package com.hp.octane.integrations.services.vulnerabilities;

import com.hp.octane.integrations.OctaneSDK;
import com.hp.octane.integrations.dto.DTOFactory;
import com.hp.octane.integrations.dto.connectivity.HttpMethod;
import com.hp.octane.integrations.dto.connectivity.OctaneRequest;
import com.hp.octane.integrations.dto.connectivity.OctaneResponse;
import com.hp.octane.integrations.exceptions.PermanentException;
import com.hp.octane.integrations.exceptions.TemporaryException;
import com.hp.octane.integrations.services.queueing.QueueingService;
import com.hp.octane.integrations.services.rest.OctaneRestClient;
import com.hp.octane.integrations.services.rest.RestService;
import com.hp.octane.integrations.services.vulnerabilities.fod.FODService;
import com.hp.octane.integrations.services.vulnerabilities.fod.dto.FodConnectionFactory;
import com.hp.octane.integrations.services.vulnerabilities.sonar.SonarVulnerabilitiesService;
import com.hp.octane.integrations.services.vulnerabilities.ssc.SSCService;
import com.hp.octane.integrations.utils.CIPluginSDKUtils;
import com.microfocus.application.automation.tools.results.parser.util.TimeUtil;
import com.squareup.tape.ObjectQueue;
import java.io.IOException;
import java.io.InputStream;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.TimeUnit;
import org.apache.http.entity.ContentType;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.core.appender.mom.JmsAppender;
import org.apache.poi.ddf.EscherProperties;

/* loaded from: input_file:WEB-INF/lib/integrations-sdk-2.6.2.2.jar:com/hp/octane/integrations/services/vulnerabilities/VulnerabilitiesServiceImpl.class */
public class VulnerabilitiesServiceImpl implements VulnerabilitiesService {
    private static final String VULNERABILITIES_QUEUE_FILE = "vulnerabilities-queue.dat";
    private final ObjectQueue<VulnerabilitiesQueueItem> vulnerabilitiesQueue;
    protected final RestService restService;
    protected final OctaneSDK.SDKServicesConfigurer configurer;
    protected SSCService sscService;
    protected FODService fodService;
    protected SonarVulnerabilitiesService sonarVulnerabilitiesService;
    private CompletableFuture<Boolean> workerExited;
    private static final Logger logger = LogManager.getLogger((Class<?>) VulnerabilitiesServiceImpl.class);
    private static final DTOFactory dtoFactory = DTOFactory.getInstance();
    private final ExecutorService vulnerabilitiesProcessingExecutor = Executors.newSingleThreadExecutor(new VulnerabilitiesPushWorkerThreadFactory());
    private final Object NO_VULNERABILITIES_RESULTS_MONITOR = new Object();
    private int TEMPORARY_ERROR_BREATHE_INTERVAL = 10000;
    private int LIST_EMPTY_INTERVAL = 10000;
    private int REGULAR_CYCLE_PAUSE = EscherProperties.GEOTEXT__BOLDFONT;
    private int SKIP_QUEUE_ITEM_INTERVAL = JmsAppender.Builder.DEFAULT_RECONNECT_INTERVAL_MILLIS;
    private Long DEFAULT_TIME_OUT_FOR_QUEUE_ITEM = 43200000L;

    /* loaded from: input_file:WEB-INF/lib/integrations-sdk-2.6.2.2.jar:com/hp/octane/integrations/services/vulnerabilities/VulnerabilitiesServiceImpl$VulnerabilitiesPushWorkerThreadFactory.class */
    private static final class VulnerabilitiesPushWorkerThreadFactory implements ThreadFactory {
        private VulnerabilitiesPushWorkerThreadFactory() {
        }

        @Override // java.util.concurrent.ThreadFactory
        public Thread newThread(Runnable runnable) {
            Thread thread = new Thread(runnable);
            thread.setName("VulnerabilitiesPushWorker-" + thread.getId());
            thread.setDaemon(true);
            return thread;
        }
    }

    public VulnerabilitiesServiceImpl(QueueingService queueingService, VulnerabilitiesToolService[] vulnerabilitiesToolServiceArr, OctaneSDK.SDKServicesConfigurer sDKServicesConfigurer, RestService restService) {
        if (queueingService == null) {
            throw new IllegalArgumentException("queue Service MUST NOT be null");
        }
        if (restService == null) {
            throw new IllegalArgumentException("rest service MUST NOT be null");
        }
        if (sDKServicesConfigurer == null) {
            throw new IllegalArgumentException("configurer service MUST NOT be null");
        }
        this.restService = restService;
        this.configurer = sDKServicesConfigurer;
        FodConnectionFactory.setConfigurer(this.configurer);
        for (VulnerabilitiesToolService vulnerabilitiesToolService : vulnerabilitiesToolServiceArr) {
            if (vulnerabilitiesToolService instanceof SonarVulnerabilitiesService) {
                this.sonarVulnerabilitiesService = (SonarVulnerabilitiesService) vulnerabilitiesToolService;
            } else if (vulnerabilitiesToolService instanceof SSCService) {
                this.sscService = (SSCService) vulnerabilitiesToolService;
            } else if (vulnerabilitiesToolService instanceof FODService) {
                this.fodService = (FODService) vulnerabilitiesToolService;
            }
        }
        if (queueingService.isPersistenceEnabled()) {
            this.vulnerabilitiesQueue = queueingService.initFileQueue(VULNERABILITIES_QUEUE_FILE, VulnerabilitiesQueueItem.class);
        } else {
            this.vulnerabilitiesQueue = queueingService.initMemoQueue();
        }
        logger.info(sDKServicesConfigurer.octaneConfiguration.geLocationForLog() + "starting background worker...");
        this.vulnerabilitiesProcessingExecutor.execute(this::worker);
        logger.info(sDKServicesConfigurer.octaneConfiguration.geLocationForLog() + "initialized SUCCESSFULLY (backed by " + this.vulnerabilitiesQueue.getClass().getSimpleName() + ")");
    }

    @Override // com.hp.octane.integrations.services.vulnerabilities.VulnerabilitiesService
    public void enqueueRetrieveAndPushVulnerabilities(String str, String str2, ToolType toolType, long j, long j2, Map<String, String> map) {
        VulnerabilitiesQueueItem vulnerabilitiesQueueItem = new VulnerabilitiesQueueItem(str, str2);
        vulnerabilitiesQueueItem.setStartTime(j);
        vulnerabilitiesQueueItem.setTimeout(j2 <= 0 ? this.DEFAULT_TIME_OUT_FOR_QUEUE_ITEM.longValue() : j2 * 60 * 60 * 1000);
        vulnerabilitiesQueueItem.setToolType(toolType);
        vulnerabilitiesQueueItem.setAdditionalProperties(map);
        this.vulnerabilitiesQueue.add(vulnerabilitiesQueueItem);
        logger.info(this.configurer.octaneConfiguration.geLocationForLog() + vulnerabilitiesQueueItem.getBuildId() + "/" + vulnerabilitiesQueueItem.getJobId() + " was added to vulnerabilities queue");
        synchronized (this.NO_VULNERABILITIES_RESULTS_MONITOR) {
            this.NO_VULNERABILITIES_RESULTS_MONITOR.notify();
        }
    }

    @Override // com.hp.octane.integrations.services.ClosableService
    public void shutdown() {
        this.workerExited = new CompletableFuture<>();
        this.vulnerabilitiesProcessingExecutor.shutdown();
        try {
            this.NO_VULNERABILITIES_RESULTS_MONITOR.notify();
            this.workerExited.get(3000L, TimeUnit.SECONDS);
        } catch (Exception e) {
            logger.warn(this.configurer.octaneConfiguration.geLocationForLog() + "interrupted while waiting for the worker SHUT DOWN");
        }
    }

    private void worker() {
        while (!this.vulnerabilitiesProcessingExecutor.isShutdown()) {
            CIPluginSDKUtils.doWait(this.REGULAR_CYCLE_PAUSE);
            if (this.vulnerabilitiesQueue.size() == 0) {
                CIPluginSDKUtils.doBreakableWait(this.LIST_EMPTY_INTERVAL, this.NO_VULNERABILITIES_RESULTS_MONITOR);
            } else {
                VulnerabilitiesQueueItem vulnerabilitiesQueueItem = null;
                try {
                    vulnerabilitiesQueueItem = this.vulnerabilitiesQueue.peek();
                    if (processPushVulnerabilitiesQueueItem(vulnerabilitiesQueueItem)) {
                        vulnerabilitiesQueueItemCleanUp(vulnerabilitiesQueueItem);
                        this.vulnerabilitiesQueue.remove();
                    } else {
                        reEnqueueItem(vulnerabilitiesQueueItem);
                    }
                } catch (PermanentException e) {
                    logger.error(this.configurer.octaneConfiguration.geLocationForLog() + "permanent error on " + vulnerabilitiesQueueItem + ", passing over", (Throwable) e);
                    vulnerabilitiesQueueItemCleanUp(vulnerabilitiesQueueItem);
                    this.vulnerabilitiesQueue.remove();
                } catch (TemporaryException e2) {
                    logger.error(this.configurer.octaneConfiguration.geLocationForLog() + "temporary error on " + vulnerabilitiesQueueItem + ", breathing " + this.TEMPORARY_ERROR_BREATHE_INTERVAL + "ms and retrying", (Throwable) e2);
                    if (vulnerabilitiesQueueItem != null) {
                        reEnqueueItem(vulnerabilitiesQueueItem);
                    }
                    CIPluginSDKUtils.doWait(this.TEMPORARY_ERROR_BREATHE_INTERVAL);
                } catch (Throwable th) {
                    logger.error(this.configurer.octaneConfiguration.geLocationForLog() + "unexpected error on build log item '" + vulnerabilitiesQueueItem + "', passing over", th);
                    vulnerabilitiesQueueItemCleanUp(vulnerabilitiesQueueItem);
                    this.vulnerabilitiesQueue.remove();
                }
            }
        }
        this.workerExited.complete(true);
    }

    private boolean processPushVulnerabilitiesQueueItem(VulnerabilitiesQueueItem vulnerabilitiesQueueItem) {
        try {
            if (!vulnerabilitiesQueueItem.isRelevant()) {
                Date vulnerabilitiesPreflightRequest = vulnerabilitiesPreflightRequest(vulnerabilitiesQueueItem.getJobId(), vulnerabilitiesQueueItem.getBuildId());
                if (vulnerabilitiesPreflightRequest == null) {
                    return true;
                }
                logger.debug(this.configurer.octaneConfiguration.geLocationForLog() + vulnerabilitiesQueueItem.toString() + " , Relevant:" + vulnerabilitiesPreflightRequest);
                vulnerabilitiesQueueItem.setRelevant(true);
                if (vulnerabilitiesPreflightRequest.compareTo(DateUtils.getDateFromUTCString("2000-01-01", TimeUtil.DATE_FORMAT)) > 0) {
                    vulnerabilitiesQueueItem.setBaselineDate(vulnerabilitiesPreflightRequest);
                }
            }
            InputStream inputStream = null;
            if (vulnerabilitiesQueueItem.getToolType().equals(ToolType.SONAR)) {
                inputStream = this.sonarVulnerabilitiesService.getVulnerabilitiesScanResultStream(vulnerabilitiesQueueItem);
            } else if (vulnerabilitiesQueueItem.getToolType().equals(ToolType.SSC)) {
                logger.debug(this.configurer.octaneConfiguration.geLocationForLog() + "SSC flow as expected");
                inputStream = this.sscService.getVulnerabilitiesScanResultStream(vulnerabilitiesQueueItem);
            } else if (vulnerabilitiesQueueItem.getToolType().equals(ToolType.FOD)) {
                logger.debug(this.configurer.octaneConfiguration.geLocationForLog() + "Handling FOD queueItem");
                inputStream = this.fodService.getVulnerabilitiesScanResultStream(vulnerabilitiesQueueItem);
            }
            if (inputStream == null) {
                return false;
            }
            pushVulnerabilities(inputStream, vulnerabilitiesQueueItem.getJobId(), vulnerabilitiesQueueItem.getBuildId());
            return true;
        } catch (IOException e) {
            throw new PermanentException(e);
        }
    }

    private void pushVulnerabilities(InputStream inputStream, String str, String str2) throws IOException {
        OctaneRestClient obtainOctaneRestClient = this.restService.obtainOctaneRestClient();
        HashMap hashMap = new HashMap();
        hashMap.put(RestService.CONTENT_TYPE_HEADER, ContentType.APPLICATION_JSON.getMimeType());
        OctaneResponse execute = obtainOctaneRestClient.execute(((OctaneRequest) dtoFactory.newDTO(OctaneRequest.class)).setMethod(HttpMethod.POST).setUrl(getVulnerabilitiesContextPath(this.configurer.octaneConfiguration.getUrl(), this.configurer.octaneConfiguration.getSharedSpace()) + "?instance-id=" + this.configurer.octaneConfiguration.getInstanceId() + "&job-ci-id=" + CIPluginSDKUtils.urlEncodePathParam(str) + "&build-ci-id=" + CIPluginSDKUtils.urlEncodePathParam(str2)).setHeaders(hashMap).setBody(inputStream));
        logger.info(this.configurer.octaneConfiguration.geLocationForLog() + "vulnerabilities pushed; status: " + execute.getStatus() + ", response: " + execute.getBody());
        if (execute.getStatus() == 202) {
            logger.info(this.configurer.octaneConfiguration.geLocationForLog() + "vulnerabilities push SUCCEED for " + str + " #" + str2);
        } else {
            if (execute.getStatus() != 503) {
                throw new PermanentException("vulnerabilities push FAILED, status " + execute.getStatus() + "; dropping this item from the queue \n" + execute.getBody());
            }
            throw new TemporaryException("vulnerabilities push FAILED, service unavailable");
        }
    }

    private Date vulnerabilitiesPreflightRequest(String str, String str2) throws IOException {
        OctaneResponse baselineDateFromOctane = getBaselineDateFromOctane(str, str2);
        if (baselineDateFromOctane.getStatus() != 200) {
            if (baselineDateFromOctane.getStatus() == 503 || baselineDateFromOctane.getStatus() == 502) {
                throw new TemporaryException("vulnerabilities preflight request FAILED, service unavailable");
            }
            throw new PermanentException("vulnerabilities preflight request FAILED with " + baselineDateFromOctane.getStatus() + "");
        }
        if (baselineDateFromOctane.getBody() == null || "".equals(baselineDateFromOctane.getBody())) {
            logger.info(this.configurer.octaneConfiguration.geLocationForLog() + "vulnerabilities data of " + str + " #" + str2 + " is not relevant to Octane");
            return null;
        }
        logger.info(this.configurer.octaneConfiguration.geLocationForLog() + "vulnerabilities data of " + str + " #" + str2 + " found to be relevant to Octane");
        return ("true".equals(baselineDateFromOctane.getBody()) || 0 != 0) ? DateUtils.getDateFromUTCString("2000-01-01", TimeUtil.DATE_FORMAT) : DateUtils.getDateFromUTCString(baselineDateFromOctane.getBody(), DateUtils.octaneFormat);
    }

    private void reEnqueueItem(VulnerabilitiesQueueItem vulnerabilitiesQueueItem) {
        Long valueOf = Long.valueOf(System.currentTimeMillis() - vulnerabilitiesQueueItem.getStartTime());
        this.vulnerabilitiesQueue.remove();
        if (valueOf.longValue() < vulnerabilitiesQueueItem.getTimeout()) {
            this.vulnerabilitiesQueue.add(vulnerabilitiesQueueItem);
        } else {
            logger.info(this.configurer.octaneConfiguration.geLocationForLog() + vulnerabilitiesQueueItem.getBuildId() + "/" + vulnerabilitiesQueueItem.getJobId() + " was removed from queue after timeout in queue is over");
        }
        CIPluginSDKUtils.doWait(this.SKIP_QUEUE_ITEM_INTERVAL);
    }

    private OctaneResponse getBaselineDateFromOctane(String str, String str2) throws IOException {
        return this.restService.obtainOctaneRestClient().execute(((OctaneRequest) dtoFactory.newDTO(OctaneRequest.class)).setMethod(HttpMethod.GET).setUrl(getVulnerabilitiesPreFlightContextPath(this.configurer.octaneConfiguration.getUrl(), this.configurer.octaneConfiguration.getSharedSpace()) + "?instance-id=" + this.configurer.octaneConfiguration.getInstanceId() + "&job-ci-id=" + CIPluginSDKUtils.urlEncodePathParam(str) + "&build-ci-id=" + CIPluginSDKUtils.urlEncodePathParam(str2)));
    }

    private boolean vulnerabilitiesQueueItemCleanUp(VulnerabilitiesQueueItem vulnerabilitiesQueueItem) {
        if (vulnerabilitiesQueueItem.getToolType().equals(ToolType.SSC)) {
            return this.sscService.vulnerabilitiesQueueItemCleanUp(vulnerabilitiesQueueItem);
        }
        return true;
    }

    private String getVulnerabilitiesContextPath(String str, String str2) {
        return str + RestService.SHARED_SPACE_API_PATH_PART + str2 + RestService.VULNERABILITIES;
    }

    private String getVulnerabilitiesPreFlightContextPath(String str, String str2) {
        return str + RestService.SHARED_SPACE_API_PATH_PART + str2 + RestService.VULNERABILITIES_PRE_FLIGHT;
    }
}
