package com.synopsys.protecode.sc.jenkins;

import com.cloudbees.plugins.credentials.CredentialsMatcher;
import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.cloudbees.plugins.credentials.domains.DomainRequirement;
import com.cloudbees.plugins.credentials.domains.HostnameRequirement;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.MapperFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.google.common.collect.ImmutableMap;
import com.synopsys.protecode.sc.jenkins.HttpApiConnector;
import com.synopsys.protecode.sc.jenkins.exceptions.ApiAuthenticationException;
import com.synopsys.protecode.sc.jenkins.exceptions.ApiException;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractBuild;
import hudson.model.AbstractProject;
import hudson.model.BuildListener;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.model.Run;
import hudson.remoting.VirtualChannel;
import hudson.security.ACL;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.BuildStepMonitor;
import hudson.tasks.Notifier;
import hudson.tasks.Publisher;
import hudson.util.ListBoxModel;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
import java.io.Serializable;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import jenkins.model.Jenkins;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.apache.tools.ant.DirectoryScanner;
import org.jenkinsci.remoting.RoleChecker;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.StaplerRequest;

/* loaded from: input_file:com/synopsys/protecode/sc/jenkins/ProtecodeScIntegrator.class */
public class ProtecodeScIntegrator extends Notifier {
    private String protecodeScGroup;
    private String credentialsId;
    private String artifactDir;
    private boolean convertToSummary;
    private boolean failIfVulns;
    private boolean leaveArtifacts;
    private int scanTimeout;
    private static final String PROTECODE_FILE_TAG = "protecodesc";

    /* loaded from: input_file:com/synopsys/protecode/sc/jenkins/ProtecodeScIntegrator$ApiPoller.class */
    private static class ApiPoller {
        private String id;
        private boolean scanned;
        private HttpApiConnector connector;
        private HttpApiConnector.PollResult result;

        ApiPoller(HttpApiConnector httpApiConnector, String str) {
            this.connector = httpApiConnector;
            this.id = str;
        }

        boolean isScanned() {
            return this.scanned;
        }

        HttpApiConnector.PollResult poll() {
            this.result = this.connector.poll(this.id);
            if (this.result.isReady()) {
                this.scanned = true;
            }
            return this.result;
        }

        public HttpApiConnector.PollResult getResult() {
            return this.result;
        }

        HttpApiConnector getConnector() {
            return this.connector;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/synopsys/protecode/sc/jenkins/ProtecodeScIntegrator$Color.class */
    public enum Color {
        RED("#ff0000"),
        GREEN("#00ff00"),
        YELLOW("#ff9c00"),
        BLACK("#000000");

        private String value;

        Color(String str) {
            this.value = str;
        }

        String getValue() {
            return this.value;
        }
    }

    @Extension
    /* loaded from: input_file:com/synopsys/protecode/sc/jenkins/ProtecodeScIntegrator$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Publisher> {
        private String protecodeScHost;
        private boolean dontCheckCert;

        public DescriptorImpl() {
            load();
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
            this.protecodeScHost = jSONObject.getString("protecodeScHost");
            this.dontCheckCert = jSONObject.getBoolean("dontCheckCert");
            save();
            return super.configure(staplerRequest, jSONObject);
        }

        public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item item) {
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            standardListBoxModel.withEmptySelection();
            standardListBoxModel.withMatching(CredentialsMatchers.anyOf(new CredentialsMatcher[]{CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class)}), CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, item, ACL.SYSTEM, new DomainRequirement[]{new HostnameRequirement(this.protecodeScHost)}));
            return standardListBoxModel;
        }

        public String getDisplayName() {
            return "Protecode SC";
        }

        public String getProtecodeScHost() {
            return this.protecodeScHost;
        }

        public boolean isDontCheckCert() {
            return this.dontCheckCert;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/synopsys/protecode/sc/jenkins/ProtecodeScIntegrator$FileReader.class */
    public static final class FileReader implements FilePath.FileCallable<File> {
        private FileReader() {
        }

        public void checkRoles(RoleChecker roleChecker) throws SecurityException {
        }

        /* renamed from: invoke, reason: merged with bridge method [inline-methods] */
        public File m5invoke(File file, VirtualChannel virtualChannel) throws IOException, InterruptedException {
            return file;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/synopsys/protecode/sc/jenkins/ProtecodeScIntegrator$ScanFileFilter.class */
    public static class ScanFileFilter implements FileFilter, Serializable {
        private ScanFileFilter() {
        }

        @Override // java.io.FileFilter
        public boolean accept(File file) {
            return file.isFile();
        }
    }

    @DataBoundConstructor
    public ProtecodeScIntegrator(String str, String str2, boolean z, String str3, boolean z2, boolean z3, int i) {
        this.convertToSummary = true;
        this.credentialsId = str;
        this.protecodeScGroup = str2;
        this.artifactDir = str3;
        this.convertToSummary = z2;
        this.failIfVulns = z;
        this.leaveArtifacts = z3;
        this.scanTimeout = i > 10 ? i : 10;
    }

    public String getProtecodeScGroup() {
        return this.protecodeScGroup;
    }

    public String getCredentialsId() {
        return this.credentialsId;
    }

    public String getArtifactDir() {
        return this.artifactDir;
    }

    public int getScanTimeout() {
        return this.scanTimeout;
    }

    public boolean isConvertToSummary() {
        return this.convertToSummary;
    }

    public boolean isFailIfVulns() {
        return this.failIfVulns;
    }

    public boolean isLeaveArtifacts() {
        return this.leaveArtifacts;
    }

    public boolean prebuild(AbstractBuild<?, ?> abstractBuild, BuildListener buildListener) {
        if (m3getDescriptor().getProtecodeScHost() != null) {
            return true;
        }
        buildListener.error("Protecode SC host not defined. Configure it to global plugin properties");
        return false;
    }

    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    private List<File> getArtifacts(AbstractBuild<?, ?> abstractBuild, BuildListener buildListener) throws IOException, InterruptedException {
        PrintStream logger = buildListener.getLogger();
        ArrayList arrayList = new ArrayList();
        if (!StringUtils.isEmpty(this.artifactDir)) {
            List<FilePath> list = abstractBuild.getWorkspace().child(this.artifactDir).list(new ScanFileFilter());
            if (list != null) {
                for (FilePath filePath : list) {
                    arrayList.add(filePath.act(new FileReader()));
                    logger.println("Adding file " + filePath.getName() + " for Protecode SC scan");
                }
            } else {
                logger.println(String.format("Could not get additional artifacts from %s", this.artifactDir));
            }
        }
        Iterator it = abstractBuild.getArtifacts().iterator();
        while (it.hasNext()) {
            arrayList.add(((Run.Artifact) it.next()).getFile());
        }
        return arrayList;
    }

    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    public boolean perform(AbstractBuild<?, ?> abstractBuild, Launcher launcher, BuildListener buildListener) throws InterruptedException, IOException {
        HttpApiConnector.PollResult poll;
        PrintStream logger = buildListener.getLogger();
        logger.println("Getting Protecode SC host and credentials");
        DescriptorImpl m3getDescriptor = m3getDescriptor();
        String protecodeScHost = m3getDescriptor.getProtecodeScHost();
        StandardUsernamePasswordCredentials firstOrNull = CredentialsMatchers.firstOrNull(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, Jenkins.getInstance(), ACL.SYSTEM, new DomainRequirement[]{new HostnameRequirement(protecodeScHost)}), CredentialsMatchers.withId(this.credentialsId));
        if (firstOrNull == null) {
            logger.println("No Protecode SC credentials found");
            return false;
        }
        String username = firstOrNull.getUsername();
        String plainText = firstOrNull.getPassword().getPlainText();
        logger.println("Connecting to Protecode SC host at " + protecodeScHost + " as " + username);
        boolean isDontCheckCert = m3getDescriptor.isDontCheckCert();
        List<File> artifacts = getArtifacts(abstractBuild, buildListener);
        ArrayList<ApiPoller> arrayList = new ArrayList();
        for (File file : artifacts) {
            logger.println("Scanning artifact " + file.getAbsolutePath());
            Artifact artifact = new Artifact(file);
            HttpApiConnector httpApiConnector = new HttpApiConnector(buildListener.getLogger(), artifact, protecodeScHost, this.protecodeScGroup, username, plainText, isDontCheckCert);
            ImmutableMap of = ImmutableMap.of("build-id", "" + abstractBuild.getNumber(), "build-url", abstractBuild.getAbsoluteUrl());
            try {
                httpApiConnector.init();
                arrayList.add(new ApiPoller(httpApiConnector, httpApiConnector.sendFile(artifact, of)));
            } catch (ApiAuthenticationException e) {
                logger.println(e.getMessage());
                logger.println("Failed to scan artifact");
                return false;
            } catch (ApiException e2) {
                logger.println(e2.getMessage());
                return false;
            } catch (KeyManagementException | NoSuchAlgorithmException e3) {
                throw new IOException(e3);
            }
        }
        if (arrayList.isEmpty()) {
            logger.println("No artifacts to scan!!");
            return false;
        }
        long currentTimeMillis = System.currentTimeMillis() + (60000 * this.scanTimeout);
        boolean z = true;
        logger.println("Waiting for scans to complete");
        while (z) {
            boolean z2 = false;
            for (ApiPoller apiPoller : arrayList) {
                if (!apiPoller.isScanned() && (poll = apiPoller.poll()) != null && !poll.isReady()) {
                    z2 = true;
                }
            }
            if (System.currentTimeMillis() > currentTimeMillis || !z2) {
                z = false;
            }
            if (z) {
                Thread.sleep(10000L);
            }
        }
        File file2 = new File(abstractBuild.getWorkspace().getRemote(), "reports");
        if (!(file2.isDirectory() || file2.mkdirs())) {
            logger.println("Report directory could not be created.");
            return false;
        }
        ObjectMapper objectMapper = getObjectMapper();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            writeJson(logger, objectMapper, file2, ((ApiPoller) it.next()).getResult());
        }
        boolean z3 = false;
        for (ApiPoller apiPoller2 : arrayList) {
            HttpApiConnector.PollResult result = apiPoller2.getResult();
            apiPoller2.getConnector().close();
            if (result == null || !result.isOk()) {
                if (result == null) {
                    logger.println("No Protecode SC result available");
                }
                z3 = true;
            }
        }
        if (this.convertToSummary) {
            convertToSummary(logger, abstractBuild);
        }
        if (!this.leaveArtifacts && !StringUtils.isEmpty(this.artifactDir)) {
            abstractBuild.getWorkspace().child(this.artifactDir).deleteContents();
        }
        return (z3 && this.failIfVulns) ? false : true;
    }

    private static void convertToSummary(PrintStream printStream, AbstractBuild<?, ?> abstractBuild) throws IOException {
        printStream.println("Creating xml for summary plugin");
        ObjectMapper objectMapper = getObjectMapper();
        try {
            File file = new File(abstractBuild.getWorkspace().getRemote(), "reports");
            printStream.println("Reading json from " + file.getAbsolutePath());
            String[] findJsonFiles = findJsonFiles(file);
            printStream.println(findJsonFiles.length + " files found");
            File artifactsDir = abstractBuild.getArtifactsDir();
            if (!artifactsDir.exists() && !artifactsDir.mkdirs()) {
                printStream.println("XML report directory could not be created.");
                throw new IOException("XML report directory could not be created.");
            }
            File file2 = new File(artifactsDir, "protecodesc.xml");
            printStream.println("Creating xml report to " + file2.getName());
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file2));
            createXmlReport(file, findJsonFiles, objectMapper, bufferedOutputStream);
            bufferedOutputStream.close();
        } catch (NullPointerException e) {
        }
    }

    static void createXmlReport(File file, String[] strArr, ObjectMapper objectMapper, OutputStream outputStream) throws IOException {
        PrintStream printStream = new PrintStream(outputStream, false, "UTF-8");
        printStream.println("<section name=\"Protecode SC analysis result\" fontcolor=\"#000000\">");
        for (String str : strArr) {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(new File(file, str)));
            Throwable th = null;
            try {
                try {
                    ProtecodeSc protecodeSc = (ProtecodeSc) objectMapper.readValue(bufferedInputStream, ProtecodeSc.class);
                    Long exact = protecodeSc.getResults().getSummary().getVulnCount().getExact();
                    String shortDesc = protecodeSc.getResults().getSummary().getVerdict().getShortDesc();
                    String detailed = protecodeSc.getResults().getSummary().getVerdict().getDetailed();
                    printStream.println("<accordion name =\"" + protecodeSc.getArtifactName() + " (" + shortDesc + ")\">");
                    writeField(printStream, "Verdict", detailed, exact.longValue() > 0 ? Color.RED : Color.GREEN);
                    writeField(printStream, "Vulnerabilities", exact.toString(), Color.BLACK);
                    writeField(printStream, "Report", "", Color.BLACK, "<a target=\"_blank\" href=\"" + protecodeSc.getResults().getReport_url() + "\">View full report in Protecode SC </a>");
                    printStream.println("</accordion>");
                    if (bufferedInputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (bufferedInputStream != null) {
                    if (th != null) {
                        try {
                            bufferedInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        bufferedInputStream.close();
                    }
                }
                throw th3;
            }
        }
        printStream.println("</section>");
        printStream.close();
    }

    private static void writeField(PrintStream printStream, String str, String str2, Color color) {
        writeField(printStream, str, str2, color, null);
    }

    private static void writeField(PrintStream printStream, String str, String str2, Color color, String str3) {
        printStream.append((CharSequence) ("<field name=\"" + str + "\" titlecolor=\"black\" value=\"" + str2 + "\" "));
        printStream.append((CharSequence) ("detailcolor=\"" + color.getValue() + "\">\n"));
        if (str3 != null && !str3.isEmpty()) {
            printStream.print("<![CDATA[");
            printStream.print(str3);
            printStream.print("]]>");
        }
        printStream.append("</field>\n");
    }

    private static String[] findJsonFiles(File file) {
        DirectoryScanner directoryScanner = new DirectoryScanner();
        directoryScanner.setIncludes(new String[]{"*-protecodesc.json"});
        directoryScanner.setBasedir(file);
        directoryScanner.scan();
        return directoryScanner.getIncludedFiles();
    }

    private static ObjectMapper getObjectMapper() {
        ObjectMapper objectMapper = new ObjectMapper();
        objectMapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
        objectMapper.configure(MapperFeature.SORT_PROPERTIES_ALPHABETICALLY, true);
        objectMapper.configure(SerializationFeature.INDENT_OUTPUT, true);
        return objectMapper;
    }

    private static void writeJson(PrintStream printStream, ObjectMapper objectMapper, File file, HttpApiConnector.PollResult pollResult) {
        if (pollResult == null || pollResult.getProtecodeSc() == null) {
            printStream.println("No scan result!!");
            return;
        }
        try {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(new File(file, pollResult.getArtifactName() + "-" + PROTECODE_FILE_TAG + ".json")));
            Throwable th = null;
            try {
                try {
                    objectMapper.writeValue(bufferedOutputStream, pollResult.getProtecodeSc());
                    if (bufferedOutputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedOutputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (IOException e) {
            printStream.println(e.toString());
        }
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] and merged with bridge method [inline-methods] */
    public DescriptorImpl m3getDescriptor() {
        return new DescriptorImpl();
    }

    public BuildStepMonitor getRequiredMonitorService() {
        return BuildStepMonitor.BUILD;
    }
}
