package hudson;

import com.thoughtworks.xstream.XStream;
import edu.umd.cs.findbugs.annotations.CheckForNull;
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.model.AbstractDescribableImpl;
import hudson.model.Descriptor;
import hudson.model.Saveable;
import hudson.model.listeners.SaveableListener;
import hudson.util.FormValidation;
import hudson.util.Scrambler;
import hudson.util.Secret;
import hudson.util.XStream2;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.Serializable;
import java.net.Authenticator;
import java.net.HttpURLConnection;
import java.net.InetSocketAddress;
import java.net.PasswordAuthentication;
import java.net.Proxy;
import java.net.ProxySelector;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLConnection;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import jenkins.model.Jenkins;
import jenkins.model.ProjectNamingStrategy;
import jenkins.security.stapler.StaplerAccessibleType;
import jenkins.util.JenkinsJVM;
import jenkins.util.SystemProperties;
import org.eclipse.jetty.util.URIUtil;
import org.jenkinsci.Symbol;
import org.jvnet.robust_http_client.RetryableHttpStream;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.interceptor.RequirePOST;

@StaplerAccessibleType
/* loaded from: input_file:WEB-INF/lib/jenkins-core-2.379-rc33115.36646eb_ff38b.jar:hudson/ProxyConfiguration.class */
public final class ProxyConfiguration extends AbstractDescribableImpl<ProxyConfiguration> implements Saveable, Serializable {
    public final String name;
    public final int port;
    private String userName;

    @Restricted({NoExternalUse.class})
    public String noProxyHost;

    @Deprecated
    private String password;
    private Secret secretPassword;
    private String testUrl;
    private transient Authenticator authenticator;
    private transient boolean authCacheSeeded;
    private static final long serialVersionUID = 1;
    private static final int DEFAULT_CONNECT_TIMEOUT_MILLIS = SystemProperties.getInteger("hudson.ProxyConfiguration.DEFAULT_CONNECT_TIMEOUT_MILLIS", Integer.valueOf((int) TimeUnit.SECONDS.toMillis(20))).intValue();
    private static final XStream XSTREAM = new XStream2();

    @Extension
    @Symbol({"proxy"})
    /* loaded from: input_file:WEB-INF/lib/jenkins-core-2.379-rc33115.36646eb_ff38b.jar:hudson/ProxyConfiguration$DescriptorImpl.class */
    public static class DescriptorImpl extends Descriptor<ProxyConfiguration> {
        @Override // hudson.model.Descriptor
        @NonNull
        public String getDisplayName() {
            return "Proxy Configuration";
        }

        public FormValidation doCheckPort(@QueryParameter String str) {
            String fixEmptyAndTrim = Util.fixEmptyAndTrim(str);
            if (fixEmptyAndTrim == null) {
                return FormValidation.ok();
            }
            try {
                int parseInt = Integer.parseInt(fixEmptyAndTrim);
                return (parseInt < 0 || parseInt > 65535) ? FormValidation.error(Messages.PluginManager_PortNotInRange(0, 65535)) : FormValidation.ok();
            } catch (NumberFormatException e) {
                return FormValidation.error(Messages.PluginManager_PortNotANumber());
            }
        }

        @RequirePOST
        @Restricted({NoExternalUse.class})
        public FormValidation doValidateProxy(@QueryParameter("testUrl") String str, @QueryParameter("name") String str2, @QueryParameter("port") int i, @QueryParameter("userName") String str3, @QueryParameter("secretPassword") Secret secret, @QueryParameter("noProxyHost") String str4) throws InterruptedException {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            if (Util.fixEmptyAndTrim(str) == null) {
                return FormValidation.error(Messages.ProxyConfiguration_TestUrlRequired());
            }
            try {
                URI uri = new URI(str);
                try {
                    HttpClient.Builder newBuilder = HttpClient.newBuilder();
                    newBuilder.connectTimeout(ProxyConfiguration.DEFAULT_CONNECT_TIMEOUT_MILLIS > 0 ? Duration.ofMillis(ProxyConfiguration.DEFAULT_CONNECT_TIMEOUT_MILLIS) : Duration.ofSeconds(30L));
                    if (Util.fixEmptyAndTrim(str2) != null && !isNoProxyHost(uri.getHost(), str4)) {
                        newBuilder.proxy(ProxySelector.of(new InetSocketAddress(str2, i)));
                        newBuilder.authenticator(newValidationAuthenticator(str3, secret != null ? secret.getPlainText() : null));
                    }
                    int statusCode = newBuilder.build().send(HttpRequest.newBuilder(uri).GET().build(), HttpResponse.BodyHandlers.discarding()).statusCode();
                    return statusCode != 200 ? FormValidation.error(Messages.ProxyConfiguration_FailedToConnect(str, Integer.valueOf(statusCode))) : FormValidation.ok(Messages.ProxyConfiguration_Success());
                } catch (IOException e) {
                    return FormValidation.error(e, Messages.ProxyConfiguration_FailedToConnectViaProxy(str));
                }
            } catch (URISyntaxException e2) {
                return FormValidation.error(Messages.ProxyConfiguration_MalformedTestUrl(str));
            }
        }

        private boolean isNoProxyHost(String str, String str2) {
            if (str == null || str2 == null) {
                return false;
            }
            Iterator<Pattern> it = ProxyConfiguration.getNoProxyHostPatterns(str2).iterator();
            while (it.hasNext()) {
                if (it.next().matcher(str).matches()) {
                    return true;
                }
            }
            return false;
        }

        private static Authenticator newValidationAuthenticator(final String str, final String str2) {
            return new Authenticator() { // from class: hudson.ProxyConfiguration.DescriptorImpl.1
                @Override // java.net.Authenticator
                protected PasswordAuthentication getPasswordAuthentication() {
                    return new PasswordAuthentication(str, Secret.fromString(str2).getPlainText().toCharArray());
                }
            };
        }
    }

    @DataBoundConstructor
    public ProxyConfiguration(String str, int i) {
        this(str, i, null, null);
    }

    public ProxyConfiguration(String str, int i, String str2, String str3) {
        this(str, i, str2, str3, null);
    }

    public ProxyConfiguration(String str, int i, String str2, String str3, String str4) {
        this(str, i, str2, str3, str4, null);
    }

    public ProxyConfiguration(String str, int i, String str2, String str3, String str4, String str5) {
        this.name = Util.fixEmptyAndTrim(str);
        this.port = i;
        this.userName = Util.fixEmptyAndTrim(str2);
        String fixEmptyAndTrim = Util.fixEmptyAndTrim(str3);
        this.secretPassword = fixEmptyAndTrim != null ? Secret.fromString(fixEmptyAndTrim) : null;
        this.noProxyHost = Util.fixEmptyAndTrim(str4);
        this.testUrl = Util.fixEmptyAndTrim(str5);
        this.authenticator = newAuthenticator();
    }

    private Authenticator newAuthenticator() {
        return new Authenticator() { // from class: hudson.ProxyConfiguration.1
            @Override // java.net.Authenticator
            public PasswordAuthentication getPasswordAuthentication() {
                String userName = ProxyConfiguration.this.getUserName();
                if (getRequestorType() != Authenticator.RequestorType.PROXY || userName == null) {
                    return null;
                }
                return new PasswordAuthentication(userName, Secret.toString(ProxyConfiguration.this.secretPassword).toCharArray());
            }
        };
    }

    public String getUserName() {
        return this.userName;
    }

    public Secret getSecretPassword() {
        return this.secretPassword;
    }

    @Deprecated
    public String getPassword() {
        return Secret.toString(this.secretPassword);
    }

    @Deprecated
    public String getEncryptedPassword() {
        if (this.secretPassword == null) {
            return null;
        }
        return this.secretPassword.getEncryptedValue();
    }

    public String getTestUrl() {
        return this.testUrl;
    }

    public int getPort() {
        return this.port;
    }

    public String getName() {
        return this.name;
    }

    public List<Pattern> getNoProxyHostPatterns() {
        return getNoProxyHostPatterns(this.noProxyHost);
    }

    public String getNoProxyHost() {
        return this.noProxyHost;
    }

    public static List<Pattern> getNoProxyHostPatterns(String str) {
        if (str == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : str.split("[ \t\n,|]+")) {
            if (str2.length() != 0) {
                arrayList.add(Pattern.compile(str2.replace(".", "\\.").replace("*", ProjectNamingStrategy.PatternProjectNamingStrategy.DescriptorImpl.DEFAULT_PATTERN)));
            }
        }
        return arrayList;
    }

    @DataBoundSetter
    public void setSecretPassword(Secret secret) {
        this.secretPassword = secret;
    }

    @DataBoundSetter
    public void setTestUrl(String str) {
        this.testUrl = str;
    }

    @DataBoundSetter
    public void setUserName(String str) {
        this.userName = str;
    }

    @DataBoundSetter
    public void setNoProxyHost(String str) {
        this.noProxyHost = str;
    }

    @Deprecated
    public Proxy createProxy() {
        return createProxy(null);
    }

    public Proxy createProxy(String str) {
        return createProxy(str, this.name, this.port, this.noProxyHost);
    }

    public static Proxy createProxy(String str, String str2, int i, String str3) {
        if (str != null && str3 != null) {
            Iterator<Pattern> it = getNoProxyHostPatterns(str3).iterator();
            while (it.hasNext()) {
                if (it.next().matcher(str).matches()) {
                    return Proxy.NO_PROXY;
                }
            }
        }
        return new Proxy(Proxy.Type.HTTP, new InetSocketAddress(str2, i));
    }

    @Override // hudson.model.Saveable
    public void save() throws IOException {
        if (BulkChange.contains(this)) {
            return;
        }
        XmlFile xmlFile = getXmlFile();
        xmlFile.write(this);
        SaveableListener.fireOnChange(this, xmlFile);
    }

    private Object readResolve() {
        if (this.secretPassword == null) {
            this.secretPassword = Secret.fromString(Scrambler.descramble(this.password));
        }
        this.password = null;
        this.authenticator = newAuthenticator();
        return this;
    }

    public static XmlFile getXmlFile() {
        return new XmlFile(XSTREAM, new File(Jenkins.get().getRootDir(), "proxy.xml"));
    }

    public static ProxyConfiguration load() throws IOException {
        XmlFile xmlFile = getXmlFile();
        if (xmlFile.exists()) {
            return (ProxyConfiguration) xmlFile.read();
        }
        return null;
    }

    public static URLConnection open(URL url) throws IOException {
        URLConnection openConnection;
        ProxyConfiguration proxyConfiguration = get();
        if (proxyConfiguration == null) {
            openConnection = url.openConnection();
        } else {
            Proxy createProxy = proxyConfiguration.createProxy(url.getHost());
            openConnection = url.openConnection(createProxy);
            if (proxyConfiguration.getUserName() != null) {
                Authenticator.setDefault(proxyConfiguration.authenticator);
                proxyConfiguration.jenkins48775workaround(createProxy, url);
            }
        }
        if (DEFAULT_CONNECT_TIMEOUT_MILLIS > 0) {
            openConnection.setConnectTimeout(DEFAULT_CONNECT_TIMEOUT_MILLIS);
        }
        if (JenkinsJVM.isJenkinsJVM()) {
            decorate(openConnection);
        }
        return openConnection;
    }

    public static InputStream getInputStream(URL url) throws IOException {
        ProxyConfiguration proxyConfiguration = get();
        if (proxyConfiguration == null) {
            return new RetryableHttpStream(url);
        }
        Proxy createProxy = proxyConfiguration.createProxy(url.getHost());
        RetryableHttpStream retryableHttpStream = new RetryableHttpStream(url, createProxy);
        if (proxyConfiguration.getUserName() != null) {
            Authenticator.setDefault(proxyConfiguration.authenticator);
            proxyConfiguration.jenkins48775workaround(createProxy, url);
        }
        return retryableHttpStream;
    }

    private void jenkins48775workaround(Proxy proxy, URL url) {
        if (!URIUtil.HTTPS.equals(url.getProtocol()) || this.authCacheSeeded || proxy == Proxy.NO_PROXY) {
            if (URIUtil.HTTPS.equals(url.getProtocol())) {
                this.authCacheSeeded = this.authCacheSeeded || proxy != Proxy.NO_PROXY;
                return;
            }
            return;
        }
        HttpURLConnection httpURLConnection = null;
        try {
            httpURLConnection = (HttpURLConnection) new URL("http", url.getHost(), -1, "/").openConnection(proxy);
            httpURLConnection.setRequestMethod("HEAD");
            httpURLConnection.connect();
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
        } catch (IOException e) {
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
        } catch (Throwable th) {
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
            throw th;
        }
        this.authCacheSeeded = true;
    }

    @CheckForNull
    private static ProxyConfiguration get() {
        if (JenkinsJVM.isJenkinsJVM()) {
            return _get();
        }
        return null;
    }

    @CheckForNull
    private static ProxyConfiguration _get() {
        JenkinsJVM.checkJenkinsJVM();
        Jenkins instanceOrNull = Jenkins.getInstanceOrNull();
        if (instanceOrNull == null) {
            return null;
        }
        return instanceOrNull.proxy;
    }

    private static void decorate(URLConnection uRLConnection) throws IOException {
        Iterator<URLConnectionDecorator> it = URLConnectionDecorator.all().iterator();
        while (it.hasNext()) {
            it.next().decorate(uRLConnection);
        }
    }

    static {
        XSTREAM.alias("proxy", ProxyConfiguration.class);
    }
}
