package org.jenkinsci.plugins.aquadockerscannerbuildstep;

import hudson.Launcher;
import hudson.model.TaskListener;
import hudson.util.ArgumentListBuilder;
import hudson.util.Secret;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.charset.StandardCharsets;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:org/jenkinsci/plugins/aquadockerscannerbuildstep/AquaScannerRegistryLogin.class */
public class AquaScannerRegistryLogin {
    private Launcher launcher;
    private TaskListener listener;
    private int retryAttempts;
    private static final Pattern SHARegexp = Pattern.compile("^(?:([^/]+)/)([^@]+)(@sha256:[0-9a-f]+)$");
    private static final Pattern SplitImageNameRegexp = Pattern.compile("^(?:([^/]+)/)?([^:]+)(?::(.*))?$");
    private static final Pattern PortRegexp = Pattern.compile(":\\d+$");

    public AquaScannerRegistryLogin(Launcher launcher, TaskListener taskListener) {
        this.launcher = launcher;
        this.listener = taskListener;
    }

    public boolean checkAndPerformRegistryLogin(String str, String str2, String str3, Secret secret) {
        String resolveContainerRuntime = resolveContainerRuntime(str);
        if (imageExists(resolveContainerRuntime, str2) || str3.isEmpty()) {
            return true;
        }
        return registryLogin(resolveContainerRuntime, getRegistryName(str2), str3, secret, 1);
    }

    private boolean registryLogin(String str, String str2, String str3, Secret secret, int i) {
        if (this.retryAttempts > i) {
            return false;
        }
        Launcher.ProcStarter launch = this.launcher.launch();
        ArgumentListBuilder argumentListBuilder = new ArgumentListBuilder();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        argumentListBuilder.add(new String[]{str, "login", str2});
        argumentListBuilder.add("-u").addMasked(str3);
        argumentListBuilder.add("--password-stdin");
        launch.cmds(argumentListBuilder).stdin(new ByteArrayInputStream((secret.getPlainText() + "\n").getBytes(StandardCharsets.UTF_8))).stderr(byteArrayOutputStream).stdout(byteArrayOutputStream);
        try {
            int join = launch.join();
            String trim = byteArrayOutputStream.toString(StandardCharsets.UTF_8.name()).trim();
            if (join == 0) {
                this.listener.getLogger().println("Authenticated with registry successfully.");
                return true;
            }
            this.listener.getLogger().println("Authentication failed: incorrect credentials provided. Please provide valid registry credentials.");
            this.listener.getLogger().println(trim);
            return false;
        } catch (Exception e) {
            this.listener.getLogger().println("Registry login failed: " + e.getMessage());
            this.retryAttempts++;
            return registryLogin(str, str2, str3, secret, i);
        }
    }

    public String getRegistryName(String str) {
        String str2 = "";
        if (str == null || str.isEmpty()) {
            return str2;
        }
        Matcher matcher = SHARegexp.matcher(str);
        if (matcher.matches() && matcher.groupCount() == 3) {
            str2 = matcher.group(1);
        } else {
            Matcher matcher2 = SplitImageNameRegexp.matcher(str);
            if (matcher2.matches() && matcher2.groupCount() >= 3) {
                str2 = matcher2.group(1);
            }
        }
        if (!str2.isEmpty() && !PortRegexp.matcher(str2).matches()) {
            try {
                InetAddress.getByName(str2);
            } catch (UnknownHostException e) {
                this.listener.getLogger().println("Warning: unable to validate DNS/IP of registry: " + str2);
            }
        }
        return str2;
    }

    private boolean imageExists(String str, String str2) {
        boolean z;
        ArgumentListBuilder argumentListBuilder = new ArgumentListBuilder();
        argumentListBuilder.add(new String[]{str, "inspect", "--format={{.RepoTags}}", str2});
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                if (this.launcher.launch().cmds(argumentListBuilder).stdin((InputStream) null).stderr(byteArrayOutputStream).stdout(byteArrayOutputStream).join() == 0) {
                    if (!byteArrayOutputStream.toString(StandardCharsets.UTF_8.name()).trim().isEmpty()) {
                        z = true;
                        boolean z2 = z;
                        byteArrayOutputStream.close();
                        return z2;
                    }
                }
                z = false;
                boolean z22 = z;
                byteArrayOutputStream.close();
                return z22;
            } finally {
            }
        } catch (Exception e) {
            this.listener.getLogger().println("Error checking image existence: " + e.getMessage());
            return false;
        }
    }

    private String resolveContainerRuntime(String str) {
        return "podman".equals(str) ? "podman" : "docker";
    }
}
