package io.jenkins.plugins.remotingkafka;

import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.cloudbees.plugins.credentials.domains.SchemeRequirement;
import com.cloudbees.plugins.credentials.matchers.IdMatcher;
import hudson.Extension;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.security.ACL;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import io.jenkins.plugins.remotingkafka.exception.RemotingKafkaConfigurationException;
import java.io.IOException;
import java.net.Socket;
import java.util.Collections;
import java.util.List;
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.servlet.ServletException;
import jenkins.model.GlobalConfiguration;
import jenkins.model.Jenkins;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.interceptor.RequirePOST;

@Extension
/* loaded from: input_file:io/jenkins/plugins/remotingkafka/GlobalKafkaConfiguration.class */
public class GlobalKafkaConfiguration extends GlobalConfiguration {
    public static final SchemeRequirement KAFKA_SCHEME = new SchemeRequirement("kafka");
    private String brokerURL;
    private String zookeeperURL;
    private boolean enableSSL;
    private String kafkaCredentialsId;
    private String sslTruststoreCredentialsId;
    private String sslKeystoreCredentialsId;
    private String sslKeyCredentialsId;

    public GlobalKafkaConfiguration() {
        load();
    }

    public static GlobalKafkaConfiguration get() {
        return (GlobalKafkaConfiguration) GlobalConfiguration.all().get(GlobalKafkaConfiguration.class);
    }

    public String getBrokerURL() {
        return this.brokerURL;
    }

    public String getZookeeperURL() {
        return this.zookeeperURL;
    }

    public boolean getEnableSSL() {
        return this.enableSSL;
    }

    public String getKafkaCredentialsId() {
        return this.kafkaCredentialsId;
    }

    public String getSslTruststoreCredentialsId() {
        return this.sslTruststoreCredentialsId;
    }

    public String getSslKeystoreCredentialsId() {
        return this.sslKeystoreCredentialsId;
    }

    public String getSslKeyCredentialsId() {
        return this.sslKeyCredentialsId;
    }

    public String getKafkaUsername() throws RemotingKafkaConfigurationException {
        StandardUsernamePasswordCredentials credential = getCredential(this.kafkaCredentialsId);
        if (credential == null) {
            throw new RemotingKafkaConfigurationException("No Kafka credential provided");
        }
        return credential.getUsername();
    }

    public String getKafkaPassword() throws RemotingKafkaConfigurationException {
        StandardUsernamePasswordCredentials credential = getCredential(this.kafkaCredentialsId);
        if (credential == null) {
            throw new RemotingKafkaConfigurationException("No Kafka credential provided");
        }
        return credential.getPassword().getPlainText();
    }

    public String getSSLTruststoreLocation() throws RemotingKafkaConfigurationException {
        StandardUsernamePasswordCredentials credential = getCredential(this.sslTruststoreCredentialsId);
        if (credential == null) {
            throw new RemotingKafkaConfigurationException("No SSL truststore credential provided");
        }
        return credential.getUsername();
    }

    public String getSSLTruststorePassword() throws RemotingKafkaConfigurationException {
        StandardUsernamePasswordCredentials credential = getCredential(this.sslTruststoreCredentialsId);
        if (credential == null) {
            throw new RemotingKafkaConfigurationException("No SSL truststore credential provided");
        }
        return credential.getPassword().getPlainText();
    }

    public String getSSLKeystoreLocation() throws RemotingKafkaConfigurationException {
        StandardUsernamePasswordCredentials credential = getCredential(this.sslKeystoreCredentialsId);
        if (credential == null) {
            throw new RemotingKafkaConfigurationException("No SSL keystore credential provided");
        }
        return credential.getUsername();
    }

    public String getSSLKeystorePassword() throws RemotingKafkaConfigurationException {
        StandardUsernamePasswordCredentials credential = getCredential(this.sslKeystoreCredentialsId);
        if (credential == null) {
            throw new RemotingKafkaConfigurationException("No SSL keystore credential provided");
        }
        return credential.getPassword().getPlainText();
    }

    public String getSSLKeyPassword() throws RemotingKafkaConfigurationException {
        StandardUsernamePasswordCredentials credential = getCredential(this.sslKeyCredentialsId);
        if (credential == null) {
            throw new RemotingKafkaConfigurationException("No SSL key credential provided");
        }
        return credential.getPassword().getPlainText();
    }

    public FormValidation doCheckBrokerURL(@QueryParameter("brokerURL") String str) {
        return StringUtils.isBlank(str) ? FormValidation.error(Messages.GlobalKafkaConfiguration_KafkaConnectionURLWarning()) : FormValidation.ok();
    }

    public FormValidation doCheckZookeeperURL(@QueryParameter("zookeeperURL") String str) {
        return StringUtils.isBlank(str) ? FormValidation.error(Messages.GlobalKafkaConfiguration_ZookeeperURLWarning()) : FormValidation.ok();
    }

    @RequirePOST
    public FormValidation doTestZookeeperConnection(@QueryParameter("zookeeperURL") String str) throws IOException, ServletException {
        if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
            return FormValidation.error("Need admin permission to perform this action");
        }
        try {
            String[] split = str.split(":");
            testConnection(split[0], Integer.parseInt(split[1]));
            return FormValidation.ok("Success");
        } catch (Exception e) {
            return FormValidation.error("Connection error : " + e.getMessage());
        }
    }

    @RequirePOST
    public FormValidation doTestBrokerConnection(@QueryParameter("brokerURL") String str) throws IOException, ServletException {
        if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
            return FormValidation.error("Need admin permission to perform this action");
        }
        try {
            String[] split = str.split(":");
            testConnection(split[0], Integer.parseInt(split[1]));
            return FormValidation.ok("Success");
        } catch (Exception e) {
            return FormValidation.error("Connection error : " + e.getMessage());
        }
    }

    public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
        this.brokerURL = jSONObject.getString("brokerURL");
        this.zookeeperURL = jSONObject.getString("zookeeperURL");
        this.enableSSL = Boolean.valueOf(jSONObject.getString("enableSSL")).booleanValue();
        save();
        return super.configure(staplerRequest, jSONObject);
    }

    private void testConnection(String str, int i) throws IOException {
        new Socket(str, i);
    }

    @CheckForNull
    private StandardUsernamePasswordCredentials getCredential(@Nonnull String str) {
        StandardUsernamePasswordCredentials standardUsernamePasswordCredentials = null;
        List<StandardUsernamePasswordCredentials> lookupCredentials = CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, Jenkins.get(), ACL.SYSTEM, Collections.emptyList());
        IdMatcher idMatcher = new IdMatcher(str);
        for (StandardUsernamePasswordCredentials standardUsernamePasswordCredentials2 : lookupCredentials) {
            if (idMatcher.matches(standardUsernamePasswordCredentials2)) {
                standardUsernamePasswordCredentials = standardUsernamePasswordCredentials2;
            }
        }
        return standardUsernamePasswordCredentials;
    }

    @RequirePOST
    public ListBoxModel doFillKafkaCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String str) {
        return fillCredentialsIdItems(item, str);
    }

    public FormValidation doCheckKafkaCredentialsId(@AncestorInPath Item item, @QueryParameter String str) {
        FormValidation checkCredentialsId = checkCredentialsId(item, str);
        if ((item != null || Jenkins.get().hasPermission(Jenkins.ADMINISTER)) && checkCredentialsId.equals(FormValidation.ok())) {
            this.kafkaCredentialsId = str;
        }
        return checkCredentialsId;
    }

    @RequirePOST
    public ListBoxModel doFillSslTruststoreCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String str) {
        return fillCredentialsIdItems(item, str);
    }

    public FormValidation doCheckSslTruststoreCredentialsId(@AncestorInPath Item item, @QueryParameter String str) {
        FormValidation checkCredentialsId = checkCredentialsId(item, str);
        if ((item != null || Jenkins.get().hasPermission(Jenkins.ADMINISTER)) && checkCredentialsId.equals(FormValidation.ok())) {
            this.sslTruststoreCredentialsId = str;
        }
        return checkCredentialsId;
    }

    @RequirePOST
    public ListBoxModel doFillSslKeystoreCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String str) {
        return fillCredentialsIdItems(item, str);
    }

    public FormValidation doCheckSslKeystoreCredentialsId(@AncestorInPath Item item, @QueryParameter String str) {
        FormValidation checkCredentialsId = checkCredentialsId(item, str);
        if ((item != null || Jenkins.get().hasPermission(Jenkins.ADMINISTER)) && checkCredentialsId.equals(FormValidation.ok())) {
            this.sslKeystoreCredentialsId = str;
        }
        return checkCredentialsId;
    }

    @RequirePOST
    public ListBoxModel doFillSslKeyCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String str) {
        return fillCredentialsIdItems(item, str);
    }

    public FormValidation doCheckSslKeyCredentialsId(@AncestorInPath Item item, @QueryParameter String str) {
        FormValidation checkCredentialsId = checkCredentialsId(item, str);
        if ((item != null || Jenkins.get().hasPermission(Jenkins.ADMINISTER)) && checkCredentialsId.equals(FormValidation.ok())) {
            this.sslKeyCredentialsId = str;
        }
        return checkCredentialsId;
    }

    private FormValidation checkCredentialsId(@AncestorInPath Item item, @QueryParameter String str) {
        return (item != null || Jenkins.get().hasPermission(Jenkins.ADMINISTER)) ? (str.startsWith("${") && str.endsWith("}")) ? FormValidation.warning("Cannot validate expression based credentials") : CredentialsProvider.listCredentials(StandardUsernamePasswordCredentials.class, Jenkins.get(), ACL.SYSTEM, Collections.singletonList(KAFKA_SCHEME), CredentialsMatchers.withId(str)).isEmpty() ? FormValidation.error("Cannot find currently selected credentials") : FormValidation.ok() : FormValidation.ok();
    }

    private ListBoxModel fillCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String str) {
        StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
        return (item != null || Jenkins.get().hasPermission(Jenkins.ADMINISTER)) ? standardListBoxModel.includeMatchingAs(ACL.SYSTEM, Jenkins.get(), StandardUsernamePasswordCredentials.class, Collections.singletonList(KAFKA_SCHEME), CredentialsMatchers.always()).includeCurrentValue(str) : standardListBoxModel.includeCurrentValue(str);
    }
}
