package com.microsoft.azure.toolkit.lib.auth.core.maven;

import com.azure.core.credential.AccessToken;
import com.azure.core.credential.TokenCredential;
import com.azure.core.credential.TokenRequestContext;
import com.azure.identity.implementation.util.ScopeUtil;
import com.microsoft.aad.adal4j.AuthenticationCallback;
import com.microsoft.aad.adal4j.AuthenticationException;
import com.microsoft.aad.adal4j.AuthenticationResult;
import com.microsoft.azure.AzureEnvironment;
import com.microsoft.azure.credentials.AzureTokenCredentials;
import com.microsoft.azure.toolkit.lib.common.utils.JsonUtils;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import java.io.File;
import java.io.IOException;
import java.net.MalformedURLException;
import java.nio.file.Paths;
import java.time.OffsetDateTime;
import java.util.Date;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ExecutionException;
import javax.annotation.Nonnull;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.time.DateUtils;
import reactor.core.publisher.Mono;
import rx.exceptions.Exceptions;

/* loaded from: input_file:com/microsoft/azure/toolkit/lib/auth/core/maven/MavenLoginHelper.class */
public class MavenLoginHelper {
    private static final String CLIENT_ID = "04b07795-8ddb-461a-bbee-02f9e1bf7b46";
    private static final String COMMON_TENANT = "common";
    private static final String AZURE_FOLDER = ".azure";
    private static final String USER_HOME = "user.home";
    private static final String AZURE_CONFIG_DIR = "AZURE_CONFIG_DIR";
    private static final String AZURE_SECRET_FILE = "azure-secret.json";
    private static final String AZURE_PROFILE_NAME = "azureProfile.json";
    private static final String AZURE_TOKEN_NAME = "accessTokens.json";

    public static File getAzureConfigFolder() {
        return StringUtils.isNotBlank(System.getenv(AZURE_CONFIG_DIR)) ? new File(System.getenv(AZURE_CONFIG_DIR)) : Paths.get(System.getProperty(USER_HOME), AZURE_FOLDER).toFile();
    }

    public static File getAzureSecretFile() {
        return new File(getAzureConfigFolder(), AZURE_SECRET_FILE);
    }

    public static boolean existsAzureSecretFile() {
        File azureSecretFile = getAzureSecretFile();
        return azureSecretFile.exists() && azureSecretFile.isFile() && azureSecretFile.length() > 0;
    }

    public static AzureCredential readAzureCredentials(File file) throws IOException {
        if (file == null) {
            throw new IllegalArgumentException("Parameter 'file' cannot be null.");
        }
        return (AzureCredential) JsonUtils.fromJson(FileUtils.readFileToString(file, "utf8"), AzureCredential.class);
    }

    public static TokenCredential getMavenAzureLoginCredentialsTrack2(@Nonnull final AzureCredential azureCredential, @Nonnull final AzureEnvironment azureEnvironment) throws IOException {
        return new TokenCredential() { // from class: com.microsoft.azure.toolkit.lib.auth.core.maven.MavenLoginHelper.1
            private Map<String, AzureTokenCredentials> tokenCache = new ConcurrentHashMap();

            public Mono<AccessToken> getToken(TokenRequestContext tokenRequestContext) {
                String scopesToResource = ScopeUtil.scopesToResource(tokenRequestContext.getScopes());
                Map<String, AzureTokenCredentials> map = this.tokenCache;
                AzureCredential azureCredential2 = AzureCredential.this;
                AzureEnvironment azureEnvironment2 = azureEnvironment;
                AzureTokenCredentials computeIfAbsent = map.computeIfAbsent(scopesToResource, str -> {
                    return MavenLoginHelper.getMavenAzureLoginCredentialsTrack1(azureCredential2, azureEnvironment2);
                });
                return Mono.fromCallable(() -> {
                    try {
                        return new AccessToken(computeIfAbsent.getToken(scopesToResource), OffsetDateTime.MAX);
                    } catch (IOException e) {
                        Exceptions.propagate(e);
                        return null;
                    }
                });
            }
        };
    }

    public static AzureTokenCredentials getMavenAzureLoginCredentialsTrack1(final AzureCredential azureCredential, final AzureEnvironment azureEnvironment) {
        AzureTokenCredentials azureTokenCredentials = new AzureTokenCredentials(azureEnvironment, null) { // from class: com.microsoft.azure.toolkit.lib.auth.core.maven.MavenLoginHelper.2
            public String getToken(String str) throws IOException {
                String accessToken = azureCredential.getAccessToken();
                try {
                    if (((Claims) Jwts.parser().parseClaimsJwt(accessToken.substring(0, accessToken.lastIndexOf(46) + 1)).getBody()).getExpiration().after(DateUtils.addMinutes(new Date(), 1))) {
                        return accessToken;
                    }
                } catch (ExpiredJwtException e) {
                }
                try {
                    azureCredential.setAccessToken(MavenLoginHelper.refreshToken(azureEnvironment, azureCredential.getRefreshToken()).getAccessToken());
                    return azureCredential.getAccessToken();
                } catch (InterruptedException | ExecutionException e2) {
                    if (e2.getCause() instanceof AuthenticationException) {
                        throw ((AuthenticationException) e2.getCause());
                    }
                    if (e2.getCause() instanceof IOException) {
                        throw ((IOException) e2.getCause());
                    }
                    throw new IOException(String.format("Error happened during refreshing access token, due to error: %s.", e2.getMessage()));
                }
            }
        };
        if (StringUtils.isNotBlank(azureCredential.getDefaultSubscription())) {
            azureTokenCredentials.withDefaultSubscriptionId(azureCredential.getDefaultSubscription());
        }
        return azureTokenCredentials;
    }

    static AzureCredential refreshToken(AzureEnvironment azureEnvironment, String str) throws MalformedURLException, InterruptedException, ExecutionException {
        if (azureEnvironment == null) {
            throw new IllegalArgumentException("Parameter 'env' cannot be null.");
        }
        if (StringUtils.isBlank(str)) {
            throw new IllegalArgumentException("Parameter 'refreshToken' cannot be empty.");
        }
        return new AzureContextExecutor(baseURL(azureEnvironment), authenticationContext -> {
            return (AuthenticationResult) authenticationContext.acquireTokenByRefreshToken(str, CLIENT_ID, azureEnvironment.managementEndpoint(), (AuthenticationCallback) null).get();
        }).execute();
    }

    static String baseURL(AzureEnvironment azureEnvironment) {
        return azureEnvironment.activeDirectoryEndpoint() + COMMON_TENANT;
    }
}
