package com.google.jenkins.plugins.credentials.oauth;

import com.google.jenkins.plugins.credentials.oauth.ServiceAccountConfig;
import hudson.Extension;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.util.logging.Level;
import java.util.logging.Logger;
import jenkins.model.Jenkins;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.io.IOUtils;
import org.kohsuke.stapler.DataBoundConstructor;

/* loaded from: input_file:com/google/jenkins/plugins/credentials/oauth/P12ServiceAccountConfig.class */
public class P12ServiceAccountConfig extends ServiceAccountConfig {
    private static final long serialVersionUID = 8706353638974721795L;
    private static final Logger LOGGER = Logger.getLogger(P12ServiceAccountConfig.class.getSimpleName());
    private static final String DEFAULT_P12_SECRET = "notasecret";
    private static final String DEFAULT_P12_ALIAS = "privatekey";
    private final String emailAddress;
    private String p12KeyFile;

    @Extension
    /* loaded from: input_file:com/google/jenkins/plugins/credentials/oauth/P12ServiceAccountConfig$DescriptorImpl.class */
    public static final class DescriptorImpl extends ServiceAccountConfig.Descriptor {
        public String getDisplayName() {
            return Messages.P12ServiceAccountConfig_DisplayName();
        }
    }

    @DataBoundConstructor
    public P12ServiceAccountConfig(String str, FileItem fileItem, String str2) {
        this.emailAddress = str;
        if (fileItem == null || fileItem.getSize() <= 0) {
            if (str2 == null || str2.isEmpty()) {
                return;
            }
            this.p12KeyFile = str2;
            return;
        }
        try {
            this.p12KeyFile = writeP12KeyToFile(fileItem);
        } catch (IOException e) {
            LOGGER.log(Level.SEVERE, "Failed to write json key to file", (Throwable) e);
        }
    }

    private String writeP12KeyToFile(FileItem fileItem) throws IOException {
        File createP12KeyFile = createP12KeyFile();
        writeP12KeyToFile(fileItem, createP12KeyFile);
        return createP12KeyFile.toString();
    }

    private void writeP12KeyToFile(FileItem fileItem, File file) throws IOException {
        InputStream inputStream = null;
        FileOutputStream fileOutputStream = null;
        try {
            inputStream = fileItem.getInputStream();
            fileOutputStream = new FileOutputStream(file);
            IOUtils.copy(inputStream, fileOutputStream);
            IOUtils.closeQuietly(inputStream);
            IOUtils.closeQuietly(fileOutputStream);
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            IOUtils.closeQuietly(fileOutputStream);
            throw th;
        }
    }

    private File createP12KeyFile() throws IOException {
        File file = new File(Jenkins.getInstance().getRootDir(), "gauth");
        if (file.exists() || file.mkdirs()) {
            return File.createTempFile("key", ".p12", file);
        }
        throw new IOException("Failed to create key folder");
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] */
    public DescriptorImpl m10getDescriptor() {
        return (DescriptorImpl) Jenkins.getInstance().getDescriptorOrDie(P12ServiceAccountConfig.class);
    }

    public String getEmailAddress() {
        return this.emailAddress;
    }

    public String getP12KeyFile() {
        return this.p12KeyFile;
    }

    @Override // com.google.jenkins.plugins.credentials.oauth.ServiceAccountConfig
    public String getAccountId() {
        return getEmailAddress();
    }

    @Override // com.google.jenkins.plugins.credentials.oauth.ServiceAccountConfig
    public PrivateKey getPrivateKey() {
        if (this.p12KeyFile == null) {
            return null;
        }
        try {
            return (PrivateKey) getP12KeyStore().getKey(DEFAULT_P12_ALIAS, DEFAULT_P12_SECRET.toCharArray());
        } catch (IOException e) {
            LOGGER.log(Level.SEVERE, "Failed to read private key", (Throwable) e);
            return null;
        } catch (GeneralSecurityException e2) {
            LOGGER.log(Level.SEVERE, "Failed to read private key", (Throwable) e2);
            return null;
        }
    }

    private KeyStore getP12KeyStore() throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        FileInputStream fileInputStream = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            fileInputStream = new FileInputStream(this.p12KeyFile);
            keyStore.load(fileInputStream, DEFAULT_P12_SECRET.toCharArray());
            IOUtils.closeQuietly(fileInputStream);
            return keyStore;
        } catch (Throwable th) {
            IOUtils.closeQuietly(fileInputStream);
            throw th;
        }
    }
}
