package org.jenkinsci.plugins.oic;

import edu.umd.cs.findbugs.annotations.CheckForNull;
import edu.umd.cs.findbugs.annotations.NonNull;
import edu.umd.cs.findbugs.annotations.Nullable;
import hudson.Extension;
import hudson.Util;
import hudson.model.Descriptor;
import hudson.util.FormValidation;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Locale;
import java.util.Objects;
import jenkins.model.Jenkins;
import org.jenkinsci.Symbol;
import org.jenkinsci.plugins.oic.OicSecurityRealm;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.verb.POST;

/* loaded from: input_file:org/jenkinsci/plugins/oic/OicServerManualConfiguration.class */
public class OicServerManualConfiguration extends OicServerConfiguration {
    private static final long serialVersionUID = 1;
    private final String authorizationServerUrl;
    private final String tokenServerUrl;
    private String jwksServerUrl;
    private String endSessionUrl;
    private String userInfoServerUrl;
    private boolean useRefreshTokens;
    private String issuer;
    private OicSecurityRealm.TokenAuthMethod tokenAuthMethod = OicSecurityRealm.TokenAuthMethod.client_secret_post;
    private String scopes = "openid email";

    @Extension
    @Symbol({"manual"})
    /* loaded from: input_file:org/jenkinsci/plugins/oic/OicServerManualConfiguration$DescriptorImpl.class */
    public static class DescriptorImpl extends Descriptor<OicServerConfiguration> {
        public String getDisplayName() {
            return Messages.OicServerManualConfiguration_DisplayName();
        }

        @POST
        public FormValidation doCheckAuthorizationServerUrl(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            if (str == null) {
                return FormValidation.error(Messages.OicSecurityRealm_TokenServerURLKeyRequired());
            }
            try {
                new URL(str);
                return FormValidation.ok();
            } catch (MalformedURLException e) {
                return FormValidation.error(e, Messages.OicSecurityRealm_NotAValidURL());
            }
        }

        @POST
        public FormValidation doCheckEndSessionUrl(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            if (Util.fixEmptyAndTrim(str) == null) {
                return FormValidation.error(Messages.OicSecurityRealm_EndSessionURLKeyRequired());
            }
            try {
                new URL(str);
                return FormValidation.ok();
            } catch (MalformedURLException e) {
                return FormValidation.error(e, Messages.OicSecurityRealm_NotAValidURL());
            }
        }

        @POST
        public FormValidation doCheckIssuer(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            return Util.fixEmptyAndTrim(str) == null ? FormValidation.warning(Messages.OicSecurityRealm_IssuerRecommended()) : FormValidation.ok();
        }

        @POST
        public FormValidation doCheckJwksServerUrl(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            if (Util.fixEmptyAndTrim(str) == null) {
                return FormValidation.ok();
            }
            try {
                new URL(str);
                return FormValidation.ok();
            } catch (MalformedURLException e) {
                return FormValidation.error(e, Messages.OicSecurityRealm_NotAValidURL());
            }
        }

        @POST
        public FormValidation doCheckScopes(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            return Util.fixEmptyAndTrim(str) == null ? FormValidation.error(Messages.OicSecurityRealm_ScopesRequired()) : !str.toLowerCase(Locale.ROOT).contains("openid") ? FormValidation.warning(Messages.OicSecurityRealm_RUSureOpenIdNotInScope()) : FormValidation.ok();
        }

        @POST
        public FormValidation doCheckTokenServerUrl(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            if (Util.fixEmptyAndTrim(str) == null) {
                return FormValidation.error(Messages.OicSecurityRealm_TokenServerURLKeyRequired());
            }
            try {
                new URL(str);
                return FormValidation.ok();
            } catch (MalformedURLException e) {
                return FormValidation.error(e, Messages.OicSecurityRealm_NotAValidURL());
            }
        }

        @POST
        public FormValidation doCheckTokenAuthMethod(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            return Util.fixEmptyAndTrim(str) == null ? FormValidation.error(Messages.OicSecurityRealm_TokenAuthMethodRequired()) : FormValidation.ok();
        }
    }

    @DataBoundConstructor
    public OicServerManualConfiguration(String str, String str2) throws Descriptor.FormException {
        this.authorizationServerUrl = (String) validateNonNull("authorizationServerUrl", str2);
        this.tokenServerUrl = (String) validateNonNull("tokenServerUrl", str);
    }

    @DataBoundSetter
    public void setTokenAuthMethod(OicSecurityRealm.TokenAuthMethod tokenAuthMethod) throws Descriptor.FormException {
        this.tokenAuthMethod = (OicSecurityRealm.TokenAuthMethod) validateNonNull("tokenAuthMethod", tokenAuthMethod);
    }

    @DataBoundSetter
    public void setEndSessionUrl(@Nullable String str) {
        this.endSessionUrl = str;
    }

    @DataBoundSetter
    public void setIssuer(@Nullable String str) {
        this.issuer = Util.fixEmptyAndTrim(str);
    }

    @DataBoundSetter
    public void setJwksServerUrl(@Nullable String str) {
        this.jwksServerUrl = str;
    }

    @DataBoundSetter
    public void setScopes(@NonNull String str) {
        this.scopes = (String) Objects.requireNonNull(str);
    }

    @DataBoundSetter
    public void setUserInfoServerUrl(@Nullable String str) {
        this.userInfoServerUrl = str;
    }

    @DataBoundSetter
    public void setUseRefreshTokens(boolean z) {
        this.useRefreshTokens = z;
    }

    @Override // org.jenkinsci.plugins.oic.OicServerConfiguration
    public String getAuthorizationServerUrl() {
        return this.authorizationServerUrl;
    }

    @Override // org.jenkinsci.plugins.oic.OicServerConfiguration
    @CheckForNull
    public String getEndSessionUrl() {
        return this.endSessionUrl;
    }

    @Override // org.jenkinsci.plugins.oic.OicServerConfiguration
    @CheckForNull
    public String getIssuer() {
        return this.issuer;
    }

    @Override // org.jenkinsci.plugins.oic.OicServerConfiguration
    public boolean isUseRefreshTokens() {
        return this.useRefreshTokens;
    }

    @Override // org.jenkinsci.plugins.oic.OicServerConfiguration
    public String getJwksServerUrl() {
        return this.jwksServerUrl;
    }

    @Override // org.jenkinsci.plugins.oic.OicServerConfiguration
    public String getScopes() {
        return this.scopes;
    }

    @Override // org.jenkinsci.plugins.oic.OicServerConfiguration
    public OicSecurityRealm.TokenAuthMethod getTokenAuthMethod() {
        return this.tokenAuthMethod;
    }

    @Override // org.jenkinsci.plugins.oic.OicServerConfiguration
    public String getTokenServerUrl() {
        return this.tokenServerUrl;
    }

    @Override // org.jenkinsci.plugins.oic.OicServerConfiguration
    public String getUserInfoServerUrl() {
        return this.userInfoServerUrl;
    }

    private static <T> T validateNonNull(String str, T t) throws Descriptor.FormException {
        if (t == null) {
            throw new Descriptor.FormException(str + " is mandatory", str);
        }
        return t;
    }
}
