package org.vaulttec.sonarqube.auth.oidc;

import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import javax.annotation.CheckForNull;
import org.sonar.api.PropertyType;
import org.sonar.api.config.Configuration;
import org.sonar.api.config.PropertyDefinition;
import org.sonar.api.server.ServerSide;

@ServerSide
/* loaded from: input_file:org/vaulttec/sonarqube/auth/oidc/OidcConfiguration.class */
public class OidcConfiguration {
    private static final String PREFIX = "sonar.auth.oidc";
    private static final String CATEGORY = "security";
    private static final String SUBCATEGORY = "oidc";
    static final String ENABLED = "sonar.auth.oidc.enabled";
    static final String AUTO_LOGIN = "sonar.auth.oidc.autoLogin";
    static final String ISSUER_URI = "sonar.auth.oidc.issuerUri";
    static final String CLIENT_ID = "sonar.auth.oidc.clientId.secured";
    static final String CLIENT_SECRET = "sonar.auth.oidc.clientSecret.secured";
    static final String ALLOW_USERS_TO_SIGN_UP = "sonar.auth.oidc.allowUsersToSignUp";
    static final String ID_TOKEN_SIG_ALG = "sonar.auth.oidc.idTokenSigAlg";
    static final String ID_TOKEN_SIG_ALG_HMAC = "HS256";
    static final String ID_TOKEN_SIG_ALG_RSA = "RS256";
    static final String ID_TOKEN_SIG_ALG_ECDSA = "ES256";
    static final String SCOPES = "sonar.auth.oidc.scopes";
    private static final String SCOPES_DEFAULT_VALUE = "openid email profile";
    static final String LOGIN_STRATEGY = "sonar.auth.oidc.loginStrategy";
    static final String LOGIN_STRATEGY_UNIQUE = "Unique";
    static final String LOGIN_STRATEGY_PROVIDER_ID = "Same as OpenID Connect login";
    static final String LOGIN_STRATEGY_PREFERRED_USERNAME = "Preferred username";
    static final String LOGIN_STRATEGY_EMAIL = "Email";
    static final String LOGIN_STRATEGY_CUSTOM_CLAIM = "Custom claim";
    static final String LOGIN_STRATEGY_DEFAULT_VALUE = "Preferred username";
    static final String LOGIN_STRATEGY_CUSTOM_CLAIM_NAME = "sonar.auth.oidc.loginStrategy.customClaim.name";
    private static final String LOGIN_STRATEGY_CUSTOM_CLAIM_NAME_DEFAULT_VALUE = "upn";
    static final String GROUPS_SYNC = "sonar.auth.oidc.groupsSync";
    static final String GROUPS_SYNC_CLAIM_NAME = "sonar.auth.oidc.groupsSync.claimName";
    private static final String GROUPS_SYNC_CLAIM_NAME_DEFAULT_VALUE = "groups";
    static final String ICON_PATH = "sonar.auth.oidc.iconPath";
    private static final String ICON_PATH_DEFAULT_VALUE = "/static/authoidc/openid.svg";
    static final String BACKGROUND_COLOR = "sonar.auth.oidc.backgroundColor";
    private static final String BACKGROUND_COLOR_DEFAULT_VALUE = "#236a97";
    static final String LOGIN_BUTTON_TEXT = "sonar.auth.oidc.loginButtonText";
    private static final String LOGIN_BUTTON_TEXT_DEFAULT_VALUE = "OpenID Connect";
    private final Configuration config;

    public OidcConfiguration(Configuration configuration) {
        this.config = configuration;
    }

    public String getBaseUrl() {
        Optional optional = this.config.get("sonar.core.serverBaseURL");
        return optional.isPresent() ? (String) optional.get() : "";
    }

    public String getContextPath() {
        Optional optional = this.config.get("sonar.web.context");
        return optional.isPresent() ? (String) optional.get() : "";
    }

    public boolean isEnabled() {
        return (!((Boolean) this.config.getBoolean(ENABLED).orElse(false)).booleanValue() || issuerUri() == null || clientId() == null) ? false : true;
    }

    public boolean isAutoLogin() {
        return ((Boolean) this.config.getBoolean(AUTO_LOGIN).orElse(false)).booleanValue();
    }

    @CheckForNull
    public String issuerUri() {
        return (String) this.config.get(ISSUER_URI).orElse(null);
    }

    @CheckForNull
    public String clientId() {
        return (String) this.config.get(CLIENT_ID).orElse(null);
    }

    public String clientSecret() {
        return (String) this.config.get(CLIENT_SECRET).orElse(null);
    }

    public String scopes() {
        return (String) this.config.get(SCOPES).orElse("openid");
    }

    public String idTokenSignAlgorithm() {
        return (String) this.config.get(ID_TOKEN_SIG_ALG).orElse(null);
    }

    public boolean allowUsersToSignUp() {
        return ((Boolean) this.config.getBoolean(ALLOW_USERS_TO_SIGN_UP).orElse(false)).booleanValue();
    }

    public String loginStrategy() {
        return (String) this.config.get(LOGIN_STRATEGY).orElse(null);
    }

    public String loginStrategyCustomClaimName() {
        return (String) this.config.get(LOGIN_STRATEGY_CUSTOM_CLAIM_NAME).orElse(null);
    }

    public boolean syncGroups() {
        return ((Boolean) this.config.getBoolean(GROUPS_SYNC).orElse(false)).booleanValue();
    }

    public String syncGroupsClaimName() {
        return (String) this.config.get(GROUPS_SYNC_CLAIM_NAME).orElse(null);
    }

    public String iconPath() {
        return (String) this.config.get(ICON_PATH).orElse(null);
    }

    public String backgroundColor() {
        return (String) this.config.get(BACKGROUND_COLOR).orElse(null);
    }

    public String loginButtonText() {
        return (String) this.config.get(LOGIN_BUTTON_TEXT).orElse(null);
    }

    public static List<PropertyDefinition> definitions() {
        int i = 1 + 1;
        int i2 = i + 1;
        int i3 = i2 + 1;
        int i4 = i3 + 1;
        int i5 = i4 + 1;
        int i6 = i5 + 1;
        int i7 = i6 + 1;
        int i8 = i7 + 1;
        int i9 = i8 + 1;
        int i10 = i9 + 1;
        int i11 = i10 + 1;
        int i12 = i11 + 1;
        int i13 = i12 + 1;
        return Arrays.asList(PropertyDefinition.builder(ENABLED).name("Enabled").description("Enable OpenID Connect users to login. Value is ignored if issuer URI and client ID are not defined.").category(CATEGORY).subCategory("oidc").type(PropertyType.BOOLEAN).defaultValue(String.valueOf(false)).index(1).build(), PropertyDefinition.builder(AUTO_LOGIN).name("Auto-Login").description("Skip the SonarQube login page and forward to OpenID Connect authentication. Auto-Login can be skipped by using the URL \"&lt;sonarServerBaseURL&gt;/?auto-login=false\".").category(CATEGORY).subCategory("oidc").type(PropertyType.BOOLEAN).defaultValue(String.valueOf(false)).index(i).build(), PropertyDefinition.builder(ISSUER_URI).name("Issuer URI").description("The issuer URI of an OpenID Connect provider. This URI is used to retrieve the provider's metadata via OpenID Connect Discovery from the path \"/.well-known/openid-configuration\".").category(CATEGORY).subCategory("oidc").type(PropertyType.STRING).index(i2).build(), PropertyDefinition.builder(CLIENT_ID).name("Client ID").description("The ID of an OpenID Connect Client.").category(CATEGORY).subCategory("oidc").type(PropertyType.STRING).index(i3).build(), PropertyDefinition.builder(CLIENT_SECRET).name("Client secret").description("The shared secret of a non-public client. This is only needed for an OpenID Connect client with access type \"confidential\".").category(CATEGORY).subCategory("oidc").type(PropertyType.STRING).index(i4).build(), PropertyDefinition.builder(SCOPES).name("Scopes").description("OAuth scopes ('openid' is required) to pass in the Open ID Connect authorize request.").category(CATEGORY).subCategory("oidc").type(PropertyType.STRING).defaultValue(SCOPES_DEFAULT_VALUE).index(i5).build(), PropertyDefinition.builder(ID_TOKEN_SIG_ALG).name("ID token signature algorithm").description("If activated then the ID token is validated with the selected algorithm (HMAC, RSA or ECDSA - using SHA-256 hash)").category(CATEGORY).subCategory("oidc").type(PropertyType.SINGLE_SELECT_LIST).options(ID_TOKEN_SIG_ALG_HMAC, new String[]{ID_TOKEN_SIG_ALG_RSA, ID_TOKEN_SIG_ALG_ECDSA}).index(i6).build(), PropertyDefinition.builder(ALLOW_USERS_TO_SIGN_UP).name("Allow users to sign-up").description("Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate to the server.").category(CATEGORY).subCategory("oidc").type(PropertyType.BOOLEAN).defaultValue(String.valueOf(true)).index(i7).build(), PropertyDefinition.builder(LOGIN_STRATEGY).name("Login generation strategy").description(String.format("When the login strategy is set to '%s', the provider login will be auto-generated the first time so that it is unique. When the login strategy is set to '%s', the provider login will be the OpenID Connect provider's internal user ID. When the login strategy is set to '%s', the provider login will be the OpenID Connect provider's user email. When the login strategy is set to '%s', the provider login will be the OpenID Connect provider's user name. When the login strategy is set to '%s', the provider login will be a custom claim in OpenID Connect provider's ID token.", LOGIN_STRATEGY_UNIQUE, LOGIN_STRATEGY_PROVIDER_ID, LOGIN_STRATEGY_EMAIL, "Preferred username", LOGIN_STRATEGY_CUSTOM_CLAIM)).category(CATEGORY).subCategory("oidc").type(PropertyType.SINGLE_SELECT_LIST).defaultValue("Preferred username").options(LOGIN_STRATEGY_UNIQUE, new String[]{LOGIN_STRATEGY_PROVIDER_ID, LOGIN_STRATEGY_EMAIL, "Preferred username", LOGIN_STRATEGY_CUSTOM_CLAIM}).index(i8).build(), PropertyDefinition.builder(LOGIN_STRATEGY_CUSTOM_CLAIM_NAME).name("Login strategy custom claim").description("Name of the claim in case login generation strategy is set to custom claim.").category(CATEGORY).subCategory("oidc").type(PropertyType.STRING).defaultValue(LOGIN_STRATEGY_CUSTOM_CLAIM_NAME_DEFAULT_VALUE).index(i9).build(), PropertyDefinition.builder(GROUPS_SYNC).name("Synchronize groups").description("For each of his Open ID Connect userinfo groups claim entries, the user will be associated to a group with the same name (if it exists) in SonarQube.").category(CATEGORY).subCategory("oidc").type(PropertyType.BOOLEAN).defaultValue(String.valueOf(false)).index(i10).build(), PropertyDefinition.builder(GROUPS_SYNC_CLAIM_NAME).name("Groups claim name").description("Name of the claim in the Open ID Connect userinfo holding the user's groups.").category(CATEGORY).subCategory("oidc").type(PropertyType.STRING).defaultValue(GROUPS_SYNC_CLAIM_NAME_DEFAULT_VALUE).index(i11).build(), PropertyDefinition.builder(ICON_PATH).name("Icon path").description("Path to the provider icon - default icon shipped with plugin \"/static/authoidc/openid.svg\" or external URL (for example \"http://www.mydomain/myincon.png\").").category(CATEGORY).subCategory("oidc").type(PropertyType.STRING).defaultValue(ICON_PATH_DEFAULT_VALUE).index(i12).build(), PropertyDefinition.builder(BACKGROUND_COLOR).name("Background color").description("Background color (hexadecimal value, for example \"#205081\") for the provider button displayed in the login form.").category(CATEGORY).subCategory("oidc").type(PropertyType.STRING).defaultValue(BACKGROUND_COLOR_DEFAULT_VALUE).index(i13).build(), PropertyDefinition.builder(LOGIN_BUTTON_TEXT).name("Login button text").description("The text in SonarQube's login button added to 'Log in with '.").category(CATEGORY).subCategory("oidc").type(PropertyType.STRING).defaultValue(LOGIN_BUTTON_TEXT_DEFAULT_VALUE).index(i13 + 1).build());
    }
}
