package io.jenkins.plugins.appray;

import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractProject;
import hudson.model.Item;
import hudson.model.Result;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.security.ACL;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import hudson.util.Secret;
import io.jenkins.plugins.appray.ScanJob;
import io.jenkins.plugins.appray.User;
import java.io.IOException;
import java.util.Collections;
import java.util.Date;
import javax.servlet.ServletException;
import jenkins.model.Jenkins;
import jenkins.tasks.SimpleBuildStep;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.verb.POST;

/* loaded from: input_file:io/jenkins/plugins/appray/AppRayBuilder.class */
public class AppRayBuilder extends Builder implements SimpleBuildStep {
    private final String appRayUrl;
    private final String outputFilePath;
    private final Integer waitTimeout;
    private final Integer riskScoreThreshold;
    private final String credentialsId;

    @Extension
    @Symbol({"appray"})
    /* loaded from: input_file:io/jenkins/plugins/appray/AppRayBuilder$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
        public static final String defaultAppRayUrl = "https://demo.app-ray.co";
        public static final Integer defaultWaitTimeout = 10;
        public static final Integer defaultRiskScoreThreshold = 30;

        @POST
        public FormValidation doTestConnection(@AncestorInPath Item item, @QueryParameter("appRayUrl") String str, @QueryParameter("credentialsId") String str2) throws IOException, ServletException {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            AppRayConnector appRayConnector = new AppRayConnector();
            StandardUsernamePasswordCredentials firstOrNull = CredentialsMatchers.firstOrNull(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, item, ACL.SYSTEM, Collections.emptyList()), CredentialsMatchers.withId(str2));
            if (firstOrNull == null) {
                return FormValidation.error("Credentials are missing, please check the configured credentials and make sure they are not deleted or moved.");
            }
            try {
                if (str.length() == 0) {
                    return FormValidation.error("App-Ray URL is required");
                }
                try {
                    appRayConnector.setup(str, firstOrNull.getUsername(), Secret.toString(firstOrNull.getPassword()), Jenkins.get().proxy);
                    User user = appRayConnector.getUser();
                    String organization = appRayConnector.getOrganization();
                    if (user.role != User.Role.FULL) {
                        FormValidation error = FormValidation.error("User must have full-access role: " + firstOrNull.getUsername() + " but current role: " + user.role);
                        appRayConnector.close();
                        return error;
                    }
                    FormValidation ok = FormValidation.ok("Successfully connected. " + user.name + " (" + user.email + ") @ " + organization);
                    appRayConnector.close();
                    return ok;
                } catch (Exception e) {
                    appRayConnector.close();
                    e.printStackTrace();
                    FormValidation error2 = FormValidation.error("Connection error: " + e.getMessage());
                    appRayConnector.close();
                    return error2;
                }
            } catch (Throwable th) {
                appRayConnector.close();
                throw th;
            }
        }

        public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String str, @QueryParameter("appRayUrl") String str2) {
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            if (item == null) {
                if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
                    return standardListBoxModel.includeCurrentValue(str);
                }
            } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
                return standardListBoxModel.includeCurrentValue(str);
            }
            return standardListBoxModel.includeAs(ACL.SYSTEM, item, StandardUsernamePasswordCredentials.class, Collections.emptyList()).includeCurrentValue(str);
        }

        public FormValidation doCheckCredentialsId(@AncestorInPath Item item, @QueryParameter String str) {
            if (item == null) {
                if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
                    return FormValidation.ok();
                }
            } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
                return FormValidation.ok();
            }
            return (str.startsWith("${") && str.endsWith("}")) ? FormValidation.warning("Cannot validate expression-based credentials") : CredentialsProvider.listCredentials(StandardUsernamePasswordCredentials.class, item, ACL.SYSTEM, Collections.emptyList(), CredentialsMatchers.withId(str)).isEmpty() ? FormValidation.error("Cannot find currently selected credentials, please make sure they have not been deleted.") : FormValidation.ok();
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public String getDisplayName() {
            return Messages.AppRayBuilder_DescriptorImpl_DisplayName();
        }
    }

    @DataBoundConstructor
    public AppRayBuilder(String str, String str2, Integer num, Integer num2, String str3) {
        this.appRayUrl = str;
        this.outputFilePath = str2;
        this.waitTimeout = num;
        this.riskScoreThreshold = num2;
        this.credentialsId = str3;
    }

    public String getAppRayUrl() {
        return this.appRayUrl;
    }

    public String getOutputFilePath() {
        return this.outputFilePath;
    }

    public Integer getWaitTimeout() {
        return this.waitTimeout;
    }

    public Integer getRiskScoreThreshold() {
        return this.riskScoreThreshold;
    }

    public String getCredentialsId() {
        return this.credentialsId;
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] */
    public DescriptorImpl m0getDescriptor() {
        return super.getDescriptor();
    }

    public void perform(Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener) throws InterruptedException, IOException {
        AppRayConnector appRayConnector = new AppRayConnector();
        FilePath child = filePath.child(run.getEnvironment(taskListener).expand(this.outputFilePath));
        StandardUsernamePasswordCredentials findCredentialById = CredentialsProvider.findCredentialById(this.credentialsId, StandardUsernamePasswordCredentials.class, run, Collections.emptyList());
        if (findCredentialById == null) {
            taskListener.error("Credentials are missing: " + this.credentialsId);
            run.setResult(Result.FAILURE);
            return;
        }
        if (this.appRayUrl == null || this.appRayUrl.length() == 0) {
            taskListener.fatalError("Required App-Ray URL is missing");
            run.setResult(Result.FAILURE);
            return;
        }
        if (!child.exists()) {
            taskListener.error("Application does not exist: " + child.getRemote());
            run.setResult(Result.FAILURE);
            return;
        }
        taskListener.getLogger().println("App-Ray scanning application: " + child.getRemote());
        try {
            try {
                try {
                    appRayConnector.setup(this.appRayUrl, findCredentialById.getUsername(), Secret.toString(findCredentialById.getPassword()), Jenkins.get().proxy);
                    User user = appRayConnector.getUser();
                    taskListener.getLogger().println("App-Ray scanning on " + this.appRayUrl + " -> " + user.name + " (" + user.email + ") @ " + appRayConnector.getOrganization());
                    String submitApp = appRayConnector.submitApp(child.getRemote());
                    ScanJob jobDetails = appRayConnector.getJobDetails(submitApp);
                    String str = this.appRayUrl + "/scan-details/" + submitApp;
                    taskListener.getLogger().println("App-Ray scanning " + jobDetails.platform + " application " + jobDetails.package_name + " (" + jobDetails.label + ") " + jobDetails.version + " (SHA1: " + jobDetails.app_hash + "), scan job ID: " + submitApp);
                    taskListener.getLogger().println("App-Ray scan result details will be available at: " + str);
                    processJobResult(run, str, waitForJob(submitApp, appRayConnector, taskListener), appRayConnector, submitApp, filePath, taskListener);
                    appRayConnector.close();
                } catch (AppRayConnectorException e) {
                    appRayConnector.close();
                    taskListener.error(e.getMessage());
                    run.setResult(Result.FAILURE);
                    appRayConnector.close();
                }
            } catch (Exception e2) {
                appRayConnector.close();
                taskListener.error("Exception: " + e2.getMessage());
                e2.printStackTrace();
                run.setResult(Result.FAILURE);
                appRayConnector.close();
            }
        } catch (Throwable th) {
            appRayConnector.close();
            throw th;
        }
    }

    private ScanJob waitForJob(String str, AppRayConnector appRayConnector, TaskListener taskListener) throws AppRayConnectorException, InterruptedException {
        ScanJob scanJob;
        long j;
        Date date = new Date(System.currentTimeMillis());
        Date date2 = new Date(System.currentTimeMillis() + (this.waitTimeout.intValue() * 60000));
        ScanJob jobDetails = appRayConnector.getJobDetails(str);
        while (true) {
            scanJob = jobDetails;
            if (date.compareTo(date2) >= 0) {
                break;
            }
            if (scanJob.status != ScanJob.Status.queued) {
                if (scanJob.status != ScanJob.Status.processing) {
                    break;
                }
                taskListener.getLogger().println("Application is being scanned: " + scanJob.progress_finished + " / " + scanJob.progress_total);
                j = scanJob.progress_total - scanJob.progress_finished > 1 ? 10L : 5L;
            } else {
                taskListener.getLogger().println("Application is queued for scanning");
                j = 20;
            }
            Thread.sleep(j * 1000);
            date = new Date(System.currentTimeMillis());
            jobDetails = appRayConnector.getJobDetails(str);
        }
        return scanJob;
    }

    private void processJobResult(Run<?, ?> run, String str, ScanJob scanJob, AppRayConnector appRayConnector, String str2, FilePath filePath, TaskListener taskListener) throws AppRayConnectorException, IOException, InterruptedException {
        if (scanJob.status == ScanJob.Status.finished) {
            run.addAction(new AppRayResultAction(str, scanJob));
            if (this.riskScoreThreshold.intValue() < scanJob.risk_score) {
                taskListener.error("App-Ray scan finished, application has too high risk score: " + scanJob.risk_score);
                run.setResult(Result.FAILURE);
            } else {
                taskListener.getLogger().println("App-Ray scan finished, application is below configured threshold, risk score: " + scanJob.risk_score);
                run.setResult(Result.SUCCESS);
            }
            filePath.child("appray.junit.xml").write(appRayConnector.getJUnit(str2), (String) null);
            return;
        }
        if (scanJob.status == ScanJob.Status.failed) {
            run.addAction(new AppRayResultAction(null, scanJob));
            taskListener.error("App-Ray scan failed: " + scanJob.failure_reason);
            run.setResult(Result.FAILURE);
        } else {
            run.addAction(new AppRayResultAction(str, scanJob));
            taskListener.error("App-Ray scan wait timeout exceeded, try to increase waitTimeout");
            run.setResult(Result.FAILURE);
        }
    }
}
