package com.qualys.plugins.QualysAPISecurityPlugin;

import com.google.gson.Gson;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.qualys.plugins.QualysAPISecurityPlugin.QualysAuth.QualysAuth;
import com.qualys.plugins.QualysAPISecurityPlugin.QualysClient.QualysAPISecClient;
import com.qualys.plugins.QualysAPISecurityPlugin.QualysClient.QualysAPISecResponse;
import com.qualys.plugins.QualysAPISecurityPlugin.QualysClient.QualysAPISecTestConnectionResponse;
import com.qualys.plugins.QualysAPISecurityPlugin.QualysCriteria.QualysCriteria;
import com.qualys.plugins.QualysAPISecurityPlugin.util.Helper;
import hudson.model.TaskListener;
import java.io.File;
import java.util.ArrayList;
import java.util.concurrent.TimeUnit;
import java.util.logging.Logger;
import jenkins.security.MasterToSlaveCallable;

/* loaded from: input_file:com/qualys/plugins/QualysAPISecurityPlugin/APISecLauncher.class */
public class APISecLauncher extends MasterToSlaveCallable<String, Exception> {
    private static final long serialVersionUID = 1;
    private TaskListener listener;
    private String apiId;
    private String portalUrl;
    private QualysAuth auth;
    private String swaggerPath;
    private String workspace;
    private String criteria;
    private boolean failConditionsConfigured;
    private boolean renderReport = true;
    private static final Logger logger = Helper.getLogger(APISecLauncher.class.getName());

    public APISecLauncher(TaskListener taskListener, String str, QualysAuth qualysAuth, String str2, String str3, String str4, boolean z, String str5) {
        this.listener = taskListener;
        this.apiId = str;
        this.auth = qualysAuth;
        this.portalUrl = str2;
        this.swaggerPath = str3;
        this.workspace = str4;
        this.criteria = str5;
        this.failConditionsConfigured = z;
    }

    /* renamed from: call, reason: merged with bridge method [inline-methods] */
    public String m1call() throws Exception {
        QualysAPISecResponse launchScan = launchScan();
        String str = "";
        boolean z = false;
        if (launchScan.errored || (launchScan.responseCode < 200 && launchScan.responseCode > 299)) {
            throw new Exception("Error launching scan. Message: " + (launchScan.errorMessage != null ? launchScan.errorMessage : "Response code from server - " + launchScan.responseCode));
        }
        JsonObject jsonObject = launchScan.response;
        this.listener.getLogger().println("Successfully launched Qualys API Security Assessment.");
        JsonElement jsonElement = jsonObject.get("swaggerState");
        if (jsonElement != null && !jsonElement.getAsString().equalsIgnoreCase("valid")) {
            this.listener.getLogger().println("Swagger state of this file is - " + jsonElement.getAsString());
        }
        JsonObject evaluateFailurePolicy = evaluateFailurePolicy(jsonObject);
        boolean asBoolean = evaluateFailurePolicy.get("passed").getAsBoolean();
        if (this.failConditionsConfigured) {
            if (asBoolean) {
                this.listener.getLogger().println("Qualys API Security Assessment - Build passes the configured pass/fail criteria.");
            } else {
                this.listener.getLogger().println("Qualys API Security Assessment - Failing the build against the configured pass/fail criteria.");
            }
        }
        jsonObject.add("buildEvaluationResult", evaluateFailurePolicy);
        if (evaluateFailurePolicy != null && evaluateFailurePolicy.has("passed") && this.failConditionsConfigured && !asBoolean) {
            z = true;
            str = str + evaluateFailurePolicy.get("failureMessage").getAsString();
        }
        if (z) {
            jsonObject.addProperty("failureMessage", str);
        }
        jsonObject.addProperty("renderReport", Boolean.valueOf(this.renderReport));
        return new Gson().toJson(jsonObject);
    }

    public JsonObject evaluateFailurePolicy(JsonObject jsonObject) throws Exception {
        Gson gson = new Gson();
        QualysCriteria qualysCriteria = new QualysCriteria(this.criteria);
        Boolean evaluate = qualysCriteria.evaluate(jsonObject);
        JsonObject jsonObject2 = new JsonObject();
        jsonObject2.add("passed", gson.toJsonTree(evaluate));
        jsonObject2.add("result", qualysCriteria.returnObject);
        if (!evaluate.booleanValue()) {
            jsonObject2.addProperty("failureMessage", getBuildFailureMessages(qualysCriteria.getBuildFailedReasons()));
        }
        return jsonObject2;
    }

    private String getBuildFailureMessages(ArrayList<String> arrayList) throws Exception {
        return String.join("\n", arrayList);
    }

    public QualysAPISecResponse launchScan() throws Exception {
        QualysAPISecClient qualysAPISecClient = new QualysAPISecClient(this.auth, this.listener.getLogger());
        try {
            this.listener.getLogger().println("Checking token for APISEC module");
            logger.info("Checking token for APISEC module");
            int i = 0;
            boolean z = true;
            while (z && i <= 3) {
                QualysAPISecTestConnectionResponse testConnection = qualysAPISecClient.testConnection();
                logger.info("Received response : " + testConnection);
                i++;
                if (testConnection.success && testConnection.responseCode == 201) {
                    break;
                }
                if (testConnection.responseCode < 500 || testConnection.responseCode > 599 || i >= 3) {
                    throw new Exception(testConnection.message);
                }
                z = true;
                long millis = TimeUnit.SECONDS.toMillis(5L);
                this.listener.getLogger().println("Something went wrong with server; Could be a temporary glitch. Retrying in 5 secs...");
                Thread.sleep(millis);
            }
            this.listener.getLogger().println("Launching Static Assessment on API with swagger file: " + this.swaggerPath);
            File file = new File(this.workspace + File.separator + this.swaggerPath);
            qualysAPISecClient.setTimeout(300);
            QualysAPISecResponse assessAPI = qualysAPISecClient.assessAPI(file, this.apiId);
            if (assessAPI.errored || assessAPI.responseCode != 200) {
                if (assessAPI.response != null && assessAPI.response.has("message")) {
                    throw new Exception("Static Assesment API failed; Response code from server: " + assessAPI.responseCode + ". Error message: " + assessAPI.response.get("message"));
                }
                if (!assessAPI.errorMessage.isEmpty()) {
                    throw new Exception("Static Assesment API failed; Error message: " + assessAPI.errorMessage);
                }
            }
            return assessAPI;
        } catch (Exception e) {
            logger.info("Test connection with Qualys API server failed. Reason : " + e.getMessage());
            throw new Exception("Test connection with Qualys API server failed. Reason : " + e.getMessage());
        }
    }
}
