package com.oracle.bmc.auth;

import com.google.common.base.Optional;
import com.google.common.base.Preconditions;
import com.oracle.bmc.Region;
import com.oracle.bmc.Service;
import com.oracle.bmc.auth.AbstractFederationClientAuthenticationDetailsProviderBuilder;
import com.oracle.bmc.auth.InstancePrincipalsAuthenticationDetailsProvider;
import com.oracle.bmc.auth.internal.DefaultRptPathProvider;
import com.oracle.bmc.auth.internal.FederationClient;
import com.oracle.bmc.auth.internal.FileBasedKeySupplier;
import com.oracle.bmc.auth.internal.FileBasedResourcePrincipalFederationClient;
import com.oracle.bmc.auth.internal.FixedContentKeySupplier;
import com.oracle.bmc.auth.internal.FixedContentResourcePrincipalFederationClient;
import com.oracle.bmc.auth.internal.ResourcePrincipalsFederationClient;
import com.oracle.bmc.auth.internal.RptPathProvider;
import com.oracle.bmc.circuitbreaker.CircuitBreakerConfiguration;
import com.oracle.bmc.util.CircuitBreakerUtils;
import com.oracle.bmc.util.internal.NameUtils;
import java.io.File;
import org.apache.commons.lang3.StringUtils;

@AuthCachingPolicy(cacheKeyId = false, cachePrivateKey = false)
/* loaded from: input_file:WEB-INF/lib/oci-java-sdk-common-2.1.0.jar:com/oracle/bmc/auth/ResourcePrincipalAuthenticationDetailsProvider.class */
public class ResourcePrincipalAuthenticationDetailsProvider extends AbstractRequestingAuthenticationDetailsProvider implements RegionProvider, RefreshableOnNotAuthenticatedProvider<String> {
    static final String OCI_RESOURCE_PRINCIPAL_VERSION = "OCI_RESOURCE_PRINCIPAL_VERSION";
    static final String RP_VERSION_2_2 = "2.2";
    static final String OCI_RESOURCE_PRINCIPAL_RPST = "OCI_RESOURCE_PRINCIPAL_RPST";
    static final String OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM = "OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM";
    static final String OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE = "OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE";
    static final String OCI_RESOURCE_PRINCIPAL_REGION_ENV_VAR_NAME = "OCI_RESOURCE_PRINCIPAL_REGION";
    private static final String RP_VERSION_1_1 = "1.1";
    private static final String OCI_RESOURCE_PRINCIPAL_RPT_ENDPOINT = "OCI_RESOURCE_PRINCIPAL_RPT_ENDPOINT";
    private static final String OCI_RESOURCE_PRINCIPAL_RPST_ENDPOINT = "OCI_RESOURCE_PRINCIPAL_RPST_ENDPOINT";
    private final Region region;

    /* loaded from: input_file:WEB-INF/lib/oci-java-sdk-common-2.1.0.jar:com/oracle/bmc/auth/ResourcePrincipalAuthenticationDetailsProvider$ClaimKeys.class */
    public static class ClaimKeys {
        public static final String COMPARTMENT_ID_CLAIM_KEY = "res_compartment";
        public static final String TENANT_ID_CLAIM_KEY = "res_tenant";
    }

    /* loaded from: input_file:WEB-INF/lib/oci-java-sdk-common-2.1.0.jar:com/oracle/bmc/auth/ResourcePrincipalAuthenticationDetailsProvider$ResourcePrincipalAuthenticationDetailsProviderBuilder.class */
    public static class ResourcePrincipalAuthenticationDetailsProviderBuilder extends AbstractFederationClientAuthenticationDetailsProviderBuilder<ResourcePrincipalAuthenticationDetailsProviderBuilder, ResourcePrincipalAuthenticationDetailsProvider> {
        private String resourcePrincipalTokenEndpoint;
        private RptPathProvider resourcePrincipalTokenPathProvider;
        private CircuitBreakerConfiguration circuitBreakerConfig;

        ResourcePrincipalAuthenticationDetailsProviderBuilder() {
        }

        public ResourcePrincipalAuthenticationDetailsProviderBuilder resourcePrincipalTokenPathProvider(RptPathProvider rptPathProvider) {
            this.resourcePrincipalTokenPathProvider = rptPathProvider;
            return this;
        }

        public ResourcePrincipalAuthenticationDetailsProviderBuilder resourcePrincipalTokenEndpoint(String str) {
            this.resourcePrincipalTokenEndpoint = str;
            return this;
        }

        public ResourcePrincipalAuthenticationDetailsProviderBuilder circuitBreakerConfig(CircuitBreakerConfiguration circuitBreakerConfiguration) {
            this.circuitBreakerConfig = circuitBreakerConfiguration;
            return this;
        }

        public ResourcePrincipalAuthenticationDetailsProviderBuilder resourcePrincipalTokenEndpoint(Service service, Region region) {
            Optional<String> endpoint = region.getEndpoint(service);
            return endpoint.isPresent() ? resourcePrincipalTokenEndpoint(endpoint.get()) : resourcePrincipalTokenEndpoint(null);
        }

        @Deprecated
        public ResourcePrincipalAuthenticationDetailsProviderBuilder resourcePrincipalSessionTokenEndpoint(String str) {
            return (ResourcePrincipalAuthenticationDetailsProviderBuilder) super.federationEndpoint(str);
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.oracle.bmc.auth.AbstractFederationClientAuthenticationDetailsProviderBuilder
        public ResourcePrincipalAuthenticationDetailsProviderBuilder leafCertificateSupplier(X509CertificateSupplier x509CertificateSupplier) {
            return (ResourcePrincipalAuthenticationDetailsProviderBuilder) super.leafCertificateSupplier(x509CertificateSupplier);
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.oracle.bmc.auth.AbstractFederationClientAuthenticationDetailsProviderBuilder
        public ResourcePrincipalAuthenticationDetailsProvider build() {
            String str = System.getenv(ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_VERSION);
            if (str == null) {
                throw new IllegalArgumentException("OCI_RESOURCE_PRINCIPAL_VERSION environment variable missing");
            }
            boolean z = -1;
            switch (str.hashCode()) {
                case 48564:
                    if (str.equals(ResourcePrincipalAuthenticationDetailsProvider.RP_VERSION_1_1)) {
                        z = true;
                        break;
                    }
                    break;
                case 49526:
                    if (str.equals(ResourcePrincipalAuthenticationDetailsProvider.RP_VERSION_2_2)) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    return build_2_2(System.getenv(ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM), System.getenv(ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE), System.getenv(ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_RPST), System.getenv(ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_REGION_ENV_VAR_NAME), "environment variable");
                case true:
                    return build_1_1(System.getenv(ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_RPT_ENDPOINT), System.getenv(ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_RPST_ENDPOINT));
                default:
                    throw new IllegalArgumentException("OCI_RESOURCE_PRINCIPAL_VERSION has unknown value");
            }
        }

        public static ResourcePrincipalAuthenticationDetailsProvider build_2_2(String str, String str2, String str3, String str4, String str5) {
            SessionKeySupplier fixedContentKeySupplier;
            if (str == null) {
                throw new IllegalArgumentException("OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM " + str5 + " missing");
            }
            if (!new File(str).isAbsolute()) {
                fixedContentKeySupplier = new FixedContentKeySupplier(str, str2 != null ? str2.toCharArray() : null);
            } else {
                if (str2 != null && !new File(str2).isAbsolute()) {
                    throw new IllegalArgumentException("cannot mix path and constant settings for OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM " + str + " and " + ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE + StringUtils.SPACE + str2);
                }
                fixedContentKeySupplier = new FileBasedKeySupplier(str, str2);
            }
            if (str3 == null) {
                throw new IllegalArgumentException("OCI_RESOURCE_PRINCIPAL_RPST " + str5 + " missing");
            }
            FederationClient fileBasedResourcePrincipalFederationClient = new File(str3).isAbsolute() ? new FileBasedResourcePrincipalFederationClient(fixedContentKeySupplier, str3) : new FixedContentResourcePrincipalFederationClient(str3, fixedContentKeySupplier);
            if (str4 == null) {
                throw new IllegalArgumentException("OCI_RESOURCE_PRINCIPAL_REGION " + str5 + " missing");
            }
            return new ResourcePrincipalAuthenticationDetailsProvider(fileBasedResourcePrincipalFederationClient, fixedContentKeySupplier, Region.valueOf(NameUtils.canonicalizeForEnumTypes(str4)));
        }

        private ResourcePrincipalAuthenticationDetailsProvider build_1_1(String str, String str2) {
            this.resourcePrincipalTokenEndpoint = str;
            if (str2 != null) {
                this.federationEndpoint = str2;
            } else {
                this.federationEndpoint = autoDetectEndpointUsingMetadataUrl();
            }
            this.sessionKeySupplier = new AbstractFederationClientAuthenticationDetailsProviderBuilder.SessionKeySupplierImpl();
            this.federationClient = createFederationClient(this.sessionKeySupplier);
            return buildProvider(this.sessionKeySupplier);
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // com.oracle.bmc.auth.AbstractFederationClientAuthenticationDetailsProviderBuilder
        protected FederationClient createFederationClient(SessionKeySupplier sessionKeySupplier) {
            Preconditions.checkNotNull(this.resourcePrincipalTokenEndpoint);
            if (this.resourcePrincipalTokenPathProvider == null) {
                this.resourcePrincipalTokenPathProvider = new DefaultRptPathProvider();
            }
            return new ResourcePrincipalsFederationClient(this.resourcePrincipalTokenEndpoint, this.resourcePrincipalTokenPathProvider, this.federationEndpoint, sessionKeySupplier, ((InstancePrincipalsAuthenticationDetailsProvider.InstancePrincipalsAuthenticationDetailsProviderBuilder) InstancePrincipalsAuthenticationDetailsProvider.builder().federationEndpoint(this.federationEndpoint).leafCertificateSupplier(this.leafCertificateSupplier).intermediateCertificateSuppliers(this.intermediateCertificateSuppliers)).circuitBreakerConfigurator(this.circuitBreakerConfig != null ? this.circuitBreakerConfig : CircuitBreakerUtils.getDefaultCircuitBreakerConfig()).build(), this.federationClientConfigurator, this.circuitBreakerConfig);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.oracle.bmc.auth.AbstractFederationClientAuthenticationDetailsProviderBuilder
        public ResourcePrincipalAuthenticationDetailsProvider buildProvider(SessionKeySupplier sessionKeySupplier) {
            return new ResourcePrincipalAuthenticationDetailsProvider(this.federationClient, sessionKeySupplier, this.region);
        }
    }

    ResourcePrincipalAuthenticationDetailsProvider(FederationClient federationClient, SessionKeySupplier sessionKeySupplier, Region region) {
        super(federationClient, sessionKeySupplier);
        this.region = region;
    }

    public static ResourcePrincipalAuthenticationDetailsProviderBuilder builder() {
        return new ResourcePrincipalAuthenticationDetailsProviderBuilder();
    }

    public String getStringClaim(String str) {
        return this.federationClient.getStringClaim(str);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.oracle.bmc.auth.RefreshableOnNotAuthenticatedProvider
    public String refresh() {
        return this.federationClient.refreshAndGetSecurityToken();
    }

    @Override // com.oracle.bmc.auth.RegionProvider
    public Region getRegion() {
        return this.region;
    }
}
