package io.jenkins.plugins.neuvector;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.AbortException;
import hudson.Launcher;
import hudson.model.Run;
import hudson.util.ArgumentListBuilder;
import hudson.util.Secret;
import io.jenkins.plugins.neuvector.model.SeverityRating;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.HashSet;
import java.util.Set;
import java.util.stream.Stream;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import org.apache.http.HttpEntity;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:io/jenkins/plugins/neuvector/NeuVectorWorker.class */
public class NeuVectorWorker {
    private static final int HTTP_CLIENT_CONFIG_TIMEOUT_SECOND = 60;
    private Log logger;
    private Config config;
    private String token;
    private static final String SCAN_REPORT = "/var/neuvector/scan_result.json";

    public NeuVectorWorker(Log log, Config config) {
        this.logger = log;
        this.config = config;
    }

    @SuppressFBWarnings({"DMI_HARDCODED_ABSOLUTE_FILENAME"})
    public void scan(Run<?, ?> run, Launcher launcher, Log log) throws IOException, InterruptedException {
        String requestScan;
        Stream<String> lines;
        Throwable th;
        if (this.config.isStandaloneScanner()) {
            int i = 0;
            ArgumentListBuilder argumentListBuilder = new ArgumentListBuilder();
            File file = new File(run.getRootDir(), "out");
            Launcher.ProcStarter launch = launcher.launch();
            PrintStream printStream = new PrintStream(file, "UTF-8");
            Throwable th2 = null;
            try {
                try {
                    launch.stderr(printStream);
                    launch.stdout(printStream);
                    launch.quiet(true);
                    if (!this.config.getScannerRegistryUser().isEmpty()) {
                        argumentListBuilder.add(new String[]{"docker", "login"});
                        argumentListBuilder.add(new String[]{"-u", this.config.getScannerRegistryUser(), "-p"});
                        argumentListBuilder.addMasked(this.config.getScannerRegistryPassword());
                        argumentListBuilder.add(this.config.getScannerRegistryURL());
                        launch.cmds(argumentListBuilder);
                        log.log("Logging in " + this.config.getScannerRegistryURL() + " with " + this.config.getScannerRegistryUser() + " ... ");
                        i = launch.join();
                    }
                    if (i != 0) {
                        log.log("docker failed to login " + this.config.getScannerRegistryURL() + " Please check the global configuration.");
                    }
                    argumentListBuilder.clear();
                    argumentListBuilder.add(new String[]{"docker", "pull"});
                    argumentListBuilder.add(this.config.getScannerRegistryURL() + "/" + this.config.getScannerImage());
                    launch.cmds(argumentListBuilder);
                    log.log("Pulling NeuVector Scanner from " + this.config.getScannerRegistryURL() + "/" + this.config.getScannerImage() + " ...");
                    if (launch.join() != 0) {
                        log.log("docker failed to pull " + this.config.getScannerRegistryURL() + "/" + this.config.getScannerImage() + " Please check the global configuration.");
                    }
                    argumentListBuilder.clear();
                    argumentListBuilder.add(new String[]{"docker", "run"});
                    argumentListBuilder.add(new String[]{"--name", "neuvector.scanner", "--rm"});
                    String str = "";
                    if (!this.config.isLocal()) {
                        String regUrl = this.config.getRegistry().getRegUrl();
                        argumentListBuilder.add(new String[]{"-e", "SCANNER_REGISTRY=" + regUrl, "-e", "SCANNER_REGISTRY_USERNAME=" + this.config.getRegistry().getRegUsername(), "-e", "SCANNER_REGISTRY_PASSWORD=" + this.config.getRegistry().getRegPassword()});
                        str = regUrl + "/";
                    }
                    argumentListBuilder.add(new String[]{"-e", "SCANNER_REPOSITORY=" + this.config.getRepository(), "-e", "SCANNER_TAG=" + this.config.getTag(), "-e", "SCANNER_SCAN_LAYERS=" + this.config.getScanLayers(), "-e", "SCANNER_LICENSE=" + this.config.getLicense(), "-v", "/var/run/docker.sock:/var/run/docker.sock", "-v", "/var/neuvector:/var/neuvector", this.config.getScannerImage()});
                    launch.cmds(argumentListBuilder);
                    log.log("Scanning " + str + this.config.getRepository() + ":" + this.config.getTag());
                    if (launch.join() != 0) {
                        String str2 = "Failed to run the scan. Check the log in " + file.getAbsolutePath();
                        log.log(str2);
                        throw new AbortException(str2);
                    }
                    if (printStream != null) {
                        if (0 != 0) {
                            try {
                                printStream.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            printStream.close();
                        }
                    }
                    StringBuilder sb = new StringBuilder();
                    try {
                        lines = Files.lines(Paths.get(SCAN_REPORT, new String[0]), StandardCharsets.UTF_8);
                        th = null;
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                    try {
                        try {
                            lines.forEach(str3 -> {
                                sb.append(str3).append("\n");
                            });
                            if (lines != null) {
                                if (0 != 0) {
                                    try {
                                        lines.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    lines.close();
                                }
                            }
                            requestScan = sb.toString();
                        } finally {
                        }
                    } finally {
                    }
                } finally {
                }
            } catch (Throwable th5) {
                if (printStream != null) {
                    if (th2 != null) {
                        try {
                            printStream.close();
                        } catch (Throwable th6) {
                            th2.addSuppressed(th6);
                        }
                    } else {
                        printStream.close();
                    }
                }
                throw th5;
            }
        } else {
            CloseableHttpClient makeHttpClient = makeHttpClient();
            Throwable th7 = null;
            try {
                getToken(makeHttpClient);
                try {
                    requestScan = requestScan(makeHttpClient);
                    logout(makeHttpClient);
                } catch (Throwable th8) {
                    logout(makeHttpClient);
                    throw th8;
                }
            } finally {
                if (makeHttpClient != null) {
                    if (0 != 0) {
                        try {
                            makeHttpClient.close();
                        } catch (Throwable th9) {
                            th7.addSuppressed(th9);
                        }
                    } else {
                        makeHttpClient.close();
                    }
                }
            }
        }
        processScanReport(requestScan, this.config);
    }

    public void testConnection() throws IOException {
        CloseableHttpClient makeHttpClient = makeHttpClient();
        Throwable th = null;
        try {
            getToken(makeHttpClient);
            logout(makeHttpClient);
            if (makeHttpClient != null) {
                if (0 == 0) {
                    makeHttpClient.close();
                    return;
                }
                try {
                    makeHttpClient.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (makeHttpClient != null) {
                if (0 != 0) {
                    try {
                        makeHttpClient.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    makeHttpClient.close();
                }
            }
            throw th3;
        }
    }

    private String getSeverity(Double d, Double d2, Double d3) {
        String str = "";
        if (d != null) {
            if (d.doubleValue() >= d2.doubleValue()) {
                str = SeverityRating.High.name();
            } else if (d.doubleValue() >= d3.doubleValue()) {
                str = SeverityRating.Medium.name();
            }
        }
        return str;
    }

    private CloseableHttpClient makeHttpClient() throws AbortException {
        SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
        try {
            sSLContextBuilder.loadTrustMaterial((KeyStore) null, new TrustSelfSignedStrategy());
            SSLConnectionSocketFactory sSLConnectionSocketFactory = new SSLConnectionSocketFactory(sSLContextBuilder.build(), new TrustAllStrategy());
            return HttpClients.custom().setSSLSocketFactory(sSLConnectionSocketFactory).setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(60000).build()).build();
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
            throw new AbortException("SSL context builder error.");
        }
    }

    /* JADX WARN: Failed to calculate best type for var: r12v3 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r12v3 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Failed to calculate best type for var: r13v3 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r13v3 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 12, insn: 0x0189: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r12 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:44:0x0189 */
    /* JADX WARN: Not initialized variable reg: 13, insn: 0x018e: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r13 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:46:0x018e */
    /* JADX WARN: Type inference failed for: r12v3, types: [org.apache.http.client.methods.CloseableHttpResponse] */
    /* JADX WARN: Type inference failed for: r13v3, types: [java.lang.Throwable] */
    private void getToken(CloseableHttpClient closeableHttpClient) throws AbortException {
        ?? r12;
        ?? r13;
        HttpPost httpPost = new HttpPost(buildUri(this.config.getControllerIP(), this.config.getControllerPort(), "/v1/auth"));
        httpPost.addHeader("Content-Type", "application/json");
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("username", this.config.getUser());
        jSONObject.put("password", this.config.getPassword());
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("password", jSONObject);
        try {
            httpPost.setEntity(new StringEntity(jSONObject2.toString()));
            try {
                try {
                    CloseableHttpResponse execute = closeableHttpClient.execute(httpPost);
                    Throwable th = null;
                    int statusCode = execute.getStatusLine().getStatusCode();
                    HttpEntity entity = execute.getEntity();
                    String entityUtils = EntityUtils.toString(entity);
                    EntityUtils.consume(entity);
                    if (statusCode == 200) {
                        this.token = JSONObject.fromObject(entityUtils).getJSONObject("token").getString("token");
                        if (execute != null) {
                            if (0 != 0) {
                                try {
                                    execute.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                execute.close();
                            }
                        }
                        return;
                    }
                    if (statusCode == 401 || statusCode == 404 || statusCode == 405) {
                        if (this.logger != null) {
                            this.logger.log("Invalid credential of NeuVector controller");
                        }
                        throw new AbortException("Invalid credential of NeuVector controller");
                    }
                    String str = "Failed to get token. Http status code: " + statusCode + ". Message: " + entityUtils;
                    if (this.logger != null) {
                        this.logger.log(str);
                    }
                    throw new AbortException(str);
                } catch (Throwable th3) {
                    if (r12 != 0) {
                        if (r13 != 0) {
                            try {
                                r12.close();
                            } catch (Throwable th4) {
                                r13.addSuppressed(th4);
                            }
                        } else {
                            r12.close();
                        }
                    }
                    throw th3;
                }
            } catch (ClientProtocolException e) {
                if (this.logger != null) {
                    this.logger.log("Invalid NeuVector controller IP or port.");
                }
                throw new AbortException("Invalid NeuVector controller IP or port.");
            } catch (IOException e2) {
                if (this.logger != null) {
                    this.logger.log("NeuVector controller connection error.");
                }
                throw new AbortException("NeuVector controller connection error.");
            }
        } catch (UnsupportedEncodingException e3) {
            if (this.logger != null) {
                this.logger.log("Unsupported encoding from NeuVector Username and/or Password in global configuration.");
            }
            throw new AbortException("Unsupported encoding from NeuVector Username and/or Password in global configuration.");
        }
    }

    private String requestScan(CloseableHttpClient closeableHttpClient) throws IOException {
        long currentTimeMillis = System.currentTimeMillis();
        int timeout = this.config.getTimeout() * HTTP_CLIENT_CONFIG_TIMEOUT_SECOND;
        HttpPost httpPost = new HttpPost(buildUri(this.config.getControllerIP(), this.config.getControllerPort(), "/v1/scan/repository"));
        httpPost.addHeader("Content-Type", "application/json");
        httpPost.addHeader("X-Auth-Token", this.token);
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("repository", this.config.getRepository());
        if (this.config.getTag() != null) {
            jSONObject2.put("tag", this.config.getTag());
        }
        if (this.config.getScanMeta() != null) {
            JSONObject jSONObject3 = new JSONObject();
            jSONObject3.put("source", this.config.getScanMeta().getSource());
            jSONObject3.put("user", this.config.getScanMeta().getUser());
            jSONObject3.put("job", this.config.getScanMeta().getJob());
            jSONObject3.put("workspace", this.config.getScanMeta().getWorkspace());
            jSONObject2.put("metadata", jSONObject3);
        } else {
            jSONObject2.put("metadata", (Object) null);
        }
        if (this.config.isLocal()) {
            jSONObject2.put("registry", "");
            jSONObject2.put("username", "");
            jSONObject2.put("password", "");
        } else {
            jSONObject2.put("registry", this.config.getRegistry().getRegUrl());
            jSONObject2.put("username", this.config.getRegistry().getRegUsername());
            jSONObject2.put("password", Secret.toString(this.config.getRegistry().getRegPassword()).trim());
        }
        jSONObject2.put("scan_layers", Boolean.valueOf(this.config.getScanLayers()));
        jSONObject.put("request", jSONObject2);
        try {
            httpPost.setEntity(new StringEntity(jSONObject.toString()));
            CloseableHttpResponse closeableHttpResponse = null;
            try {
                try {
                    CloseableHttpResponse execute = closeableHttpClient.execute(httpPost);
                    while (execute.getStatusLine().getStatusCode() == 304) {
                        if (timeout > 0 && (System.currentTimeMillis() - currentTimeMillis) / 1000 > timeout) {
                            this.logger.log("Time out.");
                            throw new AbortException("Time out.");
                        }
                        execute = closeableHttpClient.execute(httpPost);
                        this.logger.log("Scanning in progress...");
                    }
                    int statusCode = execute.getStatusLine().getStatusCode();
                    HttpEntity entity = execute.getEntity();
                    String str = "N/A";
                    if (entity != null) {
                        str = EntityUtils.toString(entity);
                        EntityUtils.consume(entity);
                    }
                    if (statusCode != 200 || entity == null) {
                        String str2 = "Scan failed. Http status code: " + statusCode + ". Message: " + str;
                        this.logger.log(str2);
                        throw new AbortException(str2);
                    }
                    String str3 = str;
                    if (execute != null) {
                        execute.close();
                    }
                    return str3;
                } catch (IOException e) {
                    this.logger.log("NeuVector controller connection error.");
                    throw new AbortException("NeuVector controller connection error.");
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    closeableHttpResponse.close();
                }
                throw th;
            }
        } catch (UnsupportedEncodingException e2) {
            this.logger.log("Unsupported encoding from registry, repository or tag.");
            throw new AbortException("Unsupported encoding from registry, repository or tag.");
        }
    }

    private void logout(CloseableHttpClient closeableHttpClient) throws IOException {
        HttpDelete httpDelete = new HttpDelete(buildUri(this.config.getControllerIP(), this.config.getControllerPort(), "/v1/auth"));
        httpDelete.addHeader("Content-Type", "application/json");
        httpDelete.addHeader("X-Auth-Token", this.token);
        closeableHttpClient.execute(httpDelete).close();
    }

    private URI buildUri(String str, int i, String str2) throws AbortException {
        try {
            return new URIBuilder().setScheme("https").setHost(str).setPort(i).setPath(str2).build();
        } catch (URISyntaxException e) {
            this.logger.log("URI syntax error from NeuVector Controller IP and/or API port in global configuration.");
            throw new AbortException("URI syntax error from NeuVector Controller IP and/or API port in global configuration.");
        }
    }

    private void processScanReport(String str, Config config) throws AbortException {
        int i = 0;
        int i2 = 0;
        int i3 = 0;
        boolean z = false;
        boolean customizedRatingScale = config.getCustomizedRatingScale();
        Double highSeverityThreshold = config.getHighSeverityThreshold();
        Double mediumSeverityThreshold = config.getMediumSeverityThreshold();
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        HashSet hashSet3 = new HashSet();
        if (config.getNameOfVulnerabilityToFailOne() != null && !config.getNameOfVulnerabilityToFailOne().isEmpty()) {
            hashSet2.add(config.getNameOfVulnerabilityToFailOne().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToFailTwo() != null && !config.getNameOfVulnerabilityToFailTwo().isEmpty()) {
            hashSet2.add(config.getNameOfVulnerabilityToFailTwo().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToFailThree() != null && !config.getNameOfVulnerabilityToFailThree().isEmpty()) {
            hashSet2.add(config.getNameOfVulnerabilityToFailThree().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToFailFour() != null && !config.getNameOfVulnerabilityToFailFour().isEmpty()) {
            hashSet2.add(config.getNameOfVulnerabilityToFailFour().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToExemptOne() != null && !config.getNameOfVulnerabilityToExemptOne().isEmpty()) {
            hashSet3.add(config.getNameOfVulnerabilityToExemptOne().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToExemptTwo() != null && !config.getNameOfVulnerabilityToExemptTwo().isEmpty()) {
            hashSet3.add(config.getNameOfVulnerabilityToExemptTwo().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToExemptThree() != null && !config.getNameOfVulnerabilityToExemptThree().isEmpty()) {
            hashSet3.add(config.getNameOfVulnerabilityToExemptThree().toLowerCase());
        }
        if (config.getNameOfVulnerabilityToExemptFour() != null && !config.getNameOfVulnerabilityToExemptFour().isEmpty()) {
            hashSet3.add(config.getNameOfVulnerabilityToExemptFour().toLowerCase());
        }
        JSONObject jSONObject = JSONObject.fromObject(str).getJSONObject("report");
        if (jSONObject.isNullObject()) {
            String str2 = "Scan failed. Error Message: " + JSONObject.fromObject(str).get("error_message").toString();
            this.logger.log(str2);
            throw new AbortException(str2);
        }
        JSONArray jSONArray = jSONObject.getJSONArray("vulnerabilities");
        if (jSONArray.size() != 0) {
            for (int i4 = 0; i4 < jSONArray.size(); i4++) {
                JSONObject jSONObject2 = jSONArray.getJSONObject(i4);
                String lowerCase = jSONObject2.getString("name").toLowerCase();
                if (!hashSet2.isEmpty() && hashSet2.contains(lowerCase)) {
                    z = true;
                    hashSet.add(lowerCase.toUpperCase());
                }
                if (hashSet3.isEmpty() || !hashSet3.contains(lowerCase)) {
                    i++;
                    String severity = customizedRatingScale ? getSeverity(Double.valueOf(Double.parseDouble(jSONObject2.getString("score"))), highSeverityThreshold, mediumSeverityThreshold) : jSONObject2.getString("severity");
                    if (severity.equalsIgnoreCase("High")) {
                        i2++;
                    } else if (severity.equalsIgnoreCase("Medium")) {
                        i3++;
                    }
                }
            }
        }
        this.logger.log();
        this.logger.log();
        this.logger.log("************************ Scan Report ************************");
        if (!config.isLocal()) {
            this.logger.log("Registry URL: " + jSONObject.getString("registry"));
        }
        this.logger.log("Repository: " + jSONObject.getString("repository"));
        this.logger.log("Tag: " + jSONObject.getString("tag"));
        if (i > 0) {
            this.logger.log("Total vulnerabilities: " + i);
            this.logger.log("High severity vulnerabilities: " + i2);
            this.logger.log("Medium severity vulnerabilities: " + i3);
        }
        this.logger.log();
        this.logger.log("********************** Vulnerabilities **********************");
        this.logger.log();
        if (jSONArray.size() == 0) {
            this.logger.log("Scanned. No vulnerabilities found.");
        } else {
            int i5 = 0;
            for (int i6 = 0; i6 < jSONArray.size(); i6++) {
                JSONObject jSONObject3 = jSONArray.getJSONObject(i6);
                String lowerCase2 = jSONObject3.getString("name").toLowerCase();
                if (!hashSet2.isEmpty() && hashSet2.contains(lowerCase2)) {
                    z = true;
                    hashSet.add(lowerCase2.toUpperCase());
                }
                if (hashSet3.isEmpty() || !hashSet3.contains(lowerCase2)) {
                    i5++;
                    String severity2 = customizedRatingScale ? getSeverity(Double.valueOf(Double.parseDouble(jSONObject3.getString("score"))), highSeverityThreshold, mediumSeverityThreshold) : jSONObject3.getString("severity");
                    this.logger.log("********************** Vulnerability " + i5 + " **********************");
                    this.logger.log("Name: " + lowerCase2.toUpperCase());
                    this.logger.log("Score: " + jSONObject3.get("score"));
                    this.logger.log("Severity: " + severity2);
                    this.logger.log("Vectors: " + jSONObject3.getString("vectors"));
                    this.logger.log("Description: " + jSONObject3.getString("description"));
                    this.logger.log("Package_name: " + jSONObject3.getString("package_name"));
                    this.logger.log("Package_version: " + jSONObject3.getString("package_version"));
                    this.logger.log("Fixed_version: " + jSONObject3.getString("fixed_version"));
                    this.logger.log("Link: " + jSONObject3.getString("link"));
                    this.logger.log();
                } else {
                    this.logger.log("********************** Exempt Vulnerability **********************");
                    this.logger.log("The vulnerability " + lowerCase2.toUpperCase() + " is exempt.");
                    this.logger.log();
                }
            }
        }
        if (config.getScanLayers()) {
            this.logger.log();
            if (jSONObject.has("layers")) {
                this.logger.log("**************** Layer Vulnerability History ****************");
                this.logger.log();
                JSONArray jSONArray2 = jSONObject.getJSONArray("layers");
                for (int i7 = 0; i7 < jSONArray2.size(); i7++) {
                    JSONObject jSONObject4 = jSONArray2.getJSONObject(i7);
                    String substring = jSONObject4.getString("digest").substring(0, 12);
                    JSONArray jSONArray3 = jSONObject4.getJSONArray("vulnerabilities");
                    int i8 = 0;
                    for (int i9 = 0; i9 < jSONArray3.size(); i9++) {
                        String lowerCase3 = jSONArray3.getJSONObject(i9).getString("name").toLowerCase();
                        if (hashSet3.isEmpty() || !hashSet3.contains(lowerCase3)) {
                            i8++;
                        }
                    }
                    this.logger.log("Layer digest " + substring + " contains " + i8 + " vulnerabilities.");
                    this.logger.log();
                    for (int i10 = 0; i10 < jSONArray3.size(); i10++) {
                        JSONObject jSONObject5 = jSONArray3.getJSONObject(i10);
                        String lowerCase4 = jSONObject5.getString("name").toLowerCase();
                        if (hashSet3.isEmpty() || !hashSet3.contains(lowerCase4)) {
                            this.logger.log("Name: " + lowerCase4 + ", Score: " + jSONObject5.get("score") + ", Package_name: " + jSONObject5.getString("package_name") + ", Package_version: " + jSONObject5.getString("package_version") + ", Fixed_version: " + jSONObject5.getString("fixed_version") + ", Link: " + jSONObject5.getString("link"));
                        } else {
                            this.logger.log("The vulnerability " + lowerCase4 + " is exempt. ");
                        }
                    }
                    this.logger.log();
                }
            } else {
                this.logger.log("*** Your Controller Does Not Support Layer Vulnerability Scan ***");
            }
        }
        makeIfFailDecision(i2, i3, z, hashSet);
    }

    private void makeIfFailDecision(int i, int i2, boolean z, Set<String> set) throws AbortException {
        int parseInt;
        int parseInt2;
        boolean z2 = false;
        StringBuilder sb = new StringBuilder();
        if (this.config.getNumberOfHighSeverityToFail() != null && !this.config.getNumberOfHighSeverityToFail().isEmpty() && (parseInt2 = Integer.parseInt(this.config.getNumberOfHighSeverityToFail())) != 0 && parseInt2 <= i) {
            z2 = true;
            sb.append(i).append(" High severity vulnerabilities");
        }
        if (this.config.getNumberOfMediumSeverityToFail() != null && !this.config.getNumberOfMediumSeverityToFail().isEmpty() && (parseInt = Integer.parseInt(this.config.getNumberOfMediumSeverityToFail())) != 0 && parseInt <= i2) {
            if (z2) {
                sb.append(", ");
            }
            z2 = true;
            sb.append(i2).append(" Medium severity vulnerabilities");
        }
        if (z) {
            if (z2) {
                sb.append(", and ");
            }
            sb.append("vulnerabilities: ").append(set.toString());
        }
        if (z2 || z) {
            sb.append(" are present.");
            String str = "Build failed because " + sb.toString();
            this.logger.log(str);
            throw new AbortException(str);
        }
    }
}
