package com.byclosure.jenkins.plugins.gcloud;

import com.cloudbees.jenkins.plugins.gcloudsdk.GCloudInstallation;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.SecretBytes;
import com.cloudbees.plugins.credentials.domains.DomainRequirement;
import com.google.api.client.json.jackson2.JacksonFactory;
import com.google.jenkins.plugins.credentials.oauth.GoogleRobotPrivateKeyCredentials;
import com.google.jenkins.plugins.credentials.oauth.JsonKey;
import com.google.jenkins.plugins.credentials.oauth.JsonServiceAccountConfig;
import com.google.jenkins.plugins.credentials.oauth.P12ServiceAccountConfig;
import com.google.jenkins.plugins.credentials.oauth.ServiceAccountConfig;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.Run;
import hudson.model.TaskListener;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import javax.annotation.Nullable;
import org.kohsuke.accmod.restrictions.suppressions.SuppressRestrictedWarnings;

/* loaded from: input_file:com/byclosure/jenkins/plugins/gcloud/GCloudServiceAccount.class */
public class GCloudServiceAccount {
    private final Launcher launcher;
    private final TaskListener listener;
    private final String accountId;
    private final TemporaryKeyFile tmpKeyFile;
    private final FilePath configDir;

    public static GCloudServiceAccount getServiceAccount(Run run, Launcher launcher, TaskListener taskListener, String str, FilePath filePath) throws IOException, InterruptedException {
        GoogleRobotPrivateKeyCredentials findCredentialById = CredentialsProvider.findCredentialById(str, GoogleRobotPrivateKeyCredentials.class, run, new DomainRequirement[]{new GCloudScopeRequirement()});
        if (findCredentialById == null) {
            return null;
        }
        ServiceAccountConfig serviceAccountConfig = findCredentialById.getServiceAccountConfig();
        return new GCloudServiceAccount(launcher, taskListener, serviceAccountConfig.getAccountId(), getKeyFile(serviceAccountConfig, filePath), filePath);
    }

    @SuppressRestrictedWarnings({JsonServiceAccountConfig.class})
    @Nullable
    private static TemporaryKeyFile getKeyFile(ServiceAccountConfig serviceAccountConfig, FilePath filePath) {
        TemporaryKeyFile temporaryKeyFile = null;
        try {
            if (serviceAccountConfig instanceof JsonServiceAccountConfig) {
                SecretBytes secretJsonKey = ((JsonServiceAccountConfig) serviceAccountConfig).getSecretJsonKey();
                if (secretJsonKey != null) {
                    temporaryKeyFile = new TemporaryKeyFile(filePath, JsonKey.load(new JacksonFactory(), new ByteArrayInputStream(secretJsonKey.getPlainData())).toPrettyString());
                }
            } else if (serviceAccountConfig instanceof P12ServiceAccountConfig) {
                temporaryKeyFile = new TemporaryKeyFile(filePath, ((P12ServiceAccountConfig) serviceAccountConfig).getP12KeyFile());
            }
            return temporaryKeyFile;
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (InterruptedException e2) {
            throw new RuntimeException(e2);
        }
    }

    private GCloudServiceAccount(Launcher launcher, TaskListener taskListener, String str, TemporaryKeyFile temporaryKeyFile, FilePath filePath) {
        this.launcher = launcher;
        this.listener = taskListener;
        this.accountId = str;
        this.tmpKeyFile = temporaryKeyFile;
        this.configDir = filePath;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean activate(GCloudInstallation gCloudInstallation) throws IOException, InterruptedException {
        return this.launcher.launch().cmdAsSingleString(new StringBuilder().append(gCloudInstallation != null ? gCloudInstallation.getExecutable() : "gcloud").append(" auth activate-service-account ").append(this.accountId).append(" --key-file \"").append(this.tmpKeyFile.getKeyFile().getRemote()).append("\"").toString()).stdout(this.listener.getLogger()).envs(new String[]{new StringBuilder().append("CLOUDSDK_CONFIG=").append(this.configDir.getRemote()).toString()}).join() == 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public FilePath getKeyFile() {
        return this.tmpKeyFile.getKeyFile();
    }
}
