package io.jenkins.plugins.akeyless.cloudid;

import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;

/* loaded from: input_file:io/jenkins/plugins/akeyless/cloudid/GcpCloudIdProvider.class */
public class GcpCloudIdProvider implements CloudIdProvider {
    private static final String METADATA_URL = "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/identity?audience=akeyless.io&format=full";

    @Override // io.jenkins.plugins.akeyless.cloudid.CloudIdProvider
    public String getCloudId() throws Exception {
        return Base64.getEncoder().encodeToString(fetchIdentityToken().getBytes(StandardCharsets.UTF_8));
    }

    private String fetchIdentityToken() throws Exception {
        HttpURLConnection httpURLConnection = null;
        try {
            HttpURLConnection httpURLConnection2 = (HttpURLConnection) new URL(METADATA_URL).openConnection();
            httpURLConnection2.setRequestMethod("GET");
            httpURLConnection2.setRequestProperty("Metadata-Flavor", "Google");
            httpURLConnection2.setConnectTimeout(3000);
            int responseCode = httpURLConnection2.getResponseCode();
            if (responseCode != 200) {
                throw new RuntimeException("Failed to retrieve identity token from GCP metadata server. Response code: " + responseCode);
            }
            String sb = Utils.readDataFromStream(httpURLConnection2.getInputStream()).toString();
            if (httpURLConnection2 != null) {
                httpURLConnection2.disconnect();
            }
            return sb;
        } catch (Throwable th) {
            if (0 != 0) {
                httpURLConnection.disconnect();
            }
            throw th;
        }
    }
}
