package com.microsoft.azure.tools.auth.core.serviceprincipal;

import com.azure.identity.ClientCertificateCredential;
import com.azure.identity.ClientCertificateCredentialBuilder;
import com.azure.identity.ClientSecretCredentialBuilder;
import com.microsoft.azure.tools.auth.core.AbstractCredentialRetriever;
import com.microsoft.azure.tools.auth.exception.InvalidConfigurationException;
import com.microsoft.azure.tools.auth.exception.LoginFailureException;
import com.microsoft.azure.tools.auth.model.AuthConfiguration;
import com.microsoft.azure.tools.auth.model.AuthMethod;
import com.microsoft.azure.tools.auth.model.AzureCredentialWrapper;
import com.microsoft.azure.tools.auth.util.ValidationUtil;
import javax.annotation.Nonnull;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/microsoft/azure/tools/auth/core/serviceprincipal/ServicePrincipalCredentialRetriever.class */
public class ServicePrincipalCredentialRetriever extends AbstractCredentialRetriever {
    private AuthConfiguration auth;

    public ServicePrincipalCredentialRetriever(@Nonnull AuthConfiguration authConfiguration) {
        super(authConfiguration.getEnvironment());
        this.auth = authConfiguration;
    }

    @Override // com.microsoft.azure.tools.auth.core.AbstractCredentialRetriever
    public AzureCredentialWrapper retrieveInternal() throws LoginFailureException {
        try {
            ValidationUtil.validateAuthConfiguration(this.auth);
            return mavenSettingLogin(AuthMethod.SERVICE_PRINCIPAL, this.auth);
        } catch (InvalidConfigurationException e) {
            throw new LoginFailureException(e.getMessage());
        }
    }

    private AzureCredentialWrapper mavenSettingLogin(AuthMethod authMethod, AuthConfiguration authConfiguration) throws LoginFailureException {
        ClientCertificateCredential build = StringUtils.isNotBlank(authConfiguration.getCertificate()) ? new ClientCertificateCredentialBuilder().clientId(authConfiguration.getClient()).pfxCertificate(authConfiguration.getCertificate(), authConfiguration.getCertificatePassword()).tenantId(authConfiguration.getTenant()).build() : new ClientSecretCredentialBuilder().clientId(authConfiguration.getClient()).clientSecret(authConfiguration.getKey()).tenantId(authConfiguration.getTenant()).build();
        validateTokenCredential(build);
        return new AzureCredentialWrapper(authMethod, build, getAzureEnvironment()).withTenantId(authConfiguration.getTenant());
    }

    public AuthConfiguration getAuth() {
        return this.auth;
    }
}
