package com.oracle.bmc.auth.internal;

import com.oracle.bmc.auth.BasicAuthenticationDetailsProvider;
import com.oracle.bmc.auth.ProvidesConfigurableRefresh;
import com.oracle.bmc.auth.ProvidesCustomRequestSigner;
import com.oracle.bmc.auth.SessionKeySupplier;
import com.oracle.bmc.auth.internal.GetResourcePrincipalTokenResponse;
import com.oracle.bmc.auth.internal.X509FederationClient;
import com.oracle.bmc.circuitbreaker.CircuitBreakerConfiguration;
import com.oracle.bmc.circuitbreaker.OciCircuitBreaker;
import com.oracle.bmc.http.ClientConfigurator;
import com.oracle.bmc.http.Priorities;
import com.oracle.bmc.http.client.HttpClient;
import com.oracle.bmc.http.client.HttpClientBuilder;
import com.oracle.bmc.http.client.HttpProvider;
import com.oracle.bmc.http.client.Method;
import com.oracle.bmc.http.client.StandardClientProperties;
import com.oracle.bmc.http.internal.AuthnClientFilter;
import com.oracle.bmc.http.internal.CircuitBreakerHelper;
import com.oracle.bmc.http.internal.ClientCall;
import com.oracle.bmc.http.internal.ClientIdFilter;
import com.oracle.bmc.http.internal.LogHeadersFilter;
import com.oracle.bmc.http.signing.DefaultRequestSigner;
import com.oracle.bmc.http.signing.RequestSigner;
import com.oracle.bmc.requests.BmcRequest;
import com.oracle.bmc.util.internal.Validate;
import java.net.URI;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/oracle/bmc/auth/internal/AbstractFederationClient.class */
public abstract class AbstractFederationClient implements FederationClient, ProvidesConfigurableRefresh {
    private static final Logger LOG = LoggerFactory.getLogger(AbstractFederationClient.class);
    protected final SessionKeySupplier sessionKeySupplier;
    private volatile SecurityTokenAdapter securityTokenAdapter;
    protected final ClientConfigurator clientConfigurator;
    protected final List<ClientConfigurator> additionalClientConfigurator;
    protected final OciCircuitBreaker circuitBreaker;
    protected final HttpClient resourcePrincipalTokenClient;
    protected final HttpClient federationClient;

    public AbstractFederationClient(String str, String str2, SessionKeySupplier sessionKeySupplier, BasicAuthenticationDetailsProvider basicAuthenticationDetailsProvider, ClientConfigurator clientConfigurator, CircuitBreakerConfiguration circuitBreakerConfiguration) {
        this(str, str2, sessionKeySupplier, basicAuthenticationDetailsProvider, clientConfigurator, circuitBreakerConfiguration, new ArrayList());
    }

    public AbstractFederationClient(String str, String str2, SessionKeySupplier sessionKeySupplier, BasicAuthenticationDetailsProvider basicAuthenticationDetailsProvider, ClientConfigurator clientConfigurator, CircuitBreakerConfiguration circuitBreakerConfiguration, List<ClientConfigurator> list) {
        this.securityTokenAdapter = null;
        Objects.requireNonNull(str, "resourcePrincipalTokenEndpoint");
        Objects.requireNonNull(str2, "federationEndpoint");
        this.sessionKeySupplier = (SessionKeySupplier) Validate.notNull(sessionKeySupplier, "sessionKeySupplier must not be null", new Object[0]);
        RequestSigner customRequestSigner = basicAuthenticationDetailsProvider instanceof ProvidesCustomRequestSigner ? ((ProvidesCustomRequestSigner) basicAuthenticationDetailsProvider).getCustomRequestSigner() : DefaultRequestSigner.createRequestSigner(basicAuthenticationDetailsProvider);
        this.clientConfigurator = clientConfigurator;
        this.additionalClientConfigurator = Collections.unmodifiableList(list);
        this.resourcePrincipalTokenClient = makeClient(str, customRequestSigner);
        this.federationClient = makeClient(str2, customRequestSigner);
        if (this.federationClient != null) {
            this.circuitBreaker = CircuitBreakerHelper.makeCircuitBreaker(this.federationClient, circuitBreakerConfiguration);
        } else {
            this.circuitBreaker = null;
        }
        this.securityTokenAdapter = new SecurityTokenAdapter(null, sessionKeySupplier);
    }

    protected HttpClient makeClient(String str, RequestSigner requestSigner) {
        HttpClientBuilder registerRequestInterceptor = HttpProvider.getDefault().newBuilder().property(StandardClientProperties.ASYNC_POOL_SIZE, 1).baseUri(URI.create(str)).registerRequestInterceptor(Priorities.AUTHENTICATION, new AuthnClientFilter(requestSigner, Collections.emptyMap())).registerRequestInterceptor(Priorities.HEADER_DECORATOR, new ClientIdFilter()).registerRequestInterceptor(Priorities.USER, new LogHeadersFilter());
        if (this.clientConfigurator != null) {
            this.clientConfigurator.customizeClient(registerRequestInterceptor);
        }
        Iterator<ClientConfigurator> it = this.additionalClientConfigurator.iterator();
        while (it.hasNext()) {
            it.next().customizeClient(registerRequestInterceptor);
        }
        return registerRequestInterceptor.build();
    }

    @Override // com.oracle.bmc.auth.internal.FederationClient
    public String getSecurityToken() {
        return this.securityTokenAdapter.isValid() ? this.securityTokenAdapter.getSecurityToken() : refreshAndGetSecurityTokenInner(true, Optional.empty(), true);
    }

    @Override // com.oracle.bmc.auth.internal.FederationClient
    public String refreshAndGetSecurityToken() {
        return refreshAndGetSecurityTokenInner(false, Optional.empty(), true);
    }

    @Override // com.oracle.bmc.auth.ProvidesConfigurableRefresh
    public String refreshAndGetSecurityTokenIfExpiringWithin(Duration duration, boolean z) {
        return refreshAndGetSecurityTokenInner(true, Optional.of(duration), z);
    }

    @Override // com.oracle.bmc.auth.ProvidesConfigurableRefresh
    public String refreshAndGetSecurityTokenIfExpiringWithin(Duration duration) {
        return refreshAndGetSecurityTokenInner(true, Optional.of(duration), true);
    }

    /* JADX WARN: Code restructure failed: missing block: B:22:0x0025, code lost:
    
        if (r3.securityTokenAdapter.isValid() == false) goto L13;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.lang.String refreshAndGetSecurityTokenInner(boolean r4, java.util.Optional<java.time.Duration> r5, boolean r6) {
        /*
            r3 = this;
            r0 = r3
            r1 = r0
            r7 = r1
            monitor-enter(r0)
            r0 = r4
            if (r0 == 0) goto L28
            r0 = r5
            boolean r0 = r0.isPresent()     // Catch: java.lang.Throwable -> L5d
            if (r0 == 0) goto L1e
            r0 = r3
            com.oracle.bmc.auth.internal.SecurityTokenAdapter r0 = r0.securityTokenAdapter     // Catch: java.lang.Throwable -> L5d
            r1 = r5
            boolean r0 = r0.isValid(r1)     // Catch: java.lang.Throwable -> L5d
            if (r0 != 0) goto L52
            goto L28
        L1e:
            r0 = r3
            com.oracle.bmc.auth.internal.SecurityTokenAdapter r0 = r0.securityTokenAdapter     // Catch: java.lang.Throwable -> L5d
            boolean r0 = r0.isValid()     // Catch: java.lang.Throwable -> L5d
            if (r0 != 0) goto L52
        L28:
            r0 = r6
            if (r0 == 0) goto L3f
            org.slf4j.Logger r0 = com.oracle.bmc.auth.internal.AbstractFederationClient.LOG     // Catch: java.lang.Throwable -> L5d
            java.lang.String r1 = "Refreshing session keys."
            r0.info(r1)     // Catch: java.lang.Throwable -> L5d
            r0 = r3
            com.oracle.bmc.auth.SessionKeySupplier r0 = r0.sessionKeySupplier     // Catch: java.lang.Throwable -> L5d
            r0.refreshKeys()     // Catch: java.lang.Throwable -> L5d
        L3f:
            r0 = r3
            r1 = r3
            com.oracle.bmc.auth.internal.SecurityTokenAdapter r1 = r1.getSecurityTokenFromServer()     // Catch: java.lang.Throwable -> L5d
            r0.securityTokenAdapter = r1     // Catch: java.lang.Throwable -> L5d
            r0 = r3
            com.oracle.bmc.auth.internal.SecurityTokenAdapter r0 = r0.securityTokenAdapter     // Catch: java.lang.Throwable -> L5d
            java.lang.String r0 = r0.getSecurityToken()     // Catch: java.lang.Throwable -> L5d
            r1 = r7
            monitor-exit(r1)     // Catch: java.lang.Throwable -> L5d
            return r0
        L52:
            r0 = r3
            com.oracle.bmc.auth.internal.SecurityTokenAdapter r0 = r0.securityTokenAdapter     // Catch: java.lang.Throwable -> L5d
            java.lang.String r0 = r0.getSecurityToken()     // Catch: java.lang.Throwable -> L5d
            r1 = r7
            monitor-exit(r1)     // Catch: java.lang.Throwable -> L5d
            return r0
        L5d:
            r8 = move-exception
            r0 = r7
            monitor-exit(r0)     // Catch: java.lang.Throwable -> L5d
            r0 = r8
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.oracle.bmc.auth.internal.AbstractFederationClient.refreshAndGetSecurityTokenInner(boolean, java.util.Optional, boolean):java.lang.String");
    }

    protected abstract SecurityTokenAdapter getSecurityTokenFromServer();

    @Override // com.oracle.bmc.auth.internal.FederationClient
    public String getStringClaim(String str) {
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecurityTokenAdapter requestSessionToken(final GetResourcePrincipalSessionTokenRequest getResourcePrincipalSessionTokenRequest) {
        return new SecurityTokenAdapter(((X509FederationClient.FederationResponseWrapper) ClientCall.builder(this.federationClient, new BmcRequest<GetResourcePrincipalSessionTokenRequest>() { // from class: com.oracle.bmc.auth.internal.AbstractFederationClient.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.oracle.bmc.requests.BmcRequest
            public GetResourcePrincipalSessionTokenRequest getBody$() {
                return getResourcePrincipalSessionTokenRequest;
            }
        }, X509FederationClient.FederationResponseWrapper.Builder::new).method(Method.POST).logger(LOG, "ResourcePrincipalsFederationClient").handleBody(X509FederationClient.SecurityToken.class, (builder, securityToken) -> {
            builder.token = securityToken;
        }).clientConfigurator(this.clientConfigurator).appendPathPart("v1").appendPathPart("resourcePrincipalSessionToken").circuitBreaker(this.circuitBreaker).hasBody().callSync()).token.getToken(), this.sessionKeySupplier);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ClientCall<?, GetResourcePrincipalTokenResponse.ResponseWrapper, ?> prepareRptCall() {
        return ClientCall.builder(this.resourcePrincipalTokenClient, new BmcRequest(), GetResourcePrincipalTokenResponse.ResponseWrapper.Builder::new).handleBody(GetResourcePrincipalTokenResponse.class, (builder, getResourcePrincipalTokenResponse) -> {
            builder.body = getResourcePrincipalTokenResponse;
        }).clientConfigurator(this.clientConfigurator).circuitBreaker(this.circuitBreaker);
    }

    protected SecurityTokenAdapter getSecurityTokenAdapter() {
        return this.securityTokenAdapter;
    }
}
