package io.jenkins.plugins.harbor.client;

import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.damnhandy.uri.template.UriTemplate;
import edu.umd.cs.findbugs.annotations.Nullable;
import hudson.cli.NoCheckTrustManager;
import io.jenkins.plugins.harbor.HarborException;
import io.jenkins.plugins.harbor.client.models.Artifact;
import io.jenkins.plugins.harbor.client.models.NativeReportSummary;
import io.jenkins.plugins.harbor.client.models.Repository;
import io.jenkins.plugins.harbor.util.HarborConstants;
import io.jenkins.plugins.harbor.util.JsonParser;
import io.jenkins.plugins.okhttp.api.JenkinsOkHttpClient;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import okhttp3.HttpUrl;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import okhttp3.ResponseBody;
import okhttp3.logging.HttpLoggingInterceptor;

/* loaded from: input_file:io/jenkins/plugins/harbor/client/HarborClientImpl.class */
public class HarborClientImpl implements HarborClient {
    private static final int DEFAULT_CONNECT_TIMEOUT_SECONDS = 30;
    private static final int DEFAULT_READ_TIMEOUT_SECONDS = 30;
    private static final int DEFAULT_WRITE_TIMEOUT_SECONDS = 30;
    private static final String API_PING_PATH = "/ping";
    private static final String API_LIST_ALL_REPOSITORIES_PATH = "/repositories";
    private static final String API_LIST_ARTIFACTS_PATH = "/projects/{project_name}/repositories/{repository_name}/artifacts";
    private static final String API_GET_ARTIFACT_PATH = "/projects/{project_name}/repositories/{repository_name}/artifacts/{reference}";
    private final String baseUrl;
    private final OkHttpClient httpClient;

    public HarborClientImpl(String str, StandardUsernamePasswordCredentials standardUsernamePasswordCredentials, boolean z, boolean z2) throws NoSuchAlgorithmException, KeyManagementException {
        this.baseUrl = str;
        OkHttpClient.Builder newClientBuilder = JenkinsOkHttpClient.newClientBuilder(new OkHttpClient());
        addTimeout(newClientBuilder);
        skipTlsVerify(newClientBuilder, z);
        addAuthenticator(newClientBuilder, standardUsernamePasswordCredentials);
        enableDebugLogging(newClientBuilder, z2);
        this.httpClient = newClientBuilder.build();
    }

    private OkHttpClient.Builder addTimeout(OkHttpClient.Builder builder) {
        builder.connectTimeout(30L, TimeUnit.SECONDS);
        builder.readTimeout(30L, TimeUnit.SECONDS);
        builder.writeTimeout(30L, TimeUnit.SECONDS);
        builder.setRetryOnConnectionFailure$okhttp(true);
        return builder;
    }

    private OkHttpClient.Builder skipTlsVerify(OkHttpClient.Builder builder, boolean z) throws NoSuchAlgorithmException, KeyManagementException {
        if (z) {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            TrustManager[] trustManagerArr = {new NoCheckTrustManager()};
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            builder.sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustManagerArr[0]);
            builder.setHostnameVerifier$okhttp((str, sSLSession) -> {
                return true;
            });
        }
        return builder;
    }

    private OkHttpClient.Builder addAuthenticator(OkHttpClient.Builder builder, StandardUsernamePasswordCredentials standardUsernamePasswordCredentials) {
        if (standardUsernamePasswordCredentials != null) {
            builder.addInterceptor(new HarborInterceptor(standardUsernamePasswordCredentials));
        }
        return builder;
    }

    private OkHttpClient.Builder enableDebugLogging(OkHttpClient.Builder builder, boolean z) {
        if (z) {
            HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
            httpLoggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
            builder.addInterceptor(httpLoggingInterceptor);
        }
        return builder;
    }

    private String getXAcceptVulnerabilities() {
        return String.format("%s, %s", HarborConstants.HarborVulnerabilityReportV11MimeType, HarborConstants.HarborVulnReportv1MimeType);
    }

    @Override // io.jenkins.plugins.harbor.client.HarborClient
    public NativeReportSummary getVulnerabilitiesAddition(String str, String str2, String str3) {
        return null;
    }

    @Override // io.jenkins.plugins.harbor.client.HarborClient
    public String getPing() throws IOException {
        UriTemplate fromTemplate = UriTemplate.fromTemplate(this.baseUrl + "/ping");
        HttpUrl parse = HttpUrl.parse(fromTemplate.expand());
        if (parse != null) {
            return httpGet(parse);
        }
        throw new HarborException(String.format("httpUrl is null, UriTemplate is %s.", fromTemplate.expand()));
    }

    @Override // io.jenkins.plugins.harbor.client.HarborClient
    public Repository[] listAllRepositories() throws IOException {
        return (Repository[]) JsonParser.toJava(httpGet(addQueryParameter(UriTemplate.fromTemplate(this.baseUrl + "/repositories"), new HashMap())), Repository[].class);
    }

    @Override // io.jenkins.plugins.harbor.client.HarborClient
    public Artifact[] listArtifacts(String str, String str2, @Nullable Map<String, String> map) throws HarborException, IOException {
        return (Artifact[]) JsonParser.toJava(httpGet(addQueryParameter(UriTemplate.fromTemplate(this.baseUrl + "/projects/{project_name}/repositories/{repository_name}/artifacts").set("project_name", str).set("repository_name", str2), map)), Artifact[].class);
    }

    @Override // io.jenkins.plugins.harbor.client.HarborClient
    public Artifact getArtifact(String str, String str2, String str3, @Nullable Map<String, String> map) throws IOException {
        return (Artifact) JsonParser.toJava(httpGet(addQueryParameter(UriTemplate.fromTemplate(this.baseUrl + "/projects/{project_name}/repositories/{repository_name}/artifacts/{reference}").set("project_name", str).set("repository_name", str2).set("reference", str3), map)), Artifact.class);
    }

    private HttpUrl addQueryParameter(UriTemplate uriTemplate, @Nullable Map<String, String> map) {
        HttpUrl parse = HttpUrl.parse(uriTemplate.expand());
        if (parse == null) {
            throw new HarborException(String.format("httpUrl is null, UriTemplate is %s.", uriTemplate.expand()));
        }
        HttpUrl.Builder newBuilder = parse.newBuilder();
        if (map != null) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                newBuilder.addQueryParameter(entry.getKey(), entry.getValue());
            }
        }
        return newBuilder.build();
    }

    private String httpGet(HttpUrl httpUrl) throws IOException {
        Response execute = this.httpClient.newCall(new Request.Builder().url(httpUrl.url()).header("X-Accept-Vulnerabilities", getXAcceptVulnerabilities()).build()).execute();
        ResponseBody body = execute.body();
        if (body == null) {
            throw new HarborRequestException(execute.code(), String.format("httpGet method get responseBody failed, The request api is %s, Response message is '%s'", httpUrl, execute.message()));
        }
        if (execute.isSuccessful()) {
            return body.string();
        }
        throw new HarborRequestException(execute.code(), String.format("The server(%s) api response failed, Response message is '%s'.", httpUrl, body.string()));
    }
}
