package com.qualys.plugins.wasPlugin.report;

import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.qualys.plugins.wasPlugin.QualysAuth.QualysAuth;
import com.qualys.plugins.wasPlugin.QualysClient.QualysCSClient;
import com.qualys.plugins.wasPlugin.util.Helper;
import hudson.Extension;
import hudson.model.Action;
import hudson.model.Run;
import hudson.util.Secret;
import java.io.File;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.logging.Logger;
import net.sf.json.JSONObject;
import org.apache.commons.io.FileUtils;
import org.json.JSONArray;
import org.json.XML;

@Extension
/* loaded from: input_file:com/qualys/plugins/wasPlugin/report/ReportAction.class */
public class ReportAction implements Action {
    private String scanId;
    private String status;
    private String scanReference;
    private String targetUrl;
    private String webAppId;
    private String scanName;
    private boolean isFailConditionsConfigured;
    private JsonObject evaluationResult;
    private String portalUrl;
    private String reportUrl;
    private String apiServer;
    private String apiUser;
    private Secret apiPass;
    private boolean useProxy;
    private String proxyServer;
    private int proxyPort;
    private String proxyUsername;
    private Secret proxyPassword;
    private JSONObject scanResult;
    private Run<?, ?> run;
    private static final Logger logger = Helper.getLogger(ReportAction.class.getName());

    public ReportAction() {
    }

    public ReportAction(Run<?, ?> run, String str, String str2, String str3, String str4, String str5, Secret secret, boolean z, String str6, int i, String str7, Secret secret2, String str8) {
        this.scanId = str;
        this.scanName = str3;
        this.webAppId = str2;
        this.apiServer = str4;
        this.apiUser = str5;
        this.apiPass = secret;
        this.useProxy = z;
        this.proxyServer = str6;
        this.proxyPort = i;
        this.proxyUsername = str7;
        this.proxyPassword = secret2;
        this.portalUrl = str8;
        this.reportUrl = (str8.endsWith("/") ? str8 : str8 + "/") + "was/#/reports/online-reports/email-report/scan/" + str;
        this.run = run;
    }

    public String getScanId() {
        return this.scanId;
    }

    public String getWebAppId() {
        return this.webAppId;
    }

    public String getScanName() {
        return this.scanName;
    }

    public String getReportUrl() {
        return this.reportUrl;
    }

    public JSONObject getScanResult() {
        Gson gson;
        JsonObject jsonObject;
        JsonObject asJsonObject;
        JsonElement jsonElement;
        this.scanResult = new JSONObject();
        try {
            File file = new File(this.run.getArtifactsDir().getAbsolutePath() + File.separator + "qualys_" + this.scanId + ".json");
            gson = new Gson();
            if (file.exists()) {
                jsonObject = (JsonObject) gson.fromJson(FileUtils.readFileToString(file), JsonObject.class);
            } else {
                QualysAuth qualysAuth = new QualysAuth();
                qualysAuth.setQualysCredentials(this.apiServer, this.apiUser, this.apiPass.getPlainText());
                if (this.useProxy) {
                    qualysAuth.setProxyCredentials(this.proxyServer, this.proxyPort, this.proxyUsername, this.proxyPassword.getPlainText());
                }
                jsonObject = new QualysCSClient(qualysAuth, System.out).getScanResult(this.scanId).response;
            }
            if (!jsonObject.has("evaluationResult") || jsonObject.get("evaluationResult").isJsonNull()) {
                this.scanResult.put("isEvaluationResult", 0);
                this.scanResult.put("evaluationResult", JSONObject.fromObject("{}"));
            } else {
                this.scanResult.put("isEvaluationResult", 1);
                JsonObject asJsonObject2 = jsonObject.get("evaluationResult").getAsJsonObject();
                Gson create = new GsonBuilder().serializeNulls().create();
                this.scanResult.put("evaluationResult", JSONObject.fromObject(create.toJson((JsonElement) create.fromJson(create.toJson(asJsonObject2), JsonElement.class))));
            }
            asJsonObject = jsonObject.get("ServiceResponse").getAsJsonObject();
            jsonElement = asJsonObject.get("responseCode");
        } catch (Exception e) {
            logger.info("Error parsing scan Result: " + e.getMessage());
            this.scanResult.put("error", e.getMessage());
            e.printStackTrace();
        }
        if (jsonElement != null && !jsonElement.getAsString().equalsIgnoreCase("SUCCESS")) {
            JsonObject asJsonObject3 = asJsonObject.getAsJsonObject("responseErrorDetails");
            logger.info("Server Response: " + asJsonObject3.toString());
            throw new Exception(asJsonObject3.get("errorMessage").getAsString());
        }
        String[] strArr = {"linksCrawled", "nbRequests", "resultsStatus", "authStatus"};
        JsonObject asJsonObject4 = asJsonObject.get("data").getAsJsonArray().get(0).getAsJsonObject().get("WasScan").getAsJsonObject();
        JsonObject batchAndGetKbData = batchAndGetKbData(asJsonObject4);
        if (batchAndGetKbData.isJsonNull()) {
            logger.info(new Timestamp(System.currentTimeMillis()) + " KB data not found. ");
        } else {
            JsonObject asJsonObject5 = asJsonObject4.getAsJsonObject("vulns");
            JsonArray asJsonArray = asJsonObject5.getAsJsonArray("list");
            int asInt = asJsonObject5.get("count").getAsInt();
            for (int i = 0; i < asInt; i++) {
                JsonObject asJsonObject6 = asJsonArray.get(i).getAsJsonObject().getAsJsonObject("WasScanVuln");
                String asString = asJsonObject6.get("qid").getAsString();
                String asString2 = batchAndGetKbData.get(asString + "_solution").getAsString();
                String asString3 = batchAndGetKbData.get(asString + "_diagnosis").getAsString();
                if (asString2.isEmpty() || asString3.isEmpty()) {
                    logger.info(new Timestamp(System.currentTimeMillis()) + " Kb data not found for qid: " + asString);
                } else {
                    asJsonObject6.addProperty("solution", asString2);
                    asJsonObject6.addProperty("diagnosis", asString3);
                }
            }
        }
        JsonObject asJsonObject7 = asJsonObject4.get("summary").getAsJsonObject();
        for (int i2 = 0; i2 < strArr.length; i2++) {
            try {
                try {
                    this.scanResult.put(strArr[i2], asJsonObject7.get(strArr[i2]).getAsString());
                } catch (Exception e2) {
                    logger.info("Couldn't fetch " + strArr[i2] + " info. Reason: " + e2.getMessage());
                    this.scanResult.put(strArr[i2], "Exception: " + e2.getMessage());
                }
            } catch (NullPointerException e3) {
                logger.info("Couldn't fetch " + strArr[i2] + " info. Reason: " + e3.getMessage());
                this.scanResult.put(strArr[i2], " - ");
            }
        }
        try {
            try {
                this.scanResult.put("scanDuration", Helper.secondsToReadableTime(Long.parseLong(asJsonObject4.get("scanDuration").getAsString(), 10)));
            } catch (Exception e4) {
                logger.info("Couldn't fetch scanDuration info. Reason: " + e4.getMessage());
                this.scanResult.put("scanDuration", "Exception: " + e4.getMessage());
            }
        } catch (NullPointerException e5) {
            logger.info("Couldn't fetch scanDuration info. Reason: " + e5.getMessage());
            this.scanResult.put("scanDuration", "Couldn't find the value in API Response.");
        }
        try {
            String asString4 = asJsonObject4.get("reference").getAsString();
            this.scanResult.put("reference", asString4);
            this.scanReference = asString4;
        } catch (NullPointerException e6) {
            logger.info("Couldn't fetch reference info. Reason: " + e6.getMessage());
            this.scanResult.put("reference", "Couldn't find the value in API Response.");
        } catch (Exception e7) {
            logger.info("Couldn't fetch reference info. Reason: " + e7.getMessage());
            this.scanResult.put("reference", "Exception: " + e7.getMessage());
        }
        try {
            try {
                String asString5 = asJsonObject4.get("target").getAsJsonObject().get("webApp").getAsJsonObject().get("url").getAsString();
                this.scanResult.put("targetUrl", asString5);
                this.targetUrl = asString5;
            } catch (Exception e8) {
                logger.info("Couldn't fetch targetUrl info. Reason: " + e8.getMessage());
                this.scanResult.put("targetUrl", "Exception: " + e8.getMessage());
            }
        } catch (NullPointerException e9) {
            logger.info("Couldn't fetch targetUrl info. Reason: " + e9.getMessage());
            this.scanResult.put("targetUrl", "Couldn't find the value in API Response.");
        }
        this.scanResult.put("vulnsBySeverity", JSONObject.fromObject("{\"1\": 0,\"2\": 0,\"3\": 0,\"4\": 0,\"5\": 0}"));
        try {
            JsonObject asJsonObject8 = asJsonObject4.get("stats").getAsJsonObject().get("global").getAsJsonObject();
            JSONObject jSONObject = new JSONObject();
            for (int i3 = 1; i3 <= 5; i3++) {
                jSONObject.put("" + i3, asJsonObject8.get("nbVulnsLevel" + i3).getAsString());
            }
            this.scanResult.put("vulnsBySeverity", jSONObject);
        } catch (NullPointerException e10) {
            e10.printStackTrace();
            logger.info("Couldn't fetch Vulnerabilities by Severity info. Reason: " + e10.getMessage());
            this.scanResult.put("vulnsBySeverity", "Couldn't find the value in API Response.");
        } catch (Exception e11) {
            logger.info("Couldn't fetch Vulnerabilities by Severity info. Reason: " + e11.getMessage());
            this.scanResult.put("vulnsBySeverity", "Exception: " + e11.getMessage());
        }
        this.scanResult.put("vulnsTable", JSONObject.fromObject("{list:[]}"));
        String[] strArr2 = {"vulns", "sensitiveContents", "igs"};
        for (int i4 = 0; i4 < strArr2.length; i4++) {
            try {
                JsonObject asJsonObject9 = asJsonObject4.get(strArr2[i4]).getAsJsonObject();
                String asString6 = asJsonObject9.get("count").getAsString();
                this.scanResult.put(strArr2[i4], asString6);
                if (strArr2[i4].equals("vulns") && Integer.parseInt(asString6) > 0) {
                    this.scanResult.put("vulnsTable", JSONObject.fromObject(gson.toJson(asJsonObject9)));
                }
            } catch (NullPointerException e12) {
                logger.info("Couldn't fetch " + strArr2[i4] + " info. Reason: " + e12.getMessage());
                this.scanResult.put(strArr2[i4], "Couldn't find the value in API Response.");
            } catch (Exception e13) {
                logger.info("Couldn't fetch " + strArr2[i4] + " info. Reason: " + e13.getMessage());
                this.scanResult.put(strArr2[i4], "Exception: " + e13.getMessage());
            }
        }
        return this.scanResult;
    }

    public JSONObject getStatus() {
        JSONObject jSONObject = new JSONObject();
        try {
            if (this.status == null || !this.status.equals("FINISHED")) {
                jSONObject = parseScanStatus(this.scanId);
                if (jSONObject.get("value") == "FINISHED") {
                    this.status = "FINISHED";
                }
            } else {
                jSONObject.put("value", "FINISHED");
                jSONObject.put("cssClass", "success");
                jSONObject.put("targetUrl", this.targetUrl);
                jSONObject.put("reference", this.scanReference);
            }
        } catch (Exception e) {
            e.printStackTrace();
            jSONObject.put("value", e.getMessage());
            jSONObject.put("cssClass", "error");
        }
        return jSONObject;
    }

    public JSONObject parseScanStatus(String str) throws Exception {
        JsonElement jsonElement;
        JSONObject jSONObject = new JSONObject();
        new JsonObject();
        try {
            QualysAuth qualysAuth = new QualysAuth();
            qualysAuth.setQualysCredentials(this.apiServer, this.apiUser, this.apiPass.getPlainText());
            if (this.useProxy) {
                qualysAuth.setProxyCredentials(this.proxyServer, this.proxyPort, this.proxyUsername, this.proxyPassword.getPlainText());
            }
            JsonObject asJsonObject = new QualysCSClient(qualysAuth, System.out).getScanDetails(str).response.get("ServiceResponse").getAsJsonObject();
            JsonElement jsonElement2 = asJsonObject.get("responseCode");
            if (jsonElement2 != null && !jsonElement2.getAsString().equals("SUCCESS")) {
                JsonObject asJsonObject2 = asJsonObject.getAsJsonObject("responseErrorDetails");
                logger.info("Server Response: " + asJsonObject2.toString());
                throw new Exception(asJsonObject2.get("errorMessage").getAsString());
            }
            JsonArray asJsonArray = asJsonObject.getAsJsonArray("data");
            for (int i = 0; i < asJsonArray.size(); i++) {
                JsonObject asJsonObject3 = asJsonArray.get(i).getAsJsonObject().getAsJsonObject("WasScan");
                String asString = asJsonObject3.get("status").getAsString();
                try {
                    String asString2 = asJsonObject3.get("reference").getAsString();
                    String asString3 = asJsonObject3.getAsJsonObject("target").getAsJsonObject("webApp").get("url").getAsString();
                    jSONObject.put("reference", asString2);
                    jSONObject.put("targetUrl", asString3);
                } catch (Exception e) {
                    if (jSONObject.get("reference") != null) {
                        jSONObject.put("reference", "");
                    }
                    if (jSONObject.get("targetUrl") != null) {
                        jSONObject.put("targetUrl", "");
                    }
                }
                if (asString.equals("FINISHED") || asString.equals("COMPLETED")) {
                    jSONObject.put("value", "FINISHED");
                    jSONObject.put("cssClass", "success");
                } else {
                    jSONObject.put("value", asString);
                    jSONObject.put("cssClass", "info");
                    JsonObject asJsonObject4 = asJsonObject3.getAsJsonObject("summary");
                    if (asJsonObject4 != null && !asJsonObject4.isJsonNull() && (jsonElement = asJsonObject4.get("resultsStatus")) != null && !jsonElement.isJsonNull()) {
                        jSONObject.put("resultsStatus", jsonElement.getAsString());
                    }
                }
            }
            return jSONObject;
        } catch (Exception e2) {
            throw e2;
        }
    }

    public String getIconFileName() {
        return "clipboard.png";
    }

    public String getDisplayName() {
        return "Qualys WAS Scan Status";
    }

    public String getUrlName() {
        return "qualys_was_scan_status.html";
    }

    public org.json.JSONObject getKbData(String str) {
        QualysAuth qualysAuth = new QualysAuth();
        qualysAuth.setQualysCredentials(this.apiServer, this.apiUser, this.apiPass.getPlainText());
        if (this.useProxy) {
            qualysAuth.setProxyCredentials(this.proxyServer, this.proxyPort, this.proxyUsername, this.proxyPassword.getPlainText());
        }
        String kbData = new QualysCSClient(qualysAuth, System.out).getKbData("?action=list&details=All&show_supported_modules_info=1&ids=" + str);
        org.json.JSONObject jSONObject = null;
        if (!kbData.isEmpty()) {
            org.json.JSONObject jSONObject2 = new org.json.JSONObject(kbData);
            String obj = jSONObject2.get("statusCode").toString();
            String obj2 = jSONObject2.get("body").toString();
            if (obj.equals("200")) {
                jSONObject = XML.toJSONObject(obj2);
            }
        }
        return jSONObject;
    }

    public JsonObject batchAndGetKbData(JsonObject jsonObject) {
        ArrayList<ArrayList<String>> arrayList = new ArrayList<>();
        JsonObject jsonObject2 = new JsonObject();
        try {
            new Gson();
            JsonObject asJsonObject = jsonObject.getAsJsonObject("vulns");
            JsonArray asJsonArray = asJsonObject.getAsJsonArray("list");
            int asInt = asJsonObject.get("count").getAsInt();
            ArrayList arrayList2 = new ArrayList();
            for (int i = 0; i < asInt; i++) {
                arrayList2.add(asJsonArray.get(i).getAsJsonObject().getAsJsonObject("WasScanVuln").get("qid").getAsString());
                if (arrayList2.size() == 500) {
                    arrayList.add(new ArrayList<>(arrayList2));
                    arrayList2.clear();
                } else if (i == asInt - 1) {
                    arrayList.add(new ArrayList<>(arrayList2));
                    arrayList2.clear();
                }
            }
            jsonObject2 = processBatch(arrayList);
            return jsonObject2;
        } catch (Exception e) {
            e.printStackTrace();
            logger.info(new Timestamp(System.currentTimeMillis()) + " Error batchAndGetKbData: " + e.getMessage());
            return jsonObject2;
        }
    }

    public JsonObject processBatch(ArrayList<ArrayList<String>> arrayList) {
        JsonObject jsonObject = new JsonObject();
        try {
            if (0 >= arrayList.size()) {
                return jsonObject;
            }
            String replace = arrayList.get(0).toString().replace("[", "").replace("]", "").replace(" ", "");
            Gson gson = new Gson();
            org.json.JSONObject kbData = getKbData(replace);
            if (kbData == null) {
                logger.info(new Timestamp(System.currentTimeMillis()) + " Kb data not found for qids: " + arrayList);
                return jsonObject;
            }
            org.json.JSONObject jSONObject = kbData.getJSONObject("KNOWLEDGE_BASE_VULN_LIST_OUTPUT").getJSONObject("RESPONSE").getJSONObject("VULN_LIST");
            gson.toJson(jsonObject);
            JSONArray jSONArray = jSONObject.getJSONArray("VULN");
            for (int i = 0; i < jSONArray.length(); i++) {
                org.json.JSONObject jSONObject2 = jSONArray.getJSONObject(i);
                String num = Integer.toString(jSONObject2.getInt("QID"));
                String string = jSONObject2.getString("SOLUTION");
                String string2 = jSONObject2.getString("DIAGNOSIS");
                jsonObject.addProperty(num + "_solution", string);
                jsonObject.addProperty(num + "_diagnosis", string2);
            }
            return jsonObject;
        } catch (Exception e) {
            e.printStackTrace();
            logger.info(new Timestamp(System.currentTimeMillis()) + " Error processBatch: " + e.getMessage());
            return jsonObject;
        }
    }
}
