package com.microsoft.azure.sevicebus.security;

import com.google.gson.Gson;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ForkJoinPool;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/microsoft/azure/sevicebus/security/ManagedServiceIdentityTokenProvider.class */
public class ManagedServiceIdentityTokenProvider extends TokenProvider {
    private static final Logger TRACE_LOGGER = LoggerFactory.getLogger(ManagedServiceIdentityTokenProvider.class);
    private static final String STATIC_LOCAL_REST_MSI_ENDPOINT_URL = "http://localhost:50342/oauth2/token";
    private static final String APIVERSION = "api-version=2017-09-01";
    private static final String MSI_ENDPOINT_ENV_VARIABLE = "MSI_ENDPOINT";
    private static final String MSI_SECRET_ENV_VARIABLE = "MSI_SECRET";
    private static final String STATIC_MSI_URL_FORMAT = "%s?resource=%s";
    private static final String DYNAMIC_MSI_URL_FORMAT = "%s?resource=%s&%s";
    private static final String METADATA_HEADER_NAME = "Metadata";
    private static final String SECRET_HEADER_NAME = "Secret";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/microsoft/azure/sevicebus/security/ManagedServiceIdentityTokenProvider$MSIToken.class */
    public static class MSIToken {
        private String access_token;
        private String refresh_token;
        private int expires_in;
        private long expires_on;
        private long not_before;
        private String resource;
        private String token_type;

        private MSIToken() {
        }

        public String getAccessToken() {
            return this.access_token;
        }

        public int getExpiresIn() {
            return this.expires_in;
        }

        public long getExpiresOn() {
            return this.expires_on;
        }

        public long getNotBefore() {
            return this.not_before;
        }

        public String getResource() {
            return this.resource;
        }

        public String getTokenType() {
            return this.token_type;
        }
    }

    @Override // com.microsoft.azure.sevicebus.security.TokenProvider
    public CompletableFuture<SecurityToken> getSecurityTokenAsync(String str) {
        String str2 = SecurityConstants.SERVICEBUS_AAD_AUDIENCE_RESOURCE_URL;
        CompletableFuture<SecurityToken> completableFuture = new CompletableFuture<>();
        ForkJoinPool.commonPool().execute(() -> {
            try {
                MSIToken mSIToken = getMSIToken(str2);
                completableFuture.complete(new SecurityToken(SecurityTokenType.JWT, str, mSIToken.getAccessToken(), Instant.EPOCH.plus((TemporalAmount) Duration.ofSeconds(mSIToken.getNotBefore())), Instant.now().plus((TemporalAmount) Duration.ofSeconds(mSIToken.getExpiresIn()))));
            } catch (IOException e) {
                TRACE_LOGGER.error("ManagedServiceIdentity token generation failed.", e);
                completableFuture.completeExceptionally(e);
            }
        });
        return completableFuture;
    }

    private static MSIToken getMSIToken(String str) throws IOException {
        HttpURLConnection httpURLConnection;
        String str2 = System.getenv(MSI_ENDPOINT_ENV_VARIABLE);
        String str3 = System.getenv(MSI_SECRET_ENV_VARIABLE);
        if (str2 == null || str2.isEmpty() || str3 == null || str3.isEmpty()) {
            httpURLConnection = (HttpURLConnection) new URL(String.format(STATIC_MSI_URL_FORMAT, STATIC_LOCAL_REST_MSI_ENDPOINT_URL, str)).openConnection();
            httpURLConnection.setRequestProperty(METADATA_HEADER_NAME, "true");
        } else {
            httpURLConnection = (HttpURLConnection) new URL(String.format(DYNAMIC_MSI_URL_FORMAT, str2, str, APIVERSION)).openConnection();
            httpURLConnection.setRequestProperty(SECRET_HEADER_NAME, str3);
        }
        httpURLConnection.setRequestMethod("GET");
        httpURLConnection.setDoInput(true);
        httpURLConnection.connect();
        StringBuilder sb = new StringBuilder();
        InputStreamReader inputStreamReader = new InputStreamReader(httpURLConnection.getInputStream(), StandardCharsets.UTF_8);
        Throwable th = null;
        try {
            try {
                char[] cArr = new char[1024];
                while (true) {
                    int read = inputStreamReader.read(cArr);
                    if (read == -1) {
                        break;
                    }
                    sb.append(cArr, 0, read);
                }
                if (inputStreamReader != null) {
                    if (0 != 0) {
                        try {
                            inputStreamReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStreamReader.close();
                    }
                }
                return (MSIToken) new Gson().fromJson(sb.toString(), MSIToken.class);
            } finally {
            }
        } catch (Throwable th3) {
            if (inputStreamReader != null) {
                if (th != null) {
                    try {
                        inputStreamReader.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStreamReader.close();
                }
            }
            throw th3;
        }
    }
}
