package hudson.plugins.active_directory;

import groovy.lang.Binding;
import hudson.Util;
import hudson.model.Descriptor;
import hudson.security.SecurityRealm;
import hudson.util.FormFieldValidator;
import hudson.util.spring.BeanBuilder;
import java.io.IOException;
import java.net.Socket;
import java.util.Hashtable;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.servlet.ServletException;
import org.acegisecurity.AuthenticationManager;
import org.acegisecurity.userdetails.UserDetailsService;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.StaplerResponse;
import org.springframework.web.context.WebApplicationContext;

/* loaded from: input_file:hudson/plugins/active_directory/ActiveDirectorySecurityRealm.class */
public class ActiveDirectorySecurityRealm extends SecurityRealm {
    public final String domain;
    private static final Logger LOGGER = Logger.getLogger(ActiveDirectorySecurityRealm.class.getName());

    /* loaded from: input_file:hudson/plugins/active_directory/ActiveDirectorySecurityRealm$DesciprotrImpl.class */
    public static final class DesciprotrImpl extends Descriptor<SecurityRealm> {
        public static final DesciprotrImpl INSTANCE = new DesciprotrImpl();

        public DesciprotrImpl() {
            super(ActiveDirectorySecurityRealm.class);
        }

        public String getDisplayName() {
            return Messages.DisplayName();
        }

        public String getHelpFile() {
            return "/plugin/active-directory/help/realm.html";
        }

        /* JADX WARN: Type inference failed for: r0v0, types: [hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DesciprotrImpl$1] */
        public void doDomainCheck(StaplerRequest staplerRequest, StaplerResponse staplerResponse, @QueryParameter("value") final String str) throws IOException, ServletException {
            new FormFieldValidator(staplerRequest, staplerResponse, true) { // from class: hudson.plugins.active_directory.ActiveDirectorySecurityRealm.DesciprotrImpl.1
                protected void check() throws IOException, ServletException {
                    String fixEmptyAndTrim = Util.fixEmptyAndTrim(str);
                    if (fixEmptyAndTrim == null) {
                        ok();
                        return;
                    }
                    if (!fixEmptyAndTrim.endsWith(".")) {
                        fixEmptyAndTrim = fixEmptyAndTrim + '.';
                    }
                    try {
                        ActiveDirectorySecurityRealm.LOGGER.fine("Attempting to resolve " + fixEmptyAndTrim + " to A record");
                        DirContext createDNSLookupContext = DesciprotrImpl.this.createDNSLookupContext();
                        Attribute attribute = createDNSLookupContext.getAttributes(fixEmptyAndTrim, new String[]{"A"}).get("A");
                        if (attribute == null) {
                            throw new NamingException();
                        }
                        ActiveDirectorySecurityRealm.LOGGER.fine(fixEmptyAndTrim + " resolved to " + attribute.get());
                        String str2 = "_ldap._tcp." + fixEmptyAndTrim;
                        try {
                            String obtainLDAPServer = DesciprotrImpl.this.obtainLDAPServer(createDNSLookupContext, fixEmptyAndTrim);
                            try {
                                new Socket(obtainLDAPServer, 389).close();
                                ok();
                            } catch (IOException e) {
                                ActiveDirectorySecurityRealm.LOGGER.log(Level.WARNING, "Failed to connect to LDAP port", (Throwable) e);
                                error("Failed to connect to the LDAP port (389) of " + obtainLDAPServer);
                            }
                        } catch (NamingException e2) {
                            ActiveDirectorySecurityRealm.LOGGER.log(Level.WARNING, "Failed to resolve " + str2 + " to SRV record", e2);
                            error("No LDAP server was found in " + fixEmptyAndTrim);
                        }
                    } catch (NamingException e3) {
                        ActiveDirectorySecurityRealm.LOGGER.log(Level.WARNING, "Failed to resolve " + fixEmptyAndTrim + " to A record", e3);
                        error(fixEmptyAndTrim + " doesn't look like a valid domain name");
                    }
                }
            }.process();
        }

        public DirContext createDNSLookupContext() throws NamingException {
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.factory.initial", "com.sun.jndi.dns.DnsContextFactory");
            return new InitialDirContext(hashtable);
        }

        public String obtainLDAPServer(String str) throws NamingException {
            return obtainLDAPServer(createDNSLookupContext(), str);
        }

        public String obtainLDAPServer(DirContext dirContext, String str) throws NamingException {
            String str2 = "_ldap._tcp." + str;
            ActiveDirectorySecurityRealm.LOGGER.fine("Attempting to resolve " + str2 + " to SRV record");
            Attribute attribute = dirContext.getAttributes(str2, new String[]{"SRV"}).get("SRV");
            if (attribute == null) {
                throw new NamingException();
            }
            int i = -1;
            String str3 = null;
            NamingEnumeration all = attribute.getAll();
            while (all.hasMoreElements()) {
                String[] split = all.next().toString().split(" ");
                int parseInt = Integer.parseInt(split[0]);
                if (i == -1 || parseInt < i) {
                    i = parseInt;
                    str3 = split[3];
                }
            }
            ActiveDirectorySecurityRealm.LOGGER.fine(str2 + " resolved to " + str3);
            return str3;
        }
    }

    @DataBoundConstructor
    public ActiveDirectorySecurityRealm(String str) {
        this.domain = str;
    }

    public SecurityRealm.SecurityComponents createSecurityComponents() {
        BeanBuilder beanBuilder = new BeanBuilder(getClass().getClassLoader());
        Binding binding = new Binding();
        binding.setVariable("domain", this.domain);
        beanBuilder.parse(getClass().getResourceAsStream("ActiveDirectory.groovy"), binding);
        WebApplicationContext createApplicationContext = beanBuilder.createApplicationContext();
        return new SecurityRealm.SecurityComponents((AuthenticationManager) findBean(AuthenticationManager.class, createApplicationContext), (UserDetailsService) findBean(UserDetailsService.class, createApplicationContext));
    }

    public Descriptor<SecurityRealm> getDescriptor() {
        return DesciprotrImpl.INSTANCE;
    }
}
