package com.github.davidmoten.microsoft.authentication;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.github.davidmoten.guavamini.Preconditions;
import com.github.davidmoten.odata.client.internal.Util;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.URL;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HttpsURLConnection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/github/davidmoten/microsoft/authentication/ClientCredentialsAccessTokenProvider.class */
public final class ClientCredentialsAccessTokenProvider implements AccessTokenProvider {
    private static final Logger log = LoggerFactory.getLogger(ClientCredentialsAccessTokenProvider.class);
    private static final int OK = 200;
    private static final String POST = "POST";
    private static final String APPLICATION_JSON = "application/json";
    private static final String REQUEST_HEADER = "Accept";
    private static final String GRANT_TYPE_CLIENT_CREDENTIALS = "client_credentials";
    private static final String OAUTH2_TOKEN_URL_SUFFIX = "/oauth2/token";
    private static final String PARAMETER_SCOPE = "scope";
    private static final String PARAMETER_CLIENT_SECRET = "client_secret";
    private static final String PARAMETER_GRANT_TYPE = "grant_type";
    private static final String PARAMETER_CLIENT_ID = "client_id";
    private static final String PARAMETER_RESOURCE = "resource";
    private final String tenantName;
    private final String clientId;
    private final String clientSecret;
    private final long refreshBeforeExpiryMs;
    private final long connectTimeoutMs;
    private final long readTimeoutMs;
    private final List<String> scopes;
    private final String resource;
    private final Optional<String> proxyHost;
    private final Optional<Integer> proxyPort;
    private final Optional<String> proxyUsername;
    private final Optional<String> proxyPassword;
    private final String authenticationEndpoint;
    private long expiryTime;
    private String accessToken;

    /* loaded from: input_file:com/github/davidmoten/microsoft/authentication/ClientCredentialsAccessTokenProvider$Builder.class */
    public static final class Builder {
        final String tenantName;
        String resource;
        String clientId;
        String clientSecret;
        List<String> scopes = new ArrayList();
        long refreshBeforeExpiryMs = Long.MAX_VALUE;
        long connectTimeoutMs = TimeUnit.SECONDS.toMillis(30);
        long readTimeoutMs = TimeUnit.SECONDS.toMillis(30);
        String endpoint = AuthenticationEndpoint.GLOBAL.url();
        Optional<String> proxyHost = Optional.empty();
        Optional<Integer> proxyPort = Optional.empty();
        Optional<String> proxyUsername = Optional.empty();
        Optional<String> proxyPassword = Optional.empty();

        Builder(String str) {
            this.tenantName = str;
        }

        public Builder2 resource(String str) {
            this.resource = str;
            return new Builder2(this);
        }
    }

    /* loaded from: input_file:com/github/davidmoten/microsoft/authentication/ClientCredentialsAccessTokenProvider$Builder2.class */
    public static final class Builder2 {
        private final Builder b;

        Builder2(Builder builder) {
            this.b = builder;
        }

        public Builder3 scope(List<String> list) {
            Preconditions.checkNotNull(list);
            this.b.scopes.addAll(list);
            return new Builder3(this.b);
        }
    }

    /* loaded from: input_file:com/github/davidmoten/microsoft/authentication/ClientCredentialsAccessTokenProvider$Builder3.class */
    public static final class Builder3 {
        private final Builder b;

        public Builder3(Builder builder) {
            this.b = builder;
        }

        public Builder4 clientId(String str) {
            this.b.clientId = str;
            return new Builder4(this.b);
        }
    }

    /* loaded from: input_file:com/github/davidmoten/microsoft/authentication/ClientCredentialsAccessTokenProvider$Builder4.class */
    public static final class Builder4 {
        private final Builder b;

        Builder4(Builder builder) {
            this.b = builder;
        }

        public Builder5 clientSecret(String str) {
            this.b.clientSecret = str;
            return new Builder5(this.b);
        }
    }

    /* loaded from: input_file:com/github/davidmoten/microsoft/authentication/ClientCredentialsAccessTokenProvider$Builder5.class */
    public static final class Builder5 {
        private final Builder b;

        Builder5(Builder builder) {
            this.b = builder;
        }

        public Builder5 refreshBeforeExpiry(long j, TimeUnit timeUnit) {
            this.b.refreshBeforeExpiryMs = timeUnit.toMillis(j);
            return this;
        }

        public Builder5 connectTimeoutMs(long j, TimeUnit timeUnit) {
            this.b.connectTimeoutMs = timeUnit.toMillis(j);
            return this;
        }

        public Builder5 readTimeoutMs(long j, TimeUnit timeUnit) {
            this.b.readTimeoutMs = timeUnit.toMillis(j);
            return this;
        }

        public Builder5 scope(List<String> list) {
            this.b.scopes.addAll(list);
            return this;
        }

        public Builder5 authenticationEndpoint(AuthenticationEndpoint authenticationEndpoint) {
            this.b.endpoint = authenticationEndpoint.url();
            return this;
        }

        public Builder5 authenticationEndpoint(String str) {
            this.b.endpoint = str;
            return this;
        }

        public Builder5 proxyHost(String str) {
            Preconditions.checkNotNull(str);
            this.b.proxyHost = Optional.of(str);
            return this;
        }

        public Builder5 proxyPort(int i) {
            this.b.proxyPort = Optional.of(Integer.valueOf(i));
            return this;
        }

        public Builder5 proxyUsername(String str) {
            Preconditions.checkNotNull(str);
            this.b.proxyUsername = Optional.of(str);
            return this;
        }

        public Builder5 proxyPassword(String str) {
            Preconditions.checkNotNull(str);
            this.b.proxyPassword = Optional.of(str);
            return this;
        }

        public ClientCredentialsAccessTokenProvider build() {
            return new ClientCredentialsAccessTokenProvider(this.b.tenantName, this.b.clientId, this.b.clientSecret, this.b.refreshBeforeExpiryMs, this.b.connectTimeoutMs, this.b.readTimeoutMs, this.b.endpoint, this.b.resource, this.b.scopes, this.b.proxyHost, this.b.proxyPort, this.b.proxyUsername, this.b.proxyPassword);
        }
    }

    private ClientCredentialsAccessTokenProvider(String str, String str2, String str3, long j, long j2, long j3, String str4, String str5, List<String> list, Optional<String> optional, Optional<Integer> optional2, Optional<String> optional3, Optional<String> optional4) {
        Preconditions.checkNotNull(str);
        Preconditions.checkNotNull(str2);
        Preconditions.checkNotNull(str3);
        Preconditions.checkArgument(j >= 0, "refreshBeforeExpiryMs must be >=0");
        Preconditions.checkArgument(j2 >= 0, "connectTimeoutMs must be >=0");
        Preconditions.checkArgument(j3 >= 0, "readTimeoutMs must be >=0");
        Preconditions.checkNotNull(str4);
        Preconditions.checkNotNull(optional);
        Preconditions.checkNotNull(optional2);
        Preconditions.checkNotNull(optional3);
        Preconditions.checkNotNull(optional4);
        Preconditions.checkArgument(!optional.isPresent() || optional2.isPresent(), "if proxyHost specified then so must proxyPort be specified");
        Preconditions.checkNotNull(str5);
        Preconditions.checkNotNull(list);
        this.tenantName = str;
        this.clientId = str2;
        this.clientSecret = str3;
        this.refreshBeforeExpiryMs = j;
        this.connectTimeoutMs = j2;
        this.readTimeoutMs = j3;
        this.authenticationEndpoint = str4;
        this.scopes = list;
        this.resource = str5;
        this.proxyHost = optional;
        this.proxyPort = optional2;
        this.proxyUsername = optional3;
        this.proxyPassword = optional4;
    }

    public static Builder tenantName(String str) {
        return new Builder(str);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.util.function.Supplier
    public synchronized String get() {
        return (this.accessToken == null || System.currentTimeMillis() >= this.expiryTime - this.refreshBeforeExpiryMs) ? refreshAccessToken() : this.accessToken;
    }

    private String refreshAccessToken() {
        HttpsURLConnection httpsURLConnection;
        try {
            log.debug("refreshing access token");
            URL url = new URL(this.authenticationEndpoint + this.tenantName + OAUTH2_TOKEN_URL_SUFFIX);
            if (this.proxyHost.isPresent()) {
                httpsURLConnection = (HttpsURLConnection) url.openConnection(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(this.proxyHost.get(), this.proxyPort.get().intValue())));
                if (this.proxyUsername.isPresent()) {
                    httpsURLConnection.setRequestProperty("Proxy-Authorization", "Basic " + Base64.getEncoder().encodeToString((this.proxyUsername.get() + ":" + this.proxyPassword.get()).getBytes(StandardCharsets.UTF_8)));
                }
            } else {
                httpsURLConnection = (HttpsURLConnection) url.openConnection();
            }
            httpsURLConnection.setConnectTimeout((int) this.connectTimeoutMs);
            httpsURLConnection.setReadTimeout((int) this.readTimeoutMs);
            httpsURLConnection.setRequestMethod(POST);
            httpsURLConnection.setRequestProperty(REQUEST_HEADER, APPLICATION_JSON);
            StringBuilder sb = new StringBuilder();
            add(sb, PARAMETER_RESOURCE, this.resource);
            add(sb, PARAMETER_CLIENT_ID, this.clientId);
            add(sb, PARAMETER_GRANT_TYPE, GRANT_TYPE_CLIENT_CREDENTIALS);
            add(sb, PARAMETER_CLIENT_SECRET, this.clientSecret);
            Iterator<String> it = this.scopes.iterator();
            while (it.hasNext()) {
                add(sb, PARAMETER_SCOPE, it.next());
            }
            httpsURLConnection.setDoOutput(true);
            DataOutputStream dataOutputStream = new DataOutputStream(httpsURLConnection.getOutputStream());
            Throwable th = null;
            try {
                dataOutputStream.writeBytes(sb.toString());
                if (dataOutputStream != null) {
                    if (0 != 0) {
                        try {
                            dataOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        dataOutputStream.close();
                    }
                }
                int responseCode = httpsURLConnection.getResponseCode();
                String readString = Util.readString(httpsURLConnection.getInputStream(), StandardCharsets.UTF_8);
                if (responseCode != OK) {
                    throw new IOException("Response code=" + responseCode + ", output=" + readString);
                }
                JsonNode readTree = new ObjectMapper().readTree(readString);
                this.expiryTime = readTree.get("expires_on").asLong() * 1000;
                this.accessToken = readTree.get("access_token").asText();
                log.debug("refreshed access token");
                return this.accessToken;
            } finally {
            }
        } catch (IOException e) {
            this.expiryTime = 0L;
            this.accessToken = null;
            throw new RuntimeException(e);
        }
    }

    private static void add(StringBuilder sb, String str, String str2) {
        if (sb.length() > 0) {
            sb.append("&");
        }
        sb.append(str);
        sb.append("=");
        try {
            sb.append(URLEncoder.encode(str2, "UTF-8"));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }
}
