package com.assembla.jenkinsci.plugin;

import com.assembla.jenkinsci.plugin.api.ApiService;
import com.assembla.jenkinsci.plugin.api.TokenAssembla;
import com.assembla.jenkinsci.plugin.api.UserAssembla;
import com.thoughtworks.xstream.converters.ConversionException;
import com.thoughtworks.xstream.converters.Converter;
import com.thoughtworks.xstream.converters.MarshallingContext;
import com.thoughtworks.xstream.converters.UnmarshallingContext;
import com.thoughtworks.xstream.io.HierarchicalStreamReader;
import com.thoughtworks.xstream.io.HierarchicalStreamWriter;
import hudson.Extension;
import hudson.Util;
import hudson.model.Descriptor;
import hudson.model.User;
import hudson.security.GroupDetails;
import hudson.security.SecurityRealm;
import hudson.security.UserMayOrMayNotExistException;
import hudson.util.Secret;
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.AuthenticationManager;
import org.acegisecurity.BadCredentialsException;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.Header;
import org.kohsuke.stapler.HttpRedirect;
import org.kohsuke.stapler.HttpResponse;
import org.kohsuke.stapler.HttpResponses;
import org.kohsuke.stapler.StaplerRequest;
import org.springframework.dao.DataAccessException;

/* loaded from: input_file:WEB-INF/classes/com/assembla/jenkinsci/plugin/AssemblaSecurityRealm.class */
public class AssemblaSecurityRealm extends SecurityRealm {
    private static final String REFERER_ATTRIBUTE = AssemblaSecurityRealm.class.getName() + ".referer";
    private static final Logger LOGGER = Logger.getLogger(AssemblaSecurityRealm.class.getName());
    private String apiUri;
    private String clientID;
    private Secret clientSecret;
    private String spaceId;

    /* loaded from: input_file:WEB-INF/classes/com/assembla/jenkinsci/plugin/AssemblaSecurityRealm$ConverterImpl.class */
    public static final class ConverterImpl implements Converter {
        public boolean canConvert(Class cls) {
            return cls == AssemblaSecurityRealm.class;
        }

        public void marshal(Object obj, HierarchicalStreamWriter hierarchicalStreamWriter, MarshallingContext marshallingContext) {
            AssemblaSecurityRealm assemblaSecurityRealm = (AssemblaSecurityRealm) obj;
            hierarchicalStreamWriter.startNode("apiUri");
            hierarchicalStreamWriter.setValue(assemblaSecurityRealm.getApiUri());
            hierarchicalStreamWriter.endNode();
            hierarchicalStreamWriter.startNode("clientID");
            hierarchicalStreamWriter.setValue(assemblaSecurityRealm.getClientID());
            hierarchicalStreamWriter.endNode();
            hierarchicalStreamWriter.startNode("clientSecret");
            hierarchicalStreamWriter.setValue(assemblaSecurityRealm.getClientSecret().getEncryptedValue());
            hierarchicalStreamWriter.endNode();
            hierarchicalStreamWriter.startNode("spaceId");
            hierarchicalStreamWriter.setValue(assemblaSecurityRealm.getSpaceId());
            hierarchicalStreamWriter.endNode();
        }

        public Object unmarshal(HierarchicalStreamReader hierarchicalStreamReader, UnmarshallingContext unmarshallingContext) {
            hierarchicalStreamReader.getNodeName();
            hierarchicalStreamReader.moveDown();
            AssemblaSecurityRealm assemblaSecurityRealm = new AssemblaSecurityRealm();
            setValue(assemblaSecurityRealm, hierarchicalStreamReader.getNodeName(), hierarchicalStreamReader.getValue());
            hierarchicalStreamReader.moveUp();
            hierarchicalStreamReader.moveDown();
            setValue(assemblaSecurityRealm, hierarchicalStreamReader.getNodeName(), hierarchicalStreamReader.getValue());
            hierarchicalStreamReader.moveUp();
            if (hierarchicalStreamReader.hasMoreChildren()) {
                hierarchicalStreamReader.moveDown();
                setValue(assemblaSecurityRealm, hierarchicalStreamReader.getNodeName(), hierarchicalStreamReader.getValue());
                hierarchicalStreamReader.moveUp();
            }
            if (hierarchicalStreamReader.hasMoreChildren()) {
                hierarchicalStreamReader.moveDown();
                setValue(assemblaSecurityRealm, hierarchicalStreamReader.getNodeName(), hierarchicalStreamReader.getValue());
                hierarchicalStreamReader.moveUp();
            }
            return assemblaSecurityRealm;
        }

        private void setValue(AssemblaSecurityRealm assemblaSecurityRealm, String str, String str2) {
            if (str.equalsIgnoreCase("clientid")) {
                assemblaSecurityRealm.setClientID(str2);
                return;
            }
            if (str.equalsIgnoreCase("clientsecret")) {
                assemblaSecurityRealm.setClientSecret(str2);
            } else if (str.equalsIgnoreCase("apiUri")) {
                assemblaSecurityRealm.setApiUri(str2);
            } else {
                if (!str.equalsIgnoreCase("spaceid")) {
                    throw new ConversionException("invalid node value = " + str);
                }
                assemblaSecurityRealm.setSpaceId(str2);
            }
        }
    }

    @Extension
    /* loaded from: input_file:WEB-INF/classes/com/assembla/jenkinsci/plugin/AssemblaSecurityRealm$DescriptorImpl.class */
    public static final class DescriptorImpl extends Descriptor<SecurityRealm> {
        public String getHelpFile() {
            return "/plugin/assembla-oauth/help/help-security-realm.html";
        }

        public String getDisplayName() {
            return "Assembla Auth Plugin";
        }

        public DescriptorImpl() {
        }

        public DescriptorImpl(Class<? extends SecurityRealm> cls) {
            super(cls);
        }
    }

    @DataBoundConstructor
    public AssemblaSecurityRealm(String str, String str2, String str3, String str4) {
        LOGGER.log(Level.FINE, "AssemblaSecurityRealm(apiUri, clientID, clientSecret, spaceId) ");
        this.apiUri = Util.fixEmptyAndTrim(str);
        this.clientID = Util.fixEmptyAndTrim(str2);
        setClientSecret(Util.fixEmptyAndTrim(str3));
        this.spaceId = Util.fixEmptyAndTrim(str4);
    }

    private AssemblaSecurityRealm() {
        LOGGER.log(Level.FINE, "AssemblaSecurityRealm()");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setApiUri(String str) {
        this.apiUri = str;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setClientID(String str) {
        this.clientID = str;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setClientSecret(String str) {
        this.clientSecret = Secret.fromString(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setSpaceId(String str) {
        this.spaceId = str;
    }

    public String getApiUri() {
        return this.apiUri;
    }

    public String getClientID() {
        return this.clientID;
    }

    public Secret getClientSecret() {
        return this.clientSecret;
    }

    public String getSpaceId() {
        return this.spaceId;
    }

    public HttpResponse doCommenceLogin(StaplerRequest staplerRequest, @Header("Referer") String str) throws IOException {
        staplerRequest.getSession().setAttribute(REFERER_ATTRIBUTE, str);
        return new HttpRedirect(ApiService.createAuthorizationCodeURL(this.clientID));
    }

    public HttpResponse doFinishLogin(StaplerRequest staplerRequest) throws IOException {
        String parameter = staplerRequest.getParameter("code");
        if (parameter == null || parameter.trim().length() == 0) {
            LOGGER.log(Level.SEVERE, "doFinishLogin() code = null");
            return HttpResponses.redirectToContextRoot();
        }
        TokenAssembla tokenByAuthorizationCode = ApiService.getTokenByAuthorizationCode(parameter, this.clientID, this.clientSecret.getPlainText());
        if (tokenByAuthorizationCode == null || tokenByAuthorizationCode.access_token == null || tokenByAuthorizationCode.access_token.trim().length() <= 0) {
            LOGGER.log(Level.SEVERE, "doFinishLogin() accessToken = null");
        } else {
            AssemblaAuthenticationToken assemblaAuthenticationToken = new AssemblaAuthenticationToken(tokenByAuthorizationCode, this.spaceId);
            SecurityContextHolder.getContext().setAuthentication(assemblaAuthenticationToken);
            String name = assemblaAuthenticationToken.getName();
            User current = User.current();
            if (name != null && current != null) {
                current.setFullName(name);
            }
        }
        String str = (String) staplerRequest.getSession().getAttribute(REFERER_ATTRIBUTE);
        return str != null ? HttpResponses.redirectTo(str) : HttpResponses.redirectToContextRoot();
    }

    public boolean allowsSignup() {
        return false;
    }

    public SecurityRealm.SecurityComponents createSecurityComponents() {
        return new SecurityRealm.SecurityComponents(new AuthenticationManager() { // from class: com.assembla.jenkinsci.plugin.AssemblaSecurityRealm.1
            public Authentication authenticate(Authentication authentication) throws AuthenticationException {
                if (authentication instanceof AssemblaAuthenticationToken) {
                    return authentication;
                }
                throw new BadCredentialsException("Unexpected authentication type: " + authentication);
            }
        }, new UserDetailsService() { // from class: com.assembla.jenkinsci.plugin.AssemblaSecurityRealm.2
            public UserDetails loadUserByUsername(String str) throws UserMayOrMayNotExistException, UsernameNotFoundException, DataAccessException {
                return AssemblaSecurityRealm.this.loadUserByUsername(str);
            }
        });
    }

    public String getLoginUrl() {
        return "securityRealm/commenceLogin";
    }

    public UserDetails loadUserByUsername(String str) {
        AssemblaAuthenticationToken authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new UserMayOrMayNotExistException("Could not get auth token.");
        }
        if (!(authentication instanceof AssemblaAuthenticationToken)) {
            throw new UserMayOrMayNotExistException("Unexpected authentication type: " + authentication);
        }
        UserAssembla userByUsername = authentication.getUserByUsername(str);
        if (userByUsername == null) {
            throw new UsernameNotFoundException("User does not exist for login: " + str);
        }
        return userByUsername;
    }

    public GroupDetails loadGroupByGroupname(String str) {
        throw new UsernameNotFoundException("groups not supported");
    }
}
