package com.qualys.plugins.vm;

import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardCredentials;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.google.gson.Gson;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.reflect.TypeToken;
import com.qualys.plugins.vm.client.QualysVMClient;
import com.qualys.plugins.vm.util.Helper;
import hudson.AbortException;
import hudson.EnvVars;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractProject;
import hudson.model.Item;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.BuildStepMonitor;
import hudson.tasks.Notifier;
import hudson.tasks.Publisher;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import javax.annotation.Nonnull;
import jenkins.model.Jenkins;
import jenkins.tasks.SimpleBuildStep;
import org.acegisecurity.Authentication;
import org.apache.commons.lang.StringUtils;
import org.apache.maven.model.io.xpp3.MavenXpp3Reader;
import org.codehaus.plexus.util.xml.pull.XmlPullParser;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.verb.POST;

@Extension
/* loaded from: input_file:WEB-INF/lib/qualys-vm_1.1.9-SNAPSHOT.jar:com/qualys/plugins/vm/VMScanNotifier.class */
public class VMScanNotifier extends Notifier implements SimpleBuildStep {
    private String apiServer;
    private String platform;
    private String credsId;
    private String hostIp;
    private String ec2Id;
    private String ec2ConnDetails;
    private String ec2ConnName;
    private String ec2ConnAccountId;
    private String ec2ConnId;
    private String scanName;
    private String scannerName;
    private String optionProfile;
    private String network;
    private String proxyServer;
    private int proxyPort;
    private String proxyCredentialsId;
    private boolean useProxy;
    private boolean useHost;
    private boolean useEc2;
    private boolean runConnector;
    private String pluginName;
    private String pollingInterval;
    private String vulnsTimeout;
    private int bySev;
    private boolean failBySev;
    private String qidList;
    private boolean failByQids;
    private String cveList;
    private boolean failByCves;
    private String byCvss;
    private String cvssBase;
    private boolean failByCvss;
    private String excludeList;
    private String excludeBy;
    private boolean doExclude;
    private boolean evaluatePotentialVulns;
    private boolean failByPci;
    private String webhookUrl;
    private static final String SCAN_NAME = "[job_name]_jenkins_build_[build_number]";
    private static final int PROXY_PORT = 80;
    private static final Logger logger = Helper.getLogger(VMScanNotifier.class.getName());
    private static final String xml10pattern = "[^\t\r\n -\ud7ff\ue000-���-��]";
    private String hostIpValue;
    private String ec2IdValue;

    @Extension
    @Symbol({"qualysVulnerabilityAnalyzer"})
    /* loaded from: input_file:WEB-INF/lib/qualys-vm_1.1.9-SNAPSHOT.jar:com/qualys/plugins/vm/VMScanNotifier$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Publisher> {
        private static final String URL_REGEX = "^(https?)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]";
        private static final String WEBHOOK_URL_REGEX = "(https?:\\/\\/(?:www\\.|(?!www))[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\\.[^\\s]{2,}|www\\.[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\\.[^\\s]{2,}|https?:\\/\\/(?:www\\.|(?!www))[a-zA-Z0-9]+\\.[^\\s]{2,}|www\\.[a-zA-Z0-9]+\\.[^\\s]{2,})";
        private static final String PROXY_REGEX = "^((https?)://)?[-a-zA-Z0-9+&@#/%?=~_|!,.;]*[-a-zA-Z0-9+&@#/%=~_|]";
        private static final String TIMEOUT_PERIOD_REGEX = "^(\\d+[*]?)*(?<!\\*)$";
        private static final String HOST_IP = "^\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b";
        private static final String awsAccountId = "awsAccountId";
        private static final String utf8Error = "Provide valid UTF-8 string value.";
        private static final String displayName = "Scan host/instances with Qualys VM";
        private JsonObject ctorNameList = new JsonObject();
        Helper h = new Helper();

        public String getDisplayName() {
            return displayName;
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public ListBoxModel doFillPlatformItems() {
            ListBoxModel listBoxModel = new ListBoxModel();
            for (Map<String, String> map : getPlatforms()) {
                listBoxModel.add(new ListBoxModel.Option(map.get("name"), map.get("code")));
            }
            return listBoxModel;
        }

        public FormValidation doCheckApiServer(@QueryParameter String str) {
            String trim;
            if (isNonUTF8String(str)) {
                return FormValidation.error(utf8Error);
            }
            if (str != null) {
                try {
                    trim = str.trim();
                } catch (Exception e) {
                    return FormValidation.error(e.getMessage());
                }
            } else {
                trim = XmlPullParser.NO_NAMESPACE;
            }
            return !Pattern.compile(URL_REGEX).matcher(trim).matches() ? FormValidation.error("Server name is not valid!") : FormValidation.ok();
        }

        public FormValidation doCheckCredsId(@QueryParameter String str) {
            try {
                return str.trim().equals(XmlPullParser.NO_NAMESPACE) ? FormValidation.error("API Credentials cannot be empty.") : FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error(e.getMessage());
            }
        }

        @POST
        public ListBoxModel doFillCredsIdItems(@AncestorInPath Item item, @QueryParameter String str) {
            Jenkins.getInstance().checkPermission(Item.CONFIGURE);
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            if (item == null) {
                if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
                    return standardListBoxModel.add(str);
                }
            } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
                return standardListBoxModel.add(str);
            }
            return standardListBoxModel.withEmptySelection().withAll(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, item, (Authentication) null, Collections.emptyList())).withMatching(CredentialsMatchers.withId(str), new StandardCredentials[0]);
        }

        public FormValidation doCheckProxyServer(@QueryParameter String str) {
            if (isNonUTF8String(str)) {
                return FormValidation.error(utf8Error);
            }
            try {
                return !Pattern.compile(PROXY_REGEX).matcher(str).matches() ? FormValidation.error("Enter valid server url!") : FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error(e.getMessage());
            }
        }

        public FormValidation doCheckProxyPort(@QueryParameter String str) {
            if (str != null) {
                try {
                    if (!str.trim().isEmpty()) {
                        int parseInt = Integer.parseInt(str);
                        return (parseInt < 1 || parseInt > 65535) ? FormValidation.error("Enter a valid port number!") : FormValidation.ok();
                    }
                } catch (RuntimeException e) {
                    return FormValidation.error("Enter valid port number!");
                } catch (Exception e2) {
                    return FormValidation.error("Enter valid port number!");
                }
            }
            return FormValidation.error("Enter a valid port number!");
        }

        @POST
        public ListBoxModel doFillProxyCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String str) {
            Jenkins.getInstance().checkPermission(Item.CONFIGURE);
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            if (item == null) {
                if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
                    return standardListBoxModel.add(str);
                }
            } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
                return standardListBoxModel.add(str);
            }
            return standardListBoxModel.withEmptySelection().withAll(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, item, (Authentication) null, Collections.emptyList())).withMatching(CredentialsMatchers.withId(str), new StandardCredentials[0]);
        }

        public FormValidation doCheckHostIp(@QueryParameter String str) {
            if (str != null) {
                try {
                    if (StringUtils.isNotBlank(str)) {
                        if (!str.startsWith("env.") && !Pattern.compile(HOST_IP).matcher(str).matches()) {
                            return FormValidation.error("Host IP is not in valid format!");
                        }
                        return FormValidation.ok();
                    }
                } catch (Exception e) {
                    return FormValidation.error("Enter valid Host Ip!");
                }
            }
            return FormValidation.error("Provide a valid Host IP.");
        }

        public FormValidation doCheckScanName(@QueryParameter String str) {
            if (isNonUTF8String(str)) {
                return FormValidation.error(utf8Error);
            }
            try {
                return str.trim().equals(XmlPullParser.NO_NAMESPACE) ? FormValidation.error("Scan Name cannot be empty.") : str.length() > 256 ? FormValidation.error("Scan Name length must be of 256 or less characters.") : FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error(e.getMessage());
            }
        }

        public FormValidation doCheckEc2Id(@QueryParameter String str) {
            if (isNonUTF8String(str)) {
                return FormValidation.error("Provide valid EC2 Instance Id.");
            }
            try {
                return str.trim().equals(XmlPullParser.NO_NAMESPACE) ? FormValidation.error("EC2 Instance Id cannot be empty.") : FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error(e.getMessage());
            }
        }

        public FormValidation doCheckScannerName(@QueryParameter String str) {
            try {
                return str.trim().equals(XmlPullParser.NO_NAMESPACE) ? FormValidation.error("Select a Scanner Name.") : FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error(e.getMessage());
            }
        }

        public FormValidation doCheckQidList(@QueryParameter String str) {
            if (str == null || str.isEmpty()) {
                return FormValidation.ok();
            }
            try {
                return !Helper.isValidQidList(str) ? FormValidation.error("Enter valid QID range/numbers!") : FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error("Enter valid QID range/numbers! Error:" + e.getMessage());
            }
        }

        public FormValidation doCheckCveList(@QueryParameter String str) {
            return !Helper.isValidCVEList(str) ? FormValidation.error("Enter valid CVEs! Given: " + str) : FormValidation.ok();
        }

        public FormValidation doCheckCvssBase(@QueryParameter String str) {
            if (str != null && !str.isEmpty()) {
                try {
                    double parseDouble = Double.parseDouble(str);
                    if (parseDouble < 0.0d || parseDouble > 10.0d) {
                        return FormValidation.error("Enter a number in range of 0.0 to 10.0");
                    }
                } catch (NumberFormatException e) {
                    return FormValidation.error("Input is not a valid number. " + e.getMessage());
                } catch (RuntimeException e2) {
                    return FormValidation.error("Enter valid number!");
                } catch (Exception e3) {
                    return FormValidation.error("Enter valid number!");
                }
            }
            return FormValidation.ok();
        }

        public FormValidation doCheckPollingInterval(@QueryParameter String str) {
            try {
                String trim = str.trim();
                if (!trim.equals(XmlPullParser.NO_NAMESPACE) && !Pattern.compile(TIMEOUT_PERIOD_REGEX).matcher(trim).matches()) {
                    return FormValidation.error("Timeout period is not valid!");
                }
                return FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error("Timeout period string : " + str + ", reason = " + e);
            }
        }

        public FormValidation doCheckVulnsTimeout(@QueryParameter String str) {
            String trim = str.trim();
            try {
                if (!trim.equals(XmlPullParser.NO_NAMESPACE) && !Pattern.compile(TIMEOUT_PERIOD_REGEX).matcher(trim).matches()) {
                    return FormValidation.error("Timeout period is not valid!");
                }
                return FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error("Timeout period string : " + str + ", reason = " + e);
            }
        }

        public FormValidation doCheckExcludeList(@QueryParameter String str, @QueryParameter String str2) {
            if (str != null) {
                try {
                    if (!str.isEmpty() && str2.equalsIgnoreCase("cve_id") && !Helper.isValidCVEList(str)) {
                        return FormValidation.error("Enter valid CVEs! Given:" + str);
                    }
                } catch (RuntimeException e) {
                    return FormValidation.error("Enter valid value!");
                } catch (Exception e2) {
                    return FormValidation.error("Enter valid value!");
                }
            }
            return (str == null || str.isEmpty() || str2.equalsIgnoreCase("cve_id") || Helper.isValidQidList(str)) ? FormValidation.ok() : FormValidation.error("Enter valid QID range/numbers!");
        }

        public FormValidation doCheckWebhookUrl(@QueryParameter String str) {
            try {
                if (!StringUtils.isEmpty(str) && !Pattern.compile(WEBHOOK_URL_REGEX).matcher(str).matches()) {
                    return FormValidation.error("Webhook Url is not valid!");
                }
                return FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error(e.getMessage());
            }
        }

        public FormValidation doCheckNetwork(@QueryParameter String str) {
            try {
                return str.trim().equals(XmlPullParser.NO_NAMESPACE) ? FormValidation.error("Select a Network Name.") : str.trim().equals("NETWORK_NOT_FOUND") ? FormValidation.error("There are currently no networks assigned to you. Contact your System Administrator to assign custom networks") : FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error(e.getMessage());
            }
        }

        @POST
        public FormValidation doCheckConnection(@QueryParameter String str, @QueryParameter String str2, @QueryParameter String str3, @QueryParameter String str4, @QueryParameter String str5, @QueryParameter String str6, @QueryParameter boolean z, @AncestorInPath Item item) {
            Jenkins.getInstance().checkPermission(Item.CONFIGURE);
            try {
                int parseInt = doCheckProxyPort(str5) == FormValidation.ok() ? Integer.parseInt(str5) : 80;
                String trim = str2 != null ? str2.trim() : XmlPullParser.NO_NAMESPACE;
                if (!str.equalsIgnoreCase("pcp")) {
                    trim = Helper.platformsList.get(str).get("url");
                    VMScanNotifier.logger.info("Using qualys API Server URL: " + str2);
                }
                QualysVMClient client = this.h.getClient(z, trim, str3, str4, parseInt, str6, item);
                if (str.equalsIgnoreCase("pcp")) {
                    client.testConnection();
                } else {
                    client.testConnectionUsingGatewayAPI();
                }
                return FormValidation.ok("Connection test successful!");
            } catch (Exception e) {
                return FormValidation.error("Connection test failed. (Reason: " + e.getMessage() + ")");
            }
        }

        @POST
        public ListBoxModel doFillScannerNameItems(@AncestorInPath Item item, @QueryParameter String str, @QueryParameter String str2, @QueryParameter String str3, @QueryParameter String str4, @QueryParameter String str5, @QueryParameter String str6, @QueryParameter boolean z, @QueryParameter boolean z2, @QueryParameter boolean z3, @QueryParameter String str7) {
            JsonObject scannerName;
            Jenkins.getInstance().checkPermission(Item.CONFIGURE);
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            standardListBoxModel.add(new ListBoxModel.Option("Select the scanner appliance", "External"));
            try {
                if (filledInputs(str, str2, str3, z, str4, str5)) {
                    int parseInt = doCheckProxyPort(str5) == FormValidation.ok() ? Integer.parseInt(str5) : 80;
                    String trim = str2 != null ? str2.trim() : XmlPullParser.NO_NAMESPACE;
                    if (!str.equalsIgnoreCase("pcp")) {
                        trim = Helper.platformsList.get(str).get("url");
                        VMScanNotifier.logger.info("Using qualys API Server URL: " + str2);
                    }
                    QualysVMClient client = this.h.getClient(z, trim, str3, str4, parseInt, str6, item);
                    if (z2) {
                        VMScanNotifier.logger.info("Fetching EC2 Scanner Names list ... ");
                        scannerName = client.scannerName(false, str7);
                    } else {
                        VMScanNotifier.logger.info("Fetching Scanner Names list ... ");
                        scannerName = client.scannerName(true, str7);
                    }
                    for (String str8 : scannerName.keySet()) {
                        JsonObject asJsonObject = scannerName.get(str8).getAsJsonObject();
                        String asString = asJsonObject.get("status").getAsString();
                        String asString2 = asJsonObject.get("accountId").getAsString();
                        if (z2) {
                            standardListBoxModel.add(new ListBoxModel.Option(str8 + " (Account Id: " + asString2 + " | Status: " + asString + ")", str8));
                        } else {
                            standardListBoxModel.add(new ListBoxModel.Option(str8 + " (Status: " + asString + ")", str8));
                        }
                    }
                    if (z3 && str7 != null && !str7.isEmpty() && !str7.trim().equals("NETWORK_NOT_FOUND") && !str7.trim().equals("UNAUTHORIZED_ACCESS") && !str7.trim().equals("ACCESS_FORBIDDEN")) {
                        standardListBoxModel.add(new ListBoxModel.Option("All Scanners in Network", "All_Scanners_in_Network"));
                    }
                }
                standardListBoxModel.sort(Helper.getOptionItemmsComparator());
                return standardListBoxModel;
            } catch (Exception e) {
                StandardListBoxModel standardListBoxModel2 = new StandardListBoxModel();
                VMScanNotifier.logger.warning("Error to get scanner list. " + e.getMessage());
                standardListBoxModel2.add(new ListBoxModel.Option(e.getMessage(), XmlPullParser.NO_NAMESPACE));
                return standardListBoxModel2;
            }
        }

        @POST
        public ListBoxModel doFillNetworkItems(@AncestorInPath Item item, @QueryParameter String str, @QueryParameter String str2, @QueryParameter String str3, @QueryParameter String str4, @QueryParameter String str5, @QueryParameter String str6, @QueryParameter boolean z) {
            Jenkins.getInstance().checkPermission(Item.CONFIGURE);
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            standardListBoxModel.add(new ListBoxModel.Option("Select the network", XmlPullParser.NO_NAMESPACE));
            try {
                if (filledInputs(str, str2, str3, z, str4, str5)) {
                    int parseInt = doCheckProxyPort(str5) == FormValidation.ok() ? Integer.parseInt(str5) : 80;
                    String trim = str2 != null ? str2.trim() : XmlPullParser.NO_NAMESPACE;
                    if (!str.equalsIgnoreCase("pcp")) {
                        trim = Helper.platformsList.get(str).get("url");
                        VMScanNotifier.logger.info("Using qualys API Server URL: " + str2);
                    }
                    QualysVMClient client = this.h.getClient(z, trim, str3, str4, parseInt, str6, item);
                    VMScanNotifier.logger.info("Fetching Network list ... ");
                    Iterator<JsonElement> it = client.getNetworkList().iterator();
                    while (it.hasNext()) {
                        JsonObject asJsonObject = it.next().getAsJsonObject();
                        standardListBoxModel.add(new ListBoxModel.Option(asJsonObject.get("name").getAsString(), asJsonObject.get("id").getAsString()));
                    }
                }
                standardListBoxModel.sort(Helper.getOptionItemmsComparator());
                return standardListBoxModel;
            } catch (Exception e) {
                StandardListBoxModel standardListBoxModel2 = new StandardListBoxModel();
                VMScanNotifier.logger.warning("Error to get Network list. " + e.getMessage());
                standardListBoxModel2.add(e.getMessage().contains("UNAUTHORIZED ACCESS") ? new ListBoxModel.Option("UNAUTHORIZED ACCESS - Please provide valid Qualys credentials", "UNAUTHORIZED_ACCESS") : e.getMessage().contains("ACCESS FORBIDDEN") ? new ListBoxModel.Option("Enable the custom network list option for your subscription. For this scan, a predefined network will be used", "ACCESS_FORBIDDEN") : e.getMessage().contains("Network not found") ? new ListBoxModel.Option("There are currently no networks assigned to you. Contact your System Administrator to assign custom networks", "NETWORK_NOT_FOUND") : new ListBoxModel.Option(e.getMessage(), XmlPullParser.NO_NAMESPACE));
                return standardListBoxModel2;
            }
        }

        @POST
        public ListBoxModel doFillOptionProfileItems(@AncestorInPath Item item, @QueryParameter String str, @QueryParameter String str2, @QueryParameter String str3, @QueryParameter String str4, @QueryParameter String str5, @QueryParameter String str6, @QueryParameter boolean z) {
            Jenkins.getInstance().checkPermission(Item.CONFIGURE);
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            standardListBoxModel.add(new ListBoxModel.Option("Default scan option profile", "Initial Options"));
            try {
                if (filledInputs(str, str2, str3, z, str4, str5)) {
                    int parseInt = doCheckProxyPort(str5) == FormValidation.ok() ? Integer.parseInt(str5) : 80;
                    String trim = str2 != null ? str2.trim() : XmlPullParser.NO_NAMESPACE;
                    if (!str.equalsIgnoreCase("pcp")) {
                        trim = Helper.platformsList.get(str).get("url");
                        VMScanNotifier.logger.info("Using qualys API Server URL: " + str2);
                    }
                    QualysVMClient client = this.h.getClient(z, trim, str3, str4, parseInt, str6, item);
                    VMScanNotifier.logger.info("Fetching Option Profiles list ... ");
                    for (String str7 : client.optionProfiles()) {
                        standardListBoxModel.add(new ListBoxModel.Option(str7, str7));
                    }
                }
                standardListBoxModel.sort(Helper.getOptionItemmsComparator());
                return standardListBoxModel;
            } catch (Exception e) {
                StandardListBoxModel standardListBoxModel2 = new StandardListBoxModel();
                VMScanNotifier.logger.warning("Error to get option profile list. " + e.getMessage());
                standardListBoxModel2.add(new ListBoxModel.Option(e.getMessage(), XmlPullParser.NO_NAMESPACE));
                return standardListBoxModel2;
            }
        }

        @POST
        public ListBoxModel doFillEc2ConnDetailsItems(@AncestorInPath Item item, @QueryParameter String str, @QueryParameter String str2, @QueryParameter String str3, @QueryParameter String str4, @QueryParameter String str5, @QueryParameter String str6, @QueryParameter boolean z, @QueryParameter boolean z2) {
            Jenkins.getInstance().checkPermission(Item.CONFIGURE);
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            standardListBoxModel.add(new ListBoxModel.Option("--select--", XmlPullParser.NO_NAMESPACE));
            if (z2) {
                try {
                    if (filledInputs(str, str2, str3, z, str4, str5)) {
                        int parseInt = doCheckProxyPort(str5) == FormValidation.ok() ? Integer.parseInt(str5) : 80;
                        String trim = str2 != null ? str2.trim() : XmlPullParser.NO_NAMESPACE;
                        if (!str.equalsIgnoreCase("pcp")) {
                            trim = Helper.platformsList.get(str).get("url");
                            VMScanNotifier.logger.info("Using qualys API Server URL: " + str2);
                        }
                        QualysVMClient client = this.h.getClient(z, trim, str3, str4, parseInt, str6, item);
                        VMScanNotifier.logger.info("Fetching Ec2 connector name list ... ");
                        this.ctorNameList = client.getConnector();
                        for (String str7 : this.ctorNameList.keySet()) {
                            JsonObject asJsonObject = this.ctorNameList.get(str7).getAsJsonObject();
                            JsonObject jsonObject = new JsonObject();
                            JsonObject jsonObject2 = new JsonObject();
                            String asString = asJsonObject.get(awsAccountId).getAsString();
                            String asString2 = asJsonObject.get("connectorState").getAsString();
                            jsonObject2.addProperty(awsAccountId, asString);
                            jsonObject2.addProperty("id", asJsonObject.get("id").getAsString());
                            jsonObject.add(str7, jsonObject2);
                            standardListBoxModel.add(new ListBoxModel.Option(str7 + " (Account Id:" + asString + " | State:" + asString2 + ")", jsonObject.toString()));
                        }
                    }
                } catch (Exception e) {
                    standardListBoxModel.add(new ListBoxModel.Option(e.getMessage(), XmlPullParser.NO_NAMESPACE));
                    VMScanNotifier.logger.warning("There is an error while fetching the connectors list. " + e);
                    return standardListBoxModel;
                }
            }
            standardListBoxModel.sort(Helper.getOptionItemmsComparator());
            return standardListBoxModel;
        }

        public boolean isNonUTF8String(String str) {
            if (str == null || str.isEmpty()) {
                return false;
            }
            try {
                str.getBytes(StandardCharsets.UTF_8);
                return false;
            } catch (Exception e) {
                return true;
            }
        }

        public boolean filledInputs(String str, String str2, String str3, boolean z, String str4, String str5) {
            if ((str.equalsIgnoreCase("pcp") && StringUtils.isBlank(str2)) || StringUtils.isBlank(str3)) {
                return false;
            }
            return (z && StringUtils.isBlank(str4)) ? false : true;
        }

        public List<Map<String, String>> getPlatforms() {
            ArrayList arrayList = new ArrayList();
            Iterator<Map.Entry<String, Map<String, String>>> it = Helper.platformsList.entrySet().iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().getValue());
            }
            return arrayList;
        }
    }

    public VMScanNotifier() {
        this.useProxy = false;
        this.useHost = false;
        this.useEc2 = false;
        this.runConnector = false;
        this.pluginName = "Qualys Host Scanning Connector";
        this.failBySev = false;
        this.failByQids = false;
        this.failByCves = false;
        this.failByCvss = false;
        this.evaluatePotentialVulns = false;
        this.failByPci = false;
    }

    public String getPlatform() {
        return this.platform;
    }

    @DataBoundSetter
    public void setPlatform(String str) {
        this.platform = str;
    }

    public String getPollingInterval() {
        return this.pollingInterval;
    }

    @DataBoundSetter
    public void setPollingInterval(String str) {
        this.pollingInterval = str;
    }

    public String getVulnsTimeout() {
        return this.vulnsTimeout;
    }

    @DataBoundSetter
    public void setVulnsTimeout(String str) {
        this.vulnsTimeout = str;
    }

    public String getApiServer() {
        return this.apiServer;
    }

    @DataBoundSetter
    public void setApiServer(String str) {
        if (str != null && str.endsWith("/")) {
            str = str.substring(0, str.length() - 1);
        }
        this.apiServer = str;
    }

    public boolean getFailByQids() {
        return this.failByQids;
    }

    @DataBoundSetter
    public void setFailByQids(boolean z) {
        this.failByQids = z;
    }

    public boolean getFailByCves() {
        return this.failByCves;
    }

    @DataBoundSetter
    public void setFailByCves(boolean z) {
        this.failByCves = z;
    }

    public boolean getFailByCvss() {
        return this.failByCvss;
    }

    @DataBoundSetter
    public void setFailByCvss(boolean z) {
        this.failByCvss = z;
    }

    public String getByCvss() {
        return this.byCvss;
    }

    @DataBoundSetter
    public void setByCvss(String str) {
        this.byCvss = str;
    }

    public String getCvssBase() {
        return this.cvssBase;
    }

    @DataBoundSetter
    public void setCvssBase(String str) {
        this.cvssBase = str;
    }

    public String getQidList() {
        return this.qidList;
    }

    @DataBoundSetter
    public void setQidList(String str) {
        this.qidList = str;
    }

    public String getCveList() {
        return this.cveList;
    }

    @DataBoundSetter
    public void setCveList(String str) {
        this.cveList = str;
    }

    public int getBySev() {
        return this.bySev;
    }

    @DataBoundSetter
    public void setBySev(int i) {
        this.bySev = i;
    }

    public boolean getFailBySev() {
        return this.failBySev;
    }

    @DataBoundSetter
    public void setFailBySev(boolean z) {
        this.failBySev = z;
    }

    public String getCredsId() {
        return this.credsId;
    }

    @DataBoundSetter
    public void setCredsId(String str) {
        this.credsId = str;
    }

    public String getHostIp() {
        return this.hostIp;
    }

    @DataBoundSetter
    public void setHostIp(String str) {
        this.hostIp = str;
    }

    public String getEc2Id() {
        return this.ec2Id;
    }

    @DataBoundSetter
    public void setEc2Id(String str) {
        this.ec2Id = str;
    }

    public String getEc2ConnDetails() {
        return this.ec2ConnDetails;
    }

    @DataBoundSetter
    public void setEc2ConnDetails(String str) {
        this.ec2ConnDetails = str;
    }

    public String getEc2ConnName() {
        return this.ec2ConnName;
    }

    @DataBoundSetter
    public void setEc2ConnName(String str) {
        this.ec2ConnName = str;
    }

    public String getEc2ConnAccountId() {
        return this.ec2ConnAccountId;
    }

    @DataBoundSetter
    public void setEc2ConnAccountId(String str) {
        this.ec2ConnAccountId = str;
    }

    public String getEc2ConnId() {
        return this.ec2ConnId;
    }

    @DataBoundSetter
    public void setEc2ConnId(String str) {
        this.ec2ConnId = str;
    }

    public boolean getRunConnector() {
        return this.runConnector;
    }

    @DataBoundSetter
    public void setRunConnector(boolean z) {
        this.runConnector = z;
    }

    public String getScannerName() {
        return this.scannerName;
    }

    @DataBoundSetter
    public void setScannerName(String str) {
        this.scannerName = str;
    }

    public String getScanName() {
        return this.scanName;
    }

    @DataBoundSetter
    public void setScanName(String str) {
        this.scanName = StringUtils.isBlank(str) ? SCAN_NAME : str;
    }

    public String getOptionProfile() {
        return this.optionProfile;
    }

    @DataBoundSetter
    public void setOptionProfile(String str) {
        this.optionProfile = str;
    }

    public String getNetwork() {
        return this.network;
    }

    @DataBoundSetter
    public void setNetwork(String str) {
        this.network = str;
    }

    public String getProxyServer() {
        return this.proxyServer;
    }

    @DataBoundSetter
    public void setProxyServer(String str) {
        this.proxyServer = str;
    }

    public int getProxyPort() {
        return this.proxyPort;
    }

    @DataBoundSetter
    public void setProxyPort(int i) {
        this.proxyPort = i <= 0 ? 80 : i;
    }

    public String getProxyCredentialsId() {
        return this.proxyCredentialsId;
    }

    @DataBoundSetter
    public void setProxyCredentialsId(String str) {
        this.proxyCredentialsId = str;
    }

    public boolean getUseProxy() {
        return this.useProxy;
    }

    @DataBoundSetter
    public void setUseProxy(boolean z) {
        this.useProxy = z;
    }

    public boolean getUseHost() {
        return this.useHost;
    }

    @DataBoundSetter
    public void setUseHost(boolean z) {
        this.useHost = z;
    }

    public boolean getUseEc2() {
        return this.useEc2;
    }

    @DataBoundSetter
    public void setUseEc2(boolean z) {
        this.useEc2 = z;
    }

    public boolean getDoExclude() {
        return this.doExclude;
    }

    @DataBoundSetter
    public void setDoExclude(boolean z) {
        this.doExclude = z;
    }

    public String getExcludeBy() {
        return this.excludeBy;
    }

    @DataBoundSetter
    public void setExcludeBy(String str) {
        this.excludeBy = str;
    }

    public String getExcludeList() {
        return this.excludeList;
    }

    @DataBoundSetter
    public void setExcludeList(String str) {
        this.excludeList = str;
    }

    public boolean getEvaluatePotentialVulns() {
        return this.evaluatePotentialVulns;
    }

    @DataBoundSetter
    public void setEvaluatePotentialVulns(boolean z) {
        this.evaluatePotentialVulns = z;
    }

    public boolean getFailByPci() {
        return this.failByPci;
    }

    @DataBoundSetter
    public void setFailByPci(boolean z) {
        this.failByPci = z;
    }

    public String getWebhookUrl() {
        return this.webhookUrl;
    }

    @DataBoundSetter
    public void setWebhookUrl(String str) {
        this.webhookUrl = str;
    }

    public JsonObject getCriteriaAsJsonObject() {
        JsonObject jsonObject = new JsonObject();
        JsonObject jsonObject2 = new JsonObject();
        Gson gson = new Gson();
        if (this.failByQids) {
            if (this.qidList == null || this.qidList.isEmpty()) {
                jsonObject2.add("qids", new JsonArray());
            } else {
                List asList = Arrays.asList(this.qidList.split(","));
                asList.replaceAll((v0) -> {
                    return v0.trim();
                });
                jsonObject2.add("qids", gson.toJsonTree(asList, TypeToken.getParameterized(List.class, String.class).getType()));
            }
        }
        if (this.failByCves) {
            if (this.cveList == null || this.cveList.isEmpty()) {
                jsonObject2.add("cve_id", new JsonArray());
            } else {
                List asList2 = Arrays.asList(this.cveList.split(","));
                asList2.replaceAll((v0) -> {
                    return v0.trim();
                });
                jsonObject2.add("cve_id", gson.toJsonTree(asList2, TypeToken.getParameterized(List.class, String.class).getType()));
            }
        }
        if (this.failByCvss) {
            String str = this.byCvss;
            ArrayList arrayList = new ArrayList();
            arrayList.add("0");
            arrayList.add("0.0");
            if (((this.cvssBase == null || this.cvssBase.isEmpty() || arrayList.contains(this.cvssBase)) ? 0.0d : Double.parseDouble(this.cvssBase)) <= 0.0d) {
                jsonObject2.add(str, new JsonArray());
            } else {
                jsonObject2.addProperty(str, this.cvssBase);
            }
        }
        if (this.failBySev) {
            JsonObject jsonObject3 = new JsonObject();
            if (this.failBySev) {
                for (int i = this.bySev; i <= 5; i++) {
                    jsonObject3.addProperty(XmlPullParser.NO_NAMESPACE + i, (Number) 1);
                }
            }
            jsonObject2.add("severities", jsonObject3);
        }
        if (this.doExclude) {
            if ("cve_id".equals(this.excludeBy)) {
                jsonObject2.addProperty("excludeBy", "cve_id");
                jsonObject2.add("excludeCVEs", gson.toJsonTree(Arrays.asList(this.excludeList.split(",")), TypeToken.getParameterized(List.class, String.class).getType()));
            }
            if ("qid".equals(this.excludeBy)) {
                jsonObject2.addProperty("excludeBy", "qid");
                jsonObject2.add("excludeQids", gson.toJsonTree(Arrays.asList(this.excludeList.split(",")), TypeToken.getParameterized(List.class, String.class).getType()));
            }
        }
        if (this.failByPci) {
            jsonObject2.addProperty("failByPci", Boolean.valueOf(this.failByPci));
        }
        jsonObject2.addProperty("evaluatePotentialVulns", Boolean.valueOf(this.evaluatePotentialVulns));
        jsonObject.add("failConditions", jsonObject2);
        return jsonObject;
    }

    @DataBoundConstructor
    public VMScanNotifier(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10, int i, String str11, boolean z, boolean z2, boolean z3, String str12, String str13, int i2, boolean z4, boolean z5, boolean z6, String str14, String str15, boolean z7, String str16, String str17, boolean z8, String str18, String str19, boolean z9, boolean z10, String str20, boolean z11) {
        this.useProxy = false;
        this.useHost = false;
        this.useEc2 = false;
        this.runConnector = false;
        this.pluginName = "Qualys Host Scanning Connector";
        this.failBySev = false;
        this.failByQids = false;
        this.failByCves = false;
        this.failByCvss = false;
        this.evaluatePotentialVulns = false;
        this.failByPci = false;
        if (!StringUtils.isBlank(str)) {
            this.apiServer = str;
        }
        this.credsId = str2;
        this.scanName = str7;
        this.optionProfile = str8;
        this.scannerName = str6;
        if (z) {
            this.useProxy = z;
            this.proxyServer = str10;
            this.proxyPort = i;
            this.proxyCredentialsId = str11;
        }
        if (z2) {
            this.useHost = z2;
            this.hostIp = str3;
            this.network = str9;
        }
        if (z3) {
            this.useEc2 = z3;
            this.ec2Id = str5;
            this.runConnector = z11;
            if (str4 == null || str4.isEmpty()) {
                this.ec2ConnDetails = "{\"NoConnectorSelected\":{\"awsAccountId\":0,\"id\":0,\"connectorState\":0}}";
            } else {
                this.ec2ConnDetails = str4;
            }
            JsonObject jsonObject = (JsonObject) new JsonParser().parse(this.ec2ConnDetails);
            this.ec2ConnName = jsonObject.keySet().toString().replaceAll("\\[|\\]", XmlPullParser.NO_NAMESPACE);
            JsonObject asJsonObject = jsonObject.get(this.ec2ConnName).getAsJsonObject();
            this.ec2ConnAccountId = asJsonObject.get("awsAccountId").getAsString();
            this.ec2ConnId = asJsonObject.get("id").getAsString();
        }
        this.pollingInterval = str12;
        this.vulnsTimeout = str13;
        if (z4) {
            this.bySev = i2;
            this.failBySev = z4;
        }
        if (z5) {
            this.failByQids = z5;
            this.qidList = str14;
        }
        if (z6) {
            this.failByCves = z6;
            this.cveList = str15;
        }
        if (z7) {
            this.failByCvss = z7;
            this.byCvss = str16;
            this.cvssBase = str17;
        }
        if (z8) {
            this.doExclude = z8;
            this.excludeBy = str18;
            this.excludeList = str19;
        }
        if (z10) {
            this.failByPci = z10;
        }
        if (z4 || z5 || z6 || z7 || z10) {
            this.evaluatePotentialVulns = z9;
        }
        if (StringUtils.isBlank(str20)) {
            return;
        }
        this.webhookUrl = str20;
    }

    public BuildStepMonitor getRequiredMonitorService() {
        return BuildStepMonitor.NONE;
    }

    public String getPluginVersion() {
        try {
            MavenXpp3Reader mavenXpp3Reader = new MavenXpp3Reader();
            return (new File("pom.xml").exists() ? mavenXpp3Reader.read(new InputStreamReader(new FileInputStream("pom.xml"), "UTF-8")) : mavenXpp3Reader.read(new InputStreamReader(VMScanNotifier.class.getResourceAsStream("/META-INF/maven/com.qualys.plugins/qualys-vm/pom.xml"), "UTF-8"))).getVersion();
        } catch (RuntimeException e) {
            logger.info("Exception while reading plugin version; Reason :" + e.getMessage());
            return "unknown";
        } catch (Exception e2) {
            logger.info("Exception while reading plugin version; Reason :" + e2.getMessage());
            return "unknown";
        }
    }

    /* JADX WARN: Finally extract failed */
    public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull Launcher launcher, @Nonnull TaskListener taskListener) throws InterruptedException, IOException {
        long currentTimeMillis = System.currentTimeMillis();
        logger.info("Triggered build #" + run.number);
        try {
            String pluginVersion = getPluginVersion();
            taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " " + this.pluginName + " (version-" + pluginVersion + ") started.");
            logger.info(this.pluginName + " (version-" + pluginVersion + ") started.");
        } catch (RuntimeException e) {
            taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " " + this.pluginName + " started.");
            logger.info(this.pluginName + " started.");
        } catch (Exception e2) {
            taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " " + this.pluginName + " started.");
            logger.info(this.pluginName + " started.");
        }
        taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " " + this.pluginName + " scan task - Started.");
        extractEnvVariables(run.getEnvironment(taskListener), taskListener);
        if ((!this.useHost || !StringUtils.isNotBlank(this.hostIp)) && (!this.useEc2 || !StringUtils.isNotBlank(this.ec2Id))) {
            taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " No Host IP or EC2 Instance Id Configured.");
            throw new AbortException("Host IP or EC2 Instance Id can't be set to null or empty.");
        }
        try {
            try {
                launchHostScan(run, taskListener, run.getParent());
                long currentTimeMillis2 = System.currentTimeMillis() - currentTimeMillis;
                taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Total time taken to complete the build: " + Helper.longToTime(currentTimeMillis2));
                logger.info("Total time taken to complete the build: " + Helper.longToTime(currentTimeMillis2));
            } catch (Exception e3) {
                if (e3.toString().equalsIgnoreCase("java.lang.Exception")) {
                    throw new AbortException("Exception in " + this.pluginName + " scan result. Finishing the build.");
                }
                if (e3.getMessage().equalsIgnoreCase("sleep interrupted")) {
                    logger.log(Level.SEVERE, "Error: User Aborted");
                    throw new AbortException("Exception in " + this.pluginName + " scan result: User Aborted");
                }
                logger.log(Level.SEVERE, "Error: " + e3.getMessage());
                throw new AbortException("Exception in " + this.pluginName + " scan result: Finishing the build. Reason: " + e3.getMessage());
            }
        } catch (Throwable th) {
            long currentTimeMillis3 = System.currentTimeMillis() - currentTimeMillis;
            taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Total time taken to complete the build: " + Helper.longToTime(currentTimeMillis3));
            logger.info("Total time taken to complete the build: " + Helper.longToTime(currentTimeMillis3));
            throw th;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:20:0x01e4, code lost:
    
        if (r22.failByPci != false) goto L28;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void launchHostScan(hudson.model.Run<?, ?> r23, hudson.model.TaskListener r24, hudson.model.Item r25) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 1698
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.qualys.plugins.vm.VMScanNotifier.launchHostScan(hudson.model.Run, hudson.model.TaskListener, hudson.model.Item):void");
    }

    public boolean runCtorDecision(String str, TaskListener taskListener) throws Exception {
        boolean z = false;
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        arrayList.add("FINISHED_ERRORS");
        arrayList.add("ERROR");
        arrayList.add("INCOMPLETE");
        arrayList.add("FINISHED_SUCCESS");
        arrayList.add("SUCCESS");
        arrayList2.add("RUNNING");
        arrayList2.add("PENDING");
        arrayList2.add("QUEUED");
        arrayList2.add("PROCESSING");
        if (str.equalsIgnoreCase("DISABLED")) {
            logger.warning("Connector is in " + str + " state. Aborting!!");
            throw new Exception("Connector is in " + str + " state. Aborting!!");
        }
        if (arrayList2.contains(str)) {
            logger.warning("Connector state is " + str + ". Not running the connector!");
            taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Connector state is " + str + ". Not running the connector!");
            z = false;
        } else if (arrayList.contains(str)) {
            logger.warning("Connector state is " + str + ". Running the connector!");
            taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Connector state is " + str + ". Running the connector!");
            z = true;
        }
        return z;
    }

    private void extractEnvVariables(EnvVars envVars, TaskListener taskListener) throws AbortException {
        if (this.useHost && this.hostIp != null && !this.hostIp.isEmpty()) {
            if (!this.hostIp.startsWith("env.") || envVars == null || envVars.isEmpty()) {
                this.hostIpValue = this.hostIp;
            } else {
                String replaceFirst = this.hostIp.replaceFirst("env.", XmlPullParser.NO_NAMESPACE);
                this.hostIpValue = (String) envVars.get(replaceFirst);
                if (this.hostIpValue == null || this.hostIpValue.isEmpty()) {
                    throw new AbortException("Host IP - Environment variable " + replaceFirst + " is missing !!");
                }
                logger.info("Host IP value from environment variable is - " + this.hostIpValue);
                taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " Host IP value from environment variable is - " + this.hostIpValue);
            }
        }
        if (!this.useEc2 || this.ec2Id == null || this.ec2Id.isEmpty()) {
            return;
        }
        if (!this.ec2Id.startsWith("env.") || envVars == null || envVars.isEmpty()) {
            this.ec2IdValue = this.ec2Id;
            return;
        }
        String replaceFirst2 = this.ec2Id.replaceFirst("env.", XmlPullParser.NO_NAMESPACE);
        this.ec2IdValue = (String) envVars.get(replaceFirst2);
        if (this.ec2IdValue == null || this.ec2IdValue.isEmpty()) {
            throw new AbortException("Host IP - Environment variable " + replaceFirst2 + " is missing !!");
        }
        logger.info("EC2 ID value from environment variable is - " + this.ec2IdValue);
        taskListener.getLogger().println(new Timestamp(System.currentTimeMillis()) + " EC2 ID value from environment variable is - " + this.ec2IdValue);
    }
}
