package com.qualys.plugins.wasPlugin;

import com.google.gson.Gson;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.qualys.plugins.wasPlugin.QualysAuth.QualysAuth;
import com.qualys.plugins.wasPlugin.QualysClient.QualysCSClient;
import com.qualys.plugins.wasPlugin.QualysCriteria.QualysCriteria;
import com.qualys.plugins.wasPlugin.report.ReportAction;
import com.qualys.plugins.wasPlugin.util.Helper;
import hudson.AbortException;
import hudson.EnvVars;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.util.Secret;
import java.sql.Timestamp;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import java.util.logging.Logger;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/qualys/plugins/wasPlugin/WASScanLauncher.class */
public class WASScanLauncher {
    private Run<?, ?> run;
    private TaskListener listener;
    private String webAppId;
    private String scanName;
    private String scanType;
    private String authRecord;
    private String optionProfile;
    private String cancelOptions;
    private String authRecordId;
    private String optionProfileId;
    private String cancelHours;
    private int pollingIntervalForVulns;
    private int vulnsTimeout;
    private String portalUrl;
    private String apiServer;
    private String apiUser;
    private Secret apiPass;
    private boolean useProxy;
    private String proxyServer;
    private int proxyPort;
    private String proxyUsername;
    private Secret proxyPassword;
    private boolean isFailConditionsConfigured;
    private JsonObject criteriaObject;
    private QualysCSClient apiClient;
    private boolean failOnScanError;
    private static final Logger logger = Helper.getLogger(WASScanLauncher.class.getName());
    private static final int DEFAULT_POLLING_INTERVAL_FOR_VULNS = 5;
    private static final int DEFAULT_TIMEOUT_FOR_VULNS = 1440;

    public WASScanLauncher(Run<?, ?> run, TaskListener taskListener, String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, boolean z, String str10, String str11, JsonObject jsonObject, String str12, String str13, String str14, boolean z2, String str15, int i, String str16, String str17, String str18, boolean z3) {
        this.run = run;
        this.listener = taskListener;
        this.webAppId = str;
        this.scanName = str2;
        this.scanType = str3;
        this.authRecord = str4;
        this.optionProfile = str5;
        this.cancelOptions = str6;
        this.authRecordId = str7;
        this.optionProfileId = str8;
        this.cancelHours = str9;
        this.apiServer = str12;
        this.apiUser = str13;
        this.apiPass = Secret.fromString(str14);
        this.useProxy = z2;
        this.proxyServer = str15;
        this.proxyPort = i;
        this.proxyUsername = str16;
        this.proxyPassword = Secret.fromString(str17);
        this.portalUrl = str18;
        if (str2 != null && !str2.isEmpty() && !str2.equals("")) {
            this.scanName += "_[timestamp]";
        }
        this.criteriaObject = jsonObject;
        this.isFailConditionsConfigured = z;
        QualysAuth qualysAuth = new QualysAuth();
        qualysAuth.setQualysCredentials(str12, str13, str14);
        if (z2) {
            qualysAuth.setProxyCredentials(str15, i, str16, str17);
        }
        this.apiClient = new QualysCSClient(qualysAuth, System.out);
        this.pollingIntervalForVulns = setTimeoutInMinutes("pollingInterval", DEFAULT_POLLING_INTERVAL_FOR_VULNS, str10, taskListener);
        this.vulnsTimeout = setTimeoutInMinutes("vulnsTimeout", DEFAULT_TIMEOUT_FOR_VULNS, str11, taskListener);
        this.failOnScanError = z3;
    }

    private int setTimeoutInMinutes(String str, int i, String str2, TaskListener taskListener) {
        if (str2 != null && !str2.isEmpty()) {
            try {
                int i2 = 1;
                for (String str3 : str2.split("\\*")) {
                    i2 = (int) (i2 * Long.parseLong(str3));
                }
                return i2;
            } catch (Exception e) {
                taskListener.getLogger().println("Invalid " + str + " time value. Cannot parse -" + e.getMessage());
                taskListener.getLogger().println("Using default period of " + (str.equals("vulnsTimeout") ? "60*24" : Integer.valueOf(i)) + " minutes for " + str + ".");
            }
        }
        return i;
    }

    public void getAndProcessLaunchScanResult() throws Exception {
        JsonObject fetchScanResult;
        try {
            String launchScan = launchScan();
            if (launchScan == null || launchScan.equals("")) {
                throw new Exception("API Error. Could not launch new scan");
            }
            this.listener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " New Scan launched successfully. Scan ID: " + launchScan);
            logger.info("New Scan launched successfully.");
            JsonObject jsonObject = null;
            Boolean bool = true;
            if (this.isFailConditionsConfigured && (fetchScanResult = fetchScanResult(launchScan)) != null) {
                jsonObject = evaluateFailurePolicy(fetchScanResult);
                Helper.copyEvaluationResultToFile(this.run.getArtifactsDir().getAbsolutePath(), "qualys_" + launchScan, this.listener.getLogger(), jsonObject.getAsJsonObject("result"));
                bool = Boolean.valueOf(jsonObject.get("passed").getAsBoolean());
            }
            this.run.addAction(new ReportAction(this.run, launchScan, this.webAppId, this.scanName, this.apiServer, this.apiUser, this.apiPass, this.useProxy, this.proxyServer, this.proxyPort, this.proxyUsername, this.proxyPassword, this.portalUrl));
            if (this.isFailConditionsConfigured && !bool.booleanValue()) {
                throw new Exception(jsonObject.get("failureMessage").getAsString());
            }
        } catch (Exception e) {
            e.printStackTrace();
            throw new Exception(e.getMessage());
        } catch (AbortException e2) {
            e2.printStackTrace();
            throw new Exception(e2.getMessage());
        }
    }

    private String getBuildFailureMessages(JsonObject jsonObject) throws Exception {
        ArrayList arrayList = new ArrayList();
        if (jsonObject.has("qids") && jsonObject.get("qids") != null && !jsonObject.get("qids").isJsonNull()) {
            JsonObject asJsonObject = jsonObject.get("qids").getAsJsonObject();
            if (!asJsonObject.get("result").getAsBoolean()) {
                arrayList.add("QIDs configured in Failure Conditions were found in the scan result : " + asJsonObject.get("found").getAsString());
            }
        }
        String str = "\nConfigured : ";
        String str2 = "\nFound : ";
        boolean z = false;
        for (int i = 1; i <= DEFAULT_POLLING_INTERVAL_FOR_VULNS; i++) {
            if (jsonObject.has("severities") && jsonObject.get("severities") != null && !jsonObject.get("severities").isJsonNull()) {
                JsonObject asJsonObject2 = jsonObject.get("severities").getAsJsonObject().get("" + i).getAsJsonObject();
                if (asJsonObject2.has("configured") && !asJsonObject2.get("configured").isJsonNull() && asJsonObject2.get("configured").getAsInt() != -1) {
                    str2 = str2 + "Severity " + i + ": " + (asJsonObject2.get("found").isJsonNull() ? 0 : asJsonObject2.get("found").getAsString()) + ";";
                    str = str + "Severity " + i + ">" + asJsonObject2.get("configured").getAsString() + ";";
                    if (!asJsonObject2.get("result").getAsBoolean()) {
                        z = true;
                    }
                }
            }
        }
        if (z) {
            arrayList.add("The vulnerabilities count by severity exceeded one of the configured threshold value :" + str + str2);
        }
        return StringUtils.join(arrayList, "\n");
    }

    public JsonObject evaluateFailurePolicy(JsonObject jsonObject) throws Exception {
        Gson gson = new Gson();
        QualysCriteria qualysCriteria = new QualysCriteria(gson.toJson(this.criteriaObject));
        Boolean evaluate = qualysCriteria.evaluate(jsonObject);
        JsonObject jsonObject2 = new JsonObject();
        jsonObject2.add("passed", gson.toJsonTree(evaluate));
        jsonObject2.add("result", qualysCriteria.returnObject);
        if (!evaluate.booleanValue()) {
            jsonObject2.addProperty("failureMessage", getBuildFailureMessages(qualysCriteria.getResult()));
        }
        return jsonObject2;
    }

    public JsonObject fetchScanResult(String str) throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        long millis = TimeUnit.MINUTES.toMillis(this.vulnsTimeout);
        long millis2 = TimeUnit.MINUTES.toMillis(this.pollingIntervalForVulns);
        JsonElement jsonElement = null;
        while (true) {
            try {
                String scanFinishedStatus = getScanFinishedStatus(str);
                if (scanFinishedStatus != null) {
                    if (scanFinishedStatus.equalsIgnoreCase("finished")) {
                        Gson gson = new Gson();
                        jsonElement = getScanResult(str);
                        Helper.createNewFile(this.run.getArtifactsDir().getAbsolutePath(), "qualys_" + str, gson.toJson(jsonElement), this.listener.getLogger());
                    } else {
                        if (scanFinishedStatus.equalsIgnoreCase("canceled") && this.failOnScanError) {
                            throw new Exception("The scan(ScanId: " + str + ") has been canceled.");
                        }
                        if (scanFinishedStatus.equalsIgnoreCase("error") && this.failOnScanError) {
                            throw new Exception("The scan(ScanId: " + str + ") is not completed due to an error.");
                        }
                        if (this.failOnScanError) {
                            throw new Exception("Qualys WAS Scan(ScanId: " + str + ") failed with scan status: " + scanFinishedStatus);
                        }
                    }
                    return jsonElement;
                }
                if (System.currentTimeMillis() - currentTimeMillis > millis) {
                    this.listener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Failed to get scan result; timeout of " + this.vulnsTimeout + " minutes reached.");
                    throw new Exception("Timeout reached.");
                }
                try {
                    this.listener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Waiting for " + this.pollingIntervalForVulns + " minute(s) before making next attempt for scanResult of scanId:" + str + "...");
                    Thread.sleep(millis2);
                } catch (InterruptedException e) {
                    throw e;
                }
            } catch (Exception e2) {
                throw e2;
            }
        }
    }

    public JsonObject getScanResult(String str) {
        return this.apiClient.getScanResult(str).response;
    }

    public String getScanFinishedStatus(String str) {
        try {
            JsonObject asJsonObject = this.apiClient.getScanStatus(str).response.get("ServiceResponse").getAsJsonObject();
            JsonElement jsonElement = asJsonObject.get("responseCode");
            if (jsonElement != null && !jsonElement.getAsString().equals("SUCCESS")) {
                JsonObject asJsonObject2 = asJsonObject.getAsJsonObject("responseErrorDetails");
                logger.info("Server Response: " + asJsonObject2.toString());
                throw new Exception(asJsonObject2.get("errorMessage").getAsString());
            }
            JsonObject asJsonObject3 = asJsonObject.getAsJsonArray("data").get(0).getAsJsonObject().getAsJsonObject("WasScan");
            String asString = asJsonObject3.get("status").getAsString();
            String str2 = "Unknown.";
            try {
                str2 = asJsonObject3.getAsJsonObject("summary").get("resultsStatus").getAsString();
            } catch (Exception e) {
                logger.info("Could not read error reason from response.");
            }
            if (asString.equalsIgnoreCase("error") || asString.equalsIgnoreCase("canceled") || (asString.equalsIgnoreCase("finished") && !str2.equalsIgnoreCase("finished"))) {
                this.listener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Scan Status: " + asString + ". Reason: " + str2);
                return str2;
            }
            this.listener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Scan Status: " + asString);
            if (asString.equalsIgnoreCase("error") || asString.equalsIgnoreCase("canceled") || asString.equalsIgnoreCase("finished")) {
                return asString;
            }
            return null;
        } catch (Exception e2) {
            e2.printStackTrace();
            this.listener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Error getting scan status: " + e2.getMessage());
            return null;
        }
    }

    public String launchScan() throws Exception {
        new JsonObject();
        JsonObject jsonObject = new JsonObject();
        if (this.scanType == null || this.scanType.isEmpty() || this.scanType.equals("")) {
            throw new AbortException("Scan Type - Required parameter to launch scan is missing.");
        }
        if (this.scanName == null || this.scanName.isEmpty() || this.scanName.equals("")) {
            throw new AbortException("Scan Name - Required parameter to launch scan is missing.");
        }
        if (this.webAppId == null || this.webAppId.isEmpty() || this.webAppId.equals("")) {
            throw new AbortException("Web App ID - Required parameter to launch scan is missing.");
        }
        JsonObject jsonObject2 = new JsonObject();
        JsonObject jsonObject3 = new JsonObject();
        JsonObject jsonObject4 = new JsonObject();
        jsonObject4.addProperty("type", this.scanType);
        EnvVars environment = this.run.getEnvironment(this.listener);
        String str = (String) environment.get("JOB_NAME");
        this.scanName = this.scanName.replaceAll("(?i)\\[job_name\\]", str).replaceAll("(?i)\\[build_number\\]", (String) environment.get("BUILD_NUMBER")).replaceAll("(?i)\\[timestamp\\]", new SimpleDateFormat("yyyy-MM-dd-HH-mm").format(new Date()));
        jsonObject4.addProperty("name", this.scanName);
        JsonObject jsonObject5 = new JsonObject();
        JsonObject jsonObject6 = new JsonObject();
        jsonObject5.addProperty("id", this.webAppId);
        jsonObject6.add("webApp", jsonObject5);
        if (this.authRecord != null && this.authRecord.equals("useDefault")) {
            JsonObject jsonObject7 = new JsonObject();
            jsonObject7.addProperty("isDefault", "true");
            jsonObject6.add("webAppAuthRecord", jsonObject7);
        } else if (this.authRecord != null && this.authRecordId != null && this.authRecord.equals("other") && !this.authRecordId.isEmpty() && !this.authRecordId.equals("")) {
            JsonObject jsonObject8 = new JsonObject();
            jsonObject8.addProperty("id", this.authRecordId);
            jsonObject6.add("webAppAuthRecord", jsonObject8);
        }
        if (this.cancelHours != null && this.cancelOptions != null && this.cancelOptions.equals("xhours") && !this.cancelHours.isEmpty() && !this.cancelHours.equals("")) {
            jsonObject4.addProperty("cancelAfterNHours", this.cancelHours);
        }
        if (this.optionProfile != null && this.optionProfileId != null && this.optionProfile.equals("other") && !this.optionProfileId.isEmpty() && !this.optionProfileId.equals("")) {
            JsonObject jsonObject9 = new JsonObject();
            jsonObject9.addProperty("id", this.optionProfileId);
            jsonObject4.add("profile", jsonObject9);
        } else if (this.optionProfile != null && this.optionProfile.equals("useDefault")) {
            String str2 = "Launching Qualys WAS scan with - OptionProfile:Default";
        }
        jsonObject4.add("target", jsonObject6);
        jsonObject3.add("WasScan", jsonObject4);
        jsonObject2.add("data", jsonObject3);
        jsonObject.add("ServiceRequest", jsonObject2);
        try {
            Map<String, String> webappDetails = getWebappDetails(this.webAppId);
            if (webappDetails != null && jsonObject5.has("warning")) {
                this.listener.getLogger().println("WARNING: " + webappDetails.get("warning"));
            }
            this.listener.getLogger().println("Using Web Application: " + webappDetails.get("webAppName"));
            ArrayList arrayList = new ArrayList();
            this.listener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Calling Launch Scan API with Payload: " + jsonObject);
            if (this.isFailConditionsConfigured) {
                this.listener.getLogger().println("Using Build Failure Conditions configuration: " + this.criteriaObject);
            }
            JsonObject asJsonObject = this.apiClient.launchWASScan(jsonObject).response.get("ServiceResponse").getAsJsonObject();
            JsonElement jsonElement = asJsonObject.get("responseCode");
            if (jsonElement != null && !jsonElement.getAsString().equals("SUCCESS")) {
                JsonObject asJsonObject2 = asJsonObject.getAsJsonObject("responseErrorDetails");
                logger.info("Server Response: " + asJsonObject2.toString());
                throw new AbortException("Error while launching new scan. Server returned: " + asJsonObject2);
            }
            JsonArray asJsonArray = asJsonObject.get("data").getAsJsonArray();
            if (asJsonArray.size() == 0) {
                return "";
            }
            for (int i = 0; i < asJsonArray.size(); i++) {
                arrayList.add(asJsonArray.get(i).getAsJsonObject().get("WasScan").getAsJsonObject().get("id").getAsString());
            }
            return String.join(", ", arrayList);
        } catch (Exception e) {
            throw e;
        }
    }

    public Map<String, String> getWebappDetails(String str) throws Exception {
        logger.info("Fetching web app details from server.");
        new JsonObject();
        HashMap hashMap = new HashMap();
        try {
            JsonObject asJsonObject = this.apiClient.getWebAppDetails(this.webAppId).response.get("ServiceResponse").getAsJsonObject();
            JsonElement jsonElement = asJsonObject.get("responseCode");
            if (jsonElement != null && !jsonElement.getAsString().equals("SUCCESS")) {
                JsonObject asJsonObject2 = asJsonObject.getAsJsonObject("responseErrorDetails");
                logger.info("Server Response: " + asJsonObject2.toString());
                throw new Exception(asJsonObject2.get("errorMessage").getAsString());
            }
            JsonArray asJsonArray = asJsonObject.getAsJsonArray("data");
            for (int i = 0; i < asJsonArray.size(); i++) {
                JsonObject asJsonObject3 = asJsonArray.get(i).getAsJsonObject().getAsJsonObject("WebApp");
                String asString = asJsonObject3.get("name").getAsString();
                String asString2 = asJsonObject3.get("url").getAsString();
                JsonElement jsonElement2 = asJsonObject3.get("defaultScanner");
                if (jsonElement2 != null && !jsonElement2.isJsonNull() && jsonElement2.getAsJsonObject().get("type").getAsString().toLowerCase().equals("external")) {
                    hashMap.put("warning", "Default Scanner Appliance for this webapp is EXTERNAL scanner which will not work and an INTERNAL scanner appliance should be configured as default for the web app.");
                }
                hashMap.put("webAppName", asString);
                hashMap.put("webAppURL", asString2);
            }
            return hashMap;
        } catch (Exception e) {
            logger.info("Exception fetching web app details. Reason: " + e.getMessage());
            throw e;
        }
    }
}
