package com.microsoft.commondatamodel.objectmodel.storage;

import com.google.common.base.Strings;
import com.microsoft.aad.adal4j.AuthenticationCallback;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.AuthenticationResult;
import com.microsoft.aad.adal4j.ClientCredential;
import com.microsoft.commondatamodel.objectmodel.utilities.network.TokenProvider;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.Date;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/microsoft/commondatamodel/objectmodel/storage/AdlsAdapterAuthenticator.class */
public class AdlsAdapterAuthenticator {
    private static final String HMAC_SHA256 = "HmacSHA256";
    private static final String HTTP_AUTHORIZATION = "Authorization";
    private static final String HTTP_XMS_DATE = "x-ms-date";
    private static final String HTTP_XMS_VERSION = "x-ms-version";
    private String sharedKey;
    private final String tenant;
    private String clientId;
    private String secret;
    private AuthenticationResult lastAuthenticationResult;
    private TokenProvider tokenProvider;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AdlsAdapterAuthenticator(String str) {
        if (str == null) {
            throw new IllegalArgumentException("sharedKey is null");
        }
        this.sharedKey = str;
        this.clientId = null;
        this.secret = null;
        this.tenant = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AdlsAdapterAuthenticator(String str, String str2, String str3) {
        if (str == null || str2 == null) {
            throw new IllegalArgumentException("tenant or clientId is null");
        }
        this.sharedKey = null;
        this.tenant = str;
        this.clientId = str2;
        this.secret = str3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AdlsAdapterAuthenticator(TokenProvider tokenProvider) {
        this.sharedKey = null;
        this.tenant = null;
        this.clientId = null;
        this.secret = null;
        this.tokenProvider = tokenProvider;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Map<String, String> buildAuthenticationHeader(String str, String str2, String str3, String str4) throws NoSuchAlgorithmException, InvalidKeyException, URISyntaxException {
        if (this.sharedKey != null) {
            return buildAuthenticationHeaderWithSharedKey(str, str2, str3, str4);
        }
        if (this.tokenProvider == null) {
            return buildAuthenticationHeaderWithClientIdAndSecret();
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("authorization", this.tokenProvider.getToken());
        return linkedHashMap;
    }

    private Map<String, String> buildAuthenticationHeaderWithSharedKey(String str, String str2, String str3, String str4) throws URISyntaxException, NoSuchAlgorithmException, InvalidKeyException {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(HTTP_XMS_DATE, DateTimeFormatter.RFC_1123_DATE_TIME.format(ZonedDateTime.now(ZoneOffset.ofHours(0))));
        linkedHashMap.put(HTTP_XMS_VERSION, "2018-06-17");
        int length = str3 != null ? str3.getBytes().length : 0;
        URI uri = new URI(str);
        StringBuilder sb = new StringBuilder();
        sb.append(str2).append(StringUtils.LF);
        sb.append(StringUtils.LF);
        sb.append(StringUtils.LF);
        sb.append(length != 0 ? Integer.valueOf(length) : "").append(StringUtils.LF);
        sb.append(StringUtils.LF);
        sb.append(str4 != null ? str4 : "").append(StringUtils.LF);
        sb.append(StringUtils.LF);
        sb.append(StringUtils.LF);
        sb.append(StringUtils.LF);
        sb.append(StringUtils.LF);
        sb.append(StringUtils.LF);
        sb.append(StringUtils.LF);
        for (Map.Entry entry : linkedHashMap.entrySet()) {
            sb.append((String) entry.getKey()).append(":").append((String) entry.getValue()).append(StringUtils.LF);
        }
        String str5 = uri.getHost().split("\\.")[0];
        sb.append("/").append(str5);
        sb.append(uri.getPath());
        if (!Strings.isNullOrEmpty(uri.getQuery())) {
            for (String str6 : uri.getQuery().split("&")) {
                String[] split = str6.split("=");
                sb.append(StringUtils.LF).append(split[0]).append(":").append(split[1]);
            }
        }
        Mac mac = Mac.getInstance(HMAC_SHA256);
        mac.init(new SecretKeySpec(Base64.decodeBase64(this.sharedKey.getBytes()), HMAC_SHA256));
        linkedHashMap.put(HTTP_AUTHORIZATION, "SharedKey " + str5 + ":" + Base64.encodeBase64String(mac.doFinal(sb.toString().getBytes(StandardCharsets.UTF_8))));
        return linkedHashMap;
    }

    private Map<String, String> buildAuthenticationHeaderWithClientIdAndSecret() {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (needsRefreshToken()) {
            refreshToken();
        }
        linkedHashMap.put("authorization", this.lastAuthenticationResult.getAccessTokenType() + StringUtils.SPACE + this.lastAuthenticationResult.getAccessToken());
        return linkedHashMap;
    }

    private boolean needsRefreshToken() {
        if (this.lastAuthenticationResult == null) {
            return true;
        }
        return this.lastAuthenticationResult.getExpiresOnDate().before(new Date());
    }

    private void refreshToken() {
        ExecutorService newFixedThreadPool = Executors.newFixedThreadPool(10);
        try {
            try {
                this.lastAuthenticationResult = new AuthenticationContext("https://login.windows.net/" + this.tenant, true, newFixedThreadPool).acquireToken("https://storage.azure.com", new ClientCredential(this.clientId, this.secret), (AuthenticationCallback) null).get();
                newFixedThreadPool.shutdown();
            } catch (InterruptedException | MalformedURLException | ExecutionException e) {
                throw new StorageAdapterException("Failed to refresh AdlsAdapter's token", e);
            }
        } catch (Throwable th) {
            newFixedThreadPool.shutdown();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getSharedKey() {
        return this.sharedKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSharedKey(String str) {
        this.sharedKey = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getTenant() {
        return this.tenant;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getClientId() {
        return this.clientId;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setClientId(String str) {
        this.clientId = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getSecret() {
        return this.secret;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSecret(String str) {
        this.secret = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TokenProvider getTokenProvider() {
        return this.tokenProvider;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setTokenProvider(TokenProvider tokenProvider) {
        this.tokenProvider = tokenProvider;
    }
}
