package org.conjur.jenkins.credentials;

import com.cloudbees.hudson.plugins.folder.AbstractFolder;
import com.cloudbees.plugins.credentials.Credentials;
import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.SystemCredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardCredentials;
import com.cloudbees.plugins.credentials.common.UsernamePasswordCredentials;
import com.cloudbees.plugins.credentials.domains.DomainCredentials;
import com.cloudbees.plugins.credentials.domains.DomainRequirement;
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.Extension;
import hudson.model.Hudson;
import hudson.model.Item;
import hudson.model.ItemGroup;
import hudson.model.ModelObject;
import hudson.security.ACL;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.function.Supplier;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import jenkins.model.Jenkins;
import org.acegisecurity.Authentication;
import org.conjur.jenkins.api.ConjurAPI;
import org.conjur.jenkins.authenticator.ConjurAPIKeyAuthenticator;

@Extension(optional = true, ordinal = 1.0d)
/* loaded from: input_file:org/conjur/jenkins/credentials/ConjurCredentialProvider.class */
public class ConjurCredentialProvider extends CredentialsProvider {
    private static final Logger LOGGER = Logger.getLogger(ConjurCredentialProvider.class.getName());
    private static final ConcurrentHashMap<String, Supplier<Collection<StandardCredentials>>> allCredentialSuppliers = new ConcurrentHashMap<>();

    public <C extends Credentials> List<C> getCredentials(@NonNull Class<C> cls, @NonNull ItemGroup itemGroup, @NonNull Authentication authentication, @NonNull List<DomainRequirement> list) {
        return getCredentialsFromSupplier(cls, itemGroup, authentication, list);
    }

    @NonNull
    public <C extends Credentials> List<C> getCredentials(@NonNull Class<C> cls, @NonNull Item item, @NonNull Authentication authentication, @NonNull List<DomainRequirement> list) {
        return getCredentialsFromSupplier(cls, item, authentication, list);
    }

    @NonNull
    public <C extends Credentials> List<C> getCredentials(@NonNull Class<C> cls, ItemGroup itemGroup, Authentication authentication) {
        return getCredentialsFromSupplier(cls, itemGroup, authentication, Collections.emptyList());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public <C extends Credentials> List<C> getCredentials(@NonNull Class<C> cls, ModelObject modelObject) {
        Collection<StandardCredentials> collection;
        ArrayList arrayList = new ArrayList();
        try {
            m15getStore(modelObject);
            Supplier<Collection<StandardCredentials>> supplier = allCredentialSuppliers.get(String.valueOf(modelObject.hashCode()));
            if (supplier != null && (collection = supplier.get()) != null) {
                Stream<StandardCredentials> filter = collection.stream().filter(standardCredentials -> {
                    return cls.isAssignableFrom(standardCredentials.getClass());
                });
                Objects.requireNonNull(cls);
                arrayList.addAll((Collection) filter.map((v1) -> {
                    return r2.cast(v1);
                }).collect(Collectors.toList()));
            }
        } catch (Exception e) {
            LOGGER.log(Level.SEVERE, String.format("Getting credentials failed. Exception: %s", e.toString()));
        }
        return arrayList;
    }

    private <C extends Credentials> List<C> getCredentialsFromSupplier(@NonNull Class<C> cls, ModelObject modelObject, Authentication authentication, @NonNull List<DomainRequirement> list) {
        ArrayList arrayList = new ArrayList();
        LOGGER.log(Level.FINEST, String.format("getCredentialsFromSupplier type: %s context: %s", cls.toString(), modelObject.getDisplayName()));
        if (cls == UsernamePasswordCredentials.class && authentication.getPrincipal().equals(ConjurAPIKeyAuthenticator.CONJUR_JENKINS_PLUGIN)) {
            arrayList.addAll(DomainCredentials.getCredentials(SystemCredentialsProvider.getInstance().getDomainCredentialsMap(), cls, list, CredentialsMatchers.instanceOf(cls)));
            return arrayList;
        }
        ItemGroup itemGroup = null;
        if (ACL.SYSTEM.equals(authentication)) {
            if (modelObject instanceof AbstractFolder) {
                itemGroup = (ItemGroup) modelObject;
            } else if (modelObject instanceof Item) {
                itemGroup = ((Item) modelObject).getParent();
                arrayList.addAll(getCredentials(cls, modelObject));
                if (!ConjurAPI.isInheritanceOn(modelObject)) {
                    return arrayList;
                }
            }
            if (!(modelObject instanceof Hudson)) {
                ItemGroup itemGroup2 = itemGroup;
                while (true) {
                    ItemGroup itemGroup3 = itemGroup2;
                    if (itemGroup3 instanceof AbstractFolder) {
                        arrayList.addAll(getCredentials(cls, itemGroup3));
                        if (!ConjurAPI.isInheritanceOn(itemGroup3)) {
                            LOGGER.log(Level.FINEST, String.format("Inheritance stopped on %s", itemGroup3.getFullName()));
                            break;
                        }
                        itemGroup2 = ((AbstractFolder) AbstractFolder.class.cast(itemGroup3)).getParent();
                    }
                }
            }
            try {
                arrayList.addAll(getCredentials(cls, Jenkins.get()));
                break;
            } catch (IllegalStateException e) {
                LOGGER.log(Level.FINEST, String.format("Getting global credentials exception: %s", e.toString()));
            }
        }
        LOGGER.log(Level.FINEST, String.format("Return credentials: %d", Integer.valueOf(arrayList.size())));
        return arrayList;
    }

    /* renamed from: getStore, reason: merged with bridge method [inline-methods] */
    public ConjurCredentialStore m15getStore(ModelObject modelObject) {
        ConjurCredentialStore conjurCredentialStore = null;
        if (modelObject != null) {
            String valueOf = String.valueOf(modelObject.hashCode());
            try {
                if (ConjurCredentialStore.isStoreContainsKey(valueOf)) {
                    LOGGER.log(Level.FINEST, String.format("GetStore EXISTING ConjurCredentialProvider: %s object %s hash %s", modelObject.getClass().getName(), modelObject.toString(), Integer.valueOf(modelObject.hashCode())));
                    conjurCredentialStore = ConjurCredentialStore.getCredentialStore(valueOf);
                } else {
                    LOGGER.log(Level.FINEST, String.format("GetStore CREATE, key: %s object %s", valueOf, modelObject.toString()));
                    conjurCredentialStore = new ConjurCredentialStore(this, modelObject);
                    Supplier<Collection<StandardCredentials>> memoizeWithExpiration = memoizeWithExpiration(ConjurCredentialsSupplier.standard(modelObject), Duration.ofSeconds(120L));
                    ConjurCredentialStore.putCredentialStore(valueOf, conjurCredentialStore);
                    allCredentialSuppliers.put(valueOf, memoizeWithExpiration);
                }
            } catch (Exception e) {
                LOGGER.log(Level.SEVERE, String.format("There is a problem with Storage: %s", e.getMessage()));
            }
        }
        return conjurCredentialStore;
    }

    public static ConcurrentMap<String, Supplier<Collection<StandardCredentials>>> getAllCredentialSuppliers() {
        return allCredentialSuppliers;
    }

    public String getIconClassName() {
        return "icon-conjur-credentials-store";
    }

    public static <T> Supplier<T> memoizeWithExpiration(Supplier<T> supplier, Duration duration) {
        return ConjurCustomSuppliers.memoizeWithExpiration(supplier, duration);
    }

    public static ConjurCredentialStore putCredentials(ConjurCredentialProvider conjurCredentialProvider, ModelObject modelObject, String str) {
        ConjurCredentialStore conjurCredentialStore = new ConjurCredentialStore(conjurCredentialProvider, modelObject);
        Supplier<Collection<StandardCredentials>> memoizeWithExpiration = memoizeWithExpiration(ConjurCredentialsSupplier.standard(modelObject), Duration.ofSeconds(120L));
        ConjurCredentialStore.putCredentialStore(str, conjurCredentialStore);
        allCredentialSuppliers.put(str, memoizeWithExpiration);
        return conjurCredentialStore;
    }
}
