package jenkins.security;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.Extension;
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jenkins.model.Jenkins;
import jenkins.util.SystemProperties;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;

@Extension
@Restricted({NoExternalUse.class})
/* loaded from: input_file:WEB-INF/lib/jenkins-core-2.321-rc31711.9a3708f8c1e1.jar:jenkins/security/BasicHeaderRealPasswordAuthenticator.class */
public class BasicHeaderRealPasswordAuthenticator extends BasicHeaderAuthenticator {
    private AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource();
    private static final Logger LOGGER = Logger.getLogger(BasicHeaderRealPasswordAuthenticator.class.getName());

    @SuppressFBWarnings({"MS_SHOULD_BE_FINAL"})
    public static boolean DISABLE = SystemProperties.getBoolean("jenkins.security.ignoreBasicAuth");

    @Override // jenkins.security.BasicHeaderAuthenticator
    public Authentication authenticate2(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws IOException, ServletException {
        if (DISABLE) {
            return null;
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(str, str2);
        usernamePasswordAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
        try {
            Authentication authenticate = Jenkins.get().getSecurityRealm().getSecurityComponents().manager2.authenticate(usernamePasswordAuthenticationToken);
            LOGGER.log(Level.FINER, "Authentication success: {0}", authenticate);
            return authenticate;
        } catch (AuthenticationException e) {
            LOGGER.log(Level.FINER, "Authentication request for user: {0} failed: {1}", new Object[]{str, e});
            return null;
        }
    }
}
