package com.microsoft.jenkins.azurecommons.core.credentials;

import com.auth0.jwt.JWT;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.util.MinimalPrettyPrinter;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.microsoft.azure.AzureEnvironment;
import com.microsoft.azure.credentials.AzureTokenCredentials;
import com.microsoft.azure.storage.Constants;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import okhttp3.FormBody;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import okhttp3.logging.HttpLoggingInterceptor;

/* loaded from: input_file:WEB-INF/lib/azure-commons-core-0.2.8.jar:com/microsoft/jenkins/azurecommons/core/credentials/MsiTokenCredentials.class */
public class MsiTokenCredentials extends AzureTokenCredentials {
    private final ObjectMapper mapper;
    private Map<String, Token> tokens;
    private volatile String tenantId;
    private int msiPort;

    /* loaded from: input_file:WEB-INF/lib/azure-commons-core-0.2.8.jar:com/microsoft/jenkins/azurecommons/core/credentials/MsiTokenCredentials$Token.class */
    public static final class Token {
        private String resource;

        @JsonProperty("expires_in")
        private long expiresIn;

        @JsonProperty("expires_on")
        private long expiresOn;

        @JsonProperty("access_token")
        private String accessToken;

        @JsonProperty("refresh_token")
        private String refreshToken;

        @JsonProperty("token_type")
        private String tokenType;

        public Token() {
        }

        public Token(String str, long j, long j2, String str2, String str3, String str4) {
            this.resource = str;
            this.expiresIn = j;
            this.expiresOn = j2;
            this.accessToken = str2;
            this.refreshToken = str3;
            this.tokenType = str4;
        }

        public String getResource() {
            return this.resource;
        }

        public long getExpiresIn() {
            return this.expiresIn;
        }

        public long getExpiresOn() {
            return this.expiresOn;
        }

        public String getAccessToken() {
            return this.accessToken;
        }

        public String getRefreshToken() {
            return this.refreshToken;
        }

        public String getTokenType() {
            return this.tokenType;
        }

        public void setResource(String str) {
            this.resource = str;
        }

        public void setExpiresIn(long j) {
            this.expiresIn = j;
        }

        public void setExpiresOn(long j) {
            this.expiresOn = j;
        }

        public void setAccessToken(String str) {
            this.accessToken = str;
        }

        public void setRefreshToken(String str) {
            this.refreshToken = str;
        }

        public void setTokenType(String str) {
            this.tokenType = str;
        }

        boolean isExpired() {
            return this.expiresOn < TimeUnit.SECONDS.convert(System.currentTimeMillis(), TimeUnit.MILLISECONDS);
        }
    }

    public MsiTokenCredentials(int i, AzureEnvironment azureEnvironment) {
        super(azureEnvironment, null);
        this.mapper = new ObjectMapper().configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
        this.tokens = new HashMap();
        this.msiPort = i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getMsiPort() {
        return this.msiPort;
    }

    @Override // com.microsoft.azure.credentials.AzureTokenCredentials
    public synchronized String getToken(String str) throws IOException {
        Token token = this.tokens.get(str);
        if (token == null || token.isExpired()) {
            token = acquireAccessToken(str);
            this.tokens.put(str, token);
        }
        return token.getAccessToken();
    }

    protected Token acquireAccessToken(String str) throws IOException {
        return parseToken(requestLocalMsiEndpoint(str, this.msiPort));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String requestLocalMsiEndpoint(String str, int i) throws IOException {
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
        Response execute = new OkHttpClient.Builder().addInterceptor(httpLoggingInterceptor).build().newCall(new Request.Builder().addHeader(Constants.METADATA_ELEMENT, "true").url("http://localhost:" + i + "/oauth2/token").post(new FormBody.Builder().add("resource", str).build()).build()).execute();
        if (execute.isSuccessful()) {
            return execute.body().string();
        }
        throw new RuntimeException("http response: " + execute.code() + MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR + execute.message());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Token parseToken(String str) throws IOException {
        Token token = (Token) this.mapper.readValue(str, Token.class);
        if (token == null) {
            throw new RuntimeException("Failed to parse the response.");
        }
        if (token.getAccessToken() == null || token.getAccessToken().equals("")) {
            throw new RuntimeException("The access token isn't included in the response.");
        }
        if (this.tenantId == null || this.tenantId.equals("")) {
            this.tenantId = JWT.decode(token.getAccessToken()).getClaim("tid").asString();
        }
        return token;
    }

    @Override // com.microsoft.azure.credentials.AzureTokenCredentials
    public String domain() {
        return this.tenantId;
    }
}
