package com.thycotic.secrets.jenkins;

import com.thycotic.secrets.server.spring.SecretServer;
import com.thycotic.secrets.server.spring.SecretServerFactoryBean;
import hudson.EnvVars;
import hudson.Extension;
import hudson.ExtensionList;
import hudson.FilePath;
import hudson.Launcher;
import hudson.console.ConsoleLogFilter;
import hudson.model.AbstractProject;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.tasks.BuildWrapperDescriptor;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import jenkins.tasks.SimpleBuildWrapper;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.springframework.beans.factory.config.BeanDefinitionCustomizer;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.core.env.MapPropertySource;

/* loaded from: input_file:WEB-INF/lib/thycotic-secret-server.jar:com/thycotic/secrets/jenkins/ServerBuildWrapper.class */
public class ServerBuildWrapper extends SimpleBuildWrapper {
    private static final String USERNAME_PROPERTY = "secret_server.oauth2.username";
    private static final String PASSWORD_PROPERTY = "secret_server.oauth2.password";
    private static final String API_ROOT_URL_PROPERTY = "secret_server.api_root_url";
    private static final String OAUTH2_TOKEN_URL_PROPERTY = "secret_server.oauth2.token_url";
    private List<ServerSecret> secrets;
    private List<String> valuesToMask = new ArrayList();
    static final /* synthetic */ boolean $assertionsDisabled;

    @Extension
    @Symbol({"withSecretServer"})
    /* loaded from: input_file:WEB-INF/lib/thycotic-secret-server.jar:com/thycotic/secrets/jenkins/ServerBuildWrapper$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildWrapperDescriptor {
        public boolean isApplicable(AbstractProject<?, ?> abstractProject) {
            return true;
        }

        public String getDisplayName() {
            return "Use Thycotic Secret Server Secrets";
        }
    }

    @DataBoundConstructor
    public ServerBuildWrapper(List<ServerSecret> list) {
        this.secrets = list;
    }

    public List<ServerSecret> getSecrets() {
        return this.secrets;
    }

    @DataBoundSetter
    public void setSecrets(List<ServerSecret> list) {
        this.secrets = list;
    }

    public ConsoleLogFilter createLoggerDecorator(Run<?, ?> run) {
        return new ServerConsoleLogFilter(run.getCharset().name(), this.valuesToMask);
    }

    public void setUp(SimpleBuildWrapper.Context context, Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener, EnvVars envVars) throws IOException, InterruptedException {
        ServerConfiguration serverConfiguration = (ServerConfiguration) ExtensionList.lookupSingleton(ServerConfiguration.class);
        HashMap hashMap = new HashMap();
        hashMap.put(API_ROOT_URL_PROPERTY, serverConfiguration.getAPIUrl());
        hashMap.put(OAUTH2_TOKEN_URL_PROPERTY, serverConfiguration.getTokenUrl());
        this.secrets.forEach(serverSecret -> {
            String baseUrl = serverSecret.getBaseUrl();
            String credentialId = serverSecret.getCredentialId();
            if (StringUtils.isNotBlank(baseUrl)) {
                hashMap.put(API_ROOT_URL_PROPERTY, baseUrl + serverConfiguration.getApiPathUri());
                hashMap.put(OAUTH2_TOKEN_URL_PROPERTY, baseUrl + serverConfiguration.getTokenPathUri());
            }
            UserCredentials userCredentials = StringUtils.isNotBlank(credentialId) ? UserCredentials.get(credentialId, null) : UserCredentials.get(serverConfiguration.getCredentialId(), null);
            if (!$assertionsDisabled && userCredentials == null) {
                throw new AssertionError();
            }
            hashMap.put(USERNAME_PROPERTY, userCredentials.getUsername());
            hashMap.put(PASSWORD_PROPERTY, userCredentials.getPassword().getPlainText());
            AnnotationConfigApplicationContext annotationConfigApplicationContext = new AnnotationConfigApplicationContext();
            annotationConfigApplicationContext.getEnvironment().getPropertySources().addLast(new MapPropertySource("properties", hashMap));
            annotationConfigApplicationContext.registerBean(SecretServerFactoryBean.class, new BeanDefinitionCustomizer[0]);
            annotationConfigApplicationContext.refresh();
            ((SecretServer) annotationConfigApplicationContext.getBean(SecretServer.class)).getSecret(serverSecret.getId()).getFields().forEach(field -> {
                serverSecret.getMappings().forEach(mapping -> {
                    if (mapping.getField().equalsIgnoreCase(field.getFieldName())) {
                        context.env(StringUtils.trimToEmpty(serverConfiguration.getEnvironmentVariablePrefix()) + mapping.getEnvironmentVariable(), field.getValue());
                        this.valuesToMask.add(field.getValue());
                    }
                });
            });
            annotationConfigApplicationContext.close();
        });
    }

    static {
        $assertionsDisabled = !ServerBuildWrapper.class.desiredAssertionStatus();
    }
}
