package hudson.plugins.collabnet.auth;

import com.collabnet.ce.webservices.CollabNetApp;
import groovy.lang.Binding;
import hudson.Extension;
import hudson.model.Descriptor;
import hudson.model.Hudson;
import hudson.plugins.collabnet.util.CNHudsonUtil;
import hudson.security.SecurityRealm;
import hudson.util.FormValidation;
import hudson.util.VersionNumber;
import hudson.util.spring.BeanBuilder;
import java.io.IOException;
import java.rmi.RemoteException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.GetMethod;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter;

/* loaded from: input_file:WEB-INF/lib/CollabNet-2.0.2.jar:hudson/plugins/collabnet/auth/CollabNetSecurityRealm.class */
public class CollabNetSecurityRealm extends SecurityRealm {
    private String collabNetUrl;
    private boolean mEnableSSOAuthFromCTF;
    private boolean mEnableSSOAuthToCTF;
    private boolean mEnableSSORedirect;
    private static final Logger LOGGER = Logger.getLogger(CollabNetSecurityRealm.class.getName());

    @Extension
    /* loaded from: input_file:WEB-INF/lib/CollabNet-2.0.2.jar:hudson/plugins/collabnet/auth/CollabNetSecurityRealm$DescriptorImpl.class */
    public static final class DescriptorImpl extends Descriptor<SecurityRealm> {
        public String getDisplayName() {
            return "CollabNet Security Realm";
        }

        public FormValidation doCheckCollabNetUrl(@QueryParameter String str) {
            return !Hudson.getInstance().hasPermission(Hudson.ADMINISTER) ? FormValidation.ok() : (str == null || str.equals("")) ? FormValidation.error("The CollabNet URL is required.") : !checkSoapUrl(str) ? FormValidation.error("Invalid CollabNet URL.") : FormValidation.ok();
        }

        private boolean checkSoapUrl(String str) {
            try {
                return new HttpClient().executeMethod(new GetMethod(new StringBuilder().append(str).append(CollabNetApp.SOAP_SERVICE).append("CollabNet?wsdl").toString())) == 200;
            } catch (IOException e) {
                return false;
            } catch (IllegalArgumentException e2) {
                return false;
            }
        }
    }

    @DataBoundConstructor
    public CollabNetSecurityRealm(String str, boolean z, boolean z2) {
        this.mEnableSSORedirect = true;
        this.collabNetUrl = CNHudsonUtil.sanitizeCollabNetUrl(str);
        this.mEnableSSOAuthFromCTF = z;
        this.mEnableSSOAuthToCTF = z2;
        try {
            if (new VersionNumber(new CollabNetApp(this.collabNetUrl).getApiVersion()).compareTo(new VersionNumber("5.3.0.0")) >= 0) {
                this.mEnableSSORedirect = false;
            }
        } catch (RemoteException e) {
            LOGGER.log(Level.WARNING, "Failed to retrieve the CTF version from " + this.collabNetUrl, e);
        }
    }

    public String getCollabNetUrl() {
        return this.collabNetUrl;
    }

    public boolean getEnableSSOAuthFromCTF() {
        return this.mEnableSSOAuthFromCTF;
    }

    public boolean getEnableSSOAuthToCTF() {
        return this.mEnableSSOAuthToCTF;
    }

    public boolean getEnableSSORedirect() {
        return this.mEnableSSORedirect;
    }

    public SecurityRealm.SecurityComponents createSecurityComponents() {
        return new SecurityRealm.SecurityComponents(new CollabNetAuthManager(getCollabNetUrl()));
    }

    public Filter createFilter(FilterConfig filterConfig) {
        Binding binding = new Binding();
        binding.setVariable("securityComponents", createSecurityComponents());
        BeanBuilder beanBuilder = new BeanBuilder(getClass().getClassLoader());
        beanBuilder.parse(getClass().getResourceAsStream("CNSecurityFilters.groovy"), binding);
        return (Filter) beanBuilder.createApplicationContext().getBean("filter");
    }
}
