package com.google.cloud.sql.tool.googleapi;

import com.google.api.client.auth.oauth2.draft10.AccessTokenErrorResponse;
import com.google.api.client.auth.oauth2.draft10.AccessTokenRequest;
import com.google.api.client.http.HttpResponseException;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson.JacksonFactory;
import com.google.appengine.repackaged.com.google.common.base.Strings;
import com.google.appengine.repackaged.com.google.common.base.Supplier;
import com.google.appengine.repackaged.com.google.common.base.Suppliers;
import com.google.appengine.repackaged.com.google.common.flags.Flag;
import com.google.appengine.repackaged.com.google.common.flags.FlagSpec;
import com.google.cloud.sql.jdbc.internal.Url;
import com.google.cloud.sql.jdbc.internal.Util;
import com.google.cloud.sql.jdbc.internal.googleapi.OAuthTokens;
import com.google.cloud.sql.tool.connections.ConnectionException;
import com.google.cloud.sql.tool.connections.ConnectionFactory;
import com.google.cloud.sql.tool.connections.ConsoleSupplier;
import com.google.cloud.sql.tool.connections.FlagsConnectionFactory;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Map;
import java.util.prefs.Preferences;

/* loaded from: input_file:WEB-INF/lib/google_sql-1.6.1.jar:com/google/cloud/sql/tool/googleapi/OAuth2ConnectionFactory.class */
public class OAuth2ConnectionFactory implements ConnectionFactory {

    @FlagSpec(help = "Google username (i.e. sqlman@gmail.com) to use to authenticate to the SQL instance.", altName = "oauth2_authorization_code")
    private static final Flag<String> oauth2AuthorizationCode = Flag.value("");

    @FlagSpec(help = "Show full OAuth2 authorize URL.", altName = "oauth2_full_auth_url")
    private static final Flag<Boolean> oauth2FullAuthUrl = Flag.value(false);
    private static final String[] AUTHORIZE_MESSAGE = {"Please authorize Google SQL Service for your Google Account at:"};
    private static final String SHORT_OAUTH2_AUTHORIZE_URL = "http://goo.gl/Ov319";
    private static final String PREFS_PACKAGE = "/com/google/cloud/sqlservice/oauth2";
    private final String authorizationCode;
    private final Preferences prefs;
    private final HttpTransport transport;
    private final JsonFactory jsonFactory;

    public OAuth2ConnectionFactory() {
        this(Preferences.userRoot().node(PREFS_PACKAGE));
    }

    public OAuth2ConnectionFactory(Preferences preferences) {
        this.transport = new NetHttpTransport();
        this.jsonFactory = new JacksonFactory();
        this.authorizationCode = oauth2AuthorizationCode.get();
        this.prefs = preferences;
    }

    protected Supplier<String> getAuthorizationCode(Url url) {
        if (!Strings.isNullOrEmpty(this.authorizationCode)) {
            return Suppliers.ofInstance(this.authorizationCode);
        }
        PrintWriter writer = System.console() != null ? System.console().writer() : new PrintWriter(System.out);
        Iterator<String> it = createAuthorizationMessage(url).iterator();
        while (it.hasNext()) {
            writer.println(it.next());
        }
        return new ConsoleSupplier("Enter Authorization Code");
    }

    @Override // com.google.cloud.sql.tool.connections.ConnectionFactory
    public Connection connect(String str, Map<String, String> map) throws ConnectionException, SQLException {
        Url createFromMap = Url.createFromMap(str, map);
        if (getOAuth2Tokens(createFromMap) == null) {
            saveOAuth2Tokens(createFromMap, createOAuth2TokenFlow(createFromMap));
        }
        return new FlagsConnectionFactory().connect(str, map);
    }

    private OAuthTokens createOAuth2TokenFlow(Url url) throws ConnectionException {
        String str = getAuthorizationCode(url).get();
        if (Strings.isNullOrEmpty(str)) {
            throw new ConnectionException("No access code entered.");
        }
        OAuthTokens fromUrl = OAuthTokens.fromUrl(url);
        AccessTokenRequest.AuthorizationCodeGrant authorizationCodeGrant = new AccessTokenRequest.AuthorizationCodeGrant();
        authorizationCodeGrant.transport = this.transport;
        authorizationCodeGrant.jsonFactory = this.jsonFactory;
        authorizationCodeGrant.authorizationServerUrl = url.getOAuth2TokenUrl();
        authorizationCodeGrant.clientId = fromUrl.getOAuth2ClientId();
        authorizationCodeGrant.clientSecret = fromUrl.getOAuth2ClientSecret();
        authorizationCodeGrant.code = str;
        authorizationCodeGrant.redirectUri = OAuthTokens.REDIRECT_URI;
        authorizationCodeGrant.useBasicAuthorization = false;
        try {
            return fromUrl.withResponse(authorizationCodeGrant.execute());
        } catch (HttpResponseException e) {
            try {
                AccessTokenErrorResponse accessTokenErrorResponse = (AccessTokenErrorResponse) e.getResponse().parseAs(AccessTokenErrorResponse.class);
                throw new ConnectionException(String.format("Unable to fetch OAuth2 tokens: %s: %s.", accessTokenErrorResponse.getErrorCodeIfKnown().name(), accessTokenErrorResponse.errorDescription), e);
            } catch (IOException e2) {
                throw new ConnectionException("Unable to fetch OAuth2 tokens.", e);
            } catch (IllegalArgumentException e3) {
                throw new ConnectionException("Unable to fetch OAuth2 tokens.", e);
            }
        } catch (IOException e4) {
            throw new ConnectionException("Unable to fetch OAuth2 tokens.", e4);
        }
    }

    private OAuthTokens getOAuth2Tokens(Url url) {
        if (url.getOAuth2RefreshToken() != null || url.getOAuth2AccessToken() != null) {
            return OAuthTokens.fromUrl(url);
        }
        String str = this.prefs.get(url.getOAuth2TokenUrl(), null);
        if (str == null) {
            return null;
        }
        return OAuthTokens.fromUrl(url).withRefreshToken(str);
    }

    private void saveOAuth2Tokens(Url url, OAuthTokens oAuthTokens) {
        this.prefs.put(url.getOAuth2TokenUrl(), oAuthTokens.getRefreshToken());
    }

    private static String createAuthorizeUrl(Url url) {
        return !oauth2FullAuthUrl.get().booleanValue() ? SHORT_OAUTH2_AUTHORIZE_URL : String.format("%s?response_type=code&scope=%s&redirect_uri=%s&client_id=%s", url.getOAuth2AuthUrl(), OAuthTokens.SCOPE, OAuthTokens.REDIRECT_URI, OAuthTokens.getOAuth2ClientId(url));
    }

    private static Iterable<String> createAuthorizationMessage(Url url) {
        ArrayList newArrayList = Util.newArrayList(AUTHORIZE_MESSAGE);
        newArrayList.add(createAuthorizeUrl(url));
        return newArrayList;
    }
}
