package org.jenkinsci.plugins.fodupload;

import com.cloudbees.plugins.credentials.CredentialsMatcher;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.fortify.fod.parser.BsiTokenParser;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractBuild;
import hudson.model.BuildListener;
import hudson.model.Result;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.security.ACL;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.util.List;
import jenkins.model.GlobalConfiguration;
import jenkins.model.Jenkins;
import org.jenkinsci.plugins.fodupload.controllers.StaticScanController;
import org.jenkinsci.plugins.fodupload.models.AuthenticationModel;
import org.jenkinsci.plugins.fodupload.models.FodEnums;
import org.jenkinsci.plugins.fodupload.models.JobModel;
import org.jenkinsci.plugins.fodupload.models.response.StaticScanSetupResponse;
import org.jenkinsci.plugins.plaincredentials.StringCredentials;
import org.kohsuke.stapler.verb.POST;

/* loaded from: input_file:WEB-INF/lib/fortify-on-demand-uploader.jar:org/jenkinsci/plugins/fodupload/SharedUploadBuildStep.class */
public class SharedUploadBuildStep {
    public static final ThreadLocal<TaskListener> taskListener = new ThreadLocal<>();
    public static final String CLIENT_ID = "clientId";
    public static final String CLIENT_SECRET = "clientSecret";
    public static final String USERNAME = "username";
    public static final String PERSONAL_ACCESS_TOKEN = "personalAccessToken";
    public static final String TENANT_ID = "tenantId";
    private JobModel model;
    private AuthenticationModel authModel;

    public SharedUploadBuildStep(String str, String str2, boolean z, String str3, String str4, String str5, boolean z2, String str6, String str7, String str8, String str9) {
        this.model = new JobModel(str, str2, z2, str6, str7, str8, str9);
        this.authModel = new AuthenticationModel(z, str3, str4, str5);
    }

    public static FormValidation doCheckReleaseId(String str, String str2) {
        if (str == null || str.isEmpty()) {
            return (str2 == null || str2.isEmpty()) ? FormValidation.error("Please specify Release ID or BSI Token.") : FormValidation.ok();
        }
        try {
            Integer.valueOf(Integer.parseInt(str));
            return FormValidation.ok();
        } catch (NumberFormatException e) {
            return FormValidation.error("Could not parse Release ID.");
        }
    }

    public static FormValidation doCheckBsiToken(String str, String str2) {
        if (str == null || str.isEmpty()) {
            return (str2 == null || str2.isEmpty()) ? FormValidation.error("Please specify Release ID or BSI Token.") : FormValidation.ok();
        }
        try {
            return new BsiTokenParser().parse(str) != null ? FormValidation.ok() : FormValidation.error("Please specify Release ID or BSI Token.");
        } catch (Exception e) {
            return FormValidation.error("Could not parse BSI token.");
        }
    }

    @POST
    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    public static FormValidation doTestPersonalAccessTokenConnection(String str, String str2, String str3) {
        Jenkins.get().checkPermission(Jenkins.ADMINISTER);
        String baseUrl = ((FodGlobalDescriptor) GlobalConfiguration.all().get(FodGlobalDescriptor.class)).getBaseUrl();
        String apiUrl = ((FodGlobalDescriptor) GlobalConfiguration.all().get(FodGlobalDescriptor.class)).getApiUrl();
        String retrieveSecretDecryptedValue = Utils.retrieveSecretDecryptedValue(str2);
        if (Utils.isNullOrEmpty(baseUrl)) {
            return FormValidation.error("Fortify on Demand URL is empty!");
        }
        if (Utils.isNullOrEmpty(apiUrl)) {
            return FormValidation.error("Fortify on Demand API URL is empty!");
        }
        if (Utils.isNullOrEmpty(str)) {
            return FormValidation.error("Username is empty!");
        }
        if (!Utils.isCredential(str2)) {
            return FormValidation.error("Personal Access Token is empty!");
        }
        if (Utils.isNullOrEmpty(str3)) {
            return FormValidation.error("Tenant ID is null.");
        }
        return ((FodGlobalDescriptor) GlobalConfiguration.all().get(FodGlobalDescriptor.class)).testConnection(new FodApiConnection(str3 + "\\" + str, retrieveSecretDecryptedValue, baseUrl, apiUrl, FodEnums.GrantType.PASSWORD, "api-tenant"));
    }

    public static ListBoxModel doFillEntitlementPreferenceItems() {
        ListBoxModel listBoxModel = new ListBoxModel();
        for (FodEnums.EntitlementPreferenceType entitlementPreferenceType : FodEnums.EntitlementPreferenceType.values()) {
            listBoxModel.add(new ListBoxModel.Option(entitlementPreferenceType.toString(), entitlementPreferenceType.getValue()));
        }
        return listBoxModel;
    }

    public static ListBoxModel doFillRemediationScanPreferenceTypeItems() {
        ListBoxModel listBoxModel = new ListBoxModel();
        for (FodEnums.RemediationScanPreferenceType remediationScanPreferenceType : FodEnums.RemediationScanPreferenceType.values()) {
            listBoxModel.add(new ListBoxModel.Option(remediationScanPreferenceType.toString(), remediationScanPreferenceType.getValue()));
        }
        return listBoxModel;
    }

    public static ListBoxModel doFillStringCredentialsItems() {
        return CredentialsProvider.listCredentials(StringCredentials.class, Jenkins.get(), ACL.SYSTEM, (List) null, (CredentialsMatcher) null);
    }

    public static ListBoxModel doFillInProgressScanActionTypeItems() {
        ListBoxModel listBoxModel = new ListBoxModel();
        for (FodEnums.InProgressScanActionType inProgressScanActionType : FodEnums.InProgressScanActionType.values()) {
            listBoxModel.add(new ListBoxModel.Option(inProgressScanActionType.toString(), inProgressScanActionType.getValue()));
        }
        return listBoxModel;
    }

    public boolean prebuild(AbstractBuild<?, ?> abstractBuild, BuildListener buildListener) {
        PrintStream logger = buildListener.getLogger();
        if (this.model == null) {
            logger.println("Unexpected Error");
            abstractBuild.setResult(Result.FAILURE);
            return false;
        }
        if ((this.model.getReleaseId() == null || this.model.getReleaseId().isEmpty()) && !this.model.loadBsiToken()) {
            logger.println("Invalid release ID or BSI Token");
            abstractBuild.setResult(Result.FAILURE);
            return false;
        }
        if (this.model.validate(logger)) {
            return true;
        }
        abstractBuild.setResult(Result.FAILURE);
        return false;
    }

    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    public void perform(Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener2) {
        String technologyStack;
        PrintStream logger = taskListener2.getLogger();
        FodApiConnection fodApiConnection = null;
        try {
            try {
                try {
                    taskListener.set(taskListener2);
                    if (this.authModel != null) {
                        if (this.authModel.getOverrideGlobalConfig()) {
                            if (!Utils.isCredential(this.authModel.getPersonalAccessToken())) {
                                run.setResult(Result.UNSTABLE);
                                logger.println("Credentials must be re-entered for security purposes. Please update on the global configuration and/or post-build actions and then save your updates.");
                                if (0 != 0) {
                                    try {
                                        fodApiConnection.retireToken();
                                        return;
                                    } catch (IOException e) {
                                        logger.println(String.format("Failed to retire oauth token. Response code is %s", e));
                                        return;
                                    }
                                }
                                return;
                            }
                        } else if (((FodGlobalDescriptor) GlobalConfiguration.all().get(FodGlobalDescriptor.class)).getAuthTypeIsApiKey()) {
                            if (!Utils.isCredential(((FodGlobalDescriptor) GlobalConfiguration.all().get(FodGlobalDescriptor.class)).getOriginalClientSecret())) {
                                run.setResult(Result.UNSTABLE);
                                logger.println("Credentials must be re-entered for security purposes. Please update on the global configuration and/or post-build actions and then save your updates.");
                                if (0 != 0) {
                                    try {
                                        fodApiConnection.retireToken();
                                        return;
                                    } catch (IOException e2) {
                                        logger.println(String.format("Failed to retire oauth token. Response code is %s", e2));
                                        return;
                                    }
                                }
                                return;
                            }
                        } else if (!Utils.isCredential(((FodGlobalDescriptor) GlobalConfiguration.all().get(FodGlobalDescriptor.class)).getOriginalPersonalAccessToken())) {
                            run.setResult(Result.UNSTABLE);
                            logger.println("Credentials must be re-entered for security purposes. Please update on the global configuration and/or post-build actions and then save your updates.");
                            if (0 != 0) {
                                try {
                                    fodApiConnection.retireToken();
                                    return;
                                } catch (IOException e3) {
                                    logger.println(String.format("Failed to retire oauth token. Response code is %s", e3));
                                    return;
                                }
                            }
                            return;
                        }
                    }
                    Result result = run.getResult();
                    if (Result.FAILURE.equals(result) || Result.ABORTED.equals(result) || Result.UNSTABLE.equals(result)) {
                        logger.println("Error: Build Failed or Unstable.  Halting with Fortify on Demand upload.");
                        if (0 != 0) {
                            try {
                                fodApiConnection.retireToken();
                                return;
                            } catch (IOException e4) {
                                logger.println(String.format("Failed to retire oauth token. Response code is %s", e4));
                                return;
                            }
                        }
                        return;
                    }
                    logger.println("Starting FoD Upload.");
                    Integer num = 0;
                    try {
                        num = Integer.valueOf(Integer.parseInt(this.model.getReleaseId()));
                    } catch (NumberFormatException e5) {
                    }
                    if (num.intValue() == 0 && !this.model.loadBsiToken()) {
                        run.setResult(Result.FAILURE);
                        logger.println("Invalid release ID or BSI Token");
                        if (0 != 0) {
                            try {
                                fodApiConnection.retireToken();
                                return;
                            } catch (IOException e6) {
                                logger.println(String.format("Failed to retire oauth token. Response code is %s", e6));
                                return;
                            }
                        }
                        return;
                    }
                    if (num.intValue() > 0 && this.model.loadBsiToken()) {
                        logger.println("Warning: The BSI Token will be ignored since Release ID was entered.");
                    }
                    StaticScanSetupResponse staticScanSetupResponse = null;
                    FodApiConnection createApiConnection = ApiConnectionFactory.createApiConnection(getAuthModel());
                    if (createApiConnection != null) {
                        createApiConnection.authenticate();
                        StaticScanController staticScanController = new StaticScanController(createApiConnection, logger);
                        if (num.intValue() == 0) {
                            this.model.loadBsiToken();
                            technologyStack = this.model.getBsiToken().getTechnologyStack();
                        } else {
                            staticScanSetupResponse = staticScanController.getStaticScanSettings(num);
                            if (staticScanSetupResponse == null) {
                                logger.println("No scan settings defined for release " + num.toString());
                                run.setResult(Result.FAILURE);
                                if (createApiConnection != null) {
                                    try {
                                        createApiConnection.retireToken();
                                        return;
                                    } catch (IOException e7) {
                                        logger.println(String.format("Failed to retire oauth token. Response code is %s", e7));
                                        return;
                                    }
                                }
                                return;
                            }
                            technologyStack = staticScanSetupResponse.getTechnologyStack();
                        }
                        File createZipFile = Utils.createZipFile(technologyStack, new FilePath(filePath, this.model.getSrcLocation()), logger);
                        if (createZipFile.length() == 0) {
                            if (!createZipFile.delete()) {
                                logger.println("Unable to delete empty payload.");
                            }
                            logger.println("Source is empty for given Technology Stack and Language Level.");
                            run.setResult(Result.FAILURE);
                            if (createApiConnection != null) {
                                try {
                                    createApiConnection.retireToken();
                                    return;
                                } catch (IOException e8) {
                                    logger.println(String.format("Failed to retire oauth token. Response code is %s", e8));
                                    return;
                                }
                            }
                            return;
                        }
                        this.model.setPayload(createZipFile);
                        boolean startStaticScan = staticScanController.startStaticScan(num, staticScanSetupResponse, this.model, String.format("[%d] %s - Assessment submitted from Jenkins FoD Plugin", Integer.valueOf(run.getNumber()), run.getDisplayName()));
                        boolean delete = createZipFile.delete();
                        if (startStaticScan && delete) {
                            logger.println("Scan Uploaded Successfully.");
                        }
                        run.setResult((startStaticScan && delete) ? Result.SUCCESS : Result.UNSTABLE);
                    } else {
                        logger.println("Failed to authenticate");
                        run.setResult(Result.FAILURE);
                    }
                    if (createApiConnection != null) {
                        try {
                            createApiConnection.retireToken();
                        } catch (IOException e9) {
                            logger.println(String.format("Failed to retire oauth token. Response code is %s", e9));
                        }
                    }
                } catch (Throwable th) {
                    if (0 != 0) {
                        try {
                            fodApiConnection.retireToken();
                        } catch (IOException e10) {
                            logger.println(String.format("Failed to retire oauth token. Response code is %s", e10));
                        }
                    }
                    throw th;
                }
            } catch (IOException e11) {
                logger.println(e11.getMessage());
                run.setResult(Result.FAILURE);
                if (0 != 0) {
                    try {
                        fodApiConnection.retireToken();
                    } catch (IOException e12) {
                        logger.println(String.format("Failed to retire oauth token. Response code is %s", e12));
                    }
                }
            }
        } catch (IllegalArgumentException e13) {
            logger.println(e13.getMessage());
            run.setResult(Result.FAILURE);
            if (0 != 0) {
                try {
                    fodApiConnection.retireToken();
                } catch (IOException e14) {
                    logger.println(String.format("Failed to retire oauth token. Response code is %s", e14));
                }
            }
        }
    }

    public AuthenticationModel getAuthModel() {
        return new AuthenticationModel(this.authModel.getOverrideGlobalConfig(), this.authModel.getUsername(), this.authModel.getPersonalAccessToken(), this.authModel.getTenantId());
    }

    public JobModel setModel(JobModel jobModel) {
        this.model = jobModel;
        return jobModel;
    }

    public AuthenticationModel setAuthModel(AuthenticationModel authenticationModel) {
        this.authModel = authenticationModel;
        return authenticationModel;
    }

    public JobModel getModel() {
        return this.model;
    }
}
