package org.jenkinsci.plugins.codedx;

import com.secdec.codedx.api.client.CodeDxClient;
import com.secdec.codedx.api.client.CodeDxClientException;
import com.secdec.codedx.api.client.CodeDxRepeatingClient;
import com.secdec.codedx.api.client.CountGroup;
import com.secdec.codedx.api.client.Filter;
import com.secdec.codedx.api.client.Job;
import com.secdec.codedx.api.client.Project;
import com.secdec.codedx.api.client.StartAnalysisResponse;
import com.secdec.codedx.api.client.TriageStatus;
import com.secdec.codedx.security.JenkinsSSLConnectionSocketFactoryFactory;
import com.secdec.codedx.util.CodeDxVersion;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractBuild;
import hudson.model.AbstractProject;
import hudson.model.Action;
import hudson.model.BuildListener;
import hudson.model.Descriptor;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.BuildStepMonitor;
import hudson.tasks.Publisher;
import hudson.tasks.Recorder;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Logger;
import javax.net.ssl.SSLHandshakeException;
import javax.servlet.ServletException;
import net.sf.json.JSONObject;
import org.apache.commons.io.IOUtils;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.HttpClientBuilder;
import org.jenkinsci.plugins.codedx.model.CodeDxGroupStatistics;
import org.jenkinsci.plugins.codedx.model.CodeDxReportStatistics;
import org.jenkinsci.plugins.tokenmacro.MacroEvaluationException;
import org.jenkinsci.plugins.tokenmacro.TokenMacro;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;

/* loaded from: input_file:org/jenkinsci/plugins/codedx/CodeDxPublisher.class */
public class CodeDxPublisher extends Recorder {
    private final String url;
    private final String key;
    private final String projectId;
    private final String sourceAndBinaryFiles;
    private final String toolOutputFiles;
    private final String excludedSourceAndBinaryFiles;
    private final String analysisName;
    private final AnalysisResultConfiguration analysisResultConfiguration;
    private transient CodeDxClient client;
    private final String selfSignedCertificateFingerprint;
    private static final Logger logger = Logger.getLogger(CodeDxPublisher.class.getName());

    @Extension
    /* loaded from: input_file:org/jenkinsci/plugins/codedx/CodeDxPublisher$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Publisher> {
        public DescriptorImpl() {
            load();
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public String getDisplayName() {
            return "Publish to Code Dx";
        }

        public FormValidation doCheckProjectId(@QueryParameter String str) throws IOException, ServletException {
            return str.length() == 0 ? FormValidation.error("Please set a project. If none are shown above, then be sure that system settings are configured correctly.") : Integer.parseInt(str) == -1 ? FormValidation.error("Failed to get available projects, please ensure systems settings are configured correctly.") : FormValidation.ok();
        }

        public FormValidation doCheckKey(@QueryParameter String str) throws IOException, ServletException {
            return str.length() == 0 ? FormValidation.error("Please set a Key.") : FormValidation.ok();
        }

        public FormValidation doCheckUrl(@QueryParameter String str, @QueryParameter String str2) throws IOException, ServletException {
            CodeDxClient buildClient = CodeDxPublisher.buildClient(str, "", str2);
            if (str.length() == 0) {
                return FormValidation.error("Please set a URL.");
            }
            try {
                new URL(str);
                if (str.toLowerCase().startsWith("http:")) {
                    return FormValidation.warning("HTTP is considered insecure, it is recommended that you use HTTPS.");
                }
                if (!str.toLowerCase().startsWith("https:")) {
                    return FormValidation.error("Invalid protocol, please use HTTPS or HTTP.");
                }
                try {
                    buildClient.getProjects();
                } catch (Exception e) {
                    if (e instanceof SSLHandshakeException) {
                        return FormValidation.warning("The SSL Certificate presented by the server is invalid. If this is expected, please input an SHA1 Fingerprint in the \"Advanced\" option");
                    }
                }
                return FormValidation.ok();
            } catch (MalformedURLException e2) {
                return FormValidation.error("Malformed URL");
            }
        }

        public FormValidation doCheckSelfSignedCertificateFingerprint(@QueryParameter String str, @QueryParameter String str2) {
            if (str2 != null && !str2.isEmpty() && str != null && !str.isEmpty()) {
                try {
                    CodeDxPublisher.buildClient(str2, "", str).getProjects();
                } catch (Exception e) {
                    if (e instanceof SSLHandshakeException) {
                        CodeDxPublisher.logger.warning("When retrieving projects: " + e);
                        e.printStackTrace();
                        return CodeDxPublisher.isFingerprintMismatch((SSLHandshakeException) e) ? FormValidation.warning("The fingerprint doesn't match the fingerprint of the certificate presented by the server") : FormValidation.warning("A secure connection to the server could not be established");
                    }
                }
            }
            return FormValidation.ok();
        }

        public FormValidation doCheckSourceAndBinaryFiles(@QueryParameter String str, @QueryParameter String str2, @AncestorInPath AbstractProject abstractProject) {
            return str.length() == 0 ? str2.length() == 0 ? FormValidation.error("You must specify \"Tool Output Files\" and/or \"Source and Binary Files\"") : FormValidation.warning("It is recommended that at least source files are provided to Code Dx.") : Util.checkCSVGlobMatches(str, abstractProject.getSomeWorkspace());
        }

        public FormValidation doCheckExcludedSourceAndBinaryFiles(@QueryParameter String str, @AncestorInPath AbstractProject abstractProject) {
            return Util.checkCSVGlobMatches(str, abstractProject.getSomeWorkspace());
        }

        public FormValidation doCheckToolOutputFiles(@QueryParameter String str, @QueryParameter String str2, @AncestorInPath AbstractProject abstractProject) {
            return (str.length() == 0 && str2.length() == 0) ? FormValidation.error("You must specify \"Tool Output Files\" and/or \"Source and Binary Files\"") : Util.checkCSVFileMatches(str, abstractProject.getSomeWorkspace());
        }

        public ListBoxModel doFillProjectIdItems(@QueryParameter String str, @QueryParameter String str2, @QueryParameter String str3, @AncestorInPath AbstractProject abstractProject) {
            ListBoxModel listBoxModel = new ListBoxModel();
            try {
                List<Project> projects = CodeDxPublisher.buildClient(str, str3, str2).getProjects();
                HashMap hashMap = new HashMap();
                for (Project project : projects) {
                    if (hashMap.containsKey(project.getName())) {
                        hashMap.put(project.getName(), true);
                    } else {
                        hashMap.put(project.getName(), false);
                    }
                }
                for (Project project2 : projects) {
                    if (((Boolean) hashMap.get(project2.getName())).booleanValue()) {
                        listBoxModel.add(project2.getName() + " (id:" + project2.getId() + ")", Integer.toString(project2.getId()));
                    } else {
                        listBoxModel.add(project2.getName(), Integer.toString(project2.getId()));
                    }
                }
            } catch (Exception e) {
                CodeDxPublisher.logger.warning("Exception when populating projects dropdown " + e);
                listBoxModel.add("", "-1");
            }
            return listBoxModel;
        }

        public ListBoxModel doFillFailureSeverityItems() {
            return getSeverityItems();
        }

        public ListBoxModel doFillUnstableSeverityItems() {
            return getSeverityItems();
        }

        private ListBoxModel getSeverityItems() {
            ListBoxModel listBoxModel = new ListBoxModel();
            listBoxModel.add("None", "None");
            listBoxModel.add("Info or Higher", Filter.SEVERITY_INFO);
            listBoxModel.add("Low or Higher", Filter.SEVERITY_LOW);
            listBoxModel.add("Medium or Higher", Filter.SEVERITY_MEDIUM);
            listBoxModel.add("High or Higher", Filter.SEVERITY_HIGH);
            listBoxModel.add(Filter.SEVERITY_CRITICAL, Filter.SEVERITY_CRITICAL);
            return listBoxModel;
        }

        public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
            save();
            System.out.println("Code Dx descriptor configure method");
            return super.configure(staplerRequest, jSONObject);
        }

        /* renamed from: newInstance, reason: merged with bridge method [inline-methods] */
        public Publisher m9newInstance(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
            return super.newInstance(staplerRequest, jSONObject);
        }
    }

    @DataBoundConstructor
    public CodeDxPublisher(String str, String str2, String str3, String str4, String str5, String str6, String str7, AnalysisResultConfiguration analysisResultConfiguration, String str8) {
        this.projectId = str3;
        this.url = str;
        this.key = str2;
        this.sourceAndBinaryFiles = str4;
        this.excludedSourceAndBinaryFiles = str6;
        this.toolOutputFiles = str5;
        this.analysisName = str7.trim();
        this.analysisResultConfiguration = analysisResultConfiguration;
        this.selfSignedCertificateFingerprint = str8;
        setupClient();
    }

    private void setupClient() {
        if (this.client == null) {
            this.client = buildClient(this.url, this.key, this.selfSignedCertificateFingerprint);
        }
    }

    public AnalysisResultConfiguration getAnalysisResultConfiguration() {
        return this.analysisResultConfiguration;
    }

    public String getProjectId() {
        return this.projectId;
    }

    public String getUrl() {
        return this.url;
    }

    public String getKey() {
        return this.key;
    }

    public String getSourceAndBinaryFiles() {
        return this.sourceAndBinaryFiles;
    }

    public String getToolOutputFiles() {
        return this.toolOutputFiles;
    }

    public String getExcludedSourceAndBinaryFiles() {
        return this.excludedSourceAndBinaryFiles;
    }

    public String getSelfSignedCertificateFingerprint() {
        return this.selfSignedCertificateFingerprint;
    }

    public String getAnalysisName() {
        return this.analysisName;
    }

    public Action getProjectAction(AbstractProject<?, ?> abstractProject) {
        String str = null;
        if (this.projectId.length() != 0 && !this.projectId.equals("-1")) {
            setupClient();
            str = this.client.buildLatestFindingsUrl(Integer.parseInt(this.projectId));
        }
        return new CodeDxProjectAction(abstractProject, this.analysisResultConfiguration, str);
    }

    public boolean perform(AbstractBuild<?, ?> abstractBuild, Launcher launcher, BuildListener buildListener) throws InterruptedException, IOException {
        Object obj;
        String expand;
        Date date = new Date();
        setupClient();
        HashMap hashMap = new HashMap();
        PrintStream logger2 = buildListener.getLogger();
        logger2.println("Publishing build to Code Dx:");
        if (this.projectId.length() == 0 || this.projectId.equals("-1")) {
            logger2.println("No project has been selected");
            return true;
        }
        logger2.println(String.format("Publishing to Code Dx server at %s to Code Dx project %s: ", this.url, this.projectId));
        logger2.println("Creating source/binary zip...");
        FilePath Archive = Archiver.Archive(abstractBuild.getWorkspace(), Util.commaSeparatedToArray(this.sourceAndBinaryFiles), Util.commaSeparatedToArray(this.excludedSourceAndBinaryFiles), "source", logger2);
        if (Archive != null) {
            try {
                logger2.println("Adding source/binary zip...");
                hashMap.put("Jenkins-SourceAndBinary", Archive.read());
            } catch (IOException e) {
                logger2.println("Failed to add source/binary zip.");
            }
        } else {
            logger2.println("No matching source/binary files.");
        }
        for (String str : Util.commaSeparatedToArray(this.toolOutputFiles)) {
            if (str.length() != 0) {
                FilePath child = abstractBuild.getWorkspace().child(str);
                if (child.exists()) {
                    try {
                        logger2.println("Add tool output file " + child.getRemote() + " to request.");
                        hashMap.put(child.getName(), child.read());
                    } catch (IOException e2) {
                        logger2.println("Failed to add tool output file: " + child);
                    }
                }
            }
        }
        if (hashMap.size() <= 0) {
            logger2.println("Nothing to send, this doesn't seem right! Please check your 'Code Dx > Source and Binary Files' configuration.");
            return false;
        }
        CodeDxRepeatingClient codeDxRepeatingClient = new CodeDxRepeatingClient(this.client, logger2);
        try {
            try {
                CodeDxVersion codeDxVersion = codeDxRepeatingClient.getCodeDxVersion();
                logger2.println("Got Code Dx version: " + codeDxVersion);
                try {
                    logger2.println("Submitting files to Code Dx for analysis");
                    int parseInt = Integer.parseInt(this.projectId);
                    try {
                        try {
                            StartAnalysisResponse startAnalysis = codeDxRepeatingClient.startAnalysis(Integer.parseInt(this.projectId), hashMap);
                            Iterator it = hashMap.entrySet().iterator();
                            while (it.hasNext()) {
                                IOUtils.closeQuietly((InputStream) ((Map.Entry) it.next()).getValue());
                            }
                            logger2.println("Code Dx accepted files for analysis");
                            if (startAnalysis != null) {
                                if (this.analysisName == null || this.analysisName.length() == 0) {
                                    logger2.println("No 'Analysis Name' was chosen.");
                                } else {
                                    logger2.println("Analysis Name (raw): " + this.analysisName);
                                    try {
                                        expand = TokenMacro.expand(abstractBuild, buildListener, this.analysisName);
                                        logger2.println("Analysis Name expression expanded to: " + expand);
                                    } catch (MacroEvaluationException e3) {
                                        logger2.println("Failed to expand Analysis Name expression using TokenMacro. Falling back to built-in Jenkins functionality");
                                        e3.printStackTrace(logger2);
                                        expand = abstractBuild.getEnvironment(buildListener).expand(this.analysisName);
                                    }
                                    logger2.println("Analysis Name: " + expand);
                                    logger2.println("Analysis Id: " + startAnalysis.getAnalysisId());
                                    if (codeDxVersion.compareTo(CodeDxVersion.MIN_FOR_ANALYSIS_NAMES) < 0) {
                                        logger2.println("The connected Code Dx server is only version " + codeDxVersion + ", which doesn't support naming analyses (minimum supported version is " + CodeDxVersion.MIN_FOR_ANALYSIS_NAMES + "). The analysis name will not be set.");
                                    } else {
                                        try {
                                            codeDxRepeatingClient.setAnalysisName(parseInt, startAnalysis.getAnalysisId(), expand);
                                            logger2.println("Successfully updated analysis name.");
                                        } catch (CodeDxClientException e4) {
                                            logger2.println("Got error from Code Dx API Client while trying to set the analysis name");
                                            e4.printStackTrace(logger2);
                                            Archive.delete();
                                            return false;
                                        }
                                    }
                                }
                            }
                            if (this.analysisResultConfiguration == null) {
                                logger.info("Project not configured to wait on analysis results");
                                Archive.delete();
                                return true;
                            }
                            String str2 = null;
                            while (true) {
                                try {
                                    Thread.sleep(3000L);
                                    String str3 = str2;
                                    str2 = codeDxRepeatingClient.getJobStatus(startAnalysis.getJobId());
                                    if (str2 != null && !str2.equals(str3)) {
                                        if (Job.QUEUED.equals(str2)) {
                                            logger2.println("Code Dx analysis is queued");
                                        } else if (Job.RUNNING.equals(str2)) {
                                            logger2.println("Code Dx analysis is running");
                                        }
                                    }
                                    if (!Job.QUEUED.equals(str2) && !Job.RUNNING.equals(str2)) {
                                        break;
                                    }
                                } catch (CodeDxClientException e5) {
                                    logger2.println("Fatal Error! There was a problem querying for the analysis status.");
                                    e5.printStackTrace(logger2);
                                    Archive.delete();
                                    return false;
                                }
                            }
                            if (!Job.COMPLETED.equals(str2)) {
                                logger2.println("Analysis status: " + str2);
                                Archive.delete();
                                return false;
                            }
                            try {
                                logger2.println("Analysis succeeded");
                                logger2.println("Fetching severity counts");
                                Filter filter = new Filter();
                                filter.setNotStatus(new String[]{Filter.STATUS_GONE});
                                List<CountGroup> findingsGroupedCounts = codeDxRepeatingClient.getFindingsGroupedCounts(parseInt, filter, "severity");
                                logger2.println("Fetching status counts");
                                Filter filter2 = new Filter();
                                filter2.setStatus(new String[]{Filter.STATUS_ESCALATED, Filter.STATUS_FALSE_POSITIVE, Filter.STATUS_FIXED, Filter.STATUS_MITIGATED, Filter.STATUS_IGNORED, Filter.STATUS_UNRESOLVED});
                                List<CountGroup> findingsGroupedCounts2 = codeDxRepeatingClient.getFindingsGroupedCounts(parseInt, filter2, TriageStatus.TYPE_STATUS);
                                Filter filter3 = new Filter();
                                filter3.setStatus(new String[]{Filter.STATUS_ASSIGNED});
                                logger2.println("Fetching assigned count");
                                int findingsCount = codeDxRepeatingClient.getFindingsCount(parseInt, filter3);
                                if (findingsCount > 0) {
                                    CountGroup countGroup = new CountGroup();
                                    countGroup.setName("Assigned");
                                    countGroup.setCount(findingsCount);
                                    findingsGroupedCounts2.add(countGroup);
                                }
                                logger2.println("Building table and charts");
                                HashMap hashMap2 = new HashMap();
                                hashMap2.put("severity", createStatistics(findingsGroupedCounts));
                                hashMap2.put(TriageStatus.TYPE_STATUS, createStatistics(findingsGroupedCounts2));
                                CodeDxResult codeDxResult = new CodeDxResult(hashMap2, abstractBuild);
                                logger2.println("Adding CodeDx build action");
                                abstractBuild.addAction(new CodeDxBuildAction(abstractBuild, codeDxResult));
                                abstractBuild.setResult(new AnalysisResultChecker(codeDxRepeatingClient, codeDxVersion, this.analysisResultConfiguration.getFailureSeverity(), this.analysisResultConfiguration.getUnstableSeverity(), date, this.analysisResultConfiguration.isFailureOnlyNew(), this.analysisResultConfiguration.isUnstableOnlyNew(), parseInt, logger2).checkResult());
                                Archive.delete();
                                return true;
                            } catch (CodeDxClientException e6) {
                                logger2.println("Fatal Error! There was a problem retrieving analysis results.");
                                e6.printStackTrace(logger2);
                                Archive.delete();
                                return false;
                            }
                        } catch (Throwable th) {
                            Iterator it2 = hashMap.entrySet().iterator();
                            while (it2.hasNext()) {
                                IOUtils.closeQuietly((InputStream) ((Map.Entry) it2.next()).getValue());
                            }
                            throw th;
                        }
                    } catch (CodeDxClientException e7) {
                        switch (e7.getHttpCode()) {
                            case 400:
                                obj = " (Bad Request: have you included files from unsupported Tools? Code Dx Standard Edition does not support uploading tool results)";
                                break;
                            case 403:
                                obj = " (Forbidden: have you configured your key and permissions correctly?)";
                                break;
                            case 404:
                                obj = " (Project Not Found: is it possible it was deleted?)";
                                break;
                            case CodeDxProjectAction.CHART_WIDTH /* 500 */:
                                obj = " (Internal Server Error: Please check your Code Dx server logs for more details)";
                                break;
                            default:
                                obj = "";
                                break;
                        }
                        logger2.println(String.format("Failed to start analysis%s.", obj));
                        logger2.println(String.format("Response Status: %d: %s", Integer.valueOf(e7.getHttpCode()), e7.getResponseMessage()));
                        logger2.println(String.format("Response Content: %s", e7.getResponseContent()));
                        e7.printStackTrace(logger2);
                        Iterator it3 = hashMap.entrySet().iterator();
                        while (it3.hasNext()) {
                            IOUtils.closeQuietly((InputStream) ((Map.Entry) it3.next()).getValue());
                        }
                        Archive.delete();
                        return false;
                    }
                } catch (NumberFormatException e8) {
                    logger2.println("Invalid project Id");
                    Archive.delete();
                    return false;
                }
            } catch (CodeDxClientException e9) {
                e9.printStackTrace(logger2);
                logger2.println("Failed to get Code Dx version; aborting build.");
                return false;
            }
        } catch (Throwable th2) {
            Archive.delete();
            throw th2;
        }
    }

    public static CodeDxClient buildClient(String str, String str2, String str3) {
        CodeDxClient codeDxClient = new CodeDxClient(str, str2);
        if (str3 != null) {
            try {
                str3 = str3.replaceAll("[^a-fA-F0-9]", "");
            } catch (MalformedURLException e) {
                logger.warning("A valid CodeDxClient could not be built. Malformed URL: " + str);
            } catch (GeneralSecurityException e2) {
                logger.warning("A valid CodeDxClient could not be built. GeneralSecurityException: url: " + str + ", fingerprint: " + str3);
            } catch (Exception e3) {
                logger.warning("An exception was thrown while building the client " + e3);
                e3.printStackTrace();
            }
        }
        SSLConnectionSocketFactory factory = JenkinsSSLConnectionSocketFactoryFactory.getFactory(str3, new URL(str).getHost());
        HttpClientBuilder create = HttpClientBuilder.create();
        create.setSSLSocketFactory(factory);
        codeDxClient = new CodeDxClient(str, str2, create);
        return codeDxClient;
    }

    private String[] getUsers(Map<String, TriageStatus> map) {
        ArrayList arrayList = new ArrayList();
        for (TriageStatus triageStatus : map.values()) {
            if (triageStatus.getType().equals(TriageStatus.TYPE_USER)) {
                arrayList.add(triageStatus.getDisplay());
            }
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    private CodeDxReportStatistics createStatistics(List<CountGroup> list) {
        ArrayList arrayList = new ArrayList();
        for (CountGroup countGroup : list) {
            arrayList.add(new CodeDxGroupStatistics(countGroup.getName(), countGroup.getCount()));
        }
        return new CodeDxReportStatistics(arrayList);
    }

    public BuildStepMonitor getRequiredMonitorService() {
        return BuildStepMonitor.NONE;
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] and merged with bridge method [inline-methods] */
    public DescriptorImpl m8getDescriptor() {
        return (DescriptorImpl) super.getDescriptor();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isFingerprintMismatch(SSLHandshakeException sSLHandshakeException) {
        return sSLHandshakeException.getMessage().contains("None of the TrustManagers trust this certificate chain");
    }
}
