package au.csiro.fhir.auth;

import au.csiro.http.Token;
import au.csiro.http.TokenCredentials;
import java.io.IOException;
import java.net.URI;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nonnull;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
import org.apache.http.impl.client.HttpClients;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:au/csiro/fhir/auth/SMARTTokenCredentialFactory.class */
public class SMARTTokenCredentialFactory implements TokenCredentialFactory {
    private static final Logger log = LoggerFactory.getLogger(SMARTTokenCredentialFactory.class);
    public static final int AUTH_CONNECT_TIMEOUT = 5000;
    public static final int AUTH_CONNECTION_REQUEST_TIMEOUT = 5000;
    public static final int AUTH_SOCKET_TIMEOUT = 5000;
    public static final int AUTH_RETRY_COUNT = 3;

    @Nonnull
    private final CloseableHttpClient httpClient;

    @Nonnull
    private final AuthTokenProvider authTokenProvider;

    /* loaded from: input_file:au/csiro/fhir/auth/SMARTTokenCredentialFactory$ProviderTokenCredentials.class */
    static final class ProviderTokenCredentials implements TokenCredentials {

        @Nonnull
        private final AuthTokenProvider authTokenProvider;

        @Nonnull
        private final ClientAuthMethod clientAuthMethod;

        @Override // au.csiro.http.TokenCredentials
        @Nonnull
        public Token getToken() {
            return this.authTokenProvider.getToken(this.clientAuthMethod);
        }

        public ProviderTokenCredentials(@Nonnull AuthTokenProvider authTokenProvider, @Nonnull ClientAuthMethod clientAuthMethod) {
            if (authTokenProvider == null) {
                throw new NullPointerException("authTokenProvider is marked non-null but is null");
            }
            if (clientAuthMethod == null) {
                throw new NullPointerException("clientAuthMethod is marked non-null but is null");
            }
            this.authTokenProvider = authTokenProvider;
            this.clientAuthMethod = clientAuthMethod;
        }

        @Nonnull
        public AuthTokenProvider getAuthTokenProvider() {
            return this.authTokenProvider;
        }

        @Nonnull
        public ClientAuthMethod getClientAuthMethod() {
            return this.clientAuthMethod;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof ProviderTokenCredentials)) {
                return false;
            }
            ProviderTokenCredentials providerTokenCredentials = (ProviderTokenCredentials) obj;
            AuthTokenProvider authTokenProvider = getAuthTokenProvider();
            AuthTokenProvider authTokenProvider2 = providerTokenCredentials.getAuthTokenProvider();
            if (authTokenProvider == null) {
                if (authTokenProvider2 != null) {
                    return false;
                }
            } else if (!authTokenProvider.equals(authTokenProvider2)) {
                return false;
            }
            ClientAuthMethod clientAuthMethod = getClientAuthMethod();
            ClientAuthMethod clientAuthMethod2 = providerTokenCredentials.getClientAuthMethod();
            return clientAuthMethod == null ? clientAuthMethod2 == null : clientAuthMethod.equals(clientAuthMethod2);
        }

        public int hashCode() {
            AuthTokenProvider authTokenProvider = getAuthTokenProvider();
            int hashCode = (1 * 59) + (authTokenProvider == null ? 43 : authTokenProvider.hashCode());
            ClientAuthMethod clientAuthMethod = getClientAuthMethod();
            return (hashCode * 59) + (clientAuthMethod == null ? 43 : clientAuthMethod.hashCode());
        }

        public String toString() {
            return "SMARTTokenCredentialFactory.ProviderTokenCredentials(authTokenProvider=" + getAuthTokenProvider() + ", clientAuthMethod=" + getClientAuthMethod() + ")";
        }
    }

    SMARTTokenCredentialFactory(@Nonnull CloseableHttpClient closeableHttpClient, @Nonnull AuthTokenProvider authTokenProvider) {
        this.httpClient = closeableHttpClient;
        this.authTokenProvider = authTokenProvider;
    }

    @Override // au.csiro.fhir.auth.TokenCredentialFactory
    @Nonnull
    public Optional<TokenCredentials> createCredentials(@Nonnull URI uri, @Nonnull AuthConfig authConfig) {
        return createAuthMethod(uri, authConfig).map(clientAuthMethod -> {
            return new ProviderTokenCredentials(this.authTokenProvider, clientAuthMethod);
        });
    }

    @Nonnull
    String getToken(@Nonnull ClientAuthMethod clientAuthMethod) {
        return this.authTokenProvider.getToken(clientAuthMethod).getAccessToken();
    }

    @Nonnull
    Optional<? extends ClientAuthMethod> createAuthMethod(@Nonnull URI uri, @Nonnull AuthConfig authConfig) {
        return authConfig.isEnabled() ? authConfig.isUseSMART() ? Optional.of(createSMARTAuthMethod(uri, authConfig)) : Optional.of(ClientAuthMethod.create((String) Objects.requireNonNull(authConfig.getTokenEndpoint()), authConfig)) : Optional.empty();
    }

    @Nonnull
    private ClientAuthMethod createSMARTAuthMethod(@Nonnull URI uri, @Nonnull AuthConfig authConfig) {
        try {
            log.debug("Retrieving SMART configuration for fhirEndpoint: {}", uri);
            SMARTDiscoveryResponse sMARTDiscoveryResponse = SMARTDiscoveryResponse.get(uri, this.httpClient);
            log.debug("SMART configuration retrieved: {}", sMARTDiscoveryResponse);
            return ClientAuthMethod.create(sMARTDiscoveryResponse.getTokenEndpoint(), authConfig);
        } catch (IOException e) {
            log.error("Failed to retrieve SMART configuration for fhirEndpoint: {}", uri, e);
            throw new RuntimeException("Failed to retrieve SMART configuration", e);
        }
    }

    @Nonnull
    private static CloseableHttpClient getHttpClient() {
        return HttpClients.custom().setRetryHandler(new DefaultHttpRequestRetryHandler(3, true)).setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(5000).setConnectionRequestTimeout(5000).setSocketTimeout(5000).build()).build();
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        this.httpClient.close();
    }

    @Nonnull
    public static SMARTTokenCredentialFactory create(@Nonnull AuthConfig authConfig) {
        CloseableHttpClient httpClient = getHttpClient();
        return new SMARTTokenCredentialFactory(httpClient, new AuthTokenProvider(httpClient, authConfig.getTokenExpiryTolerance()));
    }
}
