (execute != null) {
                            execute.close();
                        }
                        return null;
                    }
                    String string2 = ((JSONObject) requestResult.get(0)).getString(LOOKUP_ID_PARAM);
                    if (execute != null) {
                        execute.close();
                    }
                    return string2;
                } catch (Throwable th) {
                    if (execute != null) {
                        try {
                            execute.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (ApiClientException e) {
                throw e;
            } catch (IOException e2) {
                throw new ApiClientException(Messages.ApiClient_Error_Connection("", ""), e2);
            }
        });
    }

    private JSONArray getRequestResult(String str) {
        return JSONObject.fromObject(str).getJSONArray("results");
    }

    private RequestBody createMultipartBody(JSONObject jSONObject, @Nullable RequestBody requestBody) {
        MultipartBody.Builder type = new MultipartBody.Builder().setType(MultipartBody.FORM);
        jSONObject.keySet().forEach(obj -> {
            type.addFormDataPart(obj.toString(), jSONObject.get(obj).toString());
        });
        if (requestBody != null) {
            type.addFormDataPart("file", "file.json", requestBody);
        }
        return type.build();
    }

    private Request createRequest(URI uri) {
        return createRequest(uri, "GET", null);
    }

    private Request createRequest(URI uri, String str, RequestBody requestBody) {
        return new Request.Builder().url(this.baseUrl + String.valueOf(uri)).addHeader(API_KEY_HEADER, "Token " + this.apiKey.getPlainText()).addHeader("Accept", "application/json").method(str, requestBody).build();
    }

    private <T, E extends IOException> T executeWithRetry(RetryAction<T, E> retryAction) throws IOException {
        ApiClientExceptionClassifier apiClientExceptionClassifier = new ApiClientExceptionClassifier();
        CompositeRetryPolicy compositeRetryPolicy = new CompositeRetryPolicy();
        UniformRandomBackOffPolicy uniformRandomBackOffPolicy = new UniformRandomBackOffPolicy();
        RetryTemplate retryTemplate = new RetryTemplate();
        uniformRandomBackOffPolicy.setMinBackOffPeriod(50L);
        uniformRandomBackOffPolicy.setMaxBackOffPeriod(500L);
        compositeRetryPolicy.setPolicies(new RetryPolicy[]{new MaxAttemptsRetryPolicy(2), new BinaryExceptionClassifierRetryPolicy(apiClientExceptionClassifier)});
        retryTemplate.setBackOffPolicy(uniformRandomBackOffPolicy);
        retryTemplate.setRetryPolicy(compositeRetryPolicy);
        return (T) retryTemplate.execute(retryContext -> {
            return retryAction.executeWithRetry();
        });
    }
}
