package jenkins.install;

import hudson.BulkChange;
import hudson.FilePath;
import hudson.model.User;
import hudson.security.FullControlOnceLoggedInAuthorizationStrategy;
import hudson.security.HudsonPrivateSecurityRealm;
import hudson.security.SecurityRealm;
import hudson.security.csrf.DefaultCrumbIssuer;
import hudson.util.HttpResponses;
import hudson.util.PluginServletFilter;
import hudson.util.VersionNumber;
import java.io.IOException;
import java.util.Locale;
import java.util.UUID;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import jenkins.model.Jenkins;
import jenkins.security.s2m.AdminWhitelistRule;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
import org.kohsuke.stapler.HttpResponse;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.StaplerResponse;

@Restricted({NoExternalUse.class})
/* loaded from: input_file:jenkins/install/SetupWizard.class */
public class SetupWizard {
    public static String initialSetupAdminUserName = "admin";

    /* renamed from: jenkins, reason: collision with root package name */
    private final Jenkins f3jenkins;
    private final Logger LOGGER = Logger.getLogger(SetupWizard.class.getName());
    private final Filter FORCE_SETUP_WIZARD_FILTER = new Filter() { // from class: jenkins.install.SetupWizard.1
        public void init(FilterConfig filterConfig) throws ServletException {
        }

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
            if (servletRequest instanceof HttpServletRequest) {
                HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
                if ((httpServletRequest.getContextPath() + "/").equals(httpServletRequest.getRequestURI())) {
                    filterChain.doFilter(new HttpServletRequestWrapper(httpServletRequest) { // from class: jenkins.install.SetupWizard.1.1
                        public String getRequestURI() {
                            return getContextPath() + "/setupWizard/";
                        }
                    }, servletResponse);
                    return;
                }
            }
            filterChain.doFilter(servletRequest, servletResponse);
        }

        public void destroy() {
        }
    };

    public SetupWizard(Jenkins jenkins2) throws IOException, InterruptedException {
        this.f3jenkins = jenkins2;
        FilePath initialAdminPasswordFile = getInitialAdminPasswordFile();
        if (jenkins2.getSecurityRealm() == null || jenkins2.getSecurityRealm() == SecurityRealm.NO_AUTHENTICATION) {
            BulkChange bulkChange = new BulkChange(jenkins2);
            try {
                HudsonPrivateSecurityRealm hudsonPrivateSecurityRealm = new HudsonPrivateSecurityRealm(false, false, null);
                jenkins2.setSecurityRealm(hudsonPrivateSecurityRealm);
                String lowerCase = UUID.randomUUID().toString().replace("-", "").toLowerCase(Locale.ENGLISH);
                hudsonPrivateSecurityRealm.createAccount(initialSetupAdminUserName, lowerCase);
                initialAdminPasswordFile.write(lowerCase + System.lineSeparator(), "UTF-8");
                initialAdminPasswordFile.chmod(416);
                FullControlOnceLoggedInAuthorizationStrategy fullControlOnceLoggedInAuthorizationStrategy = new FullControlOnceLoggedInAuthorizationStrategy();
                fullControlOnceLoggedInAuthorizationStrategy.setAllowAnonymousRead(false);
                jenkins2.setAuthorizationStrategy(fullControlOnceLoggedInAuthorizationStrategy);
                jenkins2.setSlaveAgentPort(-1);
                jenkins2.setCrumbIssuer(new DefaultCrumbIssuer(false));
                ((AdminWhitelistRule) jenkins2.getInjector().getInstance(AdminWhitelistRule.class)).setMasterKillSwitch(false);
                jenkins2.save();
                bulkChange.commit();
                bulkChange.abort();
            } catch (Throwable th) {
                bulkChange.abort();
                throw th;
            }
        }
        String trim = initialAdminPasswordFile.readToString().trim();
        String lineSeparator = System.lineSeparator();
        this.LOGGER.info(lineSeparator + lineSeparator + "*************************************************************" + lineSeparator + "*************************************************************" + lineSeparator + "*************************************************************" + lineSeparator + lineSeparator + "Jenkins initial setup is required. An admin user has been created and a password generated." + lineSeparator + "Please use the following password to proceed to installation:" + lineSeparator + lineSeparator + trim + lineSeparator + lineSeparator + "This may also be found at: " + initialAdminPasswordFile.getRemote() + lineSeparator + lineSeparator + "*************************************************************" + lineSeparator + "*************************************************************" + lineSeparator + "*************************************************************" + lineSeparator);
        try {
            PluginServletFilter.addFilter(this.FORCE_SETUP_WIZARD_FILTER);
        } catch (ServletException e) {
            throw new AssertionError(e);
        }
    }

    public void doCreateAdminUser(StaplerRequest staplerRequest, StaplerResponse staplerResponse) throws IOException, ServletException {
        Jenkins jenkins2 = Jenkins.getInstance();
        jenkins2.checkPermission(Jenkins.ADMINISTER);
        HudsonPrivateSecurityRealm hudsonPrivateSecurityRealm = (HudsonPrivateSecurityRealm) jenkins2.getSecurityRealm();
        User user = hudsonPrivateSecurityRealm.getUser(initialSetupAdminUserName);
        if (user != null) {
            try {
                user.delete();
            } finally {
                if (user != null) {
                    user.save();
                }
            }
        }
        User createAccountByAdmin = hudsonPrivateSecurityRealm.createAccountByAdmin(staplerRequest, staplerResponse, "/jenkins/install/SetupWizard/setupWizardFirstUser.jelly", staplerRequest.getContextPath() + "/");
        if (createAccountByAdmin != null) {
            if (user != null) {
                user = null;
            }
            jenkins2.setInstallState(InstallState.CREATE_ADMIN_USER.getNextState());
            SecurityContextHolder.getContext().setAuthentication(hudsonPrivateSecurityRealm.getSecurityComponents().manager.authenticate(new UsernamePasswordAuthenticationToken(createAccountByAdmin.getId(), staplerRequest.getParameter("password1"))));
        }
    }

    public FilePath getInitialAdminPasswordFile() {
        return this.f3jenkins.getRootPath().child("secrets/initialAdminPassword");
    }

    public HttpResponse doCompleteInstall() throws IOException, ServletException {
        this.f3jenkins.setInstallState(InstallState.INITIAL_SETUP_COMPLETED);
        InstallUtil.saveLastExecVersion();
        PluginServletFilter.removeFilter(this.FORCE_SETUP_WIZARD_FILTER);
        this.f3jenkins.setSetupWizard(null);
        UpgradeWizard upgradeWizard = (UpgradeWizard) this.f3jenkins.getInjector().getInstance(UpgradeWizard.class);
        if (upgradeWizard != null) {
            upgradeWizard.setCurrentLevel(new VersionNumber("2.0"));
        }
        return HttpResponses.okJSON();
    }
}
