package com.google.cloud.hadoop.util;

import com.google.cloud.hadoop.util.CredentialOptions;
import com.google.cloud.hadoop.util.HttpTransportFactory;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import java.util.List;
import java.util.Map;
import org.apache.hadoop.conf.Configuration;

/* loaded from: input_file:com/google/cloud/hadoop/util/HadoopCredentialConfiguration.class */
public class HadoopCredentialConfiguration {
    public static final String BASE_KEY_PREFIX = "google.cloud";
    public static final HadoopConfigurationProperty<Boolean> ENABLE_SERVICE_ACCOUNTS_SUFFIX = new HadoopConfigurationProperty<>(".auth.service.account.enable", true, ".enable.service.account.auth");
    public static final HadoopConfigurationProperty<String> SERVICE_ACCOUNT_EMAIL_SUFFIX = new HadoopConfigurationProperty<>(".auth.service.account.email", null, ".service.account.auth.email");
    public static final HadoopConfigurationProperty<String> SERVICE_ACCOUNT_PRIVATE_KEY_ID_SUFFIX = new HadoopConfigurationProperty<>(".auth.service.account.private.key.id");
    public static final HadoopConfigurationProperty<String> SERVICE_ACCOUNT_PRIVATE_KEY_SUFFIX = new HadoopConfigurationProperty<>(".auth.service.account.private.key");
    public static final HadoopConfigurationProperty<String> SERVICE_ACCOUNT_KEYFILE_SUFFIX = new HadoopConfigurationProperty<>(".auth.service.account.keyfile", null, ".service.account.auth.keyfile");
    public static final HadoopConfigurationProperty<String> SERVICE_ACCOUNT_JSON_KEYFILE_SUFFIX = new HadoopConfigurationProperty<>(".auth.service.account.json.keyfile");
    public static final HadoopConfigurationProperty<Boolean> ENABLE_NULL_CREDENTIAL_SUFFIX = new HadoopConfigurationProperty<>(".auth.null.enable", false, new String[0]);
    public static final HadoopConfigurationProperty<String> TOKEN_SERVER_URL_SUFFIX = new HadoopConfigurationProperty<>(".token.server.url", "https://oauth2.googleapis.com/token", new String[0]);
    public static final HadoopConfigurationProperty<String> PROXY_ADDRESS_SUFFIX = new HadoopConfigurationProperty<>(".proxy.address");
    public static final HadoopConfigurationProperty<String> PROXY_USERNAME_SUFFIX = new HadoopConfigurationProperty<>(".proxy.username");
    public static final HadoopConfigurationProperty<String> PROXY_PASSWORD_SUFFIX = new HadoopConfigurationProperty<>(".proxy.password");
    public static final HadoopConfigurationProperty<HttpTransportFactory.HttpTransportType> HTTP_TRANSPORT_SUFFIX = new HadoopConfigurationProperty<>(".http.transport.type", CredentialOptions.HTTP_TRANSPORT_TYPE_DEFAULT, new String[0]);
    public static final HadoopConfigurationProperty<Class<? extends AccessTokenProvider>> ACCESS_TOKEN_PROVIDER_IMPL_SUFFIX = new HadoopConfigurationProperty<>(".auth.access.token.provider.impl");
    public static final HadoopConfigurationProperty<String> IMPERSONATION_SERVICE_ACCOUNT_SUFFIX = new HadoopConfigurationProperty<>(".auth.impersonation.service.account");
    public static final HadoopConfigurationProperty<Map<String, String>> USER_IMPERSONATION_SERVICE_ACCOUNT_SUFFIX = new HadoopConfigurationProperty<>(".auth.impersonation.service.account.for.user.", ImmutableMap.of(), new String[0]);
    public static final HadoopConfigurationProperty<Map<String, String>> GROUP_IMPERSONATION_SERVICE_ACCOUNT_SUFFIX = new HadoopConfigurationProperty<>(".auth.impersonation.service.account.for.group.", ImmutableMap.of(), new String[0]);
    public static final HadoopConfigurationProperty<String> AUTH_CLIENT_ID_SUFFIX = new HadoopConfigurationProperty<>(".auth.client.id");
    public static final HadoopConfigurationProperty<RedactedString> AUTH_CLIENT_SECRET_SUFFIX = new HadoopConfigurationProperty<>(".auth.client.secret");
    public static final HadoopConfigurationProperty<RedactedString> AUTH_REFRESH_TOKEN_SUFFIX = new HadoopConfigurationProperty<>(".auth.refresh.token");

    public static CredentialFactory getCredentialFactory(Configuration configuration, String... strArr) {
        List<String> configKeyPrefixes = getConfigKeyPrefixes(strArr);
        CredentialOptions.Builder builder = CredentialOptions.builder();
        HadoopConfigurationProperty<Boolean> withPrefixes = ENABLE_SERVICE_ACCOUNTS_SUFFIX.withPrefixes(configKeyPrefixes);
        configuration.getClass();
        CredentialOptions.Builder serviceAccountEmail = builder.setServiceAccountEnabled(withPrefixes.get(configuration, (v1, v2) -> {
            return r3.getBoolean(v1, v2);
        }).booleanValue()).setServiceAccountPrivateKeyId(RedactedString.create(SERVICE_ACCOUNT_PRIVATE_KEY_ID_SUFFIX.withPrefixes(configKeyPrefixes).getPassword(configuration))).setServiceAccountPrivateKey(RedactedString.create(SERVICE_ACCOUNT_PRIVATE_KEY_SUFFIX.withPrefixes(configKeyPrefixes).getPassword(configuration))).setServiceAccountEmail(SERVICE_ACCOUNT_EMAIL_SUFFIX.withPrefixes(configKeyPrefixes).getPassword(configuration));
        HadoopConfigurationProperty<String> withPrefixes2 = SERVICE_ACCOUNT_KEYFILE_SUFFIX.withPrefixes(configKeyPrefixes);
        configuration.getClass();
        CredentialOptions.Builder serviceAccountKeyFile = serviceAccountEmail.setServiceAccountKeyFile(withPrefixes2.get(configuration, configuration::get));
        HadoopConfigurationProperty<String> withPrefixes3 = SERVICE_ACCOUNT_JSON_KEYFILE_SUFFIX.withPrefixes(configKeyPrefixes);
        configuration.getClass();
        CredentialOptions.Builder serviceAccountJsonKeyFile = serviceAccountKeyFile.setServiceAccountJsonKeyFile(withPrefixes3.get(configuration, configuration::get));
        HadoopConfigurationProperty<Boolean> withPrefixes4 = ENABLE_NULL_CREDENTIAL_SUFFIX.withPrefixes(configKeyPrefixes);
        configuration.getClass();
        CredentialOptions.Builder nullCredentialEnabled = serviceAccountJsonKeyFile.setNullCredentialEnabled(withPrefixes4.get(configuration, (v1, v2) -> {
            return r3.getBoolean(v1, v2);
        }).booleanValue());
        HadoopConfigurationProperty<HttpTransportFactory.HttpTransportType> withPrefixes5 = HTTP_TRANSPORT_SUFFIX.withPrefixes(configKeyPrefixes);
        configuration.getClass();
        CredentialOptions.Builder transportType = nullCredentialEnabled.setTransportType(withPrefixes5.get(configuration, (v1, v2) -> {
            return r3.getEnum(v1, v2);
        }));
        HadoopConfigurationProperty<String> withPrefixes6 = TOKEN_SERVER_URL_SUFFIX.withPrefixes(configKeyPrefixes);
        configuration.getClass();
        CredentialOptions.Builder tokenServerUrl = transportType.setTokenServerUrl(withPrefixes6.get(configuration, configuration::get));
        HadoopConfigurationProperty<String> withPrefixes7 = PROXY_ADDRESS_SUFFIX.withPrefixes(configKeyPrefixes);
        configuration.getClass();
        CredentialOptions.Builder proxyPassword = tokenServerUrl.setProxyAddress(withPrefixes7.get(configuration, configuration::get)).setProxyUsername(RedactedString.create(PROXY_USERNAME_SUFFIX.withPrefixes(configKeyPrefixes).getPassword(configuration))).setProxyPassword(RedactedString.create(PROXY_PASSWORD_SUFFIX.withPrefixes(configKeyPrefixes).getPassword(configuration)));
        HadoopConfigurationProperty<String> withPrefixes8 = AUTH_CLIENT_ID_SUFFIX.withPrefixes(configKeyPrefixes);
        configuration.getClass();
        return new CredentialFactory(proxyPassword.setAuthClientId(withPrefixes8.get(configuration, configuration::get)).setAuthClientSecret(RedactedString.create(AUTH_CLIENT_SECRET_SUFFIX.withPrefixes(configKeyPrefixes).getPassword(configuration))).setAuthRefreshToken(RedactedString.create(AUTH_REFRESH_TOKEN_SUFFIX.withPrefixes(configKeyPrefixes).getPassword(configuration))).build());
    }

    public static AccessTokenProvider getAccessTokenProvider(Configuration configuration, List<String> list) throws IOException {
        Class<? extends AccessTokenProvider> accessTokenProviderImplClass = getAccessTokenProviderImplClass(configuration, (String[]) list.toArray(new String[0]));
        if (accessTokenProviderImplClass == null) {
            return null;
        }
        try {
            return accessTokenProviderImplClass.getDeclaredConstructor(new Class[0]).newInstance(new Object[0]);
        } catch (ReflectiveOperationException e) {
            throw new IOException(String.format("Can't instantiate '%s'. cause=%s", accessTokenProviderImplClass.getName(), e.getMessage()), e);
        }
    }

    public static Class<? extends AccessTokenProvider> getAccessTokenProviderImplClass(Configuration configuration, String... strArr) {
        return ACCESS_TOKEN_PROVIDER_IMPL_SUFFIX.withPrefixes(getConfigKeyPrefixes(strArr)).get(configuration, (str, cls) -> {
            return configuration.getClass(str, cls, AccessTokenProvider.class);
        });
    }

    public static ImmutableList<String> getConfigKeyPrefixes(String... strArr) {
        return ImmutableList.builder().add(strArr).add(BASE_KEY_PREFIX).build();
    }

    protected HadoopCredentialConfiguration() {
    }
}
