package hudson.plugins.redmine;

import hudson.Extension;
import hudson.Util;
import hudson.model.Descriptor;
import hudson.plugins.redmine.dao.AbstractAuthDao;
import hudson.plugins.redmine.dao.MySQLAuthDao;
import hudson.plugins.redmine.dao.PostgreSQLAuthDao;
import hudson.plugins.redmine.util.CipherUtil;
import hudson.plugins.redmine.util.Constants;
import hudson.security.AbstractPasswordBasedSecurityRealm;
import hudson.security.GroupDetails;
import hudson.security.SecurityRealm;
import hudson.util.Secret;
import java.util.HashSet;
import java.util.logging.Logger;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.apache.commons.lang.StringUtils;
import org.kohsuke.stapler.DataBoundConstructor;
import org.springframework.dao.DataAccessException;

/* loaded from: input_file:hudson/plugins/redmine/RedmineSecurityRealm.class */
public class RedmineSecurityRealm extends AbstractPasswordBasedSecurityRealm {
    private static final Logger LOGGER = Logger.getLogger(RedmineSecurityRealm.class.getName());
    private final String dbms;
    private final String dbServer;
    private final String databaseName;
    private final String port;
    private final String dbUserName;
    private final Secret dbPassword;
    private final String version;
    private final String loginTable;
    private final String userField;
    private final String passField;
    private final String saltField;

    /* loaded from: input_file:hudson/plugins/redmine/RedmineSecurityRealm$Authenticator.class */
    class Authenticator extends AbstractUserDetailsAuthenticationProvider {
        Authenticator() {
        }

        protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        }

        protected UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
            return RedmineSecurityRealm.this.authenticate(str, usernamePasswordAuthenticationToken.getCredentials().toString());
        }
    }

    /* loaded from: input_file:hudson/plugins/redmine/RedmineSecurityRealm$DescriptorImpl.class */
    public static final class DescriptorImpl extends Descriptor<SecurityRealm> {
        public String getHelpFile() {
            return "/plugin/redmine/help-auth-overview.html";
        }

        public String getDisplayName() {
            return Messages.RedmineSecurityRealm_DisplayName();
        }
    }

    @DataBoundConstructor
    public RedmineSecurityRealm(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10, String str11) {
        this.dbms = StringUtils.isBlank(str) ? Constants.DBMS_MYSQL : str;
        this.dbServer = StringUtils.isBlank(str2) ? Constants.DEFAULT_DB_SERVER : str2;
        this.databaseName = StringUtils.isBlank(str3) ? Constants.DEFAULT_DATABASE_NAME : str3;
        if (StringUtils.isBlank(str4)) {
            this.port = Constants.DBMS_MYSQL.equals(this.dbms) ? Constants.DEFAULT_PORT_MYSQL : Constants.DBMS_POSTGRESQL;
        } else {
            this.port = str4;
        }
        this.dbUserName = str5;
        this.dbPassword = Secret.fromString(Util.fixEmptyAndTrim(str6));
        this.version = StringUtils.isBlank(str7) ? Constants.VERSION_1_2_0 : str7;
        this.loginTable = StringUtils.isBlank(str8) ? Constants.DEFAULT_LOGIN_TABLE : str8;
        this.userField = StringUtils.isBlank(str9) ? Constants.DEFAULT_USER_FIELD : str9;
        this.passField = StringUtils.isBlank(str10) ? Constants.DEFAULT_PASSWORD_FIELD : str10;
        this.saltField = StringUtils.isBlank(str11) ? Constants.DEFAULT_SALT_FIELD : str11;
    }

    @Extension
    public static DescriptorImpl install() {
        return new DescriptorImpl();
    }

    protected UserDetails authenticate(String str, String str2) throws AuthenticationException {
        AbstractAuthDao abstractAuthDao = null;
        try {
            try {
                AbstractAuthDao createAuthDao = createAuthDao(this.dbms);
                LOGGER.info("Redmine DBMS      : " + this.dbms);
                LOGGER.info("DB Server         : " + this.dbServer);
                LOGGER.info("DB Port           : " + this.port);
                LOGGER.info("Database Name     : " + this.databaseName);
                createAuthDao.open(this.dbServer, this.port, this.databaseName, this.dbUserName, this.dbPassword.getPlainText());
                if (!createAuthDao.isTable(this.loginTable)) {
                    throw new RedmineAuthenticationException("RedmineSecurity: Invalid Login Table");
                }
                if (!createAuthDao.isField(this.loginTable, this.userField)) {
                    throw new RedmineAuthenticationException("RedmineSecurity: Invalid User Field");
                }
                RedmineUserData redmineUserData = createAuthDao.getRedmineUserData(this.loginTable, this.userField, this.passField, Constants.VERSION_1_2_0.equals(this.version) ? this.saltField : null, str);
                if (redmineUserData == null) {
                    LOGGER.warning("RedmineSecurity: Invalid Username");
                    throw new UsernameNotFoundException("RedmineSecurity: User not found");
                }
                String str3 = "";
                if (Constants.VERSION_1_2_0.equals(this.version)) {
                    str3 = CipherUtil.encodeSHA1(redmineUserData.getSalt() + CipherUtil.encodeSHA1(str2));
                } else if (Constants.VERSION_1_1_3.equals(this.version)) {
                    str3 = CipherUtil.encodeSHA1(str2);
                }
                LOGGER.info("Redmine Version   : " + this.version);
                LOGGER.info("User Name         : " + str);
                LOGGER.info("Encrypted Password: " + str3);
                if (!redmineUserData.getPassword().equals(str3)) {
                    LOGGER.warning("RedmineSecurity: Invalid Password");
                    throw new RedmineAuthenticationException("RedmineSecurity: Invalid Password");
                }
                UserDetails userDetails = getUserDetails(str, redmineUserData.getPassword());
                if (createAuthDao != null) {
                    createAuthDao.close();
                }
                return userDetails;
            } catch (Exception e) {
                throw new RedmineAuthenticationException("RedmineSecurity: System.Exception", e);
            } catch (AuthenticationException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                abstractAuthDao.close();
            }
            throw th;
        }
    }

    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException, DataAccessException {
        AbstractAuthDao abstractAuthDao = null;
        try {
            try {
                AbstractAuthDao createAuthDao = createAuthDao(this.dbms);
                createAuthDao.open(this.dbServer, this.port, this.databaseName, this.dbUserName, this.dbPassword.getPlainText());
                if (!createAuthDao.isTable(this.loginTable)) {
                    throw new RedmineAuthenticationException("RedmineSecurity: Invalid Login Table");
                }
                if (!createAuthDao.isField(this.loginTable, this.userField)) {
                    throw new RedmineAuthenticationException("RedmineSecurity: Invalid User Field");
                }
                RedmineUserData redmineUserData = createAuthDao.getRedmineUserData(this.loginTable, this.userField, this.passField, Constants.VERSION_1_2_0.equals(this.version) ? this.saltField : null, str);
                if (redmineUserData == null) {
                    LOGGER.warning("RedmineSecurity: Invalid Username");
                    throw new UsernameNotFoundException("RedmineSecurity: User not found");
                }
                UserDetails userDetails = getUserDetails(str, redmineUserData.getPassword());
                if (createAuthDao != null) {
                    createAuthDao.close();
                }
                return userDetails;
            } catch (AuthenticationException e) {
                throw e;
            } catch (Exception e2) {
                throw new RedmineAuthenticationException("RedmineSecurity: System.Exception", e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                abstractAuthDao.close();
            }
            throw th;
        }
    }

    private AbstractAuthDao createAuthDao(String str) {
        if (Constants.DBMS_MYSQL.equals(str)) {
            return new MySQLAuthDao();
        }
        if (Constants.DBMS_POSTGRESQL.equals(str)) {
            return new PostgreSQLAuthDao();
        }
        return null;
    }

    public GroupDetails loadGroupByGroupname(String str) throws UsernameNotFoundException, DataAccessException {
        throw new UsernameNotFoundException("RedmineSecurityRealm: Non-supported function");
    }

    private UserDetails getUserDetails(String str, String str2) {
        HashSet hashSet = new HashSet();
        hashSet.add(SecurityRealm.AUTHENTICATED_AUTHORITY);
        return new RedmineUserDetails(str, str2, true, true, true, true, (GrantedAuthority[]) hashSet.toArray(new GrantedAuthority[hashSet.size()]));
    }

    public String getDbms() {
        return this.dbms;
    }

    public String getDbServer() {
        return this.dbServer;
    }

    public String getDatabaseName() {
        return this.databaseName;
    }

    public String getPort() {
        return this.port;
    }

    public String getDbUserName() {
        return this.dbUserName;
    }

    public Secret getDbPassword() {
        return this.dbPassword;
    }

    public String getVersion() {
        return this.version;
    }

    public String getLoginTable() {
        return this.loginTable;
    }

    public String getUserField() {
        return this.userField;
    }

    public String getPassField() {
        return this.passField;
    }

    public String getSaltField() {
        return this.saltField;
    }
}
