package org.jenkinsci.plugins.fodupload.controllers;

import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import okhttp3.HttpUrl;
import okhttp3.MediaType;
import okhttp3.Request;
import okhttp3.RequestBody;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.plugins.fodupload.FodApi.FodApiConnection;
import org.jenkinsci.plugins.fodupload.FodApi.ResponseContent;
import org.jenkinsci.plugins.fodupload.Json;
import org.jenkinsci.plugins.fodupload.Utils;
import org.jenkinsci.plugins.fodupload.models.ApplicationAttributeModel;
import org.jenkinsci.plugins.fodupload.models.AttributeDefinition;
import org.jenkinsci.plugins.fodupload.models.FodEnums;
import org.jenkinsci.plugins.fodupload.models.PicklistValue;
import org.jenkinsci.plugins.fodupload.models.PostReleaseWithUpsertApplicationModel;
import org.jenkinsci.plugins.fodupload.models.PostReleaseWithUpsertApplicationResponseModel;
import org.jenkinsci.plugins.fodupload.models.PutStaticScanSetupModel;
import org.jenkinsci.plugins.fodupload.models.SastJobModel;
import org.jenkinsci.plugins.fodupload.models.response.FodAttributeMapItem;
import org.jenkinsci.plugins.fodupload.models.response.GetStaticScanSetupResponse;
import org.jenkinsci.plugins.fodupload.models.response.PutStaticScanSetupResponse;
import org.jenkinsci.plugins.fodupload.models.response.StartScanResponse;

/* loaded from: input_file:org/jenkinsci/plugins/fodupload/controllers/StaticScanController.class */
public class StaticScanController extends ControllerBase {
    private static final int EXPRESS_SCAN_PREFERENCE_ID = 2;
    private static final int EXPRESS_AUDIT_PREFERENCE_ID = 2;
    private static final int MAX_NOTES_LENGTH = 250;
    private DateTimeFormatter dateFormat;

    public StaticScanController(FodApiConnection fodApiConnection, PrintStream printStream, String str) {
        super(fodApiConnection, printStream, str);
        this.dateFormat = DateTimeFormatter.ofPattern(Utils.getLogTimestampFormat());
    }

    @SuppressFBWarnings(value = {"REC_CATCH_EXCEPTION"}, justification = "The intent of the catch-all is to make sure that the Jenkins user and logs show the plugin's problem in the build log.")
    public StartScanResponse startStaticScan(Integer num, SastJobModel sastJobModel, String str) {
        try {
            println("Getting Assessment");
            InputStream resourceAsStream = getClass().getResourceAsStream("/application.properties");
            try {
                Properties properties = new Properties();
                properties.load(resourceAsStream);
                String property = properties.getProperty("application.version", "Not Found");
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                HttpUrl.Builder newBuilder = HttpUrl.parse(this.apiConnection.getApiUrl()).newBuilder();
                if (!Utils.isNullOrEmpty(sastJobModel.getSelectedReleaseType())) {
                    switch (FodEnums.SelectedReleaseType.valueOf(sastJobModel.getSelectedReleaseType())) {
                        case UseReleaseId:
                        case UseAppAndReleaseName:
                            buildReleaseSettingsRequest(newBuilder, num, sastJobModel);
                            break;
                        case UseBsiToken:
                            buildBsiRequest(newBuilder, sastJobModel);
                            break;
                        default:
                            throw new IllegalArgumentException("Invalid job model");
                    }
                } else {
                    if (!sastJobModel.getIsPipeline().booleanValue()) {
                        throw new IllegalArgumentException("Invalid job model");
                    }
                    if (!Utils.isNullOrEmpty(sastJobModel.getBsiTokenOriginal()) && num.intValue() <= 0) {
                        buildBsiRequest(newBuilder, sastJobModel);
                    } else if (num == null || num.intValue() < 1) {
                        num = upsertApplicationAndRelease(sastJobModel);
                    }
                    if (num.intValue() > 0) {
                        buildPipelineRequest(newBuilder, num, sastJobModel);
                    }
                }
                newBuilder.addQueryParameter("inProgressScanActionType", sastJobModel.getInProgressScanActionType()).addQueryParameter("purchaseEntitlement", Boolean.toString(sastJobModel.isPurchaseEntitlements())).addQueryParameter("inProgressScanActionType", sastJobModel.getInProgressScanActionType()).addQueryParameter("scanMethodType", "CICD").addQueryParameter("scanTool", "Jenkins").addQueryParameter("scanToolVersion", property);
                if (!Utils.isNullOrEmpty(str)) {
                    newBuilder.addQueryParameter("notes", StringUtils.left(str, MAX_NOTES_LENGTH));
                }
                return this.apiConnection.getScanPayloadUploadInstance(sastJobModel, this.correlationId, newBuilder.build().toString(), this.logger).performUpload();
            } finally {
            }
        } catch (Exception e) {
            printStackTrace(e);
            StartScanResponse startScanResponse = new StartScanResponse();
            startScanResponse.uploadNotSuccessful();
            return startScanResponse;
        }
    }

    private String getLogTimestamp() {
        return this.dateFormat.format(LocalDateTime.now());
    }

    private void buildBsiRequest(HttpUrl.Builder builder, SastJobModel sastJobModel) {
        builder.addPathSegments(String.format("/api/v3/releases/%d/static-scans/start-scan-advanced", Integer.valueOf(sastJobModel.getBsiToken().getReleaseId()))).addQueryParameter("entitlementPreferenceType", sastJobModel.getEntitlementPreference()).addQueryParameter("remdiationScanPreferenceType", sastJobModel.getRemediationScanPreferenceType()).addQueryParameter("bsiToken", sastJobModel.getBsiTokenOriginal());
    }

    private void buildReleaseSettingsRequest(HttpUrl.Builder builder, Integer num, SastJobModel sastJobModel) {
        builder.addPathSegments(String.format("/api/v3/releases/%d/static-scans/start-scan-advanced-with-defaults", num)).addQueryParameter("remediationScanPreferenceType", sastJobModel.getRemediationScanPreferenceType());
    }

    private void buildPipelineRequest(HttpUrl.Builder builder, Integer num, SastJobModel sastJobModel) {
        builder.addPathSegments(String.format("/api/v3/releases/%d/static-scans/start-scan-advanced-with-defaults", num));
        if (!Utils.isNullOrEmpty(sastJobModel.getAssessmentType())) {
            builder.addQueryParameter("assessmentTypeId", sastJobModel.getAssessmentType());
        }
        if (!Utils.isNullOrEmpty(sastJobModel.getEntitlementId())) {
            builder.addQueryParameter("entitlementId", sastJobModel.getEntitlementId());
        }
        if (!Utils.isNullOrEmpty(sastJobModel.getFrequencyId())) {
            builder.addQueryParameter("entitlementFrequencyType", sastJobModel.getFrequencyId());
        }
        if (!Utils.isNullOrEmpty(sastJobModel.getOpenSourceScan())) {
            builder.addQueryParameter("doSonatypeScan", Utils.isNullOrEmpty(sastJobModel.getOpenSourceScan()) ? "false" : sastJobModel.getOpenSourceScan());
        }
        if (!Utils.isNullOrEmpty(sastJobModel.getAuditPreference())) {
            builder.addQueryParameter("auditPreferenceType", sastJobModel.getAuditPreference());
        }
        if (!Utils.isNullOrEmpty(sastJobModel.getTechnologyStack())) {
            builder.addQueryParameter("technologyTypeId", sastJobModel.getTechnologyStack());
        }
        if (!Utils.isNullOrEmpty(sastJobModel.getLanguageLevel())) {
            builder.addQueryParameter("technologyVersionTypeId", sastJobModel.getLanguageLevel());
        }
        if (Utils.isNullOrEmpty(sastJobModel.getRemediationScanPreferenceType())) {
            return;
        }
        builder.addQueryParameter("remediationScanPreferenceType", sastJobModel.getRemediationScanPreferenceType());
    }

    /* JADX WARN: Type inference failed for: r2v11, types: [org.jenkinsci.plugins.fodupload.controllers.StaticScanController$1] */
    private Integer upsertApplicationAndRelease(SastJobModel sastJobModel) throws Exception {
        Integer releaseIdByName = new ReleaseController(this.apiConnection, this.logger, this.correlationId).getReleaseIdByName(sastJobModel.getApplicationName(), sastJobModel.getReleaseName(), sastJobModel.getIsMicroservice(), sastJobModel.getMicroserviceName());
        if (releaseIdByName != null) {
            println("Existing release found matching " + sastJobModel.getApplicationName() + " " + sastJobModel.getReleaseName());
            return releaseIdByName;
        }
        println("Provisioning application and release");
        PostReleaseWithUpsertApplicationModel postReleaseWithUpsertApplicationModel = new PostReleaseWithUpsertApplicationModel();
        postReleaseWithUpsertApplicationModel.setApplicationName(sastJobModel.getApplicationName());
        postReleaseWithUpsertApplicationModel.setApplicationType(sastJobModel.getApplicationType());
        postReleaseWithUpsertApplicationModel.setReleaseName(sastJobModel.getReleaseName());
        postReleaseWithUpsertApplicationModel.setOwnerId(sastJobModel.getOwner());
        postReleaseWithUpsertApplicationModel.setBusinessCriticalityType(sastJobModel.getBusinessCriticality());
        postReleaseWithUpsertApplicationModel.setSdlcStatusType(sastJobModel.getSdlcStatus());
        if (sastJobModel.getIsMicroservice().booleanValue()) {
            postReleaseWithUpsertApplicationModel.setHasMicroservices(sastJobModel.getIsMicroservice());
            postReleaseWithUpsertApplicationModel.setReleaseMicroserviceName(sastJobModel.getMicroserviceName());
            ArrayList arrayList = new ArrayList();
            arrayList.add(sastJobModel.getMicroserviceName());
            postReleaseWithUpsertApplicationModel.setMicroservices(arrayList);
        }
        if (!Utils.isNullOrEmpty(sastJobModel.getAttributes())) {
            String[] split = sastJobModel.getAttributes().split(";");
            HashMap hashMap = new HashMap();
            for (String str : split) {
                String[] split2 = str.split(":");
                if (split2.length != 2 || hashMap.containsKey(split2[0])) {
                    throw new Exception("Failure parsing application attributes");
                }
                hashMap.put(split2[0], split2[1]);
            }
            for (FodAttributeMapItem fodAttributeMapItem : mapAttributesToFod(hashMap)) {
                postReleaseWithUpsertApplicationModel.getAttributes().add(new ApplicationAttributeModel(Integer.valueOf(fodAttributeMapItem.getDefinition().getId()), fodAttributeMapItem.getValue()));
            }
        }
        Request build = new Request.Builder().url(HttpUrl.parse(this.apiConnection.getApiUrl()).newBuilder().addPathSegments("/api/v3/releases/releaseWithUpsertApplication").build()).addHeader("Accept", "application/json").addHeader("CorrelationId", getCorrelationId()).post(RequestBody.create(MediaType.parse("application/json"), Json.getInstance().toJson(postReleaseWithUpsertApplicationModel))).build();
        println("Submitting application and release model");
        ResponseContent request = this.apiConnection.request(build);
        if (request.code() >= 300) {
            throw new Exception("Failed to create application and/or release: \n" + request.bodyContent());
        }
        PostReleaseWithUpsertApplicationResponseModel postReleaseWithUpsertApplicationResponseModel = (PostReleaseWithUpsertApplicationResponseModel) this.apiConnection.parseResponse(request, new TypeToken<PostReleaseWithUpsertApplicationResponseModel>() { // from class: org.jenkinsci.plugins.fodupload.controllers.StaticScanController.1
        }.getType());
        if (!postReleaseWithUpsertApplicationResponseModel.getSuccess().booleanValue()) {
            throw new Exception("Failed to create application and/or release: \n" + String.join("\n", postReleaseWithUpsertApplicationResponseModel.getErrors()));
        }
        println("Provisioning successful. Release Id: " + postReleaseWithUpsertApplicationResponseModel.getReleaseId());
        return postReleaseWithUpsertApplicationResponseModel.getReleaseId();
    }

    public List<FodAttributeMapItem> mapAttributesToFod(Map<String, String> map) throws Exception {
        List<AttributeDefinition> attributeDefinitions = new AttributesController(this.apiConnection, this.logger, this.correlationId).getAttributeDefinitions();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            Iterator<AttributeDefinition> it = attributeDefinitions.iterator();
            while (true) {
                if (it.hasNext()) {
                    AttributeDefinition next = it.next();
                    if (entry.getKey().equals(next.getName())) {
                        if (next.getAttributeDataType().equalsIgnoreCase("Picklist")) {
                            ArrayList arrayList3 = new ArrayList();
                            for (PicklistValue picklistValue : next.getPicklistValues()) {
                                arrayList3.add(picklistValue.getName());
                            }
                            if (arrayList3.contains(entry.getValue())) {
                                arrayList.add(new FodAttributeMapItem(entry.getKey(), entry.getValue(), next));
                            } else {
                                arrayList2.add(entry.getKey());
                            }
                        } else if (next.getAttributeDataType().equalsIgnoreCase("Boolean")) {
                            if (Pattern.compile("true|false", 2).matcher(entry.getValue()).matches()) {
                                arrayList.add(new FodAttributeMapItem(entry.getKey(), entry.getValue(), next));
                            } else {
                                arrayList2.add(entry.getKey() + " : true/false");
                            }
                        } else if (next.getAttributeDataType().equalsIgnoreCase("User")) {
                            ArrayList arrayList4 = new ArrayList();
                            ArrayList arrayList5 = new ArrayList();
                            for (PicklistValue picklistValue2 : next.getPicklistValues()) {
                                arrayList4.add(picklistValue2.getName());
                                arrayList4.add(String.valueOf(picklistValue2.getId()));
                                arrayList5.add(String.valueOf(picklistValue2.getId()) + "-" + picklistValue2.getName());
                            }
                            if (arrayList4.contains(entry.getValue())) {
                                arrayList.add(new FodAttributeMapItem(entry.getKey(), entry.getValue(), next));
                            } else {
                                arrayList2.add(entry.getKey() + " : " + ((String) arrayList5.stream().collect(Collectors.joining(","))));
                            }
                        } else {
                            arrayList.add(new FodAttributeMapItem(entry.getKey(), entry.getValue(), next));
                        }
                    }
                }
            }
        }
        if (arrayList2.size() > 0) {
            throw new Exception(String.format("Invalid PickList Attributes/Values for the following Picklist Attribute/s - %s", arrayList2.stream().collect(Collectors.joining(" & "))));
        }
        return arrayList;
    }

    /* JADX WARN: Type inference failed for: r0v23, types: [org.jenkinsci.plugins.fodupload.controllers.StaticScanController$2] */
    @Deprecated
    public GetStaticScanSetupResponse getStaticScanSettingsOld(Integer num) throws IOException {
        ResponseContent request = this.apiConnection.request(new Request.Builder().url(HttpUrl.parse(this.apiConnection.getApiUrl()).newBuilder().addPathSegments(String.format("/api/v3/releases/%d/static-scans/scan-setup", num)).build().toString()).addHeader("Accept", "application/json").addHeader("CorrelationId", getCorrelationId()).get().build());
        if (request.isSuccessful()) {
            return (GetStaticScanSetupResponse) new Gson().fromJson(request.bodyContent(), new TypeToken<GetStaticScanSetupResponse>() { // from class: org.jenkinsci.plugins.fodupload.controllers.StaticScanController.2
            }.getType());
        }
        return null;
    }

    /* JADX WARN: Type inference failed for: r2v5, types: [org.jenkinsci.plugins.fodupload.controllers.StaticScanController$3] */
    public GetStaticScanSetupResponse getStaticScanSettings(Integer num) throws IOException {
        return (GetStaticScanSetupResponse) this.apiConnection.requestTyped(new Request.Builder().url(this.apiConnection.urlBuilder().addPathSegments(String.format("/api/v3/releases/%d/static-scans/scan-setup", num)).build()).addHeader("Accept", "application/json").addHeader("CorrelationId", getCorrelationId()).get().build(), new TypeToken<GetStaticScanSetupResponse>() { // from class: org.jenkinsci.plugins.fodupload.controllers.StaticScanController.3
        }.getType());
    }

    /* JADX WARN: Type inference failed for: r2v5, types: [org.jenkinsci.plugins.fodupload.controllers.StaticScanController$4] */
    public PutStaticScanSetupResponse putStaticScanSettings(Integer num, PutStaticScanSetupModel putStaticScanSetupModel) throws IOException {
        String json = Json.getInstance().toJson(putStaticScanSetupModel);
        ResponseContent request = this.apiConnection.request(new Request.Builder().url(this.apiConnection.urlBuilder().addPathSegments("/api/v3/releases/" + num + "/static-scans/scan-setup").build()).addHeader("Accept", "application/json").addHeader("CorrelationId", getCorrelationId()).put(RequestBody.create(MediaType.parse("application/json"), json)).build());
        if (request.code() < 300) {
            return (PutStaticScanSetupResponse) this.apiConnection.parseResponse(request, new TypeToken<PutStaticScanSetupResponse>() { // from class: org.jenkinsci.plugins.fodupload.controllers.StaticScanController.4
            }.getType());
        }
        String bodyContent = request.bodyContent();
        List<String> unexpectedServerResponseErrors = Utils.unexpectedServerResponseErrors();
        if (bodyContent.isEmpty()) {
            unexpectedServerResponseErrors.add("API empty response");
        } else {
            unexpectedServerResponseErrors.add("Raw API response:\n" + bodyContent);
        }
        return new PutStaticScanSetupResponse(false, null, unexpectedServerResponseErrors, null);
    }
}
