package com.atlassian.bitbucket.internal.mirroring.mirror.auth.cache;

import com.atlassian.bitbucket.internal.mirroring.mirror.MirroringConfig;
import com.atlassian.bitbucket.internal.mirroring.mirror.auth.DelegatedAuthenticationFailureException;
import com.atlassian.bitbucket.internal.mirroring.mirror.auth.ServerAuthenticator;
import com.atlassian.bitbucket.internal.mirroring.mirror.auth.cache.AuthCacheKey;
import com.atlassian.bitbucket.internal.mirroring.user.ApplicationUserWithPermissions;
import com.atlassian.bitbucket.mirroring.mirror.UpstreamServer;
import com.atlassian.bitbucket.mirroring.mirror.UpstreamServerType;
import com.atlassian.cache.CacheFactory;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.MoreObjects;
import com.google.common.base.Preconditions;
import java.security.PublicKey;
import java.time.Clock;
import javax.annotation.Nonnull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/bitbucket-mirroring-mirror-5.16.0.jar:com/atlassian/bitbucket/internal/mirroring/mirror/auth/cache/CachingServerAuthenticator.class */
class CachingServerAuthenticator extends BaseCachingAuthenticator<ApplicationUserWithPermissions> implements ServerAuthenticator {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CachingServerAuthenticator.class);
    private final ServerAuthenticator delegate;

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/bitbucket-mirroring-mirror-5.16.0.jar:com/atlassian/bitbucket/internal/mirroring/mirror/auth/cache/CachingServerAuthenticator$ServerAuthFailure.class */
    public static class ServerAuthFailure extends AuthResult<ApplicationUserWithPermissions> {
        private final DelegatedAuthenticationFailureException exception;

        ServerAuthFailure(@Nonnull DelegatedAuthenticationFailureException delegatedAuthenticationFailureException) {
            super(null);
            this.exception = delegatedAuthenticationFailureException;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.atlassian.bitbucket.internal.mirroring.mirror.auth.cache.AuthResult
        public ApplicationUserWithPermissions getValue() {
            throw this.exception;
        }

        public String toString() {
            return MoreObjects.toStringHelper("").addValue("Auth failure").addValue(MoreObjects.toStringHelper("").addValue(this.exception.getClass().getSimpleName()).addValue(this.exception.getMessage()).toString()).toString();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/bitbucket-mirroring-mirror-5.16.0.jar:com/atlassian/bitbucket/internal/mirroring/mirror/auth/cache/CachingServerAuthenticator$ServerAuthSuccess.class */
    public static class ServerAuthSuccess extends AuthResult<ApplicationUserWithPermissions> {
        ServerAuthSuccess(@Nonnull ApplicationUserWithPermissions applicationUserWithPermissions) {
            super(applicationUserWithPermissions);
        }

        public String toString() {
            return MoreObjects.toStringHelper("").addValue("Auth success").toString();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CachingServerAuthenticator(@Nonnull UpstreamServer upstreamServer, @Nonnull CacheFactory cacheFactory, @Nonnull Clock clock, @Nonnull MirroringConfig mirroringConfig, @Nonnull ServerAuthenticator serverAuthenticator, @Nonnull CredentialsHashingService credentialsHashingService) {
        super(upstreamServer, cacheFactory, clock, mirroringConfig, credentialsHashingService);
        Preconditions.checkArgument(upstreamServer.getType() == UpstreamServerType.BITBUCKET_SERVER, "Upstream %s must be of type %s", upstreamServer.getBaseUrl(), UpstreamServerType.BITBUCKET_SERVER);
        this.delegate = serverAuthenticator;
    }

    @Override // com.atlassian.bitbucket.internal.mirroring.mirror.auth.ServerAuthenticator
    @Nonnull
    public ApplicationUserWithPermissions authenticateUser(@Nonnull String str, @Nonnull String str2, Integer num) {
        return doCachedRemoteAuthentication(new AuthCacheKey.Builder().forServerAuth().withCredentialsHash(this.hashingService.hash(str, str2)).withRepository(num).build(), () -> {
            return authenticateUserViaRest(str, str2, num);
        }).getValue();
    }

    @Override // com.atlassian.bitbucket.internal.mirroring.mirror.auth.ServerAuthenticator
    @Nonnull
    public ApplicationUserWithPermissions authenticateUser(@Nonnull String str, @Nonnull PublicKey publicKey) {
        return doCachedRemoteAuthentication(new AuthCacheKey.Builder().forServerAuth().withCredentialsHash(this.hashingService.hash(str, publicKey)).build(), () -> {
            return authenticateUserViaRest(str, publicKey);
        }).getValue();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void emptyRecentAuthCache() {
        if (this.recentAuthCache != null) {
            log.trace("{}: recent auth cache - removing all entries as a new repository has been created ", this.upstream.getBaseUrl());
            this.recentAuthCache.removeAll();
        }
    }

    private AuthResult<ApplicationUserWithPermissions> authenticateUserViaRest(@Nonnull String str, @Nonnull String str2, Integer num) {
        try {
            ApplicationUserWithPermissions authenticateUser = this.delegate.authenticateUser(str, str2, num);
            if (log.isTraceEnabled()) {
                log.trace("{}: permissions cache - auth success with username/password - setting/updating cached permissions for user ''{}'' (id = {})", this.upstream.getBaseUrl(), authenticateUser.getName(), Integer.valueOf(authenticateUser.getId()));
            }
            return new ServerAuthSuccess(authenticateUser);
        } catch (DelegatedAuthenticationFailureException e) {
            return new ServerAuthFailure(e);
        }
    }

    private AuthResult<ApplicationUserWithPermissions> authenticateUserViaRest(@Nonnull String str, @Nonnull PublicKey publicKey) {
        try {
            ApplicationUserWithPermissions authenticateUser = this.delegate.authenticateUser(str, publicKey);
            if (log.isTraceEnabled()) {
                log.trace("{}: permissions cache - auth success with username/public key - setting/updating cached permissions for user ''{}'' (id = {})", this.upstream.getBaseUrl(), authenticateUser.getName(), Integer.valueOf(authenticateUser.getId()));
            }
            return new ServerAuthSuccess(authenticateUser);
        } catch (DelegatedAuthenticationFailureException e) {
            return new ServerAuthFailure(e);
        }
    }
}
