package com.aspectsecurity.contrast.contrastjenkins;

import com.aspectsecurity.contrast.contrastjenkins.ContrastPluginConfig;
import com.contrastsecurity.exceptions.UnauthorizedException;
import com.contrastsecurity.http.FilterForm;
import com.contrastsecurity.http.ServerFilterForm;
import com.contrastsecurity.http.UrlBuilder;
import com.contrastsecurity.models.Application;
import com.contrastsecurity.models.Server;
import com.contrastsecurity.models.Servers;
import com.contrastsecurity.models.Trace;
import com.contrastsecurity.models.Traces;
import com.contrastsecurity.sdk.ContrastSDK;
import hudson.AbortException;
import hudson.Extension;
import hudson.Launcher;
import hudson.model.AbstractBuild;
import hudson.model.AbstractProject;
import hudson.model.Action;
import hudson.model.BuildListener;
import hudson.model.Descriptor;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.BuildStepMonitor;
import hudson.tasks.Publisher;
import hudson.tasks.Recorder;
import hudson.util.ListBoxModel;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.StaplerRequest;

/* loaded from: input_file:com/aspectsecurity/contrast/contrastjenkins/VulnerabilityTrendRecorder.class */
public class VulnerabilityTrendRecorder extends Recorder {
    private List<ThresholdCondition> conditions;
    private String teamServerProfileName;
    private static final List<String> SEVERITIES = Arrays.asList("Note", "Low", "Medium", "High", "Critical");

    @Extension
    /* loaded from: input_file:com/aspectsecurity/contrast/contrastjenkins/VulnerabilityTrendRecorder$DescriptorImpl.class */
    public static class DescriptorImpl extends BuildStepDescriptor<Publisher> {
        private List<ThresholdCondition> conditions;

        public DescriptorImpl() {
            super(VulnerabilityTrendRecorder.class);
            load();
        }

        public ListBoxModel doFillTeamServerProfileNameItems() {
            ListBoxModel listBoxModel = new ListBoxModel();
            for (TeamServerProfile teamServerProfile : new ContrastPluginConfig.ContrastPluginConfigDescriptor().getTeamServerProfiles()) {
                listBoxModel.add(teamServerProfile.getName(), teamServerProfile.getName());
            }
            return listBoxModel;
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public String getDisplayName() {
            return "Verify Vulnerability Threshold";
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* renamed from: newInstance, reason: merged with bridge method [inline-methods] */
        public Publisher m6newInstance(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
            JSONArray optJSONArray = jSONObject.optJSONArray("conditions");
            if (optJSONArray != null) {
                this.conditions = staplerRequest.bindJSONToList(ThresholdCondition.class, optJSONArray);
            } else {
                this.conditions = new ArrayList();
                if (!jSONObject.keySet().isEmpty()) {
                    this.conditions.add(staplerRequest.bindJSON(ThresholdCondition.class, jSONObject.getJSONObject("conditions")));
                }
            }
            save();
            return new VulnerabilityTrendRecorder(this.conditions, (String) jSONObject.get("teamServerProfileName"));
        }

        public void setConditions(List<ThresholdCondition> list) {
            this.conditions = list;
        }
    }

    @DataBoundConstructor
    public VulnerabilityTrendRecorder(List<ThresholdCondition> list, String str) {
        this.conditions = list;
        this.teamServerProfileName = str;
    }

    public List<ThresholdCondition> getConditions() {
        return this.conditions;
    }

    public TeamServerProfile getProfile() {
        return getProfile(this.teamServerProfileName);
    }

    public String getTeamServerProfileName() {
        return this.teamServerProfileName;
    }

    private static TeamServerProfile getProfile(String str) {
        TeamServerProfile[] teamServerProfiles = new ContrastPluginConfig.ContrastPluginConfigDescriptor().getTeamServerProfiles();
        if (str == null && teamServerProfiles.length > 0) {
            return teamServerProfiles[0];
        }
        for (TeamServerProfile teamServerProfile : teamServerProfiles) {
            if (teamServerProfile.getName().equals(str)) {
                return teamServerProfile;
            }
        }
        return null;
    }

    public boolean perform(AbstractBuild<?, ?> abstractBuild, Launcher launcher, BuildListener buildListener) throws InterruptedException, IOException {
        Traces traceFilterByRule;
        logMessage(buildListener, "Checking the number of vulnerabilities for this application.");
        HashSet hashSet = new HashSet();
        TeamServerProfile profile = getProfile();
        if (profile.getApplicationName() == null) {
            throw new AbortException("An application name must be configured to check for vulnerabilities.");
        }
        if (profile.getOrgUuid() == null) {
            throw new AbortException("An organization id must be configured to check for vulnerabilities.");
        }
        if (profile.getServerName() == null) {
            throw new AbortException("A server name must be configured to check for vulnerabilities.");
        }
        ContrastSDK contrastSDK = new ContrastSDK(profile.getUsername(), profile.getServiceKey(), profile.getApiKey(), profile.getTeamServerUrl());
        String applicationId = getApplicationId(contrastSDK, profile.getOrgUuid(), profile.getApplicationName());
        long serverId = getServerId(contrastSDK, profile.getOrgUuid(), profile.getServerName(), applicationId);
        for (ThresholdCondition thresholdCondition : this.conditions) {
            logMessage(buildListener, "Checking the threshold condition where " + thresholdCondition.toString());
            int i = 0;
            try {
                FilterForm filterForm = new FilterForm();
                if (thresholdCondition.getThresholdSeverity() != null) {
                    filterForm.setSeverities(UrlBuilder.getSeverityList(thresholdCondition.getThresholdSeverity()));
                } else {
                    filterForm = null;
                }
                if (thresholdCondition.getThresholdVulnType() == null) {
                    traceFilterByRule = contrastSDK.getTracesWithFilter(profile.getOrgUuid(), applicationId, "servers", Long.toString(serverId), filterForm);
                } else {
                    traceFilterByRule = contrastSDK.getTraceFilterByRule(profile.getOrgUuid(), applicationId, thresholdCondition.getThresholdVulnType(), filterForm);
                    Iterator it = traceFilterByRule.getTraces().iterator();
                    while (it.hasNext()) {
                        if (((Trace) it.next()).getRule().equals(thresholdCondition.getThresholdVulnType())) {
                            i++;
                        }
                    }
                }
                hashSet.addAll(traceFilterByRule.getTraces());
                int parseInt = Integer.parseInt(thresholdCondition.getThresholdCount());
                if ((thresholdCondition.getThresholdVulnType() != null && i > parseInt) || traceFilterByRule.getCount().intValue() > parseInt) {
                    buildResult(hashSet, abstractBuild);
                    throw new AbortException("Failed on the threshold condition where " + thresholdCondition.toString());
                }
            } catch (Exception e) {
                logMessage(buildListener, e.getMessage());
                throw new AbortException("Unable to connect to TeamServer.");
            }
        }
        buildResult(hashSet, abstractBuild);
        logMessage(buildListener, "This build passes all vulnerability threshold conditions!");
        return true;
    }

    private void logMessage(BuildListener buildListener, String str) {
        buildListener.getLogger().println("[Contrast - VulnerabilityTrendRecorder] - " + str);
    }

    private String getApplicationId(ContrastSDK contrastSDK, String str, String str2) throws AbortException {
        try {
            for (Application application : contrastSDK.getApplications(str).getApplications()) {
                if (str2.equals(application.getName())) {
                    return application.getId();
                }
            }
            throw new AbortException("Application with name '" + str2 + "' not found.");
        } catch (IOException e) {
            throw new AbortException("Unable to retrieve the applications.");
        } catch (UnauthorizedException e2) {
            throw new AbortException("Unable to connect to TeamServer.");
        }
    }

    private long getServerId(ContrastSDK contrastSDK, String str, String str2, String str3) throws AbortException {
        ServerFilterForm serverFilterForm = new ServerFilterForm();
        serverFilterForm.setApplicationIds(Arrays.asList(str3));
        serverFilterForm.setQ(str2);
        try {
            Servers serversWithFilter = contrastSDK.getServersWithFilter(str, serverFilterForm);
            if (serversWithFilter.getServers().isEmpty()) {
                throw new AbortException("Server with name '" + str2 + "' not found.");
            }
            return ((Server) serversWithFilter.getServers().get(0)).getServerId();
        } catch (UnauthorizedException e) {
            throw new AbortException("Unable to connect to TeamServer.");
        } catch (IOException e2) {
            throw new AbortException("Unable to retrieve the servers.");
        }
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] and merged with bridge method [inline-methods] */
    public DescriptorImpl m5getDescriptor() {
        return (DescriptorImpl) super.getDescriptor();
    }

    public BuildStepMonitor getRequiredMonitorService() {
        return BuildStepMonitor.NONE;
    }

    public Action getProjectAction(AbstractProject<?, ?> abstractProject) {
        return new VulnerabilityTrendProjectAction(abstractProject);
    }

    private void buildResult(Set<Trace> set, AbstractBuild<?, ?> abstractBuild) {
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        for (Trace trace : set) {
            if (hashMap2.containsKey(trace.getSeverity())) {
                hashMap2.put(trace.getSeverity(), Integer.valueOf(((Integer) hashMap2.get(trace.getSeverity())).intValue() + 1));
            } else {
                hashMap2.put(trace.getSeverity(), 1);
            }
            if (hashMap.containsKey(trace.getRule())) {
                hashMap.put(trace.getRule(), Integer.valueOf(((Integer) hashMap.get(trace.getRule())).intValue() + 1));
            } else {
                hashMap.put(trace.getRule(), 1);
            }
        }
        for (String str : SEVERITIES) {
            if (!hashMap2.containsKey(str)) {
                hashMap2.put(str, 0);
            }
        }
        abstractBuild.addAction(new VulnerabilityFrequencyAction(new VulnerabilityTrendResult(hashMap, hashMap2), abstractBuild));
    }
}
