package org.sonar.plugins.fortify.client;

import com.fortify.schema.fws.CreateAuditSessionRequest;
import com.fortify.schema.fws.DescriptionAndRecommendationRequest;
import com.fortify.schema.fws.DescriptionAndRecommendationResponse;
import com.fortify.schema.fws.InvalidateAuditSessionRequest;
import com.fortify.schema.fws.IssueListRequest;
import com.fortify.schema.fws.MeasurementHistoryListRequest;
import com.fortify.schema.fws.Services;
import com.fortify.schema.fws.VariableHistoryListRequest;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import javax.annotation.Nullable;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonar.api.BatchExtension;
import org.sonar.api.config.Settings;
import xmlns.www_fortify_com.schema.issuemanagement.IssueInstance;
import xmlns.www_fortify_com.schema.issuemanagement.IssueListDescription;
import xmlns.www_fortifysoftware_com.schema.wstypes.MeasurementHistory;
import xmlns.www_fortifysoftware_com.schema.wstypes.Project;
import xmlns.www_fortifysoftware_com.schema.wstypes.ProjectIdentifier;
import xmlns.www_fortifysoftware_com.schema.wstypes.ProjectVersionLite;
import xmlns.www_fortifysoftware_com.schema.wstypes.VariableHistory;

/* loaded from: input_file:org/sonar/plugins/fortify/client/FortifyClient.class */
public class FortifyClient implements BatchExtension {
    public static final String PROPERTY_ENABLE = "sonar.fortify.enable";
    public static final String PROPERTY_LOGIN = "sonar.fortify.sscLogin.secured";
    public static final String PROPERTY_PASSWORD = "sonar.fortify.sscPassword.secured";
    public static final String PROPERTY_URL = "sonar.fortify.sscUrl";
    private static final Logger LOG = LoggerFactory.getLogger(FortifyClient.class);
    private static final int HTTP_TIMEOUT_MILLISEC = 3600000;
    private final Settings settings;
    private Services services;

    public FortifyClient(Settings settings) {
        this(settings, null);
    }

    @VisibleForTesting
    FortifyClient(Settings settings, @Nullable Services services) {
        this.settings = settings;
        this.services = services;
    }

    public void start() {
        if (!this.settings.getBoolean(PROPERTY_ENABLE)) {
            LOG.info("Import of Fortify report is disabled (see sonar.fortify.enable)");
            return;
        }
        String string = this.settings.getString(PROPERTY_URL);
        if (Strings.isNullOrEmpty(string)) {
            LOG.info("Fortify SSC Server URL is missing. Please check the property sonar.fortify.sscUrl");
        } else {
            LOG.info("Import of Fortify report is enabled. SSC Server is: " + string);
            initServices(string, this.settings.getString(PROPERTY_LOGIN), this.settings.getString(PROPERTY_PASSWORD));
        }
    }

    private void initServices(String str, String str2, String str3) {
        this.services = (Services) initCxf(str, str2, str3).create(Services.class);
        Client client = ClientProxy.getClient(this.services);
        if (client != null) {
            HTTPConduit hTTPConduit = (HTTPConduit) client.getConduit();
            HTTPClientPolicy hTTPClientPolicy = new HTTPClientPolicy();
            hTTPClientPolicy.setConnectionTimeout(3600000L);
            hTTPClientPolicy.setReceiveTimeout(3600000L);
            hTTPConduit.setClient(hTTPClientPolicy);
        }
    }

    @VisibleForTesting
    static JaxWsProxyFactoryBean initCxf(String str, String str2, String str3) {
        JaxWsProxyFactoryBean jaxWsProxyFactoryBean = new JaxWsProxyFactoryBean();
        jaxWsProxyFactoryBean.setServiceClass(Services.class);
        jaxWsProxyFactoryBean.setAddress(str + "/fm-ws/services");
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put("action", "UsernameToken Timestamp");
        newHashMap.put(WSHandlerConstants.USER, str2);
        newHashMap.put("passwordType", WSConstants.PW_TEXT);
        newHashMap.put(WSHandlerConstants.PW_CALLBACK_REF, new PasswordCallback(str3));
        jaxWsProxyFactoryBean.getOutInterceptors().add(new WSS4JOutInterceptor(newHashMap));
        HashMap newHashMap2 = Maps.newHashMap();
        newHashMap2.put("action", "Timestamp");
        jaxWsProxyFactoryBean.getInInterceptors().add(new WSS4JInInterceptor(newHashMap2));
        return jaxWsProxyFactoryBean;
    }

    @VisibleForTesting
    Services getServices() {
        return this.services;
    }

    public boolean isEnabled() {
        return this.services != null;
    }

    public List<Project> getProjects() {
        return this.services.projectList("").getProject();
    }

    public List<ProjectVersionLite> getProjectVersions() {
        return this.services.activeProjectVersionList("").getProjectVersion();
    }

    public List<IssueWrapper> getIssues(long j) {
        String createAuditSession = createAuditSession(j);
        try {
            ProjectIdentifier projectIdentifier = new ProjectIdentifier();
            projectIdentifier.setProjectVersionId(Long.valueOf(j));
            IssueListRequest issueListRequest = new IssueListRequest();
            issueListRequest.setSessionId(createAuditSession);
            issueListRequest.setProjectIdentifier(projectIdentifier);
            IssueListDescription issueListDescription = new IssueListDescription();
            issueListDescription.setIncludeRemoved(false);
            issueListDescription.setIncludeSuppressed(false);
            issueListRequest.setIssueListDescription(issueListDescription);
            ArrayList newArrayList = Lists.newArrayList();
            for (IssueInstance issueInstance : this.services.issueList(issueListRequest).getIssueList().getIssues().getIssue()) {
                IssueWrapper create = IssueWrapper.create(issueInstance);
                newArrayList.add(create);
                DescriptionAndRecommendationRequest descriptionAndRecommendationRequest = new DescriptionAndRecommendationRequest();
                descriptionAndRecommendationRequest.setProjectIdentifier(projectIdentifier);
                descriptionAndRecommendationRequest.setIssueId(issueInstance.getInstanceId());
                descriptionAndRecommendationRequest.setSessionId(createAuditSession);
                DescriptionAndRecommendationResponse descriptionAndRecommendation = this.services.descriptionAndRecommendation(descriptionAndRecommendationRequest);
                if (descriptionAndRecommendation != null) {
                    create.setHtmlAbstract(descriptionAndRecommendation.getAbstract());
                }
            }
            return newArrayList;
        } finally {
            closeAuditSession(createAuditSession);
        }
    }

    private String createAuditSession(long j) {
        CreateAuditSessionRequest createAuditSessionRequest = new CreateAuditSessionRequest();
        createAuditSessionRequest.setProjectVersionId(Long.valueOf(j));
        return this.services.createAuditSession(createAuditSessionRequest).getSessionId();
    }

    private void closeAuditSession(@Nullable String str) {
        if (str != null) {
            try {
                InvalidateAuditSessionRequest invalidateAuditSessionRequest = new InvalidateAuditSessionRequest();
                invalidateAuditSessionRequest.setSessionId(str);
                this.services.invalidateAuditSession(invalidateAuditSessionRequest);
            } catch (Exception e) {
                LoggerFactory.getLogger(FortifyClient.class).error("Fail to close audit session " + str, e);
            }
        }
    }

    public List<VariableHistory> getVariables(long j, List<String> list) {
        VariableHistoryListRequest variableHistoryListRequest = new VariableHistoryListRequest();
        variableHistoryListRequest.getProjectVersionIDs().add(Long.valueOf(j));
        variableHistoryListRequest.getVariableGuids().addAll(list);
        return FortifyClientUtils.keepMoreRecent(this.services.variableHistoryList(variableHistoryListRequest));
    }

    public List<MeasurementHistory> getPerformanceIndicators(long j, List<String> list) {
        MeasurementHistoryListRequest measurementHistoryListRequest = new MeasurementHistoryListRequest();
        measurementHistoryListRequest.getProjectVersionIDs().add(Long.valueOf(j));
        measurementHistoryListRequest.getMeasurementGuids().addAll(list);
        return FortifyClientUtils.keepMoreRecent(this.services.measurementHistoryList(measurementHistoryListRequest));
    }
}
