package com.hp.octane.integrations.services.vulnerabilities;

import com.hp.octane.integrations.OctaneSDK;
import com.hp.octane.integrations.dto.DTOFactory;
import com.hp.octane.integrations.dto.connectivity.HttpMethod;
import com.hp.octane.integrations.dto.connectivity.OctaneRequest;
import com.hp.octane.integrations.dto.connectivity.OctaneResponse;
import com.hp.octane.integrations.dto.securityscans.OctaneIssue;
import com.hp.octane.integrations.dto.securityscans.SSCProjectConfiguration;
import com.hp.octane.integrations.exceptions.PermanentException;
import com.hp.octane.integrations.exceptions.TemporaryException;
import com.hp.octane.integrations.services.queueing.QueueingService;
import com.hp.octane.integrations.services.rest.OctaneRestClient;
import com.hp.octane.integrations.services.rest.RestService;
import com.hp.octane.integrations.utils.CIPluginSDKUtils;
import com.squareup.tape.ObjectQueue;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.TimeUnit;
import org.apache.http.entity.ContentType;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.poi.hpsf.Constants;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/integrations-sdk-2.0.21.jar:com/hp/octane/integrations/services/vulnerabilities/VulnerabilitiesServiceImpl.class */
public final class VulnerabilitiesServiceImpl implements VulnerabilitiesService {
    private static final Logger logger = LogManager.getLogger((Class<?>) VulnerabilitiesServiceImpl.class);
    private static final DTOFactory dtoFactory = DTOFactory.getInstance();
    private static final String VULNERABILITIES_QUEUE_FILE = "vulnerabilities-queue.dat";
    private final ObjectQueue<VulnerabilitiesQueueItem> vulnerabilitiesQueue;
    private final OctaneSDK.SDKServicesConfigurer configurer;
    private final RestService restService;
    private CompletableFuture<Boolean> workerExited;
    private final ExecutorService vulnerabilitiesProcessingExecutor = Executors.newSingleThreadExecutor(new VulnerabilitiesPushWorkerThreadFactory());
    private final Object NO_VULNERABILITIES_RESULTS_MONITOR = new Object();
    private int TEMPORARY_ERROR_BREATHE_INTERVAL = Constants.CP_MAC_ROMAN;
    private int LIST_EMPTY_INTERVAL = Constants.CP_MAC_ROMAN;
    private int SKIP_QUEUE_ITEM_INTERVAL = 5000;
    private Long DEFAULT_TIME_OUT_FOR_QUEUE_ITEM = 43200000L;

    /* loaded from: input_file:WEB-INF/lib/integrations-sdk-2.0.21.jar:com/hp/octane/integrations/services/vulnerabilities/VulnerabilitiesServiceImpl$VulnerabilitiesPushWorkerThreadFactory.class */
    private static final class VulnerabilitiesPushWorkerThreadFactory implements ThreadFactory {
        private VulnerabilitiesPushWorkerThreadFactory() {
        }

        @Override // java.util.concurrent.ThreadFactory
        public Thread newThread(Runnable runnable) {
            Thread thread = new Thread(runnable);
            thread.setName("VulnerabilitiesPushWorker-" + thread.getId());
            thread.setDaemon(true);
            return thread;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/integrations-sdk-2.0.21.jar:com/hp/octane/integrations/services/vulnerabilities/VulnerabilitiesServiceImpl$VulnerabilitiesQueueItem.class */
    public static final class VulnerabilitiesQueueItem implements QueueingService.QueueItem {
        public String jobId;
        public String buildId;
        public Long startTime;
        public Long timeout;
        public boolean isRelevant;

        private VulnerabilitiesQueueItem() {
            this.isRelevant = false;
        }

        private VulnerabilitiesQueueItem(String str, String str2) {
            this.isRelevant = false;
            if (str == null || str.isEmpty()) {
                throw new IllegalArgumentException("job ID MUST NOT be null nor empty");
            }
            if (str2 == null || str2.isEmpty()) {
                throw new IllegalArgumentException("build ID MUST NOT be null nor empty");
            }
            this.jobId = str;
            this.buildId = str2;
        }

        public String toString() {
            return "'" + this.jobId + " #" + this.buildId + "'";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public VulnerabilitiesServiceImpl(OctaneSDK.SDKServicesConfigurer sDKServicesConfigurer, QueueingService queueingService, RestService restService) {
        if (sDKServicesConfigurer == null) {
            throw new IllegalArgumentException("invalid configurer");
        }
        if (queueingService == null) {
            throw new IllegalArgumentException("queue Service MUST NOT be null");
        }
        if (restService == null) {
            throw new IllegalArgumentException("rest service MUST NOT be null");
        }
        if (queueingService.isPersistenceEnabled()) {
            this.vulnerabilitiesQueue = queueingService.initFileQueue(VULNERABILITIES_QUEUE_FILE, VulnerabilitiesQueueItem.class);
        } else {
            this.vulnerabilitiesQueue = queueingService.initMemoQueue();
        }
        this.configurer = sDKServicesConfigurer;
        this.restService = restService;
        logger.info("starting background worker...");
        this.vulnerabilitiesProcessingExecutor.execute(this::worker);
        logger.info("initialized SUCCESSFULLY (backed by " + this.vulnerabilitiesQueue.getClass().getSimpleName() + ")");
    }

    @Override // com.hp.octane.integrations.services.vulnerabilities.VulnerabilitiesService
    public void enqueueRetrieveAndPushVulnerabilities(String str, String str2, long j, long j2) {
        VulnerabilitiesQueueItem vulnerabilitiesQueueItem = new VulnerabilitiesQueueItem(str, str2);
        vulnerabilitiesQueueItem.startTime = Long.valueOf(j);
        vulnerabilitiesQueueItem.timeout = Long.valueOf(j2 <= 0 ? this.DEFAULT_TIME_OUT_FOR_QUEUE_ITEM.longValue() : j2 * 60 * 60 * 1000);
        this.vulnerabilitiesQueue.add(vulnerabilitiesQueueItem);
        logger.info(vulnerabilitiesQueueItem.buildId + "/" + vulnerabilitiesQueueItem.jobId + " was added to vulnerabilities queue");
        synchronized (this.NO_VULNERABILITIES_RESULTS_MONITOR) {
            this.NO_VULNERABILITIES_RESULTS_MONITOR.notify();
        }
    }

    @Override // com.hp.octane.integrations.services.ClosableService
    public void shutdown() {
        this.workerExited = new CompletableFuture<>();
        this.vulnerabilitiesProcessingExecutor.shutdown();
        try {
            this.NO_VULNERABILITIES_RESULTS_MONITOR.notify();
            this.workerExited.get(3000L, TimeUnit.SECONDS);
        } catch (Exception e) {
            logger.warn("interrupted while waiting for the worker SHUT DOWN");
        }
    }

    private void worker() {
        while (!this.vulnerabilitiesProcessingExecutor.isShutdown()) {
            if (this.vulnerabilitiesQueue.size() == 0) {
                CIPluginSDKUtils.doBreakableWait(this.LIST_EMPTY_INTERVAL, this.NO_VULNERABILITIES_RESULTS_MONITOR);
            } else {
                VulnerabilitiesQueueItem vulnerabilitiesQueueItem = null;
                try {
                    vulnerabilitiesQueueItem = this.vulnerabilitiesQueue.peek();
                    if (processPushVulnerabilitiesQueueItem(vulnerabilitiesQueueItem)) {
                        this.vulnerabilitiesQueue.remove();
                    } else {
                        reEnqueueItem(vulnerabilitiesQueueItem);
                    }
                } catch (PermanentException e) {
                    logger.error("permanent error on " + vulnerabilitiesQueueItem + ", passing over", (Throwable) e);
                    this.vulnerabilitiesQueue.remove();
                } catch (TemporaryException e2) {
                    logger.error("temporary error on " + vulnerabilitiesQueueItem + ", breathing " + this.TEMPORARY_ERROR_BREATHE_INTERVAL + "ms and retrying", (Throwable) e2);
                    if (vulnerabilitiesQueueItem != null) {
                        reEnqueueItem(vulnerabilitiesQueueItem);
                    }
                    CIPluginSDKUtils.doWait(this.TEMPORARY_ERROR_BREATHE_INTERVAL);
                } catch (Throwable th) {
                    logger.error("unexpected error on build log item '" + vulnerabilitiesQueueItem + "', passing over", th);
                    this.vulnerabilitiesQueue.remove();
                }
            }
        }
        this.workerExited.complete(true);
    }

    private boolean preflightRequest(String str, String str2) throws IOException {
        OctaneResponse execute = this.restService.obtainOctaneRestClient().execute(((OctaneRequest) dtoFactory.newDTO(OctaneRequest.class)).setMethod(HttpMethod.GET).setUrl(getVulnerabilitiesPreFlightContextPath(this.configurer.octaneConfiguration.getUrl(), this.configurer.octaneConfiguration.getSharedSpace()) + "?instance-id=" + this.configurer.octaneConfiguration.getInstanceId() + "&job-ci-id=" + CIPluginSDKUtils.urlEncodePathParam(str) + "&build-ci-id=" + CIPluginSDKUtils.urlEncodePathParam(str2)));
        if (execute.getStatus() != 200) {
            if (execute.getStatus() == 503 || execute.getStatus() == 502) {
                throw new TemporaryException("vulnerabilities preflight request FAILED, service unavailable");
            }
            throw new PermanentException("vulnerabilities preflight request FAILED with " + execute.getStatus() + "");
        }
        if ("true".equals(execute.getBody())) {
            logger.info("vulnerabilities data of " + str + " #" + str2 + " found to be relevant to Octane");
            return true;
        }
        logger.info("vulnerabilities data of " + str + " #" + str2 + " is not relevant to Octane");
        return false;
    }

    private void pushVulnerabilities(InputStream inputStream, String str, String str2) throws IOException {
        OctaneRestClient obtainOctaneRestClient = this.restService.obtainOctaneRestClient();
        HashMap hashMap = new HashMap();
        hashMap.put(RestService.CONTENT_TYPE_HEADER, ContentType.APPLICATION_JSON.getMimeType());
        OctaneResponse execute = obtainOctaneRestClient.execute(((OctaneRequest) dtoFactory.newDTO(OctaneRequest.class)).setMethod(HttpMethod.POST).setUrl(getVulnerabilitiesContextPath(this.configurer.octaneConfiguration.getUrl(), this.configurer.octaneConfiguration.getSharedSpace()) + "?instance-id=" + this.configurer.octaneConfiguration.getInstanceId() + "&job-ci-id=" + CIPluginSDKUtils.urlEncodePathParam(str) + "&build-ci-id=" + CIPluginSDKUtils.urlEncodePathParam(str2)).setHeaders(hashMap).setBody(inputStream));
        logger.info("vulnerabilities pushed; status: " + execute.getStatus() + ", response: " + execute.getBody());
        if (execute.getStatus() == 202) {
            logger.info("vulnerabilities push SUCCEED for " + str + " #" + str2);
        } else {
            if (execute.getStatus() != 503) {
                throw new PermanentException("vulnerabilities push FAILED, status " + execute.getStatus() + "; dropping this item from the queue \n" + execute.getBody());
            }
            throw new TemporaryException("vulnerabilities push FAILED, service unavailable");
        }
    }

    private boolean processPushVulnerabilitiesQueueItem(VulnerabilitiesQueueItem vulnerabilitiesQueueItem) {
        try {
            SSCProjectConfiguration sSCProjectConfiguration = this.configurer.pluginServices.getSSCProjectConfiguration(vulnerabilitiesQueueItem.jobId, vulnerabilitiesQueueItem.buildId);
            if (sSCProjectConfiguration == null || !sSCProjectConfiguration.isValid()) {
                logger.debug("SSC project configurations is missing or not valid, skipping processing for " + vulnerabilitiesQueueItem.jobId + " #" + vulnerabilitiesQueueItem.buildId);
                return true;
            }
            if (!vulnerabilitiesQueueItem.isRelevant) {
                if (!preflightRequest(vulnerabilitiesQueueItem.jobId, vulnerabilitiesQueueItem.buildId)) {
                    return true;
                }
                vulnerabilitiesQueueItem.isRelevant = true;
            }
            InputStream vulnerabilitiesScanResultStream = getVulnerabilitiesScanResultStream(vulnerabilitiesQueueItem, sSCProjectConfiguration);
            if (vulnerabilitiesScanResultStream == null) {
                return false;
            }
            pushVulnerabilities(vulnerabilitiesScanResultStream, vulnerabilitiesQueueItem.jobId, vulnerabilitiesQueueItem.buildId);
            return true;
        } catch (IOException e) {
            throw new PermanentException(e);
        }
    }

    private void reEnqueueItem(VulnerabilitiesQueueItem vulnerabilitiesQueueItem) {
        Long valueOf = Long.valueOf(System.currentTimeMillis() - vulnerabilitiesQueueItem.startTime.longValue());
        this.vulnerabilitiesQueue.remove();
        if (valueOf.longValue() < vulnerabilitiesQueueItem.timeout.longValue()) {
            this.vulnerabilitiesQueue.add(vulnerabilitiesQueueItem);
        } else {
            logger.info(vulnerabilitiesQueueItem.buildId + "/" + vulnerabilitiesQueueItem.jobId + " was removed from queue after timeout in queue is over");
        }
        CIPluginSDKUtils.doWait(this.SKIP_QUEUE_ITEM_INTERVAL);
    }

    private InputStream getVulnerabilitiesScanResultStream(VulnerabilitiesQueueItem vulnerabilitiesQueueItem, SSCProjectConfiguration sSCProjectConfiguration) {
        String targetDir = getTargetDir(vulnerabilitiesQueueItem);
        InputStream cachedScanResult = getCachedScanResult(targetDir);
        if (cachedScanResult != null) {
            return cachedScanResult;
        }
        Optional<List<OctaneIssue>> latestScan = new SSCHandler(vulnerabilitiesQueueItem, sSCProjectConfiguration, targetDir, this.restService.obtainSSCRestClient()).getLatestScan();
        if (latestScan.isPresent()) {
            return packUpdateAndNewIssues(targetDir, latestScan, new SSCOctaneClosedIssuesSync(vulnerabilitiesQueueItem, this.restService, sSCProjectConfiguration, this.configurer.octaneConfiguration).getCloseIssueInSSCOpenedInOctane());
        }
        return null;
    }

    private InputStream packUpdateAndNewIssues(String str, Optional<List<OctaneIssue>> optional, List<OctaneIssue> list) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(optional.get());
        arrayList.addAll(list);
        if (arrayList.isEmpty()) {
            throw new PermanentException("This scan has no issues.");
        }
        return new IssuesFileSerializer(str, arrayList).doSerializeAndCache();
    }

    private String getTargetDir(VulnerabilitiesQueueItem vulnerabilitiesQueueItem) {
        File allowedOctaneStorage = this.configurer.pluginServices.getAllowedOctaneStorage();
        if (allowedOctaneStorage != null) {
            return allowedOctaneStorage.getPath() + File.separator + vulnerabilitiesQueueItem.jobId + File.separator + vulnerabilitiesQueueItem.buildId;
        }
        logger.info("hosting plugin does not provide storage, vulnerabilities won't be cached");
        return null;
    }

    private InputStream getCachedScanResult(String str) {
        if (str == null) {
            return null;
        }
        FileInputStream fileInputStream = null;
        String str2 = str + File.separator + SSCHandler.SCAN_RESULT_FILE;
        if (!new File(str2).exists()) {
            return null;
        }
        try {
            fileInputStream = new FileInputStream(str2);
        } catch (IOException e) {
            logger.error("failed to obtain  vulnerabilities Scan File in " + str);
        }
        return fileInputStream;
    }

    private String getVulnerabilitiesPreFlightContextPath(String str, String str2) {
        return str + RestService.SHARED_SPACE_API_PATH_PART + str2 + RestService.VULNERABILITIES_PRE_FLIGHT;
    }

    private String getVulnerabilitiesContextPath(String str, String str2) {
        return str + RestService.SHARED_SPACE_API_PATH_PART + str2 + RestService.VULNERABILITIES;
    }
}
