package com.openshift.jenkins.plugins.pipeline;

import com.openshift.restclient.ISSLCertificateCallback;
import hudson.model.TaskListener;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLSession;
import org.apache.commons.codec.binary.Base64InputStream;

/* loaded from: input_file:com/openshift/jenkins/plugins/pipeline/Auth.class */
public class Auth implements ISSLCertificateCallback {
    private static final String AUTH_FILE = "/var/run/secrets/kubernetes.io/serviceaccount/token";
    private static final String CERT_FILE = "/run/secrets/kubernetes.io/serviceaccount/ca.crt";
    public static final String CERT_ARG = " --certificate-authority=/run/secrets/kubernetes.io/serviceaccount/ca.crt ";
    private static boolean useCert = false;
    private X509Certificate cert;
    private TaskListener listener;

    private Auth(X509Certificate x509Certificate, TaskListener taskListener) {
        this.cert = null;
        this.listener = null;
        this.cert = x509Certificate;
        this.listener = taskListener;
    }

    public static Auth createInstance(TaskListener taskListener) {
        Auth auth;
        File file = new File(CERT_FILE);
        if (file.exists()) {
            if (taskListener != null) {
                taskListener.getLogger().println("Auth - cert file exists");
            }
            useCert = true;
            try {
                auth = new Auth(createCert(file), taskListener);
            } catch (Exception e) {
                if (taskListener != null) {
                    e.printStackTrace(taskListener.getLogger());
                }
                if (taskListener != null) {
                    taskListener.getLogger().println("Auth defaulting to non-TLS / Cert form");
                }
                auth = new Auth(null, null);
                useCert = false;
            }
        } else {
            auth = new Auth(null, null);
        }
        return auth;
    }

    public boolean allowCertificate(X509Certificate[] x509CertificateArr) {
        if (this.listener != null) {
            this.listener.getLogger().println("Auth - allowCertificate with incoming chain of len  " + x509CertificateArr.length);
        }
        if (this.cert == null) {
            return true;
        }
        for (X509Certificate x509Certificate : x509CertificateArr) {
            if (this.cert.equals(x509Certificate)) {
                if (this.listener == null) {
                    return true;
                }
                this.listener.getLogger().println("Auth - allowCertificate returning true");
                return true;
            }
        }
        if (this.listener.getLogger() == null) {
            return false;
        }
        this.listener.getLogger().println("Auth - allowCertificate returning false");
        return false;
    }

    public boolean allowHostname(String str, SSLSession sSLSession) {
        return true;
    }

    public static boolean useCert() {
        return useCert;
    }

    /* JADX WARN: Code restructure failed: missing block: B:89:0x01dd, code lost:
    
        if (r9.length() == 0) goto L71;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.String deriveBearerToken(hudson.model.AbstractBuild<?, ?> r5, java.lang.String r6, hudson.model.TaskListener r7, boolean r8) {
        /*
            Method dump skipped, instructions count: 628
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.openshift.jenkins.plugins.pipeline.Auth.deriveBearerToken(hudson.model.AbstractBuild, java.lang.String, hudson.model.TaskListener, boolean):java.lang.String");
    }

    /* JADX WARN: Code restructure failed: missing block: B:58:0x0121, code lost:
    
        if (r8.length() == 0) goto L40;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.String deriveCA(java.lang.String r5, hudson.model.TaskListener r6, boolean r7) {
        /*
            Method dump skipped, instructions count: 438
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.openshift.jenkins.plugins.pipeline.Auth.deriveCA(java.lang.String, hudson.model.TaskListener, boolean):java.lang.String");
    }

    private static InputStream getInputStreamFromDataOrFile(String str, File file) throws FileNotFoundException {
        if (str != null) {
            return new Base64InputStream(new ByteArrayInputStream(str.getBytes()));
        }
        if (file != null) {
            return new FileInputStream(file);
        }
        return null;
    }

    private static X509Certificate createCert(File file) throws Exception {
        return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(getInputStreamFromDataOrFile(null, file));
    }
}
