package com.azure.identity;

import com.azure.core.credential.AccessToken;
import com.azure.core.credential.TokenCredential;
import com.azure.core.credential.TokenRequestContext;
import com.azure.core.util.logging.ClientLogger;
import com.azure.identity.implementation.IdentityClient;
import com.azure.identity.implementation.IdentityClientBuilder;
import com.azure.identity.implementation.IdentityClientOptions;
import com.azure.identity.implementation.IdentitySyncClient;
import com.azure.identity.implementation.MsalAuthenticationAccount;
import com.azure.identity.implementation.MsalToken;
import com.azure.identity.implementation.util.LoggingUtil;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Consumer;
import reactor.core.publisher.Mono;

/* loaded from: input_file:applicationinsights-agent-3.4.15.jar:inst/com/azure/identity/DeviceCodeCredential.classdata */
public class DeviceCodeCredential implements TokenCredential {
    private static final ClientLogger LOGGER = new ClientLogger((Class<?>) DeviceCodeCredential.class);
    private final Consumer<DeviceCodeInfo> challengeConsumer;
    private final IdentityClient identityClient;
    private final IdentitySyncClient identitySyncClient;
    private final AtomicReference<MsalAuthenticationAccount> cachedToken;
    private final String authorityHost;
    private final boolean automaticAuthentication;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DeviceCodeCredential(String str, String str2, Consumer<DeviceCodeInfo> consumer, boolean z, IdentityClientOptions identityClientOptions) {
        this.challengeConsumer = consumer;
        IdentityClientBuilder identityClientOptions2 = new IdentityClientBuilder().tenantId(str2).clientId(str).identityClientOptions(identityClientOptions);
        this.identityClient = identityClientOptions2.build();
        this.identitySyncClient = identityClientOptions2.buildSyncClient();
        this.cachedToken = new AtomicReference<>();
        this.authorityHost = identityClientOptions.getAuthorityHost();
        this.automaticAuthentication = z;
        if (identityClientOptions.getAuthenticationRecord() != null) {
            this.cachedToken.set(new MsalAuthenticationAccount(identityClientOptions.getAuthenticationRecord()));
        }
    }

    @Override // com.azure.core.credential.TokenCredential
    public Mono<AccessToken> getToken(TokenRequestContext tokenRequestContext) {
        return Mono.defer(() -> {
            return this.cachedToken.get() != null ? this.identityClient.authenticateWithPublicClientCache(tokenRequestContext, this.cachedToken.get()).onErrorResume(th -> {
                return Mono.empty();
            }) : Mono.empty();
        }).switchIfEmpty(Mono.defer(() -> {
            return !this.automaticAuthentication ? Mono.error(LOGGER.logExceptionAsError(new AuthenticationRequiredException("Interactive authentication is needed to acquire token. Call Authenticate to initiate the device code authentication.", tokenRequestContext))) : this.identityClient.authenticateWithDeviceCode(tokenRequestContext, this.challengeConsumer);
        })).map(this::updateCache).doOnNext(accessToken -> {
            LoggingUtil.logTokenSuccess(LOGGER, tokenRequestContext);
        }).doOnError(th -> {
            LoggingUtil.logTokenError(LOGGER, this.identityClient.getIdentityClientOptions(), tokenRequestContext, th);
        });
    }

    @Override // com.azure.core.credential.TokenCredential
    public AccessToken getTokenSync(TokenRequestContext tokenRequestContext) {
        if (this.cachedToken.get() != null) {
            try {
                return this.identitySyncClient.authenticateWithPublicClientCache(tokenRequestContext, this.cachedToken.get());
            } catch (Exception e) {
            }
        }
        try {
            if (!this.automaticAuthentication) {
                throw LOGGER.logExceptionAsError(new AuthenticationRequiredException("Interactive authentication is needed to acquire token. Call Authenticate to initiate the device code authentication.", tokenRequestContext));
            }
            MsalToken authenticateWithDeviceCode = this.identitySyncClient.authenticateWithDeviceCode(tokenRequestContext, this.challengeConsumer);
            updateCache(authenticateWithDeviceCode);
            LoggingUtil.logTokenSuccess(LOGGER, tokenRequestContext);
            return authenticateWithDeviceCode;
        } catch (Exception e2) {
            LoggingUtil.logTokenError(LOGGER, this.identityClient.getIdentityClientOptions(), tokenRequestContext, e2);
            throw e2;
        }
    }

    public Mono<AuthenticationRecord> authenticate(TokenRequestContext tokenRequestContext) {
        return Mono.defer(() -> {
            return this.identityClient.authenticateWithDeviceCode(tokenRequestContext, this.challengeConsumer);
        }).map(this::updateCache).map(accessToken -> {
            return this.cachedToken.get().getAuthenticationRecord();
        });
    }

    public Mono<AuthenticationRecord> authenticate() {
        String defaultScope = AzureAuthorityHosts.getDefaultScope(this.authorityHost);
        return defaultScope == null ? Mono.error(LoggingUtil.logCredentialUnavailableException(LOGGER, this.identityClient.getIdentityClientOptions(), new CredentialUnavailableException("Authenticating in this environment requires specifying a TokenRequestContext."))) : authenticate(new TokenRequestContext().addScopes(defaultScope));
    }

    private AccessToken updateCache(MsalToken msalToken) {
        this.cachedToken.set(new MsalAuthenticationAccount(new AuthenticationRecord(msalToken.getAuthenticationResult(), this.identityClient.getTenantId(), this.identityClient.getClientId()), msalToken.getAccount().getTenantProfiles()));
        return msalToken;
    }
}
