package com.microsoft.alm.auth.pat;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.microsoft.alm.auth.BaseAuthenticator;
import com.microsoft.alm.auth.PromptBehavior;
import com.microsoft.alm.auth.oauth.Global;
import com.microsoft.alm.auth.oauth.OAuth2Authenticator;
import com.microsoft.alm.helpers.Debug;
import com.microsoft.alm.helpers.HttpClient;
import com.microsoft.alm.secret.Token;
import com.microsoft.alm.secret.TokenPair;
import com.microsoft.alm.secret.VsoTokenScope;
import com.microsoft.alm.storage.SecretStore;
import java.io.IOException;
import java.net.URI;
import java.util.List;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicReference;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/microsoft/alm/auth/pat/VstsPatAuthenticator.class */
public class VstsPatAuthenticator extends BaseAuthenticator {
    private static final String TYPE = "PersonalAccessToken";
    private final VsoAzureAuthority vsoAzureAuthority;
    private final OAuth2Authenticator vstsOauthAuthenticator;
    private final SecretStore<Token> store;
    private final ObjectMapper objectMapper;
    private static final Logger logger = LoggerFactory.getLogger(VstsPatAuthenticator.class);
    private static final Pattern ID_PATTERN = Pattern.compile("\"id\"\\s*:\\s*\"([^\"]+)\"", 2);

    @JsonIgnoreProperties(ignoreUnknown = true)
    /* loaded from: input_file:com/microsoft/alm/auth/pat/VstsPatAuthenticator$Account.class */
    public static class Account {
        public UUID accountId;
        public URI accountUri;
        public String accountName;
        public String organizationName;
        public String accountType;
        public UUID accountOwner;
        public String accountStatus;
    }

    @JsonIgnoreProperties(ignoreUnknown = true)
    /* loaded from: input_file:com/microsoft/alm/auth/pat/VstsPatAuthenticator$AccountList.class */
    public static class AccountList {
        public int count;
        public List<Account> value;
    }

    public VstsPatAuthenticator(String str, String str2, SecretStore<TokenPair> secretStore, SecretStore<Token> secretStore2) {
        Debug.Assert(str != null, "oauthClientId cannot be null");
        Debug.Assert(str2 != null, "oauthClientRedirectUrl cannot be null");
        Debug.Assert(secretStore2 != null, "store cannot be null");
        this.vstsOauthAuthenticator = OAuth2Authenticator.getAuthenticator(str, str2, secretStore);
        this.vsoAzureAuthority = new VsoAzureAuthority();
        this.store = secretStore2;
        this.objectMapper = new ObjectMapper();
    }

    public VstsPatAuthenticator(OAuth2Authenticator oAuth2Authenticator, SecretStore<Token> secretStore) {
        this(new VsoAzureAuthority(), oAuth2Authenticator, secretStore);
    }

    VstsPatAuthenticator(VsoAzureAuthority vsoAzureAuthority, OAuth2Authenticator oAuth2Authenticator, SecretStore<Token> secretStore) {
        Debug.Assert(oAuth2Authenticator != null, "oauth2Authenticatorcannot be null");
        Debug.Assert(secretStore != null, "store cannot be null");
        this.vsoAzureAuthority = vsoAzureAuthority;
        this.vstsOauthAuthenticator = oAuth2Authenticator;
        this.store = secretStore;
        this.objectMapper = new ObjectMapper();
    }

    @Override // com.microsoft.alm.auth.BaseAuthenticator
    protected SecretStore<Token> getStore() {
        return this.store;
    }

    @Override // com.microsoft.alm.auth.Authenticator
    public String getAuthType() {
        return TYPE;
    }

    @Override // com.microsoft.alm.auth.BaseAuthenticator, com.microsoft.alm.auth.Authenticator
    public boolean isPersonalAccessTokenSupported() {
        return true;
    }

    @Override // com.microsoft.alm.auth.BaseAuthenticator, com.microsoft.alm.auth.Authenticator
    public Token getPersonalAccessToken(VsoTokenScope vsoTokenScope, String str, PromptBehavior promptBehavior) {
        logger.debug("Retrieving global Personal Access Token.");
        OAuth2Authenticator oAuth2Authenticator = this.vstsOauthAuthenticator;
        return getToken(OAuth2Authenticator.APP_VSSPS_VISUALSTUDIO, true, vsoTokenScope, str, promptBehavior, null);
    }

    @Override // com.microsoft.alm.auth.BaseAuthenticator, com.microsoft.alm.auth.Authenticator
    public Token getPersonalAccessToken(URI uri, VsoTokenScope vsoTokenScope, String str, PromptBehavior promptBehavior) {
        logger.debug("Retrieving Personal Access Token for uri: {}", uri);
        return getToken(uri, false, vsoTokenScope, str, promptBehavior, null);
    }

    @Override // com.microsoft.alm.auth.BaseAuthenticator, com.microsoft.alm.auth.Authenticator
    public Token getPersonalAccessToken(URI uri, VsoTokenScope vsoTokenScope, String str, PromptBehavior promptBehavior, TokenPair tokenPair) {
        logger.debug("Retrieving Personal Access Token for uri: {}", uri);
        return getToken(uri, false, vsoTokenScope, str, promptBehavior, tokenPair);
    }

    private Token getToken(final URI uri, final boolean z, final VsoTokenScope vsoTokenScope, final String str, final PromptBehavior promptBehavior, final TokenPair tokenPair) {
        Debug.Assert(uri != null, "uri cannot be null");
        Debug.Assert(promptBehavior != null, "promptBehavior cannot be null");
        logger.info("Retrieving PersonalAccessToken for uri:{} with name:{}, and with scope:{}, prompt behavior: {}", new Object[]{uri, str, vsoTokenScope, promptBehavior.name()});
        String key = getKey(uri);
        Debug.Assert(key != null, "Failed to convert uri to key");
        return new BaseAuthenticator.SecretRetriever<Token>() { // from class: com.microsoft.alm.auth.pat.VstsPatAuthenticator.1
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // com.microsoft.alm.auth.BaseAuthenticator.SecretRetriever
            public boolean tryGetValidated(Token token, AtomicReference<Token> atomicReference) {
                Debug.Assert(token != null, "Token is null");
                Debug.Assert(atomicReference != null, "Holder is null");
                URI create = URI.create(uri + "/_apis/connectionData");
                boolean z2 = false;
                if (token.Value != null) {
                    HttpClient createHttpClient = Global.getHttpClientFactory().createHttpClient();
                    token.contributeHeader(createHttpClient.getHeaders());
                    try {
                        createHttpClient.getGetResponseText(create);
                        z2 = true;
                    } catch (IOException e) {
                        VstsPatAuthenticator.logger.debug("Validation failed with IOException.", e);
                    }
                }
                VstsPatAuthenticator.logger.debug("Personal Access Token is {}.", z2 ? "valid" : "invalid.");
                return z2;
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // com.microsoft.alm.auth.BaseAuthenticator.SecretRetriever
            public Token doRetrieve() {
                TokenPair tokenPair2;
                if (tokenPair == null) {
                    OAuth2Authenticator oAuth2Authenticator = VstsPatAuthenticator.this.vstsOauthAuthenticator;
                    URI uri2 = uri;
                    PromptBehavior promptBehavior2 = promptBehavior;
                    tokenPair2 = oAuth2Authenticator.getOAuth2TokenPair(uri2, PromptBehavior.AUTO);
                } else {
                    tokenPair2 = tokenPair;
                }
                TokenPair tokenPair3 = tokenPair2;
                if (tokenPair3 == null) {
                    VstsPatAuthenticator.logger.debug("Failed to get an OAuth2 token, cannot generate PersonalAccessToken.");
                    return null;
                }
                VstsPatAuthenticator.logger.debug("Got OAuth2 token, retrieving Personal Access Token with it.");
                return VstsPatAuthenticator.this.vsoAzureAuthority.generatePersonalAccessToken(VstsPatAuthenticator.this.createAccountSpecificUri(uri, tokenPair3), tokenPair3.AccessToken, vsoTokenScope, true, z, str);
            }
        }.retrieve(key, getStore(), promptBehavior);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public URI createAccountSpecificUri(URI uri, TokenPair tokenPair) {
        OAuth2Authenticator oAuth2Authenticator = this.vstsOauthAuthenticator;
        if (!OAuth2Authenticator.APP_VSSPS_VISUALSTUDIO.equals(uri)) {
            return uri;
        }
        logger.debug("Find an account level target url to generate Personal Access Token.");
        HttpClient createHttpClient = Global.getHttpClientFactory().createHttpClient();
        tokenPair.AccessToken.contributeHeader(createHttpClient.getHeaders());
        try {
            String accountUri = getAccountUri(createHttpClient, getProfileId(createHttpClient));
            logger.debug("Found account: {}", accountUri);
            return URI.create(accountUri);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private String getProfileId(HttpClient httpClient) throws IOException {
        Debug.Assert(httpClient != null, "authenticatedClient is null");
        URI create = URI.create("https://app.vssps.visualstudio.com/_apis/profile/profiles/me?api-version=1.0");
        logger.debug("Getting user profile...");
        String parseIdFromJson = parseIdFromJson(httpClient.getGetResponseText(create));
        if (parseIdFromJson == null) {
            throw new RuntimeException("Failed to get profile id.");
        }
        logger.debug("Profile id: {}", parseIdFromJson);
        return parseIdFromJson;
    }

    static String parseIdFromJson(String str) {
        String str2 = null;
        Matcher matcher = ID_PATTERN.matcher(str);
        if (matcher.find()) {
            str2 = matcher.group(1);
        }
        return str2;
    }

    private String getAccountUri(HttpClient httpClient, String str) throws IOException {
        AccountList accountList;
        Debug.Assert(httpClient != null, "authenticatedClient is null");
        Debug.Assert(str != null, "profileId is null");
        URI create = URI.create(String.format("https://app.vssps.visualstudio.com/_apis/Accounts?memberid=%s&api-version=1.0", str));
        logger.debug("Account API URL: {}", create);
        String getResponseText = httpClient.getGetResponseText(create);
        if (getResponseText != null && (accountList = (AccountList) this.objectMapper.readValue(getResponseText, AccountList.class)) != null && accountList.value != null) {
            for (Account account : accountList.value) {
                if (account.accountStatus != null && account.accountUri != null) {
                    return String.format("https://%s.visualstudio.com/", account.accountName);
                }
            }
        }
        throw new RuntimeException("Could not find any accounts.");
    }

    @Override // com.microsoft.alm.auth.BaseAuthenticator, com.microsoft.alm.auth.Authenticator
    public boolean signOut() {
        OAuth2Authenticator oAuth2Authenticator = this.vstsOauthAuthenticator;
        return signOut(OAuth2Authenticator.APP_VSSPS_VISUALSTUDIO);
    }

    @Override // com.microsoft.alm.auth.BaseAuthenticator, com.microsoft.alm.auth.Authenticator
    public boolean signOut(URI uri) {
        logger.info("Signing out from uri: {}", uri);
        Debug.Assert(uri != null, "uri cannot be null");
        return super.signOut(uri) && this.vstsOauthAuthenticator.signOut();
    }

    public boolean assignGlobalPatTo(URI uri) {
        Debug.Assert(uri != null, "uri cannot be null");
        logger.debug("Assigning the global PAT to uri: {}", uri);
        OAuth2Authenticator oAuth2Authenticator = this.vstsOauthAuthenticator;
        Token token = (Token) getStore().get(getKey(OAuth2Authenticator.APP_VSSPS_VISUALSTUDIO));
        if (token == null) {
            logger.debug("Could not find global PAT.");
            return false;
        }
        assign(uri, token);
        logger.debug("Global PAT transferred to uri: {}", uri);
        return true;
    }

    private void assign(URI uri, Token token) {
        getStore().add(getKey(uri), token);
    }
}
