package com.hcl.appscan.sdk.scan;

import com.hcl.appscan.sdk.CoreConstants;
import com.hcl.appscan.sdk.Messages;
import com.hcl.appscan.sdk.app.CloudApplicationProvider;
import com.hcl.appscan.sdk.auth.IAuthenticationProvider;
import com.hcl.appscan.sdk.http.HttpClient;
import com.hcl.appscan.sdk.http.HttpPart;
import com.hcl.appscan.sdk.http.HttpResponse;
import com.hcl.appscan.sdk.logging.IProgress;
import com.hcl.appscan.sdk.logging.Message;
import com.hcl.appscan.sdk.scanners.dynamic.DASTConstants;
import com.hcl.appscan.sdk.scanners.sast.SASTConstants;
import com.hcl.appscan.sdk.utils.FileUtil;
import com.hcl.appscan.sdk.utils.ServiceUtil;
import java.io.File;
import java.io.IOException;
import java.io.Serializable;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import org.apache.wink.json4j.JSONArray;
import org.apache.wink.json4j.JSONException;
import org.apache.wink.json4j.JSONObject;

/* loaded from: input_file:com/hcl/appscan/sdk/scan/CloudScanServiceProvider.class */
public class CloudScanServiceProvider implements IScanServiceProvider, Serializable, CoreConstants {
    private static final long serialVersionUID = 1;
    private IProgress m_progress;
    private IAuthenticationProvider m_authProvider;
    private static final String[] DAST_FILES_EXTENSIONS = {DASTConstants.SCAN_EXTENSION, DASTConstants.SCANT_EXTENSION, DASTConstants.CONFIG_EXTENSION};

    public CloudScanServiceProvider(IProgress iProgress, IAuthenticationProvider iAuthenticationProvider) {
        this.m_progress = iProgress;
        this.m_authProvider = iAuthenticationProvider;
    }

    @Override // com.hcl.appscan.sdk.scan.IScanServiceProvider
    public String createAndExecuteScan(String str, Map<String, String> map) {
        return executeScan(this.m_authProvider.getServer() + String.format(CoreConstants.API_SCANNER, str), map, Messages.getMessage(CoreConstants.CREATE_SCAN_SUCCESS, str.toUpperCase()), Messages.getMessage(CoreConstants.SCAN_OVERVIEW, str.toUpperCase()));
    }

    @Override // com.hcl.appscan.sdk.scan.IScanServiceProvider
    public String rescan(String str, Map<String, String> map) {
        String str2 = this.m_authProvider.getServer() + String.format(CoreConstants.API_RESCAN, str);
        HashMap hashMap = new HashMap();
        hashMap.put(CoreConstants.NAME, map.remove(CoreConstants.SCAN_NAME));
        hashMap.put("EnableMailNotifications", map.remove(CoreConstants.EMAIL_NOTIFICATION));
        hashMap.put("FullyAutomatic", map.remove("FullyAutomatic"));
        ServiceUtil.updateScanData(hashMap, str, this.m_authProvider, this.m_progress);
        return executeScan(str2, map, Messages.getMessage(CoreConstants.RESCAN_SUCCESS, new Object[0]), Messages.getMessage(CoreConstants.RESCAN_OVERVIEW, new Object[0]));
    }

    private String executeScan(String str, Map<String, String> map, String str2, String str3) {
        JSONArray jSONArray;
        if (loginExpired()) {
            return null;
        }
        if (map.containsKey(CoreConstants.APP_ID) && !verifyApplication(map.get(CoreConstants.APP_ID).toString())) {
            return null;
        }
        Map<String, String> authorizationHeader = this.m_authProvider.getAuthorizationHeader(true);
        HttpClient httpClient = new HttpClient(this.m_authProvider.getProxy(), this.m_authProvider.getacceptInvalidCerts());
        try {
            authorizationHeader.put(CoreConstants.CONTENT_TYPE, "application/json");
            authorizationHeader.put("accept", "application/json");
            HttpResponse post = httpClient.post(str, authorizationHeader, map);
            int responseCode = post.getResponseCode();
            JSONObject responseBodyAsJSON = post.getResponseBodyAsJSON();
            if (responseCode == 201 || responseCode == 200) {
                String string = responseBodyAsJSON.getString(CoreConstants.ID);
                String str4 = map.containsKey(CoreConstants.SCAN_ID) ? this.m_authProvider.getServer() + "/main/myapps/" + map.get(CoreConstants.APP_ID) + "/scans/" + map.get(CoreConstants.SCAN_ID) : this.m_authProvider.getServer() + "/main/myapps/" + map.get(CoreConstants.APP_ID) + "/scans/" + string;
                this.m_progress.setStatus(new Message(0, str2 + " " + string));
                this.m_progress.setStatus(new Message(0, str3 + " " + str4));
                return string;
            }
            if (responseBodyAsJSON == null || !responseBodyAsJSON.has(CoreConstants.MESSAGE)) {
                this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_SUBMITTING_SCAN, Integer.valueOf(responseCode))));
            } else {
                String string2 = responseBodyAsJSON.getString(CoreConstants.MESSAGE);
                if (responseBodyAsJSON.has(CoreConstants.FORMAT_PARAMS) && !responseBodyAsJSON.isNull(CoreConstants.FORMAT_PARAMS) && (jSONArray = responseBodyAsJSON.getJSONArray(CoreConstants.FORMAT_PARAMS)) != null) {
                    String[] strArr = new String[jSONArray.size()];
                    for (int i = 0; i < jSONArray.size(); i++) {
                        strArr[i] = (String) jSONArray.get(i);
                    }
                    string2 = MessageFormat.format(string2, strArr);
                }
                this.m_progress.setStatus(new Message(2, string2));
            }
            return null;
        } catch (IOException | JSONException e) {
            this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_SUBMITTING_SCAN, e.getLocalizedMessage())));
            return null;
        }
    }

    @Override // com.hcl.appscan.sdk.scan.IScanServiceProvider
    public String submitFile(File file) throws IOException {
        if (loginExpired()) {
            return null;
        }
        this.m_progress.setStatus(new Message(0, Messages.getMessage(CoreConstants.UPLOADING_FILE, file.getAbsolutePath())));
        String str = this.m_authProvider.getServer() + CoreConstants.API_FILE_UPLOAD;
        if (!file.getName().toLowerCase().endsWith(SASTConstants.IRX_EXTENSION) && !Arrays.asList(DAST_FILES_EXTENSIONS).contains(FileUtil.getFileExtension(file))) {
            str = str + "?fileType=SourceCodeArchive";
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(new HttpPart(CoreConstants.UPLOADED_FILE, file, "multipart/form-data"));
        try {
            JSONObject responseBodyAsJSON = new HttpClient(this.m_authProvider.getProxy(), this.m_authProvider.getacceptInvalidCerts()).postMultipart(str, this.m_authProvider.getAuthorizationHeader(true), arrayList).getResponseBodyAsJSON();
            if (!responseBodyAsJSON.has(CoreConstants.MESSAGE)) {
                return responseBodyAsJSON.getString(CoreConstants.FILE_ID);
            }
            this.m_progress.setStatus(new Message(2, responseBodyAsJSON.getString(CoreConstants.MESSAGE)));
            return null;
        } catch (JSONException e) {
            this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_UPLOADING_FILE, file, e.getLocalizedMessage())));
            return null;
        }
    }

    @Override // com.hcl.appscan.sdk.scan.IScanServiceProvider
    public JSONObject getScanDetails(String str) throws IOException, JSONException {
        if (loginExpired()) {
            return null;
        }
        try {
            HttpResponse httpResponse = new HttpClient(this.m_authProvider.getProxy(), this.m_authProvider.getacceptInvalidCerts()).get((this.m_authProvider.getServer() + CoreConstants.API_BASIC_DETAILS) + "?$filter=Id%20eq%20" + str, this.m_authProvider.getAuthorizationHeader(true), null);
            if (httpResponse.getResponseCode() == 200 || httpResponse.getResponseCode() == 201) {
                JSONArray jSONArray = (JSONArray) httpResponse.getResponseBodyAsJSON().get(CoreConstants.ITEMS);
                if (!jSONArray.isEmpty()) {
                    return jSONArray.getJSONObject(0);
                }
                this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_GETTING_DETAILS_SCAN_ID, str)));
            } else if (httpResponse.getResponseCode() == -1) {
                this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_GETTING_DETAILS_SCAN_ID, str)));
            } else if (httpResponse.getResponseCode() != 400) {
                JSONObject responseBodyAsJSON = httpResponse.getResponseBodyAsJSON();
                if (responseBodyAsJSON != null && responseBodyAsJSON.has(CoreConstants.MESSAGE)) {
                    this.m_progress.setStatus(new Message(2, responseBodyAsJSON.getString(CoreConstants.MESSAGE)));
                }
                if (httpResponse.getResponseCode() == 403 && responseBodyAsJSON != null && responseBodyAsJSON.has(CoreConstants.KEY) && responseBodyAsJSON.get(CoreConstants.KEY).equals(CoreConstants.UNAUTHORIZED_ACTION)) {
                    return responseBodyAsJSON;
                }
            }
            if (httpResponse.getResponseCode() == 400) {
                this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_INVALID_JOB_ID, str)));
            }
            return null;
        } catch (IOException | JSONException e) {
            return new JSONObject().put(CoreConstants.STATUS, CoreConstants.UNKNOWN);
        }
    }

    @Override // com.hcl.appscan.sdk.scan.IScanServiceProvider
    public JSONArray getNonCompliantIssues(String str) throws IOException, JSONException {
        return getNonCompliantIssues("Scan", str);
    }

    @Override // com.hcl.appscan.sdk.scan.IScanServiceProvider
    public JSONArray getNonCompliantIssuesUsingExecutionId(String str) throws IOException, JSONException {
        return getNonCompliantIssues("ScanExecution", str);
    }

    private JSONArray getNonCompliantIssues(String str, String str2) throws IOException, JSONException {
        if (loginExpired()) {
            return null;
        }
        String str3 = (this.m_authProvider.getServer() + String.format(CoreConstants.API_ISSUES_COUNT, str, str2)) + "?applyPolicies=All&%24filter=Status%20eq%20%27Open%27%20or%20Status%20eq%20%27InProgress%27%20or%20Status%20eq%20%27Reopened%27&%24apply=groupby%28%28Status%2CSeverity%29%2Caggregate%28%24count%20as%20N%29%29";
        Map<String, String> authorizationHeader = this.m_authProvider.getAuthorizationHeader(true);
        authorizationHeader.put(CoreConstants.CONTENT_TYPE, "application/json; charset=UTF-8");
        authorizationHeader.put("Accept", "application/json");
        HttpResponse httpResponse = new HttpClient(this.m_authProvider.getProxy(), this.m_authProvider.getacceptInvalidCerts()).get(str3, authorizationHeader, null);
        if (httpResponse.isSuccess()) {
            return httpResponse.getResponseBodyAsJSON().getJSONArray(CoreConstants.ITEMS);
        }
        if (httpResponse.getResponseCode() == 400) {
            this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_GETTING_INFO, str, str2)));
            return null;
        }
        JSONObject responseBodyAsJSON = httpResponse.getResponseBodyAsJSON();
        if (responseBodyAsJSON == null || !responseBodyAsJSON.has(CoreConstants.MESSAGE)) {
            this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_GETTING_DETAILS, Integer.valueOf(httpResponse.getResponseCode()))));
            return null;
        }
        this.m_progress.setStatus(new Message(2, responseBodyAsJSON.getString(CoreConstants.MESSAGE)));
        return null;
    }

    @Override // com.hcl.appscan.sdk.scan.IScanServiceProvider
    public IAuthenticationProvider getAuthenticationProvider() {
        return this.m_authProvider;
    }

    private boolean loginExpired() {
        if (!this.m_authProvider.isTokenExpired()) {
            return false;
        }
        this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_LOGIN_EXPIRED, new Object[0])));
        return true;
    }

    private boolean verifyApplication(String str) {
        if (str != null && !str.trim().equals(Message.INFO_SEVERITY)) {
            CloudApplicationProvider cloudApplicationProvider = new CloudApplicationProvider(this.m_authProvider);
            if (cloudApplicationProvider.getApplications() != null && cloudApplicationProvider.getApplications().keySet().contains(str)) {
                return true;
            }
        }
        this.m_progress.setStatus(new Message(2, Messages.getMessage(CoreConstants.ERROR_INVALID_APP, str)));
        return false;
    }

    @Override // com.hcl.appscan.sdk.scan.IScanServiceProvider
    public void setProgress(IProgress iProgress) {
        this.m_progress = iProgress;
    }
}
