package gov.nasa.pds.registry.common.connection;

import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import gov.nasa.pds.registry.common.ConnectionFactory;
import gov.nasa.pds.registry.common.RestClient;
import gov.nasa.pds.registry.common.connection.aws.RestClientWrapper;
import gov.nasa.pds.registry.common.connection.config.CognitoType;
import gov.nasa.pds.registry.common.connection.config.DirectType;
import gov.nasa.pds.registry.common.connection.config.Ec2Type;
import java.io.IOException;
import java.lang.reflect.Type;
import java.net.URI;
import java.net.URL;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.util.Map;
import java.util.Properties;
import org.apache.http.HttpHost;
import org.apache.http.client.CredentialsProvider;

/* loaded from: input_file:BOOT-INF/lib/registry-common-2.0.4.jar:gov/nasa/pds/registry/common/connection/UseOpensearchSDK2.class */
public final class UseOpensearchSDK2 implements ConnectionFactory {
    private final boolean isServerless;
    private final boolean veryTrusting;
    private final AuthContent auth;
    private final HttpHost host;
    private final org.apache.hc.core5.http.HttpHost host5;
    private final URL endpoint;
    private String index = null;
    private final CognitoContent content = new CognitoContent();

    public static UseOpensearchSDK2 build(CognitoType cognitoType, AuthContent authContent) throws IOException, InterruptedException {
        System.setProperty("org.opensearch.path.encoding", "HTTP_CLIENT_V5_EQUIV");
        Gson gson = new Gson();
        HttpResponse send = HttpClient.newHttpClient().send(HttpRequest.newBuilder().uri(URI.create(cognitoType.getIDP())).POST(HttpRequest.BodyPublishers.ofString("{\"AuthFlow\":\"USER_PASSWORD_AUTH\",\"AuthParameters\":{\"USERNAME\":\"" + authContent.getUser() + "\",\"PASSWORD\":\"" + authContent.getPassword() + "\"},\"ClientId\":\"" + cognitoType.getValue() + "\"}")).setHeader("X-Amz-Target", "AWSCognitoIdentityProviderService.InitiateAuth").setHeader("Content-Type", "application/x-amz-json-1.1").build(), HttpResponse.BodyHandlers.ofString());
        Type type = new TypeToken<Map<String, Map<String, String>>>() { // from class: gov.nasa.pds.registry.common.connection.UseOpensearchSDK2.1
        }.getType();
        if (!(true & ((String) send.body()).contains("AuthenticationResult") & ((String) send.body()).contains("AccessToken") & ((String) send.body()).contains("ExpiresIn") & ((String) send.body()).contains("IdToken") & ((String) send.body()).contains("RefreshToken") & ((String) send.body()).contains("TokenType")) || !((String) send.body()).contains("ChallengeParameters")) {
            throw new IOException("Received an unexpected response of: " + send.toString() + " ->\n" + ((String) send.body()));
        }
        return new UseOpensearchSDK2(authContent, new URL(cognitoType.getEndpoint()), true, false).update((Map) gson.fromJson((String) send.body(), type), cognitoType.getValue(), cognitoType.getIDP(), cognitoType.getGateway()).tokensToKeys();
    }

    private UseOpensearchSDK2 update(Map<String, Map<String, String>> map, String str, String str2, String str3) {
        this.content.accessToken = map.get("AuthenticationResult").get("AccessToken");
        this.content.clientid = str;
        this.content.gateway = str3;
        this.content.idp = str2;
        this.content.idToken = map.get("AuthenticationResult").get("IdToken");
        this.content.refreshToken = map.get("AuthenticationResult").get("RefreshToken");
        this.content.tokenType = map.get("AuthenticationResult").get("TokenType");
        return this;
    }

    private UseOpensearchSDK2 update(CognitoContent cognitoContent) {
        if (this.isServerless) {
            this.content.accessToken = cognitoContent.accessToken;
            this.content.clientid = cognitoContent.clientid;
            this.content.gateway = cognitoContent.gateway;
            this.content.idp = cognitoContent.idp;
            this.content.idToken = cognitoContent.idToken;
            this.content.refreshToken = cognitoContent.refreshToken;
            this.content.tokenType = cognitoContent.tokenType;
        }
        return this;
    }

    private UseOpensearchSDK2 tokensToKeys() throws IOException, InterruptedException {
        Gson gson = new Gson();
        HttpResponse send = HttpClient.newBuilder().followRedirects(HttpClient.Redirect.NORMAL).build().send(HttpRequest.newBuilder().uri(URI.create(this.content.gateway)).GET().setHeader("Authorization", this.content.tokenType + " " + this.content.accessToken).setHeader("IDToken", this.content.idToken).build(), HttpResponse.BodyHandlers.ofString());
        Type type = new TypeToken<Map<String, Map<String, String>>>() { // from class: gov.nasa.pds.registry.common.connection.UseOpensearchSDK2.2
        }.getType();
        if (299 < send.statusCode()) {
            throw new IOException("Could not obtain credentials: " + send.toString());
        }
        if (!(true & ((String) send.body()).contains("body") & ((String) send.body()).contains("AccessKeyId") & ((String) send.body()).contains("SecretAccessKey")) || !((String) send.body()).contains("SessionToken")) {
            throw new IOException("Did not find expected credential response from: " + send.toString() + ((String) send.body()));
        }
        Map map = (Map) gson.fromJson("{\"Credentials\":" + ((Map) gson.fromJson((String) send.body(), new TypeToken<Map<String, Object>>() { // from class: gov.nasa.pds.registry.common.connection.UseOpensearchSDK2.3
        }.getType())).get("body") + "}", type);
        fillSysPropsWithCreds((String) ((Map) map.get("Credentials")).get("SecretAccessKey"), (String) ((Map) map.get("Credentials")).get("AccessKeyId"), (String) ((Map) map.get("Credentials")).get("SessionToken"));
        return this;
    }

    private void fillSysPropsWithCreds(String str, String str2, String str3) {
        Properties properties = new Properties(System.getProperties());
        properties.setProperty("aws.accessKeyId", str2);
        properties.setProperty("aws.secretAccessKey", str);
        properties.setProperty("aws.sessionToken", str3);
        System.setProperties(properties);
    }

    public static UseOpensearchSDK2 build(DirectType directType, AuthContent authContent) throws Exception {
        return new UseOpensearchSDK2(authContent, new URL(directType.getValue()), false, directType.isTrustSelfSigned());
    }

    public static UseOpensearchSDK2 build(Ec2Type ec2Type, AuthContent authContent) throws Exception {
        return new UseOpensearchSDK2(authContent, new URL(ec2Type.getEndpoint()), true, false).ec2Creds(ec2Type.getValue());
    }

    private UseOpensearchSDK2(AuthContent authContent, URL url, boolean z, boolean z2) {
        this.auth = authContent;
        this.endpoint = url;
        this.host = new HttpHost(this.endpoint.getHost(), this.endpoint.getPort(), this.endpoint.getProtocol());
        this.host5 = new org.apache.hc.core5.http.HttpHost(this.endpoint.getProtocol(), this.endpoint.getHost(), this.endpoint.getPort());
        this.isServerless = z;
        this.veryTrusting = z2;
    }

    private UseOpensearchSDK2 ec2Creds(String str) {
        this.content.accessToken = str;
        this.content.refreshToken = null;
        return this;
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public ConnectionFactory m382clone() {
        return new UseOpensearchSDK2(this.auth, this.endpoint, this.isServerless, this.veryTrusting).update(this.content).setIndexName(this.index);
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public RestClient createRestClient() throws Exception {
        return new RestClientWrapper(this, this.isServerless);
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public CredentialsProvider getCredentials() {
        return this.auth.getCredentials(getHost());
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public org.apache.hc.client5.http.auth.CredentialsProvider getCredentials5() {
        return this.auth.getCredentials5(getHost5());
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public HttpHost getHost() {
        return this.host;
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public org.apache.hc.core5.http.HttpHost getHost5() {
        return this.host5;
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public String getHostName() {
        return this.host.getHostName();
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public String getIndexName() {
        return this.index;
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public boolean isTrustingSelfSigned() {
        return this.veryTrusting;
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public ConnectionFactory setIndexName(String str) {
        this.index = str;
        return this;
    }

    @Override // gov.nasa.pds.registry.common.ConnectionFactory
    public void reconnect() throws IOException, InterruptedException {
        if (this.isServerless) {
            Gson gson = new Gson();
            HttpClient newHttpClient = HttpClient.newHttpClient();
            if (this.content.refreshToken == null) {
                HttpResponse send = newHttpClient.send(HttpRequest.newBuilder().uri(URI.create(this.content.accessToken)).GET().build(), HttpResponse.BodyHandlers.ofString());
                Type type = new TypeToken<Map<String, String>>() { // from class: gov.nasa.pds.registry.common.connection.UseOpensearchSDK2.4
                }.getType();
                if (!(true & ((String) send.body()).contains("AccessKeyId") & ((String) send.body()).contains("SecretAccessKey")) || !((String) send.body()).contains("Token")) {
                    throw new IOException("Received an unexpected response of: " + send.toString() + " ->\n" + ((String) send.body()));
                }
                Map map = (Map) gson.fromJson((String) send.body(), type);
                fillSysPropsWithCreds((String) map.get("SecretAccessKey"), (String) map.get("AccessKeyId"), (String) map.get("Token"));
                return;
            }
            HttpResponse send2 = newHttpClient.send(HttpRequest.newBuilder().uri(URI.create(this.content.idp)).POST(HttpRequest.BodyPublishers.ofString("{\"AuthFlow\":\"REFRESH_TOKEN_AUTH\",\"AuthParameters\":{\"REFRESH_TOKEN\":\"" + this.content.refreshToken + "\"},\"ClientId\":\"" + this.content.clientid + "\"}")).setHeader("X-Amz-Target", "AWSCognitoIdentityProviderService.InitiateAuth").setHeader("Content-Type", "application/x-amz-json-1.1").build(), HttpResponse.BodyHandlers.ofString());
            Type type2 = new TypeToken<Map<String, Map<String, String>>>() { // from class: gov.nasa.pds.registry.common.connection.UseOpensearchSDK2.5
            }.getType();
            if (!(true & ((String) send2.body()).contains("AuthenticationResult") & ((String) send2.body()).contains("AccessToken") & ((String) send2.body()).contains("ExpiresIn") & ((String) send2.body()).contains("IdToken") & ((String) send2.body()).contains("TokenType")) || !((String) send2.body()).contains("ChallengeParameters")) {
                throw new IOException("Received an unexpected response of: " + send2.toString() + " ->\n" + ((String) send2.body()));
            }
            Map<String, Map<String, String>> map2 = (Map) gson.fromJson((String) send2.body(), type2);
            map2.get("AuthenticationResult").put("RefreshToken", this.content.refreshToken);
            update(map2, this.content.clientid, this.content.idp, this.content.gateway);
            tokensToKeys();
        }
    }
}
