package io.jenkins.plugins.twofactor.jenkins.tfaMethodsConfig;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.Extension;
import hudson.model.Action;
import hudson.model.User;
import hudson.model.UserProperty;
import hudson.model.UserPropertyDescriptor;
import hudson.util.FormApply;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import hudson.util.Secret;
import io.jenkins.plugins.twofactor.constants.MoGlobalConfigConstant;
import io.jenkins.plugins.twofactor.constants.MoPluginUrls;
import io.jenkins.plugins.twofactor.constants.MoSecurityQuestionsConstant;
import io.jenkins.plugins.twofactor.jenkins.MoFilter;
import io.jenkins.plugins.twofactor.jenkins.MoGlobalConfig;
import io.jenkins.plugins.twofactor.jenkins.MoUserAuth;
import java.io.IOException;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpSession;
import jenkins.model.Jenkins;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.StaplerResponse;
import org.kohsuke.stapler.interceptor.RequirePOST;

/* loaded from: input_file:io/jenkins/plugins/twofactor/jenkins/tfaMethodsConfig/MoSecurityQuestionConfig.class */
public class MoSecurityQuestionConfig extends UserProperty implements Action {
    private static final Logger LOGGER;
    private Secret firstSecurityQuestion;
    private Secret secondSecurityQuestion;
    private Secret customSecurityQuestion;
    private Secret firstSecurityQuestionAnswer;
    private Secret secondSecurityQuestionAnswer;
    private Secret customSecurityQuestionAnswer;
    private boolean isConfigured;
    public static final DescriptorImpl DESCRIPTOR;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Extension
    /* loaded from: input_file:io/jenkins/plugins/twofactor/jenkins/tfaMethodsConfig/MoSecurityQuestionConfig$DescriptorImpl.class */
    public static class DescriptorImpl extends UserPropertyDescriptor {
        public DescriptorImpl() {
            super(MoSecurityQuestionConfig.class);
        }

        public String getContextPath() {
            return MoUserAuth.getContextPath();
        }

        public UserProperty newInstance(User user) {
            return new MoSecurityQuestionConfig(Secret.fromString(""), Secret.fromString(""), Secret.fromString(""), Secret.fromString(""), Secret.fromString(""), Secret.fromString(""), false);
        }

        @SuppressFBWarnings({"NP_NONNULL_RETURN_VIOLATION"})
        public String getDisplayName() {
            return null;
        }

        public Boolean showInUserProfile() {
            return Boolean.valueOf(MoFilter.moPluginSettings.getOrDefault(MoGlobalConfigConstant.AdminConfiguration.ENABLE_2FA_FOR_ALL_USERS.getKey(), false).booleanValue() && MoGlobalConfig.get().isEnableSecurityQuestionsAuthentication().booleanValue());
        }

        public String getUserId() {
            User current = User.current();
            return current == null ? "" : current.getId();
        }

        private ListBoxModel fillSecurityQuestion() {
            ListBoxModel listBoxModel = new ListBoxModel();
            for (MoSecurityQuestionsConstant.SecurityQuestions securityQuestions : MoSecurityQuestionsConstant.SecurityQuestions.values()) {
                listBoxModel.add(new ListBoxModel.Option(securityQuestions.getQuestion()));
            }
            return listBoxModel;
        }

        @RequirePOST
        public ListBoxModel doFillFirstSecurityQuestionItems() {
            Jenkins.get().checkPermission(Jenkins.READ);
            return fillSecurityQuestion();
        }

        @RequirePOST
        public ListBoxModel doFillSecondSecurityQuestionItems() {
            Jenkins.get().checkPermission(Jenkins.READ);
            return fillSecurityQuestion();
        }

        private FormValidation validateForm(boolean z, String str) {
            return z ? FormValidation.error(str) : FormValidation.ok();
        }

        @RequirePOST
        public FormValidation doCheckFirstSecurityQuestion(@QueryParameter String str, @QueryParameter String str2) {
            Jenkins.get().checkPermission(Jenkins.READ);
            return validateForm(str.equals(MoSecurityQuestionsConstant.SecurityQuestions.SELECT_SECURITY_QUESTION.getQuestion()) || str.equals(str2), "Please select a valid security question");
        }

        @RequirePOST
        public FormValidation doCheckFirstSecurityQuestionAnswer(@QueryParameter String str, @QueryParameter String str2) {
            Jenkins.get().checkPermission(Jenkins.READ);
            return validateForm(StringUtils.isBlank(str), "Please Enter valid answer");
        }

        @RequirePOST
        public FormValidation doCheckSecondSecurityQuestion(@QueryParameter String str, @QueryParameter String str2) {
            Jenkins.get().checkPermission(Jenkins.READ);
            return validateForm(str.equals(MoSecurityQuestionsConstant.SecurityQuestions.SELECT_SECURITY_QUESTION.getQuestion()) || str.equals(str2), "Please select a valid security question");
        }

        @RequirePOST
        public FormValidation doCheckSecondSecurityQuestionAnswer(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.READ);
            return validateForm(StringUtils.isBlank(str), "Please Enter valid answer");
        }

        @RequirePOST
        public FormValidation doCheckCustomSecurityQuestion(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.READ);
            return validateForm(StringUtils.isBlank(str), "Please select a valid security question");
        }

        @RequirePOST
        public FormValidation doCheckCustomSecurityQuestionAnswer(@QueryParameter String str) {
            Jenkins.get().checkPermission(Jenkins.READ);
            return validateForm(StringUtils.isBlank(str), "Please Enter valid answer");
        }
    }

    @DataBoundConstructor
    public MoSecurityQuestionConfig(Secret secret, Secret secret2, Secret secret3, Secret secret4, Secret secret5, Secret secret6, boolean z) {
        this.firstSecurityQuestion = secret;
        this.secondSecurityQuestion = secret2;
        this.customSecurityQuestion = secret3;
        this.firstSecurityQuestionAnswer = secret4;
        this.secondSecurityQuestionAnswer = secret5;
        this.customSecurityQuestionAnswer = secret6;
        this.isConfigured = z;
    }

    public String getIconFileName() {
        return null;
    }

    public String getDisplayName() {
        return "Security question";
    }

    public String getUrlName() {
        return MoPluginUrls.Urls.MO_SECURITY_QUESTION_CONFIG.getUrl();
    }

    public boolean isUserAuthenticatedFromTfa() {
        return MoFilter.userAuthenticationStatus.getOrDefault(this.user.getId(), false).booleanValue();
    }

    public String getBaseUrl() {
        return Jenkins.get().getRootUrl();
    }

    private boolean isFormFilledCorrectly(JSONObject jSONObject) {
        return !jSONObject.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_FIRST_SECURITY_QUESTION.getKey()).equals(jSONObject.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_SECOND_SECURITY_QUESTION.getKey())) && !jSONObject.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_FIRST_SECURITY_QUESTION.getKey()).equals(MoSecurityQuestionsConstant.SecurityQuestions.SELECT_SECURITY_QUESTION.getQuestion()) && !jSONObject.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_SECOND_SECURITY_QUESTION.getKey()).equals(MoSecurityQuestionsConstant.SecurityQuestions.SELECT_SECURITY_QUESTION.getQuestion()) && StringUtils.isNotBlank(jSONObject.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_CUSTOM_SECURITY_QUESTION.getKey())) && StringUtils.isNotBlank(jSONObject.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_FIRST_SECURITY_QUESTION_ANSWER.getKey())) && StringUtils.isNotBlank(jSONObject.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_SECOND_SECURITY_QUESTION_ANSWER.getKey())) && StringUtils.isNotBlank(jSONObject.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_CUSTOM_SECURITY_QUESTION_ANSWER.getKey()));
    }

    @RequirePOST
    public void doSaveSecurityQuestion(StaplerRequest staplerRequest, StaplerResponse staplerResponse) throws Exception {
        Jenkins.get().checkPermission(Jenkins.READ);
        LOGGER.fine("Saving user security questions");
        JSONObject submittedForm = staplerRequest.getSubmittedForm();
        String str = staplerRequest.getContextPath() + "./";
        User current = User.current();
        try {
            if (isFormFilledCorrectly(submittedForm)) {
                if (current != null) {
                    MoSecurityQuestionConfig moSecurityQuestionConfig = (MoSecurityQuestionConfig) current.getProperty(MoSecurityQuestionConfig.class);
                    moSecurityQuestionConfig.setFirstSecurityQuestion(Secret.fromString(submittedForm.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_FIRST_SECURITY_QUESTION.getKey())));
                    moSecurityQuestionConfig.setSecondSecurityQuestion(Secret.fromString(submittedForm.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_SECOND_SECURITY_QUESTION.getKey())));
                    moSecurityQuestionConfig.setCustomSecurityQuestion(Secret.fromString(submittedForm.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_CUSTOM_SECURITY_QUESTION.getKey())));
                    moSecurityQuestionConfig.setFirstSecurityQuestionAnswer(Secret.fromString(submittedForm.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_FIRST_SECURITY_QUESTION_ANSWER.getKey())));
                    moSecurityQuestionConfig.setSecondSecurityQuestionAnswer(Secret.fromString(submittedForm.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_SECOND_SECURITY_QUESTION_ANSWER.getKey())));
                    moSecurityQuestionConfig.setCustomSecurityQuestionAnswer(Secret.fromString(submittedForm.getString(MoSecurityQuestionsConstant.UserSecurityQuestionKey.USER_CUSTOM_SECURITY_QUESTION_ANSWER.getKey())));
                    moSecurityQuestionConfig.setConfigured(true);
                    current.save();
                }
                HttpSession session = staplerRequest.getSession(false);
                if (!$assertionsDisabled && current == null) {
                    throw new AssertionError();
                }
                if (session != null) {
                    str = (String) session.getAttribute("tfaRelayState");
                    session.removeAttribute("tfaRelayState");
                    session.setAttribute(current.getId() + MoGlobalConfigConstant.UtilityGlobalConstants.SESSION_2FA_VERIFICATION.getKey(), "true");
                    MoFilter.userAuthenticationStatus.put(current.getId(), true);
                }
                if (str != null) {
                    LOGGER.fine("Saved security questions, redirecting user to " + str);
                    FormApply.success(str).generateResponse(staplerRequest, staplerResponse, (Object) null);
                }
            }
            if (str == null) {
                str = Jenkins.get().getRootUrl();
            }
            LOGGER.fine("Redirecting user to " + str);
            FormApply.success(str).generateResponse(staplerRequest, staplerResponse, (Object) null);
        } catch (Exception e) {
            LOGGER.fine("Error in saving security questions, Form is not filled correctly ");
            throw new Exception("Cannot save security questions, exception is " + e.getMessage());
        }
    }

    @RequirePOST
    public void doReset(StaplerRequest staplerRequest, StaplerResponse staplerResponse) throws IOException, ServletException {
        Jenkins.get().checkPermission(Jenkins.READ);
        try {
            MoSecurityQuestionConfig moSecurityQuestionConfig = (MoSecurityQuestionConfig) this.user.getProperty(MoSecurityQuestionConfig.class);
            moSecurityQuestionConfig.setFirstSecurityQuestion(Secret.fromString(""));
            moSecurityQuestionConfig.setSecondSecurityQuestion(Secret.fromString(""));
            moSecurityQuestionConfig.setCustomSecurityQuestion(Secret.fromString(""));
            moSecurityQuestionConfig.setFirstSecurityQuestionAnswer(Secret.fromString(""));
            moSecurityQuestionConfig.setSecondSecurityQuestionAnswer(Secret.fromString(""));
            moSecurityQuestionConfig.setCustomSecurityQuestionAnswer(Secret.fromString(""));
            moSecurityQuestionConfig.setConfigured(false);
            LOGGER.fine("Resetting the security question authentication method");
            this.user.save();
        } catch (Exception e) {
            LOGGER.fine("Error in resetting the configuration " + e.getMessage());
        }
        FormApply.success(staplerRequest.getReferer()).generateResponse(staplerRequest, staplerResponse, (Object) null);
    }

    public String getFirstSecurityQuestion(User user) {
        return ((MoSecurityQuestionConfig) user.getProperty(MoSecurityQuestionConfig.class)).firstSecurityQuestion.getPlainText();
    }

    public String getSecondSecurityQuestion(User user) {
        return ((MoSecurityQuestionConfig) user.getProperty(MoSecurityQuestionConfig.class)).secondSecurityQuestion.getPlainText();
    }

    public String getCustomSecurityQuestion(User user) {
        return ((MoSecurityQuestionConfig) user.getProperty(MoSecurityQuestionConfig.class)).customSecurityQuestion.getPlainText();
    }

    public String getFirstSecurityQuestionAnswer(User user) {
        return ((MoSecurityQuestionConfig) user.getProperty(MoSecurityQuestionConfig.class)).firstSecurityQuestionAnswer.getPlainText();
    }

    public String getSecondSecurityQuestionAnswer(User user) {
        return ((MoSecurityQuestionConfig) user.getProperty(MoSecurityQuestionConfig.class)).secondSecurityQuestionAnswer.getPlainText();
    }

    public String getCustomSecurityQuestionAnswer(User user) {
        return ((MoSecurityQuestionConfig) user.getProperty(MoSecurityQuestionConfig.class)).customSecurityQuestionAnswer.getPlainText();
    }

    public void setFirstSecurityQuestion(Secret secret) {
        this.firstSecurityQuestion = secret;
    }

    public void setSecondSecurityQuestion(Secret secret) {
        this.secondSecurityQuestion = secret;
    }

    public void setCustomSecurityQuestion(Secret secret) {
        this.customSecurityQuestion = secret;
    }

    public void setFirstSecurityQuestionAnswer(Secret secret) {
        this.firstSecurityQuestionAnswer = secret;
    }

    public void setSecondSecurityQuestionAnswer(Secret secret) {
        this.secondSecurityQuestionAnswer = secret;
    }

    public void setCustomSecurityQuestionAnswer(Secret secret) {
        this.customSecurityQuestionAnswer = secret;
    }

    public boolean isConfigured() {
        return this.isConfigured;
    }

    public void setConfigured(boolean z) {
        this.isConfigured = z;
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] */
    public UserPropertyDescriptor m19getDescriptor() {
        return new DescriptorImpl();
    }

    static {
        $assertionsDisabled = !MoSecurityQuestionConfig.class.desiredAssertionStatus();
        LOGGER = Logger.getLogger(MoSecurityQuestionConfig.class.getName());
        DESCRIPTOR = new DescriptorImpl();
    }
}
