package com.microsoft.azure.credentials;

import com.microsoft.azure.AzureEnvironment;
import com.microsoft.azure.management.apigeneration.Beta;
import com.microsoft.azure.serializer.AzureJacksonAdapter;
import com.microsoft.azure.storage.Constants;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Random;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;

@Beta
/* loaded from: input_file:WEB-INF/lib/azure-client-authentication-1.6.4.jar:com/microsoft/azure/credentials/MSICredentials.class */
public class MSICredentials extends AzureTokenCredentials {
    private final List<Integer> retrySlots;
    private int maxRetry;
    private final Lock lock;
    private final ConcurrentHashMap<String, MSIToken> cache;
    private final String resource;
    private int msiPort;
    private final MSITokenSource tokenSource;
    private final AzureJacksonAdapter adapter;
    private String objectId;
    private String clientId;
    private String identityId;

    /* loaded from: input_file:WEB-INF/lib/azure-client-authentication-1.6.4.jar:com/microsoft/azure/credentials/MSICredentials$MSITokenSource.class */
    private enum MSITokenSource {
        MSI_EXTENSION,
        IMDS_ENDPOINT
    }

    public MSICredentials() {
        this(AzureEnvironment.AZURE);
    }

    public MSICredentials(AzureEnvironment azureEnvironment) {
        super(azureEnvironment, null);
        this.retrySlots = new ArrayList(Arrays.asList(1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, 144, 233, 377, 610, 987, 1597, 2584, 4181, 6765));
        this.maxRetry = this.retrySlots.size();
        this.lock = new ReentrantLock();
        this.cache = new ConcurrentHashMap<>();
        this.msiPort = 50342;
        this.adapter = new AzureJacksonAdapter();
        this.resource = azureEnvironment.managementEndpoint();
        this.tokenSource = MSITokenSource.IMDS_ENDPOINT;
    }

    @Deprecated
    public MSICredentials(AzureEnvironment azureEnvironment, int i) {
        super(azureEnvironment, null);
        this.retrySlots = new ArrayList(Arrays.asList(1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, 144, 233, 377, 610, 987, 1597, 2584, 4181, 6765));
        this.maxRetry = this.retrySlots.size();
        this.lock = new ReentrantLock();
        this.cache = new ConcurrentHashMap<>();
        this.msiPort = 50342;
        this.adapter = new AzureJacksonAdapter();
        this.resource = azureEnvironment.managementEndpoint();
        this.msiPort = i;
        this.tokenSource = MSITokenSource.MSI_EXTENSION;
    }

    @Beta
    public MSICredentials withObjectId(String str) {
        this.objectId = str;
        this.clientId = null;
        this.identityId = null;
        return this;
    }

    @Beta
    public MSICredentials withClientId(String str) {
        this.clientId = str;
        this.objectId = null;
        this.identityId = null;
        return this;
    }

    @Beta
    public MSICredentials withIdentityId(String str) {
        this.identityId = str;
        this.clientId = null;
        this.objectId = null;
        return this;
    }

    @Override // com.microsoft.azure.credentials.AzureTokenCredentials
    public String getToken(String str) throws IOException {
        if (this.tokenSource == MSITokenSource.MSI_EXTENSION) {
            return getTokenFromMSIExtension(str == null ? this.resource : str);
        }
        return getTokenFromIMDSEndpoint(str == null ? this.resource : str);
    }

    private String getTokenFromMSIExtension(String str) throws IOException {
        URL url = new URL(String.format("http://localhost:%d/oauth2/token", Integer.valueOf(this.msiPort)));
        String format = String.format("resource=%s", str);
        if (this.objectId != null) {
            format = format + String.format("&object_id=%s", this.objectId);
        } else if (this.clientId != null) {
            format = format + String.format("&client_id=%s", this.clientId);
        } else if (this.identityId != null) {
            format = format + String.format("&msi_res_id=%s", this.identityId);
        }
        HttpURLConnection httpURLConnection = null;
        try {
            try {
                httpURLConnection = (HttpURLConnection) url.openConnection();
                httpURLConnection.setRequestMethod(Constants.HTTP_POST);
                httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
                httpURLConnection.setRequestProperty(Constants.METADATA_ELEMENT, "true");
                httpURLConnection.setRequestProperty("Content-Length", Integer.toString(format.length()));
                httpURLConnection.setDoOutput(true);
                httpURLConnection.connect();
                OutputStreamWriter outputStreamWriter = new OutputStreamWriter(httpURLConnection.getOutputStream());
                outputStreamWriter.write(format);
                outputStreamWriter.flush();
                String accessToken = ((MSIToken) this.adapter.deserialize(new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream(), "UTF-8"), 100).readLine(), MSIToken.class)).accessToken();
                if (httpURLConnection != null) {
                    httpURLConnection.disconnect();
                }
                return accessToken;
            } catch (Exception e) {
                e.printStackTrace();
                throw e;
            }
        } catch (Throwable th) {
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
            throw th;
        }
    }

    private String getTokenFromIMDSEndpoint(String str) {
        MSIToken mSIToken = this.cache.get(str);
        if (mSIToken != null && !mSIToken.isExpired()) {
            return mSIToken.accessToken();
        }
        this.lock.lock();
        try {
            MSIToken mSIToken2 = this.cache.get(str);
            if (mSIToken2 != null && !mSIToken2.isExpired()) {
                String accessToken = mSIToken2.accessToken();
                this.lock.unlock();
                return accessToken;
            }
            try {
                MSIToken retrieveTokenFromIDMSWithRetry = retrieveTokenFromIDMSWithRetry(str);
                if (retrieveTokenFromIDMSWithRetry != null) {
                    this.cache.put(str, retrieveTokenFromIDMSWithRetry);
                }
                String accessToken2 = retrieveTokenFromIDMSWithRetry.accessToken();
                this.lock.unlock();
                return accessToken2;
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    private MSIToken retrieveTokenFromIDMSWithRetry(String str) throws IOException {
        StringBuilder sb = new StringBuilder();
        try {
            sb.append(Constants.QueryConstants.API_VERSION);
            sb.append("=");
            sb.append(URLEncoder.encode("2018-02-01", "UTF-8"));
            sb.append("&");
            sb.append("resource");
            sb.append("=");
            sb.append(URLEncoder.encode(str, "UTF-8"));
            if (this.objectId != null) {
                sb.append("&");
                sb.append("object_id");
                sb.append("=");
                sb.append(URLEncoder.encode(this.objectId, "UTF-8"));
            } else if (this.clientId != null) {
                sb.append("&");
                sb.append("client_id");
                sb.append("=");
                sb.append(URLEncoder.encode(this.clientId, "UTF-8"));
            } else if (this.identityId != null) {
                sb.append("&");
                sb.append("msi_res_id");
                sb.append("=");
                sb.append(URLEncoder.encode(this.identityId, "UTF-8"));
            }
            int i = 1;
            while (true) {
                if (i > this.maxRetry) {
                    break;
                }
                HttpURLConnection httpURLConnection = null;
                try {
                    try {
                        httpURLConnection = (HttpURLConnection) new URL(String.format("http://169.254.169.254/metadata/identity/oauth2/token?%s", sb.toString())).openConnection();
                        httpURLConnection.setRequestMethod(Constants.HTTP_GET);
                        httpURLConnection.setRequestProperty(Constants.METADATA_ELEMENT, "true");
                        httpURLConnection.connect();
                        MSIToken mSIToken = (MSIToken) this.adapter.deserialize(new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream(), "UTF-8"), 100).readLine(), MSIToken.class);
                        if (httpURLConnection != null) {
                            httpURLConnection.disconnect();
                        }
                        return mSIToken;
                    } catch (Exception e) {
                        int responseCode = httpURLConnection.getResponseCode();
                        if (responseCode != 410 && responseCode != 429 && responseCode != 404 && (responseCode < 500 || responseCode > 599)) {
                            throw new RuntimeException("Couldn't acquire access token from IMDS, verify your objectId, clientId or msiResourceId", e);
                        }
                        int intValue = this.retrySlots.get(new Random().nextInt(i)).intValue() * 1000;
                        int i2 = (responseCode != 410 || intValue >= 70000) ? intValue : 70000;
                        i++;
                        if (i <= this.maxRetry) {
                            sleep(i2);
                            if (httpURLConnection != null) {
                                httpURLConnection.disconnect();
                            }
                        } else if (httpURLConnection != null) {
                            httpURLConnection.disconnect();
                        }
                    }
                } catch (Throwable th) {
                    if (httpURLConnection != null) {
                        httpURLConnection.disconnect();
                    }
                    throw th;
                }
            }
            if (i > this.maxRetry) {
                throw new RuntimeException(String.format("MSI: Failed to acquire tokens after retrying %s times", Integer.valueOf(this.maxRetry)));
            }
            return null;
        } catch (IOException e2) {
            throw new RuntimeException(e2);
        }
    }

    private static void sleep(int i) {
        try {
            Thread.sleep(i);
        } catch (InterruptedException e) {
            throw new RuntimeException(e);
        }
    }

    public int maxRetry() {
        return this.maxRetry;
    }

    public void setMaxRetry(int i) {
        this.maxRetry = i;
    }
}
