package jenkins.security;

import hudson.model.User;
import hudson.security.ACL;
import hudson.util.Scrambler;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.acegisecurity.context.SecurityContext;
import org.acegisecurity.context.SecurityContextHolder;

/* loaded from: input_file:WEB-INF/lib/jenkins-core-1.502.jar:jenkins/security/ApiTokenFilter.class */
public class ApiTokenFilter implements Filter {
    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String descramble;
        int indexOf;
        String header = ((HttpServletRequest) servletRequest).getHeader("Authorization");
        if (header != null && (indexOf = (descramble = Scrambler.descramble(header.substring(6))).indexOf(58)) >= 0) {
            String substring = descramble.substring(0, indexOf);
            String substring2 = descramble.substring(indexOf + 1);
            User user = User.get(substring);
            ApiTokenProperty apiTokenProperty = (ApiTokenProperty) user.getProperty(ApiTokenProperty.class);
            if (apiTokenProperty != null && apiTokenProperty.matchesPassword(substring2)) {
                SecurityContext impersonate = ACL.impersonate(user.impersonate());
                try {
                    servletRequest.setAttribute(ApiTokenProperty.class.getName(), user);
                    filterChain.doFilter(servletRequest, servletResponse);
                    SecurityContextHolder.setContext(impersonate);
                    return;
                } catch (Throwable th) {
                    SecurityContextHolder.setContext(impersonate);
                    throw th;
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
