package hudson.security;

import edu.umd.cs.findbugs.annotations.CheckForNull;
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.ExtensionList;
import hudson.ExtensionPoint;
import hudson.model.User;
import hudson.model.UserProperty;
import java.io.IOException;
import java.io.Serializable;
import javax.servlet.ServletException;
import jenkins.model.Jenkins;
import org.kohsuke.stapler.HttpResponse;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.StaplerResponse;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;

/* loaded from: input_file:WEB-INF/lib/jenkins-core-2.361-rc32668.575eb_7527701.jar:hudson/security/FederatedLoginService.class */
public abstract class FederatedLoginService implements ExtensionPoint {

    /* loaded from: input_file:WEB-INF/lib/jenkins-core-2.361-rc32668.575eb_7527701.jar:hudson/security/FederatedLoginService$FederatedIdentity.class */
    public abstract class FederatedIdentity implements Serializable {
        public FederatedIdentity() {
        }

        @NonNull
        public abstract String getIdentifier();

        @CheckForNull
        public abstract String getNickname();

        @CheckForNull
        public abstract String getFullName();

        @CheckForNull
        public abstract String getEmailAddress();

        public abstract String getPronoun();

        @CheckForNull
        public final User locateUser() {
            Class<? extends FederatedLoginServiceUserProperty> userPropertyClass = FederatedLoginService.this.getUserPropertyClass();
            String identifier = getIdentifier();
            for (User user : User.getAll()) {
                if (((FederatedLoginServiceUserProperty) user.getProperty(userPropertyClass)).has(identifier)) {
                    return user;
                }
            }
            return null;
        }

        @NonNull
        public User signin() throws UnclaimedIdentityException {
            User locateUser = locateUser();
            if (locateUser == null) {
                throw new UnclaimedIdentityException(this);
            }
            UserDetails loadUserByUsername2 = Jenkins.get().getSecurityRealm().loadUserByUsername2(locateUser.getId());
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername2, "", loadUserByUsername2.getAuthorities());
            usernamePasswordAuthenticationToken.setDetails(loadUserByUsername2);
            SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
            return locateUser;
        }

        public void addToCurrentUser() throws IOException {
            User current = User.current();
            if (current == null) {
                throw new IllegalStateException("Current request is unauthenticated");
            }
            addTo(current);
        }

        public void addTo(User user) throws IOException {
            FederatedLoginServiceUserProperty federatedLoginServiceUserProperty = (FederatedLoginServiceUserProperty) user.getProperty(FederatedLoginService.this.getUserPropertyClass());
            if (federatedLoginServiceUserProperty == null) {
                federatedLoginServiceUserProperty = (FederatedLoginServiceUserProperty) UserProperty.all().find(FederatedLoginService.this.getUserPropertyClass()).newInstance(user);
                user.addProperty(federatedLoginServiceUserProperty);
            }
            federatedLoginServiceUserProperty.addIdentifier(getIdentifier());
        }

        public String toString() {
            return getIdentifier();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jenkins-core-2.361-rc32668.575eb_7527701.jar:hudson/security/FederatedLoginService$UnclaimedIdentityException.class */
    public static class UnclaimedIdentityException extends RuntimeException implements HttpResponse {
        public final FederatedIdentity identity;

        public UnclaimedIdentityException(FederatedIdentity federatedIdentity) {
            this.identity = federatedIdentity;
        }

        @Override // org.kohsuke.stapler.HttpResponse
        public void generateResponse(StaplerRequest staplerRequest, StaplerResponse staplerResponse, Object obj) throws IOException, ServletException {
            SecurityRealm securityRealm = Jenkins.get().getSecurityRealm();
            if (securityRealm.allowsSignup()) {
                try {
                    securityRealm.commenceSignup(this.identity).generateResponse(staplerRequest, staplerResponse, obj);
                    return;
                } catch (UnsupportedOperationException e) {
                }
            }
            staplerRequest.getView(this, "error").forward(staplerRequest, staplerResponse);
        }
    }

    @NonNull
    public abstract String getUrlName();

    @NonNull
    public abstract Class<? extends FederatedLoginServiceUserProperty> getUserPropertyClass();

    public static ExtensionList<FederatedLoginService> all() {
        return ExtensionList.lookup(FederatedLoginService.class);
    }
}
