package au.com.rayh;

import com.cloudbees.plugins.credentials.CredentialsProvider;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.AbortException;
import hudson.EnvVars;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractBuild;
import hudson.model.AbstractProject;
import hudson.model.BuildListener;
import hudson.model.Item;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.ArgumentListBuilder;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.inject.Inject;
import jenkins.model.Jenkins;
import jenkins.security.MasterToSlaveCallable;
import jenkins.tasks.SimpleBuildStep;
import org.acegisecurity.Authentication;
import org.apache.commons.lang.BooleanUtils;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.Symbol;
import org.jenkinsci.remoting.RoleChecker;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;

@SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
/* loaded from: input_file:WEB-INF/lib/xcode-plugin.jar:au/com/rayh/DeveloperProfileLoader.class */
public class DeveloperProfileLoader extends Builder implements SimpleBuildStep {

    @CheckForNull
    private String profileId;

    @CheckForNull
    private Boolean importIntoExistingKeychain;

    @CheckForNull
    private String keychainName;

    @CheckForNull
    private String keychainPath;

    @CheckForNull
    private String keychainPwd;

    @Extension
    @Symbol({"importDeveloperProfile"})
    /* loaded from: input_file:WEB-INF/lib/xcode-plugin.jar:au/com/rayh/DeveloperProfileLoader$DescriptorImpl.class */
    public static class DescriptorImpl extends BuildStepDescriptor<Builder> {
        GlobalConfigurationImpl globalConfiguration;

        @Inject
        @SuppressFBWarnings({"UWF_UNWRITTEN_FIELD"})
        void setGlobalConfiguration(GlobalConfigurationImpl globalConfigurationImpl) {
            this.globalConfiguration = globalConfigurationImpl;
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public String getDisplayName() {
            return Messages.DeveloperProfile_ImportDeveloperProfile();
        }

        public ListBoxModel doFillProfileIdItems(@AncestorInPath Item item) {
            List<DeveloperProfile> lookupCredentials = CredentialsProvider.lookupCredentials(DeveloperProfile.class, item, (Authentication) null);
            ListBoxModel listBoxModel = new ListBoxModel();
            for (DeveloperProfile developerProfile : lookupCredentials) {
                listBoxModel.add(developerProfile.getDescription(), developerProfile.getId());
            }
            return listBoxModel;
        }

        public GlobalConfigurationImpl getGlobalConfiguration() {
            return this.globalConfiguration;
        }

        public String getUUID() {
            return "" + UUID.randomUUID().getMostSignificantBits();
        }

        public FormValidation doCheckDeveloperProfileId(@QueryParameter String str) {
            return StringUtils.isEmpty(str) ? FormValidation.error(Messages.DeveloperProfileLoader_MustSelectDeveloperProfile()) : FormValidation.ok();
        }

        public FormValidation doCheckKeychainPath(@QueryParameter String str, @QueryParameter String str2, @QueryParameter Boolean bool) {
            return (BooleanUtils.isTrue(bool) && StringUtils.isEmpty(str2) && StringUtils.isEmpty(str)) ? FormValidation.error(Messages.DeveloperProfileLoader_MustSpecifyKeychainPath()) : FormValidation.ok();
        }

        public FormValidation doCheckKeychainPwd(@QueryParameter String str, @QueryParameter String str2, @QueryParameter Boolean bool) {
            return (BooleanUtils.isTrue(bool) && StringUtils.isEmpty(str2) && StringUtils.isEmpty(str)) ? FormValidation.error(Messages.DeveloperProfileLoader_MustSpecifyKeychainPwd()) : FormValidation.ok();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/xcode-plugin.jar:au/com/rayh/DeveloperProfileLoader$GetHomeDirectory.class */
    public static final class GetHomeDirectory extends MasterToSlaveCallable<FilePath, IOException> {
        private GetHomeDirectory() {
        }

        /* renamed from: call, reason: merged with bridge method [inline-methods] */
        public FilePath m1call() throws IOException {
            return new FilePath(new File(System.getProperty("user.home")));
        }

        public void checkRoles(RoleChecker roleChecker) throws SecurityException {
        }
    }

    @CheckForNull
    public String getDeveloperProfileId() {
        return this.profileId;
    }

    @DataBoundSetter
    public void setDeveloperProfileId(String str) {
        this.profileId = str;
    }

    public Boolean getImportIntoExistingKeychain() {
        if (this.importIntoExistingKeychain == null) {
            return false;
        }
        return this.importIntoExistingKeychain;
    }

    @DataBoundSetter
    public void setImportIntoExistingKeychain(Boolean bool) {
        this.importIntoExistingKeychain = bool;
    }

    @CheckForNull
    public String getKeychainName() {
        return this.keychainName;
    }

    @DataBoundSetter
    public void setKeychainName(String str) {
        this.keychainName = str;
    }

    @CheckForNull
    public String getKeychainPath() {
        return this.keychainPath;
    }

    @DataBoundSetter
    public void setKeychainPath(String str) {
        this.keychainPath = str;
    }

    @CheckForNull
    public String getKeychainPwd() {
        return this.keychainPwd;
    }

    @DataBoundSetter
    public void setKeychainPwd(String str) {
        this.keychainPwd = str;
    }

    @DataBoundConstructor
    public DeveloperProfileLoader(String str) {
        this.profileId = str;
    }

    public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull Launcher launcher, @Nonnull TaskListener taskListener) throws InterruptedException, IOException {
        String str;
        String uuid;
        Boolean bool;
        EnvVars environment = run.getEnvironment(taskListener);
        String expand = environment.expand(this.profileId);
        String expand2 = environment.expand(this.keychainName);
        environment.expand(this.keychainPath);
        environment.expand(this.keychainPwd);
        Boolean bool2 = this.importIntoExistingKeychain;
        DeveloperProfile profile = getProfile(run.getParent(), expand);
        if (profile == null) {
            throw new AbortException(Messages.DeveloperProfile_NoDeveloperProfileConfigured());
        }
        Keychain keychain = getKeychain(expand2);
        if (BooleanUtils.isNotTrue(bool2) || keychain == null) {
            str = "jenkins-" + run.getParent().getFullName().replace('/', '-');
            uuid = UUID.randomUUID().toString();
            bool = false;
        } else {
            str = environment.expand(keychain.getKeychainPath());
            uuid = environment.expand(keychain.getKeychainPassword());
            bool = true;
        }
        if (BooleanUtils.isNotTrue(bool)) {
            launcher.launch().cmds(new ArgumentListBuilder(new String[]{"security", "delete-keychain", str})).stdout(new ByteArrayOutputStream()).join();
            ArgumentListBuilder argumentListBuilder = new ArgumentListBuilder(new String[]{"security", "create-keychain"});
            argumentListBuilder.add("-p").addMasked(uuid);
            argumentListBuilder.add(str);
            invoke(launcher, taskListener, argumentListBuilder, "Failed to create a keychain");
        }
        ArgumentListBuilder argumentListBuilder2 = new ArgumentListBuilder(new String[]{"security", "unlock-keychain"});
        argumentListBuilder2.add("-p").addMasked(uuid);
        argumentListBuilder2.add(str);
        invoke(launcher, taskListener, argumentListBuilder2, "Failed to unlock keychain");
        if (BooleanUtils.isNotTrue(bool)) {
            ArgumentListBuilder argumentListBuilder3 = new ArgumentListBuilder(new String[]{"security", "list-keychains"});
            argumentListBuilder3.add("-d").add("user");
            argumentListBuilder3.add("-s").add("login.keychain");
            argumentListBuilder3.add(str);
            invoke(launcher, taskListener, argumentListBuilder3, "Failed to set keychain search path");
        }
        FilePath secretDir = getSecretDir(filePath, uuid);
        byte[] image = profile.getImage();
        if (image == null) {
            throw new AbortException(Messages.DeveloperProfile_NoDeveloperProfileConfigured());
        }
        secretDir.unzipFrom(new ByteArrayInputStream(image));
        for (FilePath filePath2 : secretDir.list("**/*.p12")) {
            ArgumentListBuilder argumentListBuilder4 = new ArgumentListBuilder(new String[]{"security", "import"});
            argumentListBuilder4.add(filePath2).add(new String[]{"-k", str});
            argumentListBuilder4.add("-P").addMasked(profile.getPassword().getPlainText());
            argumentListBuilder4.add(new String[]{"-T", "/usr/bin/codesign"});
            argumentListBuilder4.add(new String[]{"-T", "/usr/bin/productsign"});
            argumentListBuilder4.add(str);
            invoke(launcher, taskListener, argumentListBuilder4, "Failed to import identity " + filePath2);
        }
        ArgumentListBuilder argumentListBuilder5 = new ArgumentListBuilder(new String[]{"security", "show-keychain-info"});
        argumentListBuilder5.add(str);
        taskListener.getLogger().write(invoke(launcher, taskListener, argumentListBuilder5, "Failed to show keychain info").toByteArray());
        if (BooleanUtils.isNotTrue(bool)) {
            ArgumentListBuilder argumentListBuilder6 = new ArgumentListBuilder(new String[]{"security", "set-key-partition-list"});
            argumentListBuilder6.add("-S").add("apple-tool:,apple:");
            argumentListBuilder6.add("-s").add("-k").addMasked(uuid);
            argumentListBuilder6.add(str);
            invoke(launcher, taskListener, argumentListBuilder6, "Failed to set key partition list to keychain");
        }
        ArgumentListBuilder argumentListBuilder7 = new ArgumentListBuilder(new String[]{"security", "default-keychain"});
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (launcher.launch().cmds(argumentListBuilder7).stdout(byteArrayOutputStream).join() != 0) {
            taskListener.getLogger().write(byteArrayOutputStream.toByteArray());
            if (new String(byteArrayOutputStream.toByteArray(), "UTF-8").contains("A default keychain could not be found.")) {
                ArgumentListBuilder argumentListBuilder8 = new ArgumentListBuilder(new String[]{"security", "default-keychain"});
                argumentListBuilder8.add("-d").add("user");
                argumentListBuilder8.add("-s").add(str);
                invoke(launcher, taskListener, argumentListBuilder8, "Failed to set default keychain");
            }
        }
        if (BooleanUtils.isNotTrue(bool)) {
            importAppleCert(launcher, taskListener, filePath, str);
        }
        FilePath child = ((FilePath) launcher.getChannel().call(new GetHomeDirectory())).child("Library/MobileDevice/Provisioning Profiles");
        child.mkdirs();
        for (FilePath filePath3 : secretDir.list("**/*.mobileprovision")) {
            taskListener.getLogger().println(Messages.DeveloperProfile_Installing(filePath3.getName()));
            filePath3.copyTo(child.child(filePath3.getName()));
        }
    }

    public boolean perform(AbstractBuild<?, ?> abstractBuild, Launcher launcher, BuildListener buildListener) throws InterruptedException, IOException {
        perform(abstractBuild, abstractBuild.getWorkspace(), launcher, buildListener);
        return true;
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] */
    public DescriptorImpl m0getDescriptor() {
        return super.getDescriptor();
    }

    public GlobalConfigurationImpl getGlobalConfiguration() {
        return m0getDescriptor().getGlobalConfiguration();
    }

    public Keychain getKeychain(String str) {
        if (!StringUtils.isEmpty(str)) {
            Iterator<Keychain> it = getGlobalConfiguration().getKeychains().iterator();
            while (it.hasNext()) {
                Keychain next = it.next();
                if (next.getKeychainName().equals(str)) {
                    return next;
                }
            }
        }
        if (StringUtils.isEmpty(this.keychainPath)) {
            return null;
        }
        return new Keychain("", this.keychainPath, this.keychainPwd, false);
    }

    public void importAppleCert(Launcher launcher, TaskListener taskListener, FilePath filePath, String str) throws IOException, InterruptedException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        launcher.launch().cmds(new String[]{"security", "import", FilePath.getHomeDirectory(filePath.getChannel()).getRemote() + "/AppleWWDRCA.cer", "-k", str}).stdout(byteArrayOutputStream).join();
        taskListener.getLogger().write(byteArrayOutputStream.toByteArray());
    }

    private ByteArrayOutputStream invoke(Launcher launcher, TaskListener taskListener, ArgumentListBuilder argumentListBuilder, String str) throws IOException, InterruptedException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (launcher.launch().cmds(argumentListBuilder).stdout(byteArrayOutputStream).join() == 0) {
            return byteArrayOutputStream;
        }
        taskListener.getLogger().write(byteArrayOutputStream.toByteArray());
        throw new AbortException(str);
    }

    private FilePath getSecretDir(FilePath filePath, String str) throws IOException, InterruptedException {
        FilePath child = filePath.child("jenkins").child("developer-profiles");
        child.mkdirs();
        child.chmod(448);
        return child.child(str);
    }

    public DeveloperProfile getProfile(Item item, String str) {
        List<DeveloperProfile> lookupCredentials = CredentialsProvider.lookupCredentials(DeveloperProfile.class, item, Jenkins.getAuthentication());
        for (DeveloperProfile developerProfile : lookupCredentials) {
            if (developerProfile.getId().equals(str)) {
                return developerProfile;
            }
        }
        if (lookupCredentials.isEmpty()) {
            return null;
        }
        return (DeveloperProfile) lookupCredentials.get(0);
    }

    public String getProfileId() {
        return this.profileId;
    }
}
