package org.jenkinsci.plugins.fodupload.controllers;

import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.util.IOUtils;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import okhttp3.HttpUrl;
import okhttp3.MediaType;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.plugins.fodupload.FodApiConnection;
import org.jenkinsci.plugins.fodupload.Json;
import org.jenkinsci.plugins.fodupload.Utils;
import org.jenkinsci.plugins.fodupload.models.ApplicationAttributeModel;
import org.jenkinsci.plugins.fodupload.models.AttributeDefinition;
import org.jenkinsci.plugins.fodupload.models.FodEnums;
import org.jenkinsci.plugins.fodupload.models.JobModel;
import org.jenkinsci.plugins.fodupload.models.PicklistValue;
import org.jenkinsci.plugins.fodupload.models.PostReleaseWithUpsertApplicationModel;
import org.jenkinsci.plugins.fodupload.models.PostReleaseWithUpsertApplicationResponseModel;
import org.jenkinsci.plugins.fodupload.models.PutStaticScanSetupModel;
import org.jenkinsci.plugins.fodupload.models.response.FodAttributeMapItem;
import org.jenkinsci.plugins.fodupload.models.response.GenericErrorResponse;
import org.jenkinsci.plugins.fodupload.models.response.GetStaticScanSetupResponse;
import org.jenkinsci.plugins.fodupload.models.response.PostStartScanResponse;
import org.jenkinsci.plugins.fodupload.models.response.PutStaticScanSetupResponse;
import org.jenkinsci.plugins.fodupload.models.response.StartScanResponse;

/* loaded from: input_file:org/jenkinsci/plugins/fodupload/controllers/StaticScanController.class */
public class StaticScanController extends ControllerBase {
    private static final int EXPRESS_SCAN_PREFERENCE_ID = 2;
    private static final int EXPRESS_AUDIT_PREFERENCE_ID = 2;
    private static final int MAX_NOTES_LENGTH = 250;
    private static final int CHUNK_SIZE = 1048576;
    private DateTimeFormatter dateFormat;

    public StaticScanController(FodApiConnection fodApiConnection, PrintStream printStream, String str) {
        super(fodApiConnection, printStream, str);
        this.dateFormat = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss.SSS");
    }

    @SuppressFBWarnings(value = {"REC_CATCH_EXCEPTION"}, justification = "The intent of the catch-all is to make sure that the Jenkins user and logs show the plugin's problem in the build log.")
    public StartScanResponse startStaticScan(Integer num, JobModel jobModel, String str) {
        FileInputStream fileInputStream;
        Throwable th;
        byte[] bArr;
        int i;
        long j;
        InputStream resourceAsStream;
        Throwable th2;
        byte[] bArr2;
        StartScanResponse startScanResponse = new StartScanResponse();
        File payload = jobModel.getPayload();
        try {
            fileInputStream = new FileInputStream(payload);
            th = null;
            try {
                bArr = new byte[CHUNK_SIZE];
                i = 0;
                j = 0;
                if (this.apiConnection.getToken() == null) {
                    this.apiConnection.authenticate();
                }
                println("Getting Assessment");
                resourceAsStream = getClass().getResourceAsStream("/application.properties");
                th2 = null;
            } finally {
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
            }
        } catch (Exception e) {
            printStackTrace(e);
            startScanResponse.uploadNotSuccessful();
            return startScanResponse;
        }
        try {
            try {
                Properties properties = new Properties();
                properties.load(resourceAsStream);
                String property = properties.getProperty("application.version", "Not Found");
                if (resourceAsStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th4) {
                            th2.addSuppressed(th4);
                        }
                    } else {
                        resourceAsStream.close();
                    }
                }
                HttpUrl.Builder newBuilder = HttpUrl.parse(this.apiConnection.getApiUrl()).newBuilder();
                if (!Utils.isNullOrEmpty(jobModel.getSelectedReleaseType())) {
                    switch (FodEnums.SelectedReleaseType.valueOf(jobModel.getSelectedReleaseType())) {
                        case UseReleaseId:
                        case UseAppAndReleaseName:
                            buildReleaseSettingsRequest(newBuilder, num, jobModel);
                            break;
                        case UseBsiToken:
                            buildBsiRequest(newBuilder, jobModel);
                            break;
                        default:
                            throw new IllegalArgumentException("Invalid job model");
                    }
                } else {
                    if (!jobModel.getIsPipeline().booleanValue()) {
                        throw new IllegalArgumentException("Invalid job model");
                    }
                    if (!Utils.isNullOrEmpty(jobModel.getBsiTokenOriginal()) && num.intValue() <= 0) {
                        buildBsiRequest(newBuilder, jobModel);
                    } else if (num == null || num.intValue() < 1) {
                        num = upsertApplicationAndRelease(jobModel);
                    }
                    if (num.intValue() > 0) {
                        buildPipelineRequest(newBuilder, num, jobModel);
                    }
                }
                newBuilder.addQueryParameter("inProgressScanActionType", jobModel.getInProgressScanActionType()).addQueryParameter("purchaseEntitlement", Boolean.toString(jobModel.isPurchaseEntitlements())).addQueryParameter("inProgressScanActionType", jobModel.getInProgressScanActionType()).addQueryParameter("scanMethodType", "CICD").addQueryParameter("scanTool", "Jenkins").addQueryParameter("scanToolVersion", property);
                if (!Utils.isNullOrEmpty(str)) {
                    newBuilder.addQueryParameter("notes", StringUtils.left(str, MAX_NOTES_LENGTH));
                }
                String httpUrl = newBuilder.build().toString();
                println("TOTAL FILE SIZE = " + payload.length());
                println("CHUNK_SIZE = 1048576");
                while (true) {
                    int read = fileInputStream.read(bArr);
                    if (read == -1) {
                        println(getLogTimestamp() + " Payload upload complete");
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th5) {
                                    th.addSuppressed(th5);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        startScanResponse.uploadNotSuccessful();
                        return startScanResponse;
                    }
                    if (read < CHUNK_SIZE) {
                        bArr2 = Arrays.copyOf(bArr, read);
                        i = -1;
                    } else {
                        bArr2 = bArr;
                    }
                    int i2 = i;
                    i++;
                    Request build = new Request.Builder().addHeader("Authorization", "Bearer " + this.apiConnection.getToken()).addHeader("Content-Type", "application/octet-stream").addHeader("Accept", "application/json").addHeader("CorrelationId", getCorrelationId()).url(httpUrl + "&fragNo=" + i2 + "&offset=" + j).post(RequestBody.create(MediaType.parse("application/octet-stream"), bArr2)).build();
                    println(getLogTimestamp() + " Uploading fragment " + i);
                    Response execute = this.apiConnection.getClient().newCall(build).execute();
                    if (execute.code() == 403 || execute.code() == 401) {
                        String rawBody = this.apiConnection.getRawBody(execute);
                        if (Utils.isNullOrEmpty(rawBody)) {
                            println(getLogTimestamp() + " Uploading fragment failed, reauthenticating");
                        } else {
                            println(getLogTimestamp() + " Uploading fragment failed, reauthenticating \n" + rawBody);
                        }
                        this.apiConnection.authenticate();
                    } else {
                        j += read;
                        if (i % 5 == 0) {
                            println(getLogTimestamp() + " Upload Status - Fragment No: " + i + ", Bytes sent: " + j + " (Response: " + execute.code() + ")");
                        }
                        if (execute.code() != 202) {
                            String iOUtils = IOUtils.toString(execute.body().byteStream(), "utf-8");
                            Gson gson = new Gson();
                            if (execute.code() == 200) {
                                PostStartScanResponse postStartScanResponse = (PostStartScanResponse) gson.fromJson(iOUtils, PostStartScanResponse.class);
                                println(getLogTimestamp() + " Scan " + postStartScanResponse.getScanId() + " uploaded successfully. Total bytes sent: " + j);
                                startScanResponse.uploadSuccessfulScanStarting(postStartScanResponse.getScanId());
                                if (fileInputStream != null) {
                                    if (0 != 0) {
                                        try {
                                            fileInputStream.close();
                                        } catch (Throwable th6) {
                                            th.addSuppressed(th6);
                                        }
                                    } else {
                                        fileInputStream.close();
                                    }
                                }
                                return startScanResponse;
                            }
                            if (!execute.isSuccessful()) {
                                println(getLogTimestamp() + " An error occurred during the upload.");
                                GenericErrorResponse genericErrorResponse = (GenericErrorResponse) gson.fromJson(iOUtils, GenericErrorResponse.class);
                                if (genericErrorResponse == null) {
                                    if (Utils.isNullOrEmpty(iOUtils)) {
                                        println(getLogTimestamp() + " No response body from api");
                                    } else {
                                        println(getLogTimestamp() + " Raw response\n" + iOUtils);
                                    }
                                    startScanResponse.uploadNotSuccessful();
                                } else if (genericErrorResponse.toString().contains("Can not start scan another scan is in progress")) {
                                    startScanResponse.uploadSuccessfulScanNotStarted();
                                } else {
                                    println(getLogTimestamp() + " Package upload failed for the following reasons: ");
                                    println(genericErrorResponse.toString());
                                    startScanResponse.uploadNotSuccessful();
                                }
                                return startScanResponse;
                            }
                        }
                        execute.body().close();
                    }
                    printStackTrace(e);
                    startScanResponse.uploadNotSuccessful();
                    return startScanResponse;
                }
            } finally {
            }
        } catch (Throwable th7) {
            if (resourceAsStream != null) {
                if (th2 != null) {
                    try {
                        resourceAsStream.close();
                    } catch (Throwable th8) {
                        th2.addSuppressed(th8);
                    }
                } else {
                    resourceAsStream.close();
                }
            }
            throw th7;
        }
    }

    private String getLogTimestamp() {
        return this.dateFormat.format(LocalDateTime.now());
    }

    private void buildBsiRequest(HttpUrl.Builder builder, JobModel jobModel) {
        builder.addPathSegments(String.format("/api/v3/releases/%d/static-scans/start-scan-advanced", Integer.valueOf(jobModel.getBsiToken().getReleaseId()))).addQueryParameter("entitlementPreferenceType", jobModel.getEntitlementPreference()).addQueryParameter("remdiationScanPreferenceType", jobModel.getRemediationScanPreferenceType()).addQueryParameter("bsiToken", jobModel.getBsiTokenOriginal());
    }

    private void buildReleaseSettingsRequest(HttpUrl.Builder builder, Integer num, JobModel jobModel) {
        builder.addPathSegments(String.format("/api/v3/releases/%d/static-scans/start-scan-advanced-with-defaults", num)).addQueryParameter("remediationScanPreferenceType", jobModel.getRemediationScanPreferenceType());
    }

    private void buildPipelineRequest(HttpUrl.Builder builder, Integer num, JobModel jobModel) {
        builder.addPathSegments(String.format("/api/v3/releases/%d/static-scans/start-scan-advanced-with-defaults", num));
        if (!Utils.isNullOrEmpty(jobModel.getAssessmentType())) {
            builder.addQueryParameter("assessmentTypeId", jobModel.getAssessmentType());
        }
        if (!Utils.isNullOrEmpty(jobModel.getEntitlementId())) {
            builder.addQueryParameter("entitlementId", jobModel.getEntitlementId());
        }
        if (!Utils.isNullOrEmpty(jobModel.getFrequencyId())) {
            builder.addQueryParameter("entitlementFrequencyType", jobModel.getFrequencyId());
        }
        if (!Utils.isNullOrEmpty(jobModel.getOpenSourceScan())) {
            builder.addQueryParameter("doSonatypeScan", Utils.isNullOrEmpty(jobModel.getOpenSourceScan()) ? "false" : jobModel.getOpenSourceScan());
        }
        if (!Utils.isNullOrEmpty(jobModel.getAuditPreference())) {
            builder.addQueryParameter("auditPreferenceType", jobModel.getAuditPreference());
        }
        if (!Utils.isNullOrEmpty(jobModel.getTechnologyStack())) {
            builder.addQueryParameter("technologyTypeId", jobModel.getTechnologyStack());
        }
        if (!Utils.isNullOrEmpty(jobModel.getLanguageLevel())) {
            builder.addQueryParameter("technologyVersionTypeId", jobModel.getLanguageLevel());
        }
        if (Utils.isNullOrEmpty(jobModel.getRemediationScanPreferenceType())) {
            return;
        }
        builder.addQueryParameter("remediationScanPreferenceType", jobModel.getRemediationScanPreferenceType());
    }

    /* JADX WARN: Type inference failed for: r2v12, types: [org.jenkinsci.plugins.fodupload.controllers.StaticScanController$1] */
    private Integer upsertApplicationAndRelease(JobModel jobModel) throws Exception {
        Integer releaseIdByName = new ReleaseController(this.apiConnection, this.logger, this.correlationId).getReleaseIdByName(jobModel.getApplicationName(), jobModel.getReleaseName(), jobModel.getIsMicroservice(), jobModel.getMicroserviceName());
        if (releaseIdByName != null) {
            println("Existing release found matching " + jobModel.getApplicationName() + " " + jobModel.getReleaseName());
            return releaseIdByName;
        }
        println("Provisioning application and release");
        PostReleaseWithUpsertApplicationModel postReleaseWithUpsertApplicationModel = new PostReleaseWithUpsertApplicationModel();
        postReleaseWithUpsertApplicationModel.setApplicationName(jobModel.getApplicationName());
        postReleaseWithUpsertApplicationModel.setApplicationType(jobModel.getApplicationType());
        postReleaseWithUpsertApplicationModel.setReleaseName(jobModel.getReleaseName());
        postReleaseWithUpsertApplicationModel.setOwnerId(jobModel.getOwner());
        postReleaseWithUpsertApplicationModel.setBusinessCriticalityType(jobModel.getBusinessCriticality());
        postReleaseWithUpsertApplicationModel.setSdlcStatusType(jobModel.getSdlcStatus());
        if (jobModel.getIsMicroservice().booleanValue()) {
            postReleaseWithUpsertApplicationModel.setHasMicroservices(jobModel.getIsMicroservice());
            postReleaseWithUpsertApplicationModel.setReleaseMicroserviceName(jobModel.getMicroserviceName());
            ArrayList arrayList = new ArrayList();
            arrayList.add(jobModel.getMicroserviceName());
            postReleaseWithUpsertApplicationModel.setMicroservices(arrayList);
        }
        if (!Utils.isNullOrEmpty(jobModel.getAttributes())) {
            String[] split = jobModel.getAttributes().split(";");
            HashMap hashMap = new HashMap();
            for (String str : split) {
                String[] split2 = str.split(":");
                if (split2.length != 2 || hashMap.containsKey(split2[0])) {
                    throw new Exception("Failure parsing application attributes");
                }
                hashMap.put(split2[0], split2[1]);
            }
            for (FodAttributeMapItem fodAttributeMapItem : mapAttributesToFod(hashMap)) {
                postReleaseWithUpsertApplicationModel.getAttributes().add(new ApplicationAttributeModel(Integer.valueOf(fodAttributeMapItem.getDefinition().getId()), fodAttributeMapItem.getValue()));
            }
        }
        Request build = new Request.Builder().url(HttpUrl.parse(this.apiConnection.getApiUrl()).newBuilder().addPathSegments("/api/v3/releases/releaseWithUpsertApplication").build()).addHeader("Accept", "application/json").addHeader("CorrelationId", getCorrelationId()).post(RequestBody.create(MediaType.parse("application/json"), Json.getInstance().toJson(postReleaseWithUpsertApplicationModel))).build();
        println("Submitting application and release model");
        Response request = this.apiConnection.request(build);
        if (request.code() >= 300) {
            throw new Exception("Failed to create application and/or release: \n" + this.apiConnection.getRawBody(request));
        }
        PostReleaseWithUpsertApplicationResponseModel postReleaseWithUpsertApplicationResponseModel = (PostReleaseWithUpsertApplicationResponseModel) this.apiConnection.parseResponse(request, new TypeToken<PostReleaseWithUpsertApplicationResponseModel>() { // from class: org.jenkinsci.plugins.fodupload.controllers.StaticScanController.1
        }.getType());
        if (!postReleaseWithUpsertApplicationResponseModel.getSuccess().booleanValue()) {
            throw new Exception("Failed to create application and/or release: \n" + String.join("\n", postReleaseWithUpsertApplicationResponseModel.getErrors()));
        }
        println("Provisioning successful. Release Id: " + postReleaseWithUpsertApplicationResponseModel.getReleaseId());
        return postReleaseWithUpsertApplicationResponseModel.getReleaseId();
    }

    public List<FodAttributeMapItem> mapAttributesToFod(Map<String, String> map) throws Exception {
        List<AttributeDefinition> attributeDefinitions = new AttributesController(this.apiConnection, this.logger, this.correlationId).getAttributeDefinitions();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            Iterator<AttributeDefinition> it = attributeDefinitions.iterator();
            while (true) {
                if (it.hasNext()) {
                    AttributeDefinition next = it.next();
                    if (entry.getKey().equals(next.getName())) {
                        if (next.getAttributeDataType().equalsIgnoreCase("Picklist")) {
                            ArrayList arrayList3 = new ArrayList();
                            for (PicklistValue picklistValue : next.getPicklistValues()) {
                                arrayList3.add(picklistValue.getName());
                            }
                            if (arrayList3.contains(entry.getValue())) {
                                arrayList.add(new FodAttributeMapItem(entry.getKey(), entry.getValue(), next));
                            } else {
                                arrayList2.add(entry.getKey());
                            }
                        } else if (next.getAttributeDataType().equalsIgnoreCase("Boolean")) {
                            if (Pattern.compile("true|false", 2).matcher(entry.getValue()).matches()) {
                                arrayList.add(new FodAttributeMapItem(entry.getKey(), entry.getValue(), next));
                            } else {
                                arrayList2.add(entry.getKey() + " : true/false");
                            }
                        } else if (next.getAttributeDataType().equalsIgnoreCase("User")) {
                            ArrayList arrayList4 = new ArrayList();
                            ArrayList arrayList5 = new ArrayList();
                            for (PicklistValue picklistValue2 : next.getPicklistValues()) {
                                arrayList4.add(picklistValue2.getName());
                                arrayList4.add(String.valueOf(picklistValue2.getId()));
                                arrayList5.add(String.valueOf(picklistValue2.getId()) + "-" + picklistValue2.getName());
                            }
                            if (arrayList4.contains(entry.getValue())) {
                                arrayList.add(new FodAttributeMapItem(entry.getKey(), entry.getValue(), next));
                            } else {
                                arrayList2.add(entry.getKey() + " : " + ((String) arrayList5.stream().collect(Collectors.joining(","))));
                            }
                        } else {
                            arrayList.add(new FodAttributeMapItem(entry.getKey(), entry.getValue(), next));
                        }
                    }
                }
            }
        }
        if (arrayList2.size() > 0) {
            throw new Exception(String.format("Invalid PickList Attributes/Values for the following Picklist Attribute/s - %s", arrayList2.stream().collect(Collectors.joining(" & "))));
        }
        return arrayList;
    }

    /* JADX WARN: Type inference failed for: r0v33, types: [org.jenkinsci.plugins.fodupload.controllers.StaticScanController$2] */
    @Deprecated
    public GetStaticScanSetupResponse getStaticScanSettingsOld(Integer num) throws IOException {
        if (this.apiConnection.getToken() == null) {
            this.apiConnection.authenticate();
        }
        Response execute = this.apiConnection.getClient().newCall(new Request.Builder().url(HttpUrl.parse(this.apiConnection.getApiUrl()).newBuilder().addPathSegments(String.format("/api/v3/releases/%d/static-scans/scan-setup", num)).build().toString()).addHeader("Authorization", "Bearer " + this.apiConnection.getToken()).addHeader("Accept", "application/json").addHeader("CorrelationId", getCorrelationId()).get().build()).execute();
        if (!execute.isSuccessful()) {
            return null;
        }
        String iOUtils = IOUtils.toString(execute.body().byteStream(), "utf-8");
        execute.body().close();
        return (GetStaticScanSetupResponse) new Gson().fromJson(iOUtils, new TypeToken<GetStaticScanSetupResponse>() { // from class: org.jenkinsci.plugins.fodupload.controllers.StaticScanController.2
        }.getType());
    }

    /* JADX WARN: Type inference failed for: r2v5, types: [org.jenkinsci.plugins.fodupload.controllers.StaticScanController$3] */
    public GetStaticScanSetupResponse getStaticScanSettings(Integer num) throws IOException {
        return (GetStaticScanSetupResponse) this.apiConnection.requestTyped(new Request.Builder().url(this.apiConnection.urlBuilder().addPathSegments(String.format("/api/v3/releases/%d/static-scans/scan-setup", num)).build()).addHeader("Accept", "application/json").addHeader("CorrelationId", getCorrelationId()).get().build(), new TypeToken<GetStaticScanSetupResponse>() { // from class: org.jenkinsci.plugins.fodupload.controllers.StaticScanController.3
        }.getType());
    }

    /* JADX WARN: Type inference failed for: r2v12, types: [org.jenkinsci.plugins.fodupload.controllers.StaticScanController$4] */
    public PutStaticScanSetupResponse putStaticScanSettings(Integer num, PutStaticScanSetupModel putStaticScanSetupModel) throws IOException {
        Response request = this.apiConnection.request(new Request.Builder().url(this.apiConnection.urlBuilder().addPathSegments("/api/v3/releases/" + num + "/static-scans/scan-setup").build()).addHeader("Accept", "application/json").addHeader("CorrelationId", getCorrelationId()).put(RequestBody.create(MediaType.parse("application/json"), Json.getInstance().toJson(putStaticScanSetupModel))).build());
        if (request.code() < 300) {
            return (PutStaticScanSetupResponse) this.apiConnection.parseResponse(request, new TypeToken<PutStaticScanSetupResponse>() { // from class: org.jenkinsci.plugins.fodupload.controllers.StaticScanController.4
            }.getType());
        }
        String rawBody = this.apiConnection.getRawBody(request);
        List<String> unexpectedServerResponseErrors = Utils.unexpectedServerResponseErrors();
        if (rawBody.isEmpty()) {
            unexpectedServerResponseErrors.add("API empty response");
        } else {
            unexpectedServerResponseErrors.add("Raw API response:\n" + rawBody);
        }
        return new PutStaticScanSetupResponse(false, null, unexpectedServerResponseErrors, null);
    }
}
