package com.google.jenkins.plugins.credentials.oauth;

import com.cloudbees.plugins.credentials.CredentialsScope;
import com.cloudbees.plugins.credentials.NameWith;
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import hudson.Extension;
import hudson.FilePath;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Collection;
import javax.annotation.Nullable;
import jenkins.model.Jenkins;
import org.apache.commons.fileupload.FileItem;
import org.kohsuke.stapler.DataBoundConstructor;

@NameWith(value = GoogleRobotNameProvider.class, priority = 50)
/* loaded from: input_file:WEB-INF/classes/com/google/jenkins/plugins/credentials/oauth/GoogleRobotPrivateKeyCredentials.class */
public final class GoogleRobotPrivateKeyCredentials extends GoogleRobotCredentials {
    private final String secretsFile;
    private final String p12File;

    @Extension
    /* loaded from: input_file:WEB-INF/classes/com/google/jenkins/plugins/credentials/oauth/GoogleRobotPrivateKeyCredentials$Descriptor.class */
    public static class Descriptor extends AbstractGoogleRobotCredentialsDescriptor {
        public Descriptor() {
            this(new GoogleRobotCredentialsModule());
        }

        @VisibleForTesting
        Descriptor(GoogleRobotCredentialsModule googleRobotCredentialsModule) {
            super(GoogleRobotPrivateKeyCredentials.class, googleRobotCredentialsModule);
        }

        public String getDisplayName() {
            return Messages.GoogleRobotPrivateKeyCredentials_DisplayName();
        }
    }

    @DataBoundConstructor
    public GoogleRobotPrivateKeyCredentials(String str, String str2, FileItem fileItem, String str3, FileItem fileItem2, @Nullable GoogleRobotCredentialsModule googleRobotCredentialsModule) throws Exception {
        super(str, googleRobotCredentialsModule);
        FilePath child = ((FilePath) Preconditions.checkNotNull(Jenkins.getInstance().getRootPath())).child("gauth");
        child.mkdirs();
        FilePath child2 = child.child(new StringBuilder(11).append(str.hashCode()).toString());
        child2.mkdirs();
        String writeIfNewFileOrReturnOld = writeIfNewFileOrReturnOld(str2, fileItem, child2, "client_secrets", "json");
        String writeIfNewFileOrReturnOld2 = writeIfNewFileOrReturnOld(str3, fileItem2, child2, "private", "p12");
        this.secretsFile = writeIfNewFileOrReturnOld;
        this.p12File = writeIfNewFileOrReturnOld2;
    }

    private String writeIfNewFileOrReturnOld(String str, FileItem fileItem, FilePath filePath, String str2, String str3) throws Exception {
        String str4;
        if (((FileItem) Preconditions.checkNotNull(fileItem)).getSize() == 0) {
            return str;
        }
        String concat = String.valueOf(str2).concat(".");
        String valueOf = String.valueOf(str3);
        if (valueOf.length() != 0) {
            str4 = ".".concat(valueOf);
        } else {
            str4 = r3;
            String str5 = new String(".");
        }
        String filePath2 = filePath.createTempFile(concat, str4).toString();
        fileItem.write(new File(filePath2));
        return filePath2;
    }

    public String getUsername() {
        try {
            return getGoogleCredential(new GoogleOAuth2ScopeRequirement() { // from class: com.google.jenkins.plugins.credentials.oauth.GoogleRobotPrivateKeyCredentials.1
                public Collection<String> getScopes() {
                    return ImmutableList.of();
                }
            }).getServiceAccountId();
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException(Messages.GoogleRobotPrivateKeyCredentials_BadCredentials(), e);
        }
    }

    public static String getHelpFile() {
        return Jenkins.getInstance().getDescriptorOrDie(GoogleRobotPrivateKeyCredentials.class).getHelpFile("credentials");
    }

    public String getSecretsFile() {
        return this.secretsFile;
    }

    @VisibleForTesting
    GoogleRobotSecrets getRobotSecrets() throws IOException {
        return GoogleRobotSecrets.load(getModule().getJsonFactory(), new FileInputStream(getSecretsFile()));
    }

    public String getP12File() {
        return this.p12File;
    }

    public CredentialsScope getScope() {
        return CredentialsScope.GLOBAL;
    }

    @Override // com.google.jenkins.plugins.credentials.oauth.GoogleOAuth2Credentials
    public GoogleCredential getGoogleCredential(GoogleOAuth2ScopeRequirement googleOAuth2ScopeRequirement) throws GeneralSecurityException {
        try {
            return new GoogleCredential.Builder().setTransport(getModule().getHttpTransport()).setJsonFactory(getModule().getJsonFactory()).setServiceAccountScopes(googleOAuth2ScopeRequirement.getScopes()).setServiceAccountPrivateKeyFromP12File(new File(getP12File())).setServiceAccountId(getRobotSecrets().getWeb().getClientEmail()).build();
        } catch (IOException e) {
            throw new GeneralSecurityException(Messages.GoogleRobotPrivateKeyCredentials_ExceptionString(), e);
        }
    }
}
