package io.jenkins.plugins.artifact_manager_jclouds.s3;

import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3ClientBuilder;
import com.amazonaws.services.s3.model.Bucket;
import com.amazonaws.services.s3.model.BucketAccelerateConfiguration;
import com.amazonaws.services.s3.model.BucketAccelerateStatus;
import com.amazonaws.services.s3.model.SetBucketAccelerateConfigurationRequest;
import com.google.common.annotations.VisibleForTesting;
import edu.umd.cs.findbugs.annotations.NonNull;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.Extension;
import hudson.ExtensionList;
import hudson.Util;
import hudson.model.Failure;
import hudson.util.FormValidation;
import io.jenkins.plugins.artifact_manager_jclouds.JCloudsVirtualFile;
import io.jenkins.plugins.aws.global_configuration.AbstractAwsGlobalConfiguration;
import io.jenkins.plugins.aws.global_configuration.CredentialsAwsGlobalConfiguration;
import java.io.IOException;
import java.util.regex.Pattern;
import jenkins.model.Jenkins;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.interceptor.RequirePOST;

@Extension
@Symbol({"s3"})
/* loaded from: input_file:io/jenkins/plugins/artifact_manager_jclouds/s3/S3BlobStoreConfig.class */
public final class S3BlobStoreConfig extends AbstractAwsGlobalConfiguration {
    private static final String BUCKET_REGEXP = "^([a-z]|(\\d(?!\\d{0,2}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})))([a-z\\d]|(\\.(?!(\\.|-)))|(-(?!\\.))){1,61}[a-z\\d\\.]$";
    private static final Pattern bucketPattern = Pattern.compile(BUCKET_REGEXP);
    private static final String ENDPOINT_REGEXP = "^[a-z0-9][a-z0-9-.]{0,}(?::[0-9]{1,5})?$";
    private static final Pattern endPointPattern = Pattern.compile(ENDPOINT_REGEXP, 2);
    private static boolean DELETE_ARTIFACTS = Boolean.getBoolean(S3BlobStoreConfig.class.getName() + ".deleteArtifacts");
    private static boolean DELETE_STASHES = Boolean.getBoolean(S3BlobStoreConfig.class.getName() + ".deleteStashes");
    private String container;
    private String prefix;

    @Deprecated
    private transient String region;

    @Deprecated
    private transient String credentialsId;
    private boolean usePathStyleUrl;
    private boolean useHttp;
    private boolean useTransferAcceleration;
    private boolean disableSessionToken;
    private String customEndpoint;
    private String customSigningRegion;
    private final boolean deleteArtifacts;
    private final boolean deleteStashes;

    /* loaded from: input_file:io/jenkins/plugins/artifact_manager_jclouds/s3/S3BlobStoreConfig$S3BlobStoreTester.class */
    private static class S3BlobStoreTester extends S3BlobStore {
        private static final long serialVersionUID = -3645770416235883487L;

        @SuppressFBWarnings(value = {"SE_TRANSIENT_FIELD_NOT_RESTORED"}, justification = "This transient field is only modified from the class constructor.")
        private transient S3BlobStoreConfig config = new S3BlobStoreConfig();

        S3BlobStoreTester(String str, String str2, boolean z, boolean z2, boolean z3, boolean z4, String str3, String str4) {
            this.config.setContainer(str);
            this.config.setPrefix(str2);
            this.config.setCustomEndpoint(str3);
            this.config.setCustomSigningRegion(str4);
            this.config.setUseHttp(z);
            this.config.setUseTransferAcceleration(z2);
            this.config.setUsePathStyleUrl(z3);
            this.config.setDisableSessionToken(z4);
        }

        @Override // io.jenkins.plugins.artifact_manager_jclouds.s3.S3BlobStore
        public S3BlobStoreConfig getConfiguration() {
            return this.config;
        }
    }

    public S3BlobStoreConfig() {
        load();
        if (Util.fixEmpty(this.region) != null || Util.fixEmpty(this.credentialsId) != null) {
            CredentialsAwsGlobalConfiguration.get().setRegion(this.region);
            CredentialsAwsGlobalConfiguration.get().setCredentialsId(this.credentialsId);
            this.region = null;
            this.credentialsId = null;
            save();
        }
        this.deleteArtifacts = DELETE_ARTIFACTS;
        this.deleteStashes = DELETE_STASHES;
    }

    public String getContainer() {
        return this.container;
    }

    @DataBoundSetter
    public void setContainer(String str) {
        this.container = str;
        checkValue(doCheckContainer(str));
        save();
    }

    public String getPrefix() {
        return this.prefix;
    }

    @DataBoundSetter
    public void setPrefix(String str) {
        this.prefix = str;
        checkValue(doCheckPrefix(str));
        save();
    }

    private void checkValue(@NonNull FormValidation formValidation) {
        if (formValidation.kind == FormValidation.Kind.ERROR) {
            throw new Failure(formValidation.getMessage());
        }
    }

    public boolean isDeleteArtifacts() {
        return this.deleteArtifacts;
    }

    public boolean isDeleteStashes() {
        return this.deleteStashes;
    }

    public boolean getUsePathStyleUrl() {
        return this.usePathStyleUrl;
    }

    @DataBoundSetter
    public void setUsePathStyleUrl(boolean z) {
        this.usePathStyleUrl = z;
        save();
    }

    public boolean getUseHttp() {
        return this.useHttp;
    }

    @DataBoundSetter
    public void setUseHttp(boolean z) {
        this.useHttp = z;
        save();
    }

    public boolean getUseTransferAcceleration() {
        return this.useTransferAcceleration;
    }

    @DataBoundSetter
    public void setUseTransferAcceleration(boolean z) {
        this.useTransferAcceleration = z;
        save();
    }

    public boolean getDisableSessionToken() {
        return this.disableSessionToken;
    }

    @DataBoundSetter
    public void setDisableSessionToken(boolean z) {
        this.disableSessionToken = z;
        save();
    }

    public String getCustomEndpoint() {
        return this.customEndpoint;
    }

    @DataBoundSetter
    public void setCustomEndpoint(String str) {
        checkValue(doCheckCustomEndpoint(str));
        this.customEndpoint = str;
        save();
    }

    public String getResolvedCustomEndpoint() {
        if (StringUtils.isNotBlank(this.customEndpoint)) {
            return (getUseHttp() ? "http" : "https") + "://" + this.customEndpoint;
        }
        return null;
    }

    public String getCustomSigningRegion() {
        return this.customSigningRegion;
    }

    @DataBoundSetter
    public void setCustomSigningRegion(String str) {
        this.customSigningRegion = str;
        checkValue(doCheckCustomSigningRegion(this.customSigningRegion));
        save();
    }

    @NonNull
    public String getDisplayName() {
        return "Amazon S3 Bucket Access settings";
    }

    @NonNull
    public static S3BlobStoreConfig get() {
        return (S3BlobStoreConfig) ExtensionList.lookupSingleton(S3BlobStoreConfig.class);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AmazonS3ClientBuilder getAmazonS3ClientBuilder() {
        AmazonS3ClientBuilder withForceGlobalBucketAccessEnabled;
        AmazonS3ClientBuilder standard = AmazonS3ClientBuilder.standard();
        if (StringUtils.isNotBlank(this.customEndpoint)) {
            String str = this.customSigningRegion;
            if (StringUtils.isBlank(str)) {
                str = "us-east-1";
            }
            withForceGlobalBucketAccessEnabled = (AmazonS3ClientBuilder) standard.withEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration(getResolvedCustomEndpoint(), str));
        } else {
            withForceGlobalBucketAccessEnabled = StringUtils.isNotBlank(CredentialsAwsGlobalConfiguration.get().getRegion()) ? (AmazonS3ClientBuilder) standard.withRegion(CredentialsAwsGlobalConfiguration.get().getRegion()) : standard.withForceGlobalBucketAccessEnabled(true);
        }
        return withForceGlobalBucketAccessEnabled.withAccelerateModeEnabled(Boolean.valueOf(this.useTransferAcceleration)).withPathStyleAccessEnabled(Boolean.valueOf(getUsePathStyleUrl()));
    }

    @VisibleForTesting
    public AmazonS3ClientBuilder getAmazonS3ClientBuilderWithCredentials() throws IOException {
        return getAmazonS3ClientBuilderWithCredentials(getDisableSessionToken());
    }

    private AmazonS3ClientBuilder getAmazonS3ClientBuilderWithCredentials(boolean z) throws IOException {
        AmazonS3ClientBuilder amazonS3ClientBuilder = getAmazonS3ClientBuilder();
        return z ? (AmazonS3ClientBuilder) amazonS3ClientBuilder.withCredentials(CredentialsAwsGlobalConfiguration.get().getCredentials()) : amazonS3ClientBuilder.withCredentials(new AWSStaticCredentialsProvider(CredentialsAwsGlobalConfiguration.get().sessionCredentials(amazonS3ClientBuilder)));
    }

    public FormValidation doCheckContainer(@QueryParameter String str) {
        FormValidation ok = FormValidation.ok();
        if (StringUtils.isBlank(str)) {
            ok = FormValidation.warning("The container name cannot be empty");
        } else if (!bucketPattern.matcher(str).matches()) {
            ok = FormValidation.error("The S3 Bucket name does not match S3 bucket rules");
        }
        return ok;
    }

    public FormValidation doCheckPrefix(@QueryParameter String str) {
        return StringUtils.isBlank(str) ? FormValidation.ok("Artifacts will be stored in the root folder of the S3 Bucket.") : str.endsWith("/") ? FormValidation.ok() : FormValidation.error("A prefix must end with a slash.");
    }

    public FormValidation doCheckCustomSigningRegion(@QueryParameter String str) {
        return (StringUtils.isBlank(str) && StringUtils.isNotBlank(this.customEndpoint)) ? FormValidation.ok("'us-east-1' will be used when a custom endpoint is configured and custom signing region is blank.") : FormValidation.ok();
    }

    public FormValidation doCheckCustomEndpoint(@QueryParameter String str) {
        FormValidation ok = FormValidation.ok();
        if (!StringUtils.isBlank(str) && !endPointPattern.matcher(str).matches()) {
            ok = FormValidation.error("Custom Endpoint may not be valid.");
        }
        return ok;
    }

    public Bucket createS3Bucket(String str) throws IOException {
        return createS3Bucket(str, getDisableSessionToken());
    }

    private Bucket createS3Bucket(String str, boolean z) throws IOException {
        AmazonS3 amazonS3 = (AmazonS3) getAmazonS3ClientBuilderWithCredentials(z).withAccelerateModeEnabled(false).build();
        Bucket createBucket = amazonS3.createBucket(str);
        if (this.useTransferAcceleration) {
            amazonS3.setBucketAccelerateConfiguration(new SetBucketAccelerateConfigurationRequest(str, new BucketAccelerateConfiguration(BucketAccelerateStatus.Enabled)));
        }
        return createBucket;
    }

    @RequirePOST
    public FormValidation doCreateS3Bucket(@QueryParameter String str, @QueryParameter boolean z) {
        Jenkins.get().checkPermission(Jenkins.ADMINISTER);
        FormValidation ok = FormValidation.ok("success");
        try {
            createS3Bucket(str, z);
        } catch (Throwable th) {
            ok = FormValidation.error(StringUtils.abbreviate(processExceptionMessage(th), 200));
        }
        return ok;
    }

    void checkGetBucketLocation(String str, boolean z) throws IOException {
        ((AmazonS3) getAmazonS3ClientBuilderWithCredentials(z).build()).getBucketLocation(str);
    }

    @RequirePOST
    public FormValidation doValidateS3BucketConfig(@QueryParameter String str, @QueryParameter String str2, @QueryParameter boolean z, @QueryParameter boolean z2, @QueryParameter boolean z3, @QueryParameter boolean z4, @QueryParameter String str3, @QueryParameter String str4) {
        Jenkins.get().checkPermission(Jenkins.ADMINISTER);
        FormValidation ok = FormValidation.ok("success");
        S3BlobStoreTester s3BlobStoreTester = new S3BlobStoreTester(str, str2, z, z2, z3, z4, str3, str4);
        try {
            new JCloudsVirtualFile(s3BlobStoreTester, str, str2.replaceFirst("/$", "")).list();
        } catch (Throwable th) {
            ok = FormValidation.error(th, StringUtils.abbreviate(processExceptionMessage(th), 200));
        }
        try {
            s3BlobStoreTester.getConfiguration().checkGetBucketLocation(str, z4);
        } catch (Throwable th2) {
            ok = FormValidation.warning(th2, "GetBucketLocation failed");
        }
        return ok;
    }
}
