package com.oracle.bmc.auth.internal;

import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.google.common.base.Function;
import com.google.common.base.Preconditions;
import com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider;
import com.oracle.bmc.auth.BasicAuthenticationDetailsProvider;
import com.oracle.bmc.auth.SessionKeySupplier;
import com.oracle.bmc.auth.internal.X509FederationClient;
import com.oracle.bmc.http.ClientConfigurator;
import com.oracle.bmc.http.internal.ResponseConversionFunctionFactory;
import com.oracle.bmc.http.internal.ResponseHelper;
import com.oracle.bmc.http.internal.RestClient;
import com.oracle.bmc.http.internal.RestClientFactory;
import com.oracle.bmc.http.internal.RestClientFactoryBuilder;
import com.oracle.bmc.http.internal.WithHeaders;
import com.oracle.bmc.http.internal.WrappedInvocationBuilder;
import com.oracle.bmc.http.signing.DefaultRequestSigner;
import com.oracle.bmc.http.signing.RequestSigner;
import com.oracle.bmc.model.BmcException;
import com.oracle.bmc.requests.BmcRequest;
import java.beans.ConstructorProperties;
import java.net.URI;
import java.security.KeyPair;
import java.security.interfaces.RSAPublicKey;
import java.util.Collections;
import javax.annotation.concurrent.Immutable;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/oci-java-sdk-common-1.17.4.jar:com/oracle/bmc/auth/internal/AbstractResourcePrincipalsFederationClient.class */
abstract class AbstractResourcePrincipalsFederationClient<T extends AbstractAuthenticationDetailsProvider> implements FederationClient {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) AbstractResourcePrincipalsFederationClient.class);
    protected static final Function<Response, WithHeaders<X509FederationClient.SecurityToken>> SECURITY_TOKEN_FN = new ResponseConversionFunctionFactory().create(X509FederationClient.SecurityToken.class);
    private final T provider;
    private final SessionKeySupplier sessionKeySupplier;
    private final RestClient federationRestClient;
    private final RestClient resourcePrincipalsRestClient;
    private volatile SecurityTokenAdapter securityTokenAdapter;

    /* JADX INFO: Access modifiers changed from: private */
    @JsonInclude(JsonInclude.Include.NON_NULL)
    @Immutable
    /* loaded from: input_file:WEB-INF/lib/oci-java-sdk-common-1.17.4.jar:com/oracle/bmc/auth/internal/AbstractResourcePrincipalsFederationClient$GetResourcePrincipalSessionTokenRequest.class */
    public static class GetResourcePrincipalSessionTokenRequest {
        private final String resourcePrincipalToken;
        private final String servicePrincipalSessionToken;
        private final String sessionPublicKey;

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof GetResourcePrincipalSessionTokenRequest)) {
                return false;
            }
            GetResourcePrincipalSessionTokenRequest getResourcePrincipalSessionTokenRequest = (GetResourcePrincipalSessionTokenRequest) obj;
            if (!getResourcePrincipalSessionTokenRequest.canEqual(this)) {
                return false;
            }
            String resourcePrincipalToken = getResourcePrincipalToken();
            String resourcePrincipalToken2 = getResourcePrincipalSessionTokenRequest.getResourcePrincipalToken();
            if (resourcePrincipalToken == null) {
                if (resourcePrincipalToken2 != null) {
                    return false;
                }
            } else if (!resourcePrincipalToken.equals(resourcePrincipalToken2)) {
                return false;
            }
            String servicePrincipalSessionToken = getServicePrincipalSessionToken();
            String servicePrincipalSessionToken2 = getResourcePrincipalSessionTokenRequest.getServicePrincipalSessionToken();
            if (servicePrincipalSessionToken == null) {
                if (servicePrincipalSessionToken2 != null) {
                    return false;
                }
            } else if (!servicePrincipalSessionToken.equals(servicePrincipalSessionToken2)) {
                return false;
            }
            String sessionPublicKey = getSessionPublicKey();
            String sessionPublicKey2 = getResourcePrincipalSessionTokenRequest.getSessionPublicKey();
            return sessionPublicKey == null ? sessionPublicKey2 == null : sessionPublicKey.equals(sessionPublicKey2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof GetResourcePrincipalSessionTokenRequest;
        }

        public int hashCode() {
            String resourcePrincipalToken = getResourcePrincipalToken();
            int hashCode = (1 * 59) + (resourcePrincipalToken == null ? 43 : resourcePrincipalToken.hashCode());
            String servicePrincipalSessionToken = getServicePrincipalSessionToken();
            int hashCode2 = (hashCode * 59) + (servicePrincipalSessionToken == null ? 43 : servicePrincipalSessionToken.hashCode());
            String sessionPublicKey = getSessionPublicKey();
            return (hashCode2 * 59) + (sessionPublicKey == null ? 43 : sessionPublicKey.hashCode());
        }

        @ConstructorProperties({"resourcePrincipalToken", "servicePrincipalSessionToken", "sessionPublicKey"})
        public GetResourcePrincipalSessionTokenRequest(String str, String str2, String str3) {
            this.resourcePrincipalToken = str;
            this.servicePrincipalSessionToken = str2;
            this.sessionPublicKey = str3;
        }

        public String getResourcePrincipalToken() {
            return this.resourcePrincipalToken;
        }

        public String getServicePrincipalSessionToken() {
            return this.servicePrincipalSessionToken;
        }

        public String getSessionPublicKey() {
            return this.sessionPublicKey;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/oci-java-sdk-common-1.17.4.jar:com/oracle/bmc/auth/internal/AbstractResourcePrincipalsFederationClient$GetResourcePrincipalTokenResponse.class */
    public static class GetResourcePrincipalTokenResponse {

        @JsonProperty("resourcePrincipalToken")
        private String resourcePrincipalToken;

        @JsonProperty("servicePrincipalSessionToken")
        private String servicePrincipalSessionToken;

        private GetResourcePrincipalTokenResponse() {
        }

        public void setResourcePrincipalToken(String str) {
            this.resourcePrincipalToken = str;
        }

        public void setServicePrincipalSessionToken(String str) {
            this.servicePrincipalSessionToken = str;
        }

        public String getResourcePrincipalToken() {
            return this.resourcePrincipalToken;
        }

        public String getServicePrincipalSessionToken() {
            return this.servicePrincipalSessionToken;
        }
    }

    public AbstractResourcePrincipalsFederationClient(T t, String str, String str2, SessionKeySupplier sessionKeySupplier, BasicAuthenticationDetailsProvider basicAuthenticationDetailsProvider, ClientConfigurator clientConfigurator) {
        this.securityTokenAdapter = null;
        Preconditions.checkNotNull(str);
        this.provider = (T) Preconditions.checkNotNull(t);
        this.sessionKeySupplier = (SessionKeySupplier) Preconditions.checkNotNull(sessionKeySupplier);
        RequestSigner createRequestSigner = DefaultRequestSigner.createRequestSigner(basicAuthenticationDetailsProvider);
        RestClientFactory build = RestClientFactoryBuilder.builder().clientConfigurator(clientConfigurator).build();
        this.federationRestClient = build.create(createRequestSigner, Collections.emptyMap());
        this.federationRestClient.setEndpoint(str);
        this.resourcePrincipalsRestClient = build.create(createRequestSigner, Collections.emptyMap());
        this.resourcePrincipalsRestClient.setEndpoint(str);
        this.securityTokenAdapter = new SecurityTokenAdapter(null, sessionKeySupplier);
    }

    @Override // com.oracle.bmc.auth.internal.FederationClient
    public String getSecurityToken() {
        return this.securityTokenAdapter.isValid() ? this.securityTokenAdapter.getSecurityToken() : refreshAndGetSecurityTokenInner(true);
    }

    @Override // com.oracle.bmc.auth.internal.FederationClient
    public String getStringClaim(String str) {
        refreshAndGetSecurityToken();
        return this.securityTokenAdapter.getStringClaim(str);
    }

    @Override // com.oracle.bmc.auth.internal.FederationClient
    public String refreshAndGetSecurityToken() {
        return refreshAndGetSecurityTokenInner(false);
    }

    private SecurityTokenAdapter getSecurityTokenFromServer() {
        LOG.info("Getting security token from the auth server");
        KeyPair keyPair = this.sessionKeySupplier.getKeyPair();
        if (keyPair == null) {
            throw new IllegalStateException("Keypair for session was not provided");
        }
        RSAPublicKey rSAPublicKey = (RSAPublicKey) keyPair.getPublic();
        if (rSAPublicKey == null) {
            throw new IllegalArgumentException("Public key is not present");
        }
        try {
            WebTarget resourcePrincipalsTarget = getResourcePrincipalsTarget(this.resourcePrincipalsRestClient, this.provider);
            Invocation.Builder request = resourcePrincipalsTarget.request();
            URI uri = resourcePrincipalsTarget.getUri();
            Response makeCall = makeCall(this.resourcePrincipalsRestClient, request, uri);
            ResponseHelper.throwIfNotSuccessful(makeCall);
            GetResourcePrincipalTokenResponse getResourcePrincipalTokenResponse = (GetResourcePrincipalTokenResponse) ResponseHelper.readEntity(makeCall, GetResourcePrincipalTokenResponse.class);
            GetResourcePrincipalSessionTokenRequest getResourcePrincipalSessionTokenRequest = new GetResourcePrincipalSessionTokenRequest(getResourcePrincipalTokenResponse.getResourcePrincipalToken(), getResourcePrincipalTokenResponse.getServicePrincipalSessionToken(), AuthUtils.base64EncodeNoChunking(rSAPublicKey));
            Response makeCall2 = makeCall(this.federationRestClient, getFederationClientTarget(this.federationRestClient).request(), getResourcePrincipalSessionTokenRequest, uri);
            ResponseHelper.throwIfNotSuccessful(makeCall2);
            return new SecurityTokenAdapter(SECURITY_TOKEN_FN.apply(makeCall2).getItem().getToken(), this.sessionKeySupplier);
        } catch (BmcException e) {
            throw e;
        }
    }

    protected abstract WebTarget getResourcePrincipalsTarget(RestClient restClient, T t);

    protected abstract WebTarget getFederationClientTarget(RestClient restClient);

    protected static Response makeCall(RestClient restClient, Invocation.Builder builder, GetResourcePrincipalSessionTokenRequest getResourcePrincipalSessionTokenRequest, URI uri) {
        return makeCallInner(restClient, new WrappedInvocationBuilder(builder, uri), getResourcePrincipalSessionTokenRequest);
    }

    protected static Response makeCall(RestClient restClient, Invocation.Builder builder, URI uri) {
        return makeCallInner(restClient, new WrappedInvocationBuilder(builder, uri), null);
    }

    private String refreshAndGetSecurityTokenInner(boolean z) {
        synchronized (this) {
            if (z) {
                if (this.securityTokenAdapter.isValid()) {
                    return this.securityTokenAdapter.getSecurityToken();
                }
            }
            LOG.info("Refreshing session keys.");
            this.sessionKeySupplier.refreshKeys();
            this.securityTokenAdapter = getSecurityTokenFromServer();
            return this.securityTokenAdapter.getSecurityToken();
        }
    }

    private static Response makeCallInner(RestClient restClient, WrappedInvocationBuilder wrappedInvocationBuilder, Object obj) {
        BmcException bmcException = null;
        for (int i = 0; i < 5; i++) {
            try {
                return obj != null ? restClient.post(wrappedInvocationBuilder, obj, new BmcRequest()) : restClient.get(wrappedInvocationBuilder, new BmcRequest());
            } catch (BmcException e) {
                bmcException = e;
                try {
                    Thread.sleep(250L);
                } catch (InterruptedException e2) {
                    LOG.debug("Thread interrupted while waiting to make next call to federation service", (Throwable) e2);
                    Thread.currentThread().interrupt();
                }
            }
        }
        throw bmcException;
    }
}
