package com.qualys.plugins.containerSecurity.config;

import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardCredentials;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.qualys.plugins.common.QualysAuth.QualysAuth;
import com.qualys.plugins.common.QualysClient.QualysCSClient;
import com.qualys.plugins.common.QualysClient.QualysCSTestConnectionResponse;
import com.qualys.plugins.containerSecurity.GetImageVulnsNotifier;
import com.qualys.plugins.containerSecurity.util.Helper;
import hudson.Extension;
import hudson.XmlFile;
import hudson.init.InitMilestone;
import hudson.init.Initializer;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import hudson.util.Secret;
import hudson.util.XStream2;
import java.io.File;
import java.util.ArrayList;
import java.util.Collections;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import jenkins.model.GlobalConfiguration;
import jenkins.model.Jenkins;
import net.sf.json.JSONObject;
import org.acegisecurity.Authentication;
import org.apache.commons.lang.StringUtils;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.verb.POST;

@Extension
/* loaded from: input_file:WEB-INF/lib/qualys-cs_1.6.2.3.jar:com/qualys/plugins/containerSecurity/config/QualysGlobalConfig.class */
public class QualysGlobalConfig extends GlobalConfiguration {
    private String apiServer;
    private String credentialsId;
    private String pollingInterval;
    private String vulnsTimeout;
    private boolean isFailOnSevereVulns;
    private int severity1Limit;
    private int severity2Limit;
    private int severity3Limit;
    private int severity4Limit;
    private int severity5Limit;
    private String proxyServer;
    private int proxyPort;
    private String proxyCredentialsId;
    private String proxyUsername;
    private Secret proxyPassword;
    private String excludeBy;
    private boolean isExcludeConditions;
    private String excludeList;
    private boolean isFailOnQidFound;
    private String qidList;
    private boolean isFailOnCVEs;
    private String cveList;
    private String softwareList;
    private String webhookUrl;
    private String dockerCert;
    private String cvssVersion;
    private String cvssThreshold;
    private static final XStream2 XSTREAM2 = new XStream2();
    private static final Logger logger = Logger.getLogger(GetImageVulnsNotifier.class.getName());
    private boolean isSev1Vulns = false;
    private boolean isSev2Vulns = false;
    private boolean isSev3Vulns = false;
    private boolean isSev4Vulns = false;
    private boolean isSev5Vulns = false;
    private boolean useProxy = false;
    private boolean isFailOnSoftware = false;
    private boolean isPotentialVulnsToBeChecked = false;
    private String dockerUrl = "unix:///var/run/docker.sock";
    private boolean failByCvss = false;
    private final String URL_REGEX = "^(https?)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]";
    private final String PROXY_REGEX = "^((https?)://)?[-a-zA-Z0-9+&@#/%?=~_|!,.;]*[-a-zA-Z0-9+&@#/%=~_|]";
    private final String TIMEOUT_PERIOD_REGEX = "^(\\d+[*]?)*(?<!\\*)$";

    public QualysGlobalConfig() {
        load();
    }

    @Initializer(before = InitMilestone.PLUGINS_STARTED)
    public static void xStreamCompatibility() {
        XSTREAM2.addCompatibilityAlias("jenkins.plugins.qualys_cs.QualysCS$DescriptorImpl", QualysGlobalConfig.class);
        XSTREAM2.addCompatibilityAlias("jenkins.plugins.qualys_cs.util.NameValuePair", QualysGlobalConfig.class);
    }

    protected XmlFile getConfigFile() {
        return new XmlFile(XSTREAM2, new File(Jenkins.getInstance().getRootDir(), "jenkins.plugins.qualys_cs.QualysCS.xml"));
    }

    public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
        staplerRequest.bindJSON(this, jSONObject);
        save();
        return true;
    }

    public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String str) {
        StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
        if (item == null) {
            if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
                return standardListBoxModel.add(str);
            }
        } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
            return standardListBoxModel.add(str);
        }
        return standardListBoxModel.withEmptySelection().withAll(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, item, (Authentication) null, Collections.emptyList())).withMatching(CredentialsMatchers.withId(str), new StandardCredentials[0]);
    }

    @POST
    public ListBoxModel doFillProxyCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String str) {
        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
        StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
        if (item == null) {
            if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
                return standardListBoxModel.add(str);
            }
        } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
            return standardListBoxModel.add(str);
        }
        return standardListBoxModel.withEmptySelection().withAll(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, item, (Authentication) null, Collections.emptyList())).withMatching(CredentialsMatchers.withId(str), new StandardCredentials[0]);
    }

    public FormValidation doCheckCveList(@QueryParameter String str) {
        return !Helper.isValidCVEList(str) ? FormValidation.error("Enter valid CVEs!") : FormValidation.ok();
    }

    @POST
    public FormValidation doCheckConnection(@QueryParameter String str, @QueryParameter String str2, @QueryParameter String str3, @QueryParameter String str4, @QueryParameter String str5, @QueryParameter boolean z, @AncestorInPath Item item) {
        Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
        String str6 = "";
        String str7 = "";
        String str8 = "";
        String str9 = "";
        if (StringUtils.isNotEmpty(str2)) {
            StandardUsernamePasswordCredentials firstOrNull = CredentialsMatchers.firstOrNull(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, item, (Authentication) null, Collections.emptyList()), CredentialsMatchers.withId(str2));
            str6 = firstOrNull != null ? firstOrNull.getUsername() : "";
            str7 = firstOrNull != null ? firstOrNull.getPassword().getPlainText() : "";
        }
        if (StringUtils.isNotEmpty(str5)) {
            StandardUsernamePasswordCredentials firstOrNull2 = CredentialsMatchers.firstOrNull(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, item, (Authentication) null, Collections.emptyList()), CredentialsMatchers.withId(str5));
            str8 = firstOrNull2 != null ? firstOrNull2.getUsername() : "";
            str9 = firstOrNull2 != null ? firstOrNull2.getPassword().getPlainText() : "";
        }
        try {
            String trim = str.trim();
            FormValidation doCheckApiServer = doCheckApiServer(trim);
            FormValidation doCheckProxyServer = doCheckProxyServer(str3);
            FormValidation doCheckProxyPort = doCheckProxyPort(str4);
            ArrayList arrayList = new ArrayList();
            if (doCheckApiServer != FormValidation.ok()) {
                arrayList.add("API Server URL");
            }
            if (str2 == null || StringUtils.isBlank(str2)) {
                arrayList.add("Credentials");
            }
            if (z) {
                if (doCheckProxyServer != FormValidation.ok()) {
                    arrayList.add("Proxy Server");
                }
                if (doCheckProxyPort != FormValidation.ok()) {
                    arrayList.add("Proxy Port");
                }
            }
            if (!arrayList.isEmpty()) {
                return FormValidation.error("Invalid inputs for the following fields: " + String.join(", ", arrayList));
            }
            QualysAuth qualysAuth = new QualysAuth();
            qualysAuth.setQualysCredentials(trim, str6, str7);
            if (z) {
                qualysAuth.setProxyCredentials(str3, str8, str9, Integer.parseInt(str4));
            }
            QualysCSTestConnectionResponse testConnection = new QualysCSClient(qualysAuth, System.out).testConnection();
            logger.info("Received response : " + testConnection);
            return !testConnection.success ? FormValidation.error(testConnection.message) : FormValidation.ok("Connection test successful!");
        } catch (Exception e) {
            e.printStackTrace();
            return FormValidation.error("Connection test failed. (Reason: Wrong inputs. Please check API Server and Proxy details.)");
        }
    }

    public FormValidation doCheckApiServer(@QueryParameter String str) {
        try {
            return !Pattern.compile("^(https?)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]").matcher(str.trim()).matches() ? FormValidation.error("Server name is not valid!") : FormValidation.ok();
        } catch (Exception e) {
            return FormValidation.error(e.getMessage());
        }
    }

    public FormValidation doCheckWebhookUrl(@QueryParameter String str) {
        try {
            if (!StringUtils.isEmpty(str) && !Pattern.compile("^(https?)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]").matcher(str).matches()) {
                return FormValidation.error("Webhook Url is not valid!");
            }
            return FormValidation.ok();
        } catch (Exception e) {
            return FormValidation.error(e.getMessage());
        }
    }

    public FormValidation doCheckApiUser(@QueryParameter String str) {
        try {
            return str.trim().equals("") ? FormValidation.error("API Username cannot be empty.") : FormValidation.ok();
        } catch (Exception e) {
            return FormValidation.error(e.getMessage());
        }
    }

    public FormValidation doCheckApiPass(@QueryParameter String str) {
        try {
            return str.trim().equals("") ? FormValidation.error("API Password cannot be empty.") : FormValidation.ok();
        } catch (Exception e) {
            return FormValidation.error(e.getMessage());
        }
    }

    public FormValidation doCheckPollingInterval(@QueryParameter String str) {
        try {
            if (str.trim().equals("")) {
                return FormValidation.ok();
            }
            if (!Pattern.compile("^(\\d+[*]?)*(?<!\\*)$").matcher(str).matches()) {
                return FormValidation.error("Timeout period is not valid!");
            }
            try {
                long j = 1;
                for (String str2 : str.split("\\*")) {
                    j *= Long.parseLong(str2);
                }
                return j < 30 ? FormValidation.error("Polling Interval Should not be less than 30 seconds") : FormValidation.ok();
            } catch (Exception e) {
                return FormValidation.error("Please enter valid Polling Interval");
            }
        } catch (Exception e2) {
            return FormValidation.error("Timeout period string : " + str + ", reason = " + e2);
        }
    }

    public FormValidation doCheckVulnsTimeout(@QueryParameter String str) {
        try {
            if (!str.trim().equals("") && !Pattern.compile("^(\\d+[*]?)*(?<!\\*)$").matcher(str).matches()) {
                return FormValidation.error("Timeout period is not valid!");
            }
            return FormValidation.ok();
        } catch (Exception e) {
            return FormValidation.error("Timeout period string : " + str + ", reason = " + e);
        }
    }

    public FormValidation doCheckSeverity1Limit(@QueryParameter String str) {
        if (str != null) {
            try {
                if (!str.isEmpty() && Integer.parseInt(str) < 0) {
                    return FormValidation.error("Please enter a number greater than or equal to 0.");
                }
            } catch (Exception e) {
                return FormValidation.error("Enter valid number!");
            }
        }
        return FormValidation.ok();
    }

    public FormValidation doCheckSeverity2Limit(@QueryParameter String str) {
        if (str != null) {
            try {
                if (!str.isEmpty() && Integer.parseInt(str) < 0) {
                    return FormValidation.error("Please enter a number greater than or equal to 0.");
                }
            } catch (Exception e) {
                return FormValidation.error("Enter valid number!");
            }
        }
        return FormValidation.ok();
    }

    public FormValidation doCheckSeverity3Limit(@QueryParameter String str) {
        if (str != null) {
            try {
                if (!str.isEmpty() && Integer.parseInt(str) < 0) {
                    return FormValidation.error("Please enter a number greater than or equal to 0.");
                }
            } catch (Exception e) {
                return FormValidation.error("Enter valid number!");
            }
        }
        return FormValidation.ok();
    }

    public FormValidation doCheckSeverity4Limit(@QueryParameter String str) {
        if (str != null) {
            try {
                if (!str.isEmpty() && Integer.parseInt(str) < 0) {
                    return FormValidation.error("Please enter a number greater than or equal to 0.");
                }
            } catch (Exception e) {
                return FormValidation.error("Enter valid number!");
            }
        }
        return FormValidation.ok();
    }

    public FormValidation doCheckSeverity5Limit(@QueryParameter String str) {
        if (str != null) {
            try {
                if (!str.isEmpty() && Integer.parseInt(str) < 0) {
                    return FormValidation.error("Please enter a number greater than or equal to 0.");
                }
            } catch (Exception e) {
                return FormValidation.error("Enter valid number!");
            }
        }
        return FormValidation.ok();
    }

    public FormValidation doCheckQidList(@QueryParameter String str) {
        if (str == null || str.isEmpty()) {
            return FormValidation.ok();
        }
        try {
            for (String str2 : str.split(",")) {
                if (str2.contains("-")) {
                    String[] split = str2.split("-");
                    if (Integer.parseInt(split[0]) > Integer.parseInt(split[1])) {
                        return FormValidation.error("Enter valid QID range");
                    }
                } else {
                    Integer.parseInt(str2);
                }
            }
            return FormValidation.ok();
        } catch (RuntimeException e) {
            return FormValidation.error("Enter valid QID range/numbers");
        } catch (Exception e2) {
            return FormValidation.error("Enter valid QID range/numbers");
        }
    }

    public FormValidation doCheckQidExcludeList(@QueryParameter String str) {
        if (str == null || str.isEmpty()) {
            return FormValidation.ok();
        }
        try {
            for (String str2 : str.split(",")) {
                if (str2.contains("-")) {
                    String[] split = str2.split("-");
                    if (Integer.parseInt(split[0]) > Integer.parseInt(split[1])) {
                        return FormValidation.error("Enter valid QID range");
                    }
                } else {
                    Integer.parseInt(str2);
                }
            }
            return FormValidation.ok();
        } catch (RuntimeException e) {
            return FormValidation.error("Enter valid QID range/numbers");
        } catch (Exception e2) {
            return FormValidation.error("Enter valid QID range/numbers");
        }
    }

    public FormValidation doCheckProxyServer(@QueryParameter String str) {
        try {
            return !Pattern.compile("^((https?)://)?[-a-zA-Z0-9+&@#/%?=~_|!,.;]*[-a-zA-Z0-9+&@#/%=~_|]").matcher(str).matches() ? FormValidation.error("Enter valid server url!") : FormValidation.ok();
        } catch (Exception e) {
            return FormValidation.error(e.getMessage());
        }
    }

    public FormValidation doCheckProxyPort(@QueryParameter String str) {
        if (str != null) {
            try {
                if (!str.isEmpty() && str.trim().length() > 0) {
                    int parseInt = Integer.parseInt(str);
                    return (parseInt < 1 || parseInt > 65535) ? FormValidation.error("Please enter a valid port number!") : FormValidation.ok();
                }
            } catch (RuntimeException e) {
                return FormValidation.error("Enter valid port number!");
            } catch (Exception e2) {
                return FormValidation.error("Enter valid port number!");
            }
        }
        return FormValidation.error("Please enter a valid port number!");
    }

    public FormValidation doCheckCvssThreshold(@QueryParameter String str) {
        if (str != null) {
            try {
                if (!str.isEmpty()) {
                    try {
                        double parseDouble = Double.parseDouble(str);
                        if (parseDouble < 0.0d || parseDouble > 10.0d) {
                            return FormValidation.error("Please enter a number in range of 0.0 to 10.0");
                        }
                    } catch (NumberFormatException e) {
                        return FormValidation.error("Input is not a valid number. " + e.getMessage());
                    }
                }
            } catch (RuntimeException e2) {
                return FormValidation.error("Enter valid number!");
            } catch (Exception e3) {
                return FormValidation.error("Enter valid number!");
            }
        }
        return FormValidation.ok();
    }

    public static QualysGlobalConfig get() {
        return (QualysGlobalConfig) GlobalConfiguration.all().get(QualysGlobalConfig.class);
    }

    public String getApiServer() {
        return this.apiServer;
    }

    public void setApiServer(String str) {
        this.apiServer = str.trim();
    }

    public void setPollingInterval(String str) {
        this.pollingInterval = str;
    }

    public String getPollingInterval() {
        return this.pollingInterval;
    }

    public void setVulnsTimeout(String str) {
        this.vulnsTimeout = str;
    }

    public String getVulnsTimeout() {
        return this.vulnsTimeout;
    }

    public boolean getIsFailOnSevereVulns() {
        return this.isFailOnSevereVulns;
    }

    public void setIsFailOnSevereVulns(boolean z) {
        this.isFailOnSevereVulns = z;
    }

    public void setSeverity1Limit(int i) {
        this.severity1Limit = i;
    }

    public int getSeverity1Limit() {
        return this.severity1Limit;
    }

    public void setSeverity2Limit(int i) {
        this.severity2Limit = i;
    }

    public int getSeverity2Limit() {
        return this.severity2Limit;
    }

    public void setSeverity3Limit(int i) {
        this.severity3Limit = i;
    }

    public int getSeverity3Limit() {
        return this.severity3Limit;
    }

    public void setSeverity4Limit(int i) {
        this.severity4Limit = i;
    }

    public int getSeverity4Limit() {
        return this.severity4Limit;
    }

    public void setSeverity5Limit(int i) {
        this.severity5Limit = i;
    }

    public int getSeverity5Limit() {
        return this.severity5Limit;
    }

    public void setIsSev1Vulns(boolean z) {
        this.isSev1Vulns = z;
    }

    public boolean getIsSev1Vulns() {
        return this.isSev1Vulns;
    }

    public void setIsSev2Vulns(boolean z) {
        this.isSev2Vulns = z;
    }

    public boolean getIsSev2Vulns() {
        return this.isSev2Vulns;
    }

    public void setIsSev3Vulns(boolean z) {
        this.isSev3Vulns = z;
    }

    public boolean getIsSev3Vulns() {
        return this.isSev3Vulns;
    }

    public void setIsSev4Vulns(boolean z) {
        this.isSev4Vulns = z;
    }

    public boolean getIsSev4Vulns() {
        return this.isSev4Vulns;
    }

    public void setIsSev5Vulns(boolean z) {
        this.isSev5Vulns = z;
    }

    public boolean getIsSev5Vulns() {
        return this.isSev5Vulns;
    }

    public void setProxyServer(String str) {
        this.proxyServer = str;
    }

    public String getProxyServer() {
        return this.proxyServer;
    }

    public void setProxyPort(int i) {
        this.proxyPort = i;
    }

    public int getProxyPort() {
        return this.proxyPort;
    }

    public void setProxyCredentialsId(String str) {
        this.proxyCredentialsId = str;
    }

    public String getProxyCredentialsId() {
        return this.proxyCredentialsId;
    }

    public void setUseProxy(boolean z) {
        this.useProxy = z;
    }

    public boolean getUseProxy() {
        return this.useProxy;
    }

    public void setIsFailOnQidFound(boolean z) {
        this.isFailOnQidFound = z;
    }

    public boolean getIsFailOnQidFound() {
        return this.isFailOnQidFound;
    }

    public boolean getFailByCvss() {
        return this.failByCvss;
    }

    @DataBoundSetter
    public void setFailByCvss(boolean z) {
        this.failByCvss = z;
    }

    public String getCvssVersion() {
        return this.cvssVersion;
    }

    @DataBoundSetter
    public void setCvssVersion(String str) {
        this.cvssVersion = str;
    }

    public String getCvssThreshold() {
        return this.cvssThreshold;
    }

    @DataBoundSetter
    public void setCvssThreshold(String str) {
        this.cvssThreshold = str;
    }

    public void setQidList(String str) {
        this.qidList = str;
    }

    public String getQidList() {
        return this.qidList;
    }

    public boolean getIsPotentialVulnsToBeChecked() {
        return this.isPotentialVulnsToBeChecked;
    }

    public void setIsPotentialVulnsToBeChecked(boolean z) {
        this.isPotentialVulnsToBeChecked = z;
    }

    public void setCredentialsId(String str) {
        this.credentialsId = str;
    }

    public String getCredentialsId() {
        return this.credentialsId;
    }

    public String getWebhookUrl() {
        return this.webhookUrl;
    }

    public void setWebhookUrl(String str) {
        this.webhookUrl = str;
    }

    public boolean getIsFailOnCVEs() {
        return this.isFailOnCVEs;
    }

    public String getProxyUsername() {
        return this.proxyUsername;
    }

    @DataBoundSetter
    public void setProxyUsername(String str) {
        this.proxyUsername = str;
    }

    public Secret getProxyPassword() {
        return this.proxyPassword;
    }

    @DataBoundSetter
    public void setProxyPassword(String str) {
        this.proxyPassword = Secret.fromString(str);
    }

    public String getCveList() {
        return this.cveList;
    }

    public void setIsFailOnCVEs(boolean z) {
        this.isFailOnCVEs = z;
    }

    public void setCveList(String str) {
        this.cveList = str;
    }

    public void setDockerUrl(String str) {
        this.dockerUrl = str;
    }

    public String getDockerUrl() {
        return this.dockerUrl;
    }

    public void setDockerCert(String str) {
        this.dockerCert = str;
    }

    public String getDockerCert() {
        return this.dockerCert;
    }

    public boolean getIsExcludeConditions() {
        return this.isExcludeConditions;
    }

    public void setIsExcludeConditions(boolean z) {
        this.isExcludeConditions = z;
    }

    public String getExcludeList() {
        return this.excludeList;
    }

    public void setExcludeList(String str) {
        this.excludeList = str;
    }

    public String getExcludeBy() {
        return this.excludeBy;
    }

    public void setExcludeBy(String str) {
        this.excludeBy = str;
    }

    public void setSoftwareList(String str) {
        this.softwareList = str;
    }

    public boolean getIsFailOnSoftware() {
        return this.isFailOnSoftware;
    }

    public void setIsFailOnSoftware(boolean z) {
        this.isFailOnSoftware = z;
    }

    public String getSoftwareList() {
        return this.softwareList;
    }
}
