package hudson.security;

import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.BulkChange;
import hudson.Extension;
import hudson.Functions;
import hudson.RestrictedSince;
import hudson.markup.MarkupFormatter;
import hudson.model.Describable;
import hudson.model.Descriptor;
import hudson.model.ManagementLink;
import hudson.util.FormApply;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import java.util.TreeSet;
import java.util.function.Predicate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import jenkins.model.GlobalConfigurationCategory;
import jenkins.model.Jenkins;
import jenkins.util.ServerTcpPort;
import net.sf.json.JSONArray;
import net.sf.json.JSONException;
import net.sf.json.JSONObject;
import org.jenkinsci.Symbol;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.StaplerResponse;
import org.kohsuke.stapler.verb.POST;

@Extension(ordinal = 2.147483437E9d)
@Symbol({"securityConfig"})
/* loaded from: input_file:WEB-INF/lib/jenkins-core-2.436-rc34445.948c1e0e40da_.jar:hudson/security/GlobalSecurityConfiguration.class */
public class GlobalSecurityConfiguration extends ManagementLink implements Describable<GlobalSecurityConfiguration> {
    private static final Logger LOGGER = Logger.getLogger(GlobalSecurityConfiguration.class.getName());

    @Restricted({NoExternalUse.class})
    @RestrictedSince("2.222")
    public static final Predicate<Descriptor> FILTER = descriptor -> {
        return descriptor.getCategory() instanceof GlobalConfigurationCategory.Security;
    };

    @Extension
    @Symbol({"security"})
    /* loaded from: input_file:WEB-INF/lib/jenkins-core-2.436-rc34445.948c1e0e40da_.jar:hudson/security/GlobalSecurityConfiguration$DescriptorImpl.class */
    public static final class DescriptorImpl extends Descriptor<GlobalSecurityConfiguration> {
        @Override // hudson.model.Descriptor
        @NonNull
        public String getDisplayName() {
            return Messages.GlobalSecurityConfiguration_DisplayName();
        }
    }

    public SecurityRealm getSecurityRealm() {
        return Jenkins.get().getSecurityRealm();
    }

    public AuthorizationStrategy getAuthorizationStrategy() {
        return Jenkins.get().getAuthorizationStrategy();
    }

    public MarkupFormatter getMarkupFormatter() {
        return Jenkins.get().getMarkupFormatter();
    }

    public int getSlaveAgentPort() {
        return Jenkins.get().getSlaveAgentPort();
    }

    @Restricted({NoExternalUse.class})
    public boolean isSlaveAgentPortEnforced() {
        return Jenkins.get().isSlaveAgentPortEnforced();
    }

    @NonNull
    public Set<String> getAgentProtocols() {
        return Jenkins.get().getAgentProtocols();
    }

    public boolean isDisableRememberMe() {
        return Jenkins.get().isDisableRememberMe();
    }

    @Override // hudson.model.ManagementLink
    @NonNull
    public ManagementLink.Category getCategory() {
        return ManagementLink.Category.SECURITY;
    }

    @POST
    public synchronized void doConfigure(StaplerRequest staplerRequest, StaplerResponse staplerResponse) throws IOException, ServletException, Descriptor.FormException {
        JSONObject submittedForm = staplerRequest.getSubmittedForm();
        BulkChange bulkChange = new BulkChange(Jenkins.get());
        try {
            try {
                LOGGER.log(Level.FINE, "security saved: " + configure(staplerRequest, submittedForm));
                Jenkins.get().save();
                FormApply.success(staplerRequest.getContextPath() + "/manage").generateResponse(staplerRequest, staplerResponse, null);
                bulkChange.commit();
            } catch (JSONException e) {
                LOGGER.warning(() -> {
                    return "Bad JSON:\n" + submittedForm.toString(2);
                });
                throw e;
            }
        } catch (Throwable th) {
            bulkChange.commit();
            throw th;
        }
    }

    public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
        Jenkins jenkins2 = Jenkins.get();
        jenkins2.checkPermission(Jenkins.ADMINISTER);
        jenkins2.setDisableRememberMe(jSONObject.optBoolean("disableRememberMe", false));
        jenkins2.setSecurityRealm((SecurityRealm) Descriptor.bindJSON(staplerRequest, SecurityRealm.class, jSONObject.getJSONObject("securityRealm")));
        jenkins2.setAuthorizationStrategy((AuthorizationStrategy) Descriptor.bindJSON(staplerRequest, AuthorizationStrategy.class, jSONObject.getJSONObject("authorizationStrategy")));
        if (jSONObject.has("markupFormatter")) {
            jenkins2.setMarkupFormatter((MarkupFormatter) staplerRequest.bindJSON(MarkupFormatter.class, jSONObject.getJSONObject("markupFormatter")));
        } else {
            jenkins2.setMarkupFormatter(null);
        }
        if (!isSlaveAgentPortEnforced()) {
            try {
                jenkins2.setSlaveAgentPort(new ServerTcpPort(jSONObject.getJSONObject("slaveAgentPort")).getPort());
            } catch (IOException e) {
                throw new Descriptor.FormException(e, "slaveAgentPortType");
            }
        }
        TreeSet treeSet = new TreeSet();
        if (jSONObject.has("agentProtocol")) {
            Object obj = jSONObject.get("agentProtocol");
            if (obj instanceof JSONArray) {
                for (int i = 0; i < ((JSONArray) obj).size(); i++) {
                    treeSet.add(((JSONArray) obj).getString(i));
                }
            } else {
                treeSet.add(obj.toString());
            }
        }
        jenkins2.setAgentProtocols(treeSet);
        boolean z = true;
        Iterator<Descriptor> it = Functions.getSortedDescriptorsForGlobalConfigByDescriptor(FILTER).iterator();
        while (it.hasNext()) {
            z &= configureDescriptor(staplerRequest, jSONObject, it.next());
        }
        return z;
    }

    private boolean configureDescriptor(StaplerRequest staplerRequest, JSONObject jSONObject, Descriptor<?> descriptor) throws Descriptor.FormException {
        String jsonSafeClassName = descriptor.getJsonSafeClassName();
        JSONObject jSONObject2 = jSONObject.has(jsonSafeClassName) ? jSONObject.getJSONObject(jsonSafeClassName) : new JSONObject();
        jSONObject.putAll(jSONObject2);
        return descriptor.configure(staplerRequest, jSONObject2);
    }

    @Override // hudson.model.Action, hudson.model.ModelObject
    public String getDisplayName() {
        return getDescriptor2().getDisplayName();
    }

    @Override // hudson.model.ManagementLink
    public String getDescription() {
        return Messages.GlobalSecurityConfiguration_Description();
    }

    @Override // hudson.model.ManagementLink, hudson.model.Action
    public String getIconFileName() {
        return "symbol-lock-closed";
    }

    @Override // hudson.model.ManagementLink, hudson.model.Action
    public String getUrlName() {
        return "configureSecurity";
    }

    @Override // hudson.model.ManagementLink
    public Permission getRequiredPermission() {
        return Jenkins.SYSTEM_READ;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // hudson.model.Describable
    /* renamed from: getDescriptor */
    public Descriptor<GlobalSecurityConfiguration> getDescriptor2() {
        return Jenkins.get().getDescriptorOrDie(getClass());
    }
}
