package com.qualys.plugins.containerSecurity.util;

import com.qualys.plugins.containerSecurity.httpClient.LocalDirectorySSLConfig;
import hudson.AbortException;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.net.URI;
import java.util.Iterator;
import java.util.Map;
import java.util.logging.Logger;
import javax.net.ssl.SSLContext;
import org.apache.commons.lang.StringUtils;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.config.Lookup;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.util.EntityUtils;
import qshaded.com.google.gson.Gson;
import qshaded.com.google.gson.JsonElement;
import qshaded.com.google.gson.JsonObject;
import qshaded.com.google.gson.JsonParser;

/* loaded from: input_file:com/qualys/plugins/containerSecurity/util/DockerClientHelper.class */
public class DockerClientHelper {
    private static final Logger logger = Logger.getLogger(Helper.class.getName());
    private PrintStream buildLogger;
    private CloseableHttpClient httpClient = null;
    private String dockerURL;
    private String dockerCert;

    public DockerClientHelper() {
    }

    public DockerClientHelper(PrintStream printStream, String str, String str2) {
        this.buildLogger = printStream;
        this.dockerURL = str;
        this.dockerCert = str2;
    }

    private static String get(String str) {
        return "GET " + str + " HTTP/1.1\r\nHost: qualys\r\nUser-Agent: java-unix-socket-client/1.0\r\nAccept: application/json\r\n\r\n";
    }

    private static String post(String str) {
        return "POST " + str + " HTTP/1.1\r\nHost: qualys\r\nUser-Agent: java-unix-socket-client/1.0\r\nAccept: application/json\r\n\r\n";
    }

    /* JADX WARN: Code restructure failed: missing block: B:38:0x01da, code lost:
    
        r10 = r0;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public qshaded.com.google.gson.JsonObject executeSocketRequest(java.lang.String r7, java.lang.String r8) throws hudson.AbortException, java.io.IOException {
        /*
            Method dump skipped, instructions count: 730
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.qualys.plugins.containerSecurity.util.DockerClientHelper.executeSocketRequest(java.lang.String, java.lang.String):qshaded.com.google.gson.JsonObject");
    }

    public JsonObject executeHttpRequest(String str, String str2) throws AbortException {
        JsonObject jsonObject = new JsonObject();
        Lookup lookup = null;
        HttpUriRequest httpUriRequest = null;
        if (StringUtils.isEmpty(this.dockerCert)) {
            this.httpClient = HttpClients.custom().build();
        } else {
            str2 = str2.replace("http://", "https://");
            RegistryBuilder create = RegistryBuilder.create();
            LocalDirectorySSLConfig localDirectorySSLConfig = new LocalDirectorySSLConfig(checkDockerCertPath(this.dockerCert));
            if (localDirectorySSLConfig != null) {
                try {
                    SSLContext sSLContext = localDirectorySSLConfig.getSSLContext();
                    if (sSLContext == null) {
                        throw new AbortException("Unable to find SSL Context");
                    }
                    lookup = create.register("https", new SSLConnectionSocketFactory(sSLContext)).build();
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            }
            this.httpClient = HttpClients.custom().setConnectionManager(new BasicHttpClientConnectionManager(lookup)).build();
        }
        try {
            BasicHttpContext basicHttpContext = new BasicHttpContext();
            if (str.toLowerCase().equals("get")) {
                httpUriRequest = new HttpGet(URI.create(str2));
            }
            if (str.toLowerCase().equals("post")) {
                httpUriRequest = new HttpPost(URI.create(str2));
            }
            CloseableHttpResponse execute = this.httpClient.execute(httpUriRequest, basicHttpContext);
            String entityUtils = EntityUtils.toString(execute.getEntity());
            jsonObject.addProperty("responseCode", Integer.valueOf(execute.getStatusLine().getStatusCode()));
            if (entityUtils != null) {
                JsonElement parseString = JsonParser.parseString(entityUtils);
                if (parseString.isJsonObject()) {
                    jsonObject.add("data", parseString.getAsJsonObject());
                } else if (parseString.isJsonArray()) {
                    jsonObject.add("data", parseString.getAsJsonArray());
                }
            } else {
                jsonObject.addProperty("data", "");
            }
            return jsonObject;
        } catch (Exception e2) {
            if (e2.getMessage() == null) {
                logger.info("Unable to execute http request, Please check Qualys credentials or docker configuration");
                throw new AbortException("Unable to execute http request, Please check Qualys credentials or docker configuration");
            }
            logger.info("Unable to execute http request, Msg: " + e2.getMessage());
            throw new AbortException("Unable to execute http request, Msg: " + e2.getMessage());
        }
    }

    public boolean tagImage(String str, String str2) throws AbortException, IOException {
        String str3 = "/images/" + str + "/tag?repo=qualys_scan_target&tag=" + str2;
        try {
            JsonObject executeSocketRequest = isUnixHostScheme() ? executeSocketRequest("POST", str3) : executeHttpRequest("POST", this.dockerURL.replace("tcp://", "http://") + str3);
            if (!executeSocketRequest.has("responseCode") || !executeSocketRequest.get("responseCode").getAsString().equals("201")) {
                throw new AbortException("API response code is not 201, Response Code: " + executeSocketRequest.get("responseCode").getAsString());
            }
            this.buildLogger.println("Tagged image(" + str + ") successfully");
            return true;
        } catch (Exception e) {
            for (StackTraceElement stackTraceElement : e.getStackTrace()) {
                logger.info("\tat " + stackTraceElement);
            }
            this.buildLogger.println("Failed to tag the image " + str + " with qualys_scan_target.. Reason : " + e.getMessage());
            throw new AbortException("Failed to tag the image " + str + " with qualys_scan_target.. Reason : " + e.getMessage());
        }
    }

    public String fetchImageSha(String str, String str2) throws AbortException {
        JsonObject executeHttpRequest;
        try {
            String str3 = "/images/" + str + "/json";
            if (isUnixHostScheme()) {
                executeHttpRequest = executeSocketRequest("GET", str3);
            } else {
                executeHttpRequest = executeHttpRequest("GET", this.dockerURL.replace("tcp://", "http://") + str3);
            }
            if (!executeHttpRequest.has("responseCode") || !executeHttpRequest.get("responseCode").getAsString().equals("200")) {
                throw new AbortException(executeHttpRequest.get("data").getAsString());
            }
            String str4 = JsonParser.parseString(executeHttpRequest.get("data").toString()).getAsJsonObject().get("Id").getAsString().split(":")[1];
            this.buildLogger.println("### Image sha for " + str + " is = " + str4);
            return str4;
        } catch (Exception e) {
            String str5 = "Failed to extract image sha associated with " + str + " ; Reason : " + e.getMessage();
            logger.info(str5);
            throw new AbortException(str5);
        }
    }

    public boolean isCICDSensorUp() throws IOException, AbortException {
        JsonObject executeHttpRequest;
        if (isUnixHostScheme()) {
            executeHttpRequest = executeSocketRequest("GET", "/containers/json");
        } else {
            executeHttpRequest = executeHttpRequest("GET", this.dockerURL.replace("tcp://", "http://") + "/containers/json");
        }
        if (!executeHttpRequest.get("responseCode").getAsString().equals("200")) {
            return false;
        }
        Iterator it = JsonParser.parseString(executeHttpRequest.get("data").toString()).getAsJsonArray().iterator();
        while (it.hasNext()) {
            JsonObject asJsonObject = ((JsonElement) it.next()).getAsJsonObject();
            Map map = (Map) new Gson().fromJson(asJsonObject.get("Labels").toString(), Map.class);
            if (map.containsKey("VersionInfo") && ((String) map.get("VersionInfo")).contains("Qualys Sensor") && asJsonObject.has("Id") && asJsonObject.get("Id").getAsString() != null && !asJsonObject.get("Id").getAsString().isEmpty()) {
                String containerState = getContainerState(asJsonObject.get("Id").getAsString());
                if (containerState != null && !containerState.isEmpty() && containerState.equals("paused")) {
                    this.buildLogger.println("Sensor Container State - paused ");
                    throw new AbortException("Qualys CS sensor container is in paused state. Sensor won't be able to scan the image. Please check the sensor container.");
                }
                if (asJsonObject.has("Command") && asJsonObject.get("Command").getAsString() != null && !asJsonObject.get("Command").getAsString().isEmpty() && asJsonObject.get("Command").getAsString().contains("cicd-deployed-sensor")) {
                    return true;
                }
            }
        }
        throw new AbortException("Qualys CS sensor container is not running... Please check if sensor is configured correctly.");
    }

    private String getContainerState(String str) throws IOException, AbortException {
        String str2 = null;
        JsonObject executeSocketRequest = isUnixHostScheme() ? executeSocketRequest("GET", "/containers/" + str + "/json") : executeHttpRequest("GET", this.dockerURL.replace("tcp://", "http://") + "/containers/" + str + "/json");
        if (executeSocketRequest.get("responseCode").getAsString().equals("200")) {
            JsonObject asJsonObject = JsonParser.parseString(executeSocketRequest.get("data").toString()).getAsJsonObject().get("State").getAsJsonObject();
            str2 = asJsonObject.has("Status") ? asJsonObject.get("Status").getAsString() : "";
        }
        return str2;
    }

    private boolean isUnixHostScheme() {
        return this.dockerURL.startsWith("unix://");
    }

    private String checkDockerCertPath(String str) throws AbortException {
        File file = new File(str);
        if (!file.exists()) {
            this.buildLogger.println("Docker Cert File Path does not exist");
            throw new AbortException("Docker Cert File Path " + str + "' doesn't exist.");
        }
        if (file.isDirectory()) {
            return str;
        }
        throw new AbortException("Docker Cert File Path " + str + "' doesn't point to a directory.");
    }
}
