package com.aspectsecurity.contrast.contrastjenkins;

import com.contrastsecurity.exceptions.UnauthorizedException;
import com.contrastsecurity.http.TraceFilterForm;
import com.contrastsecurity.models.Application;
import com.contrastsecurity.models.Traces;
import com.contrastsecurity.sdk.ContrastSDK;
import com.google.inject.Inject;
import hudson.AbortException;
import hudson.Extension;
import hudson.model.Result;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.util.ListBoxModel;
import java.io.IOException;
import java.util.Collections;
import java.util.Map;
import jenkins.model.Jenkins;
import org.jenkinsci.plugins.workflow.steps.AbstractStepDescriptorImpl;
import org.jenkinsci.plugins.workflow.steps.AbstractStepImpl;
import org.jenkinsci.plugins.workflow.steps.AbstractSynchronousStepExecution;
import org.jenkinsci.plugins.workflow.steps.Step;
import org.jenkinsci.plugins.workflow.steps.StepContextParameter;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;

/* loaded from: input_file:WEB-INF/lib/contrast-continuous-application-security.jar:com/aspectsecurity/contrast/contrastjenkins/VulnerabilityTrendStep.class */
public class VulnerabilityTrendStep extends AbstractStepImpl {
    private String profile;
    private int count;
    private String rule;
    private String severity;
    private String applicationName;

    /* loaded from: input_file:WEB-INF/lib/contrast-continuous-application-security.jar:com/aspectsecurity/contrast/contrastjenkins/VulnerabilityTrendStep$Execution.class */
    public static class Execution extends AbstractSynchronousStepExecution<Void> {
        private static final long serialVersionUID = 1;

        @StepContextParameter
        transient Run<?, ?> build;

        @StepContextParameter
        transient TaskListener taskListener;

        @Inject
        transient VulnerabilityTrendStep step;

        /* renamed from: run, reason: merged with bridge method [inline-methods] */
        public Void m12run() throws AbortException {
            TeamServerProfile profile = VulnerabilityTrendHelper.getProfile(this.step.getProfile());
            if (profile == null) {
                VulnerabilityTrendHelper.logMessage(this.taskListener, "Unable to find TeamServer profile.");
                throw new AbortException("Unable to find TeamServer profile.");
            }
            if (this.step.getApplicationName() == null || this.step.getApplicationName().isEmpty()) {
                this.step.setApplicationName(getBuildName());
            }
            VulnerabilityTrendHelper.logMessage(this.taskListener, "Checking the number of vulnerabilities for " + this.step.getApplicationName());
            ContrastSDK createSDK = VulnerabilityTrendHelper.createSDK(profile.getUsername(), profile.getServiceKey(), profile.getApiKey(), profile.getTeamServerUrl());
            String applicationId = VulnerabilityTrendStep.getApplicationId(createSDK, profile.getOrgUuid(), this.step.getApplicationName());
            if (applicationId != null && applicationId.equals("")) {
                VulnerabilityTrendHelper.logMessage(this.taskListener, "Application with name '" + this.step.getApplicationName() + "' not found.");
                if (profile.isFailOnWrongApplicationName()) {
                    throw new AbortException("Application with name '" + this.step.getApplicationName() + "' not found.");
                }
            }
            String buildStepString = this.step.buildStepString();
            VulnerabilityTrendHelper.logMessage(this.taskListener, "Checking the step condition where " + buildStepString);
            try {
                TraceFilterForm traceFilterForm = new TraceFilterForm();
                if (this.step.getApplicationName() != null) {
                    traceFilterForm.setAppVersionTags(Collections.singletonList(VulnerabilityTrendHelper.buildAppVersionTag(this.build, this.step.getApplicationName())));
                }
                if (this.step.getSeverity() != null) {
                    traceFilterForm.setSeverities(VulnerabilityTrendHelper.getSeverityList(this.step.getSeverity()));
                }
                if (this.step.getRule() != null) {
                    traceFilterForm.setVulnTypes(Collections.singletonList(this.step.getRule()));
                }
                Traces tracesInOrg = createSDK.getTracesInOrg(profile.getOrgUuid(), traceFilterForm);
                if (tracesInOrg.getCount().intValue() <= this.step.getCount()) {
                    VulnerabilityTrendHelper.logMessage(this.taskListener, "This step has passed successfully");
                    return null;
                }
                Result fromString = Result.fromString(profile.getVulnerableBuildResult());
                VulnerabilityTrendHelper.logMessage(this.taskListener, "Failed on the condition where " + buildStepString);
                VulnerabilityTrendHelper.logMessage(this.taskListener, VulnerabilityTrendHelper.getVulnerabilityInfoString(tracesInOrg));
                if (fromString.toString().equals(Result.FAILURE.toString())) {
                    throw new AbortException("Failed on the condition where " + buildStepString);
                }
                this.build.setResult(fromString);
                return null;
            } catch (Exception e) {
                VulnerabilityTrendHelper.logMessage(this.taskListener, e.getMessage());
                throw new AbortException("Unable to retrieve vulnerability information from TeamServer.");
            }
        }

        String getBuildName() {
            return this.build.getParent().getDisplayName();
        }
    }

    @Extension
    /* loaded from: input_file:WEB-INF/lib/contrast-continuous-application-security.jar:com/aspectsecurity/contrast/contrastjenkins/VulnerabilityTrendStep$VulnerabilityTrendStepDescriptorImpl.class */
    public static class VulnerabilityTrendStepDescriptorImpl extends AbstractStepDescriptorImpl {
        public VulnerabilityTrendStepDescriptorImpl() {
            super(Execution.class);
        }

        public String getFunctionName() {
            return "contrastVerification";
        }

        public String getDisplayName() {
            return "Verify vulnerabilities in a build";
        }

        public Step newInstance(Map<String, Object> map) {
            VulnerabilityTrendStep vulnerabilityTrendStep = new VulnerabilityTrendStep();
            if (map.containsKey("profile")) {
                Object obj = map.get("profile");
                if (obj == null) {
                    throw new IllegalArgumentException("Profile must be set.");
                }
                vulnerabilityTrendStep.setProfile((String) obj);
            }
            if (map.containsKey("count")) {
                Object obj2 = map.get("count");
                if (obj2 == null) {
                    throw new IllegalArgumentException("Count must be set.");
                }
                vulnerabilityTrendStep.setCount(((Integer) obj2).intValue());
            }
            if (map.containsKey("rule")) {
                vulnerabilityTrendStep.setRule((String) map.get("rule"));
            }
            if (map.containsKey("severity")) {
                vulnerabilityTrendStep.setSeverity((String) map.get("severity"));
            }
            if (map.containsKey("applicationName")) {
                vulnerabilityTrendStep.setApplicationName((String) map.get("applicationName"));
            }
            return vulnerabilityTrendStep;
        }

        public ListBoxModel doFillProfileItems() {
            return VulnerabilityTrendHelper.getProfileNames();
        }

        public ListBoxModel doFillRuleItems(@QueryParameter("teamServerProfileName") String str) {
            return VulnerabilityTrendHelper.getVulnerabilityTypes(str);
        }

        public ListBoxModel doFillSeverityItems() {
            return VulnerabilityTrendHelper.getSeverityListBoxModel();
        }
    }

    @DataBoundSetter
    public void setProfile(String str) {
        this.profile = str;
    }

    @DataBoundSetter
    public void setCount(int i) {
        this.count = i;
    }

    @DataBoundSetter
    public void setRule(String str) {
        this.rule = str;
    }

    @DataBoundSetter
    public void setSeverity(String str) {
        this.severity = str;
    }

    @DataBoundSetter
    public void setApplicationName(String str) {
        this.applicationName = str;
    }

    @DataBoundConstructor
    public VulnerabilityTrendStep(String str, int i, String str2, String str3, String str4) {
        this.profile = str;
        this.count = i;
        this.rule = str2;
        this.severity = str3;
        this.applicationName = str4;
    }

    public VulnerabilityTrendStep() {
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] and merged with bridge method [inline-methods] */
    public VulnerabilityTrendStepDescriptorImpl m11getDescriptor() {
        Jenkins jenkins = Jenkins.getInstance();
        if (jenkins != null) {
            return jenkins.getDescriptor(getClass());
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String buildStepString() {
        StringBuilder sb = new StringBuilder();
        sb.append("count is ").append(this.count);
        if (this.severity != null) {
            sb.append(", severity is ").append(this.severity);
        }
        if (this.rule != null) {
            sb.append(", rule type is ").append(this.rule);
        }
        if (this.applicationName != null) {
            sb.append(", applicationName is ").append(this.applicationName);
        }
        sb.append(".");
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getApplicationId(ContrastSDK contrastSDK, String str, String str2) {
        try {
            for (Application application : contrastSDK.getApplications(str).getApplications()) {
                if (str2.equals(application.getName())) {
                    return application.getId();
                }
            }
            return "";
        } catch (UnauthorizedException | IOException e) {
            return "";
        }
    }

    public String getProfile() {
        return this.profile;
    }

    public int getCount() {
        return this.count;
    }

    public String getRule() {
        return this.rule;
    }

    public String getSeverity() {
        return this.severity;
    }

    public String getApplicationName() {
        return this.applicationName;
    }
}
