package jenkins.security;

import hudson.Extension;
import hudson.ExtensionList;
import hudson.Util;
import hudson.model.Descriptor;
import hudson.util.FormValidation;
import java.net.MalformedURLException;
import java.net.URL;
import javax.servlet.http.HttpServletRequest;
import jenkins.diagnostics.RootUrlNotSetMonitor;
import jenkins.model.GlobalConfiguration;
import jenkins.model.JenkinsLocationConfiguration;
import jenkins.util.UrlHelper;
import net.sf.json.JSONObject;
import org.jenkinsci.Symbol;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.Stapler;
import org.kohsuke.stapler.StaplerRequest;
import org.springframework.aop.framework.autoproxy.target.QuickTargetSourceCreator;

@Extension(ordinal = 199.0d)
@Restricted({NoExternalUse.class})
@Symbol({"resourceDomain"})
/* loaded from: input_file:WEB-INF/lib/jenkins-core-2.199-rc28766.41919ee78292.jar:jenkins/security/ResourceDomainConfiguration.class */
public class ResourceDomainConfiguration extends GlobalConfiguration {
    private String resourceRootUrl;

    public ResourceDomainConfiguration() {
        load();
    }

    @Override // jenkins.model.GlobalConfiguration, hudson.model.Descriptor
    public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
        staplerRequest.bindJSON(this, jSONObject);
        save();
        return true;
    }

    public FormValidation doCheckResourceRootUrl(@QueryParameter("resourceRootUrl") String str) {
        if (((RootUrlNotSetMonitor) ExtensionList.lookupSingleton(RootUrlNotSetMonitor.class)).isActivated()) {
            return FormValidation.warning(Messages.ResourceDomainConfiguration_NeedsRootURL());
        }
        String fixEmptyAndTrim = Util.fixEmptyAndTrim(str);
        if (fixEmptyAndTrim == null) {
            return FormValidation.ok(Messages.ResourceDomainConfiguration_Empty());
        }
        if (!UrlHelper.isValidRootUrl(fixEmptyAndTrim)) {
            return FormValidation.warning(Messages.ResourceDomainConfiguration_Invalid());
        }
        try {
            String host = new URL(fixEmptyAndTrim).getHost();
            try {
                if (new URL(JenkinsLocationConfiguration.get().getUrl()).getHost().equals(host)) {
                    return FormValidation.error(Messages.ResourceDomainConfiguration_SameAsJenkinsRoot());
                }
                StaplerRequest currentRequest = Stapler.getCurrentRequest();
                return (currentRequest == null || !currentRequest.getHeader("Host").equals(host)) ? FormValidation.ok() : FormValidation.warning(Messages.ResourceDomainConfiguration_SameAsCurrent());
            } catch (Exception e) {
                return FormValidation.warning(Messages.ResourceDomainConfiguration_NeedsRootURL());
            }
        } catch (MalformedURLException e2) {
            return FormValidation.warning(Messages.ResourceDomainConfiguration_Invalid());
        }
    }

    public String getResourceRootUrl() {
        return this.resourceRootUrl;
    }

    public void setResourceRootUrl(String str) {
        if (doCheckResourceRootUrl(str).kind == FormValidation.Kind.OK) {
            this.resourceRootUrl = Util.fixEmpty(str);
        }
    }

    public static boolean isResourceRequest(HttpServletRequest httpServletRequest) {
        if (!isResourceDomainConfigured()) {
            return false;
        }
        try {
            URL url = new URL(get().getResourceRootUrl());
            String host = url.getHost();
            if (url.getPort() != -1) {
                host = host + QuickTargetSourceCreator.PREFIX_COMMONS_POOL + url.getPort();
            }
            return host.equals(httpServletRequest.getHeader("Host"));
        } catch (MalformedURLException e) {
            return false;
        }
    }

    public static boolean isResourceDomainConfigured() {
        String resourceRootUrl = get().getResourceRootUrl();
        return (resourceRootUrl == null || resourceRootUrl.isEmpty()) ? false : true;
    }

    public static ResourceDomainConfiguration get() {
        return (ResourceDomainConfiguration) ExtensionList.lookupSingleton(ResourceDomainConfiguration.class);
    }
}
