package io.camunda.client.impl.oauth;

import io.camunda.client.impl.BuilderUtils;
import io.camunda.client.impl.CamundaClientEnvironmentVariables;
import io.camunda.zeebe.client.impl.ZeebeClientEnvironmentVariables;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.time.Duration;
import java.util.Objects;

/* loaded from: input_file:io/camunda/client/impl/oauth/OAuthCredentialsProviderBuilder.class */
public final class OAuthCredentialsProviderBuilder {
    public static final String INVALID_ARGUMENT_MSG = "Expected valid %s but none was provided.";
    private static final String DEFAULT_AUTHZ_SERVER = "https://login.cloud.camunda.io/oauth/token/";
    private static final Duration DEFAULT_CONNECT_TIMEOUT = Duration.ofSeconds(5);
    private static final Duration DEFAULT_READ_TIMEOUT = DEFAULT_CONNECT_TIMEOUT;
    private String clientId;
    private String clientSecret;
    private String audience;
    private String scope;
    private String authorizationServerUrl;
    private URL authorizationServer;
    private Path keystorePath;
    private String keystorePassword;
    private String keystoreKeyPassword;
    private Path truststorePath;
    private String truststorePassword;
    private String credentialsCachePath;
    private File credentialsCache;
    private Duration connectTimeout;
    private Duration readTimeout;
    private boolean applyEnvironmentOverrides = true;

    public OAuthCredentialsProviderBuilder clientId(String str) {
        this.clientId = str;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getClientId() {
        return this.clientId;
    }

    public OAuthCredentialsProviderBuilder clientSecret(String str) {
        this.clientSecret = str;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getClientSecret() {
        return this.clientSecret;
    }

    public OAuthCredentialsProviderBuilder audience(String str) {
        this.audience = str;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getAudience() {
        return this.audience;
    }

    public OAuthCredentialsProviderBuilder scope(String str) {
        this.scope = str;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getScope() {
        return this.scope;
    }

    public OAuthCredentialsProviderBuilder authorizationServerUrl(String str) {
        this.authorizationServerUrl = str;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public URL getAuthorizationServer() {
        return this.authorizationServer;
    }

    public OAuthCredentialsProviderBuilder keystorePath(Path path) {
        this.keystorePath = path;
        return this;
    }

    private OAuthCredentialsProviderBuilder keystorePath(String str) {
        return str != null ? keystorePath(Paths.get(str, new String[0])) : this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Path getKeystorePath() {
        return this.keystorePath;
    }

    public OAuthCredentialsProviderBuilder keystorePassword(String str) {
        this.keystorePassword = str;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getKeystorePassword() {
        return this.keystorePassword;
    }

    public OAuthCredentialsProviderBuilder keystoreKeyPassword(String str) {
        this.keystoreKeyPassword = str;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getKeystoreKeyPassword() {
        return this.keystoreKeyPassword;
    }

    public OAuthCredentialsProviderBuilder truststorePath(Path path) {
        this.truststorePath = path;
        return this;
    }

    private OAuthCredentialsProviderBuilder truststorePath(String str) {
        return str != null ? truststorePath(Paths.get(str, new String[0])) : this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Path getTruststorePath() {
        return this.truststorePath;
    }

    public OAuthCredentialsProviderBuilder truststorePassword(String str) {
        this.truststorePassword = str;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getTruststorePassword() {
        return this.truststorePassword;
    }

    public OAuthCredentialsProviderBuilder credentialsCachePath(String str) {
        this.credentialsCachePath = str;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public File getCredentialsCache() {
        return this.credentialsCache;
    }

    public OAuthCredentialsProviderBuilder connectTimeout(Duration duration) {
        this.connectTimeout = duration;
        return this;
    }

    private OAuthCredentialsProviderBuilder connectTimeout(String str) {
        return str != null ? connectTimeout(Duration.ofMillis(Long.parseLong(str))) : this;
    }

    public Duration getConnectTimeout() {
        return this.connectTimeout;
    }

    public OAuthCredentialsProviderBuilder readTimeout(Duration duration) {
        this.readTimeout = duration;
        return this;
    }

    private OAuthCredentialsProviderBuilder readTimeout(String str) {
        return str != null ? readTimeout(Duration.ofMillis(Long.parseLong(str))) : this;
    }

    public Duration getReadTimeout() {
        return this.readTimeout;
    }

    public OAuthCredentialsProviderBuilder applyEnvironmentOverrides(boolean z) {
        this.applyEnvironmentOverrides = z;
        return this;
    }

    public OAuthCredentialsProvider build() {
        if (this.applyEnvironmentOverrides) {
            checkEnvironmentOverrides();
        }
        applyDefaults();
        validate();
        return new OAuthCredentialsProvider(this);
    }

    private void checkEnvironmentOverrides() {
        BuilderUtils.applyEnvironmentValueIfNotNull(this::clientId, CamundaClientEnvironmentVariables.OAUTH_ENV_CLIENT_ID, ZeebeClientEnvironmentVariables.OAUTH_ENV_CLIENT_ID);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::clientSecret, CamundaClientEnvironmentVariables.OAUTH_ENV_CLIENT_SECRET, ZeebeClientEnvironmentVariables.OAUTH_ENV_CLIENT_SECRET);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::audience, CamundaClientEnvironmentVariables.OAUTH_ENV_TOKEN_AUDIENCE, ZeebeClientEnvironmentVariables.OAUTH_ENV_TOKEN_AUDIENCE);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::scope, CamundaClientEnvironmentVariables.OAUTH_ENV_TOKEN_SCOPE, ZeebeClientEnvironmentVariables.OAUTH_ENV_TOKEN_SCOPE);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::authorizationServerUrl, CamundaClientEnvironmentVariables.OAUTH_ENV_AUTHORIZATION_SERVER, ZeebeClientEnvironmentVariables.OAUTH_ENV_AUTHORIZATION_SERVER);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::keystorePath, CamundaClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_KEYSTORE_PATH, ZeebeClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_KEYSTORE_PATH);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::keystorePassword, CamundaClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_KEYSTORE_SECRET, ZeebeClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_KEYSTORE_SECRET);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::keystoreKeyPassword, CamundaClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_KEYSTORE_KEY_SECRET, ZeebeClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_KEYSTORE_KEY_SECRET);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::truststorePath, CamundaClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_TRUSTSTORE_PATH, ZeebeClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_TRUSTSTORE_PATH);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::truststorePassword, CamundaClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_TRUSTSTORE_SECRET, ZeebeClientEnvironmentVariables.OAUTH_ENV_SSL_CLIENT_TRUSTSTORE_SECRET);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::credentialsCachePath, CamundaClientEnvironmentVariables.OAUTH_ENV_CACHE_PATH, ZeebeClientEnvironmentVariables.OAUTH_ENV_CACHE_PATH);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::readTimeout, CamundaClientEnvironmentVariables.OAUTH_ENV_READ_TIMEOUT, ZeebeClientEnvironmentVariables.OAUTH_ENV_READ_TIMEOUT);
        BuilderUtils.applyEnvironmentValueIfNotNull(this::connectTimeout, CamundaClientEnvironmentVariables.OAUTH_ENV_CONNECT_TIMEOUT, ZeebeClientEnvironmentVariables.OAUTH_ENV_CONNECT_TIMEOUT);
    }

    private void applyDefaults() {
        if (this.credentialsCachePath == null) {
            this.credentialsCachePath = Paths.get(System.getProperty("user.home"), ".camunda", "credentials").toAbsolutePath().toString();
        }
        if (this.authorizationServerUrl == null) {
            this.authorizationServerUrl = DEFAULT_AUTHZ_SERVER;
        }
        if (this.connectTimeout == null) {
            this.connectTimeout = DEFAULT_CONNECT_TIMEOUT;
        }
        if (this.readTimeout == null) {
            this.readTimeout = DEFAULT_READ_TIMEOUT;
        }
    }

    private void validate() {
        try {
            Objects.requireNonNull(this.clientId, String.format("Expected valid %s but none was provided.", "client id"));
            Objects.requireNonNull(this.clientSecret, String.format("Expected valid %s but none was provided.", "client secret"));
            Objects.requireNonNull(this.audience, String.format("Expected valid %s but none was provided.", "audience"));
            Objects.requireNonNull(this.authorizationServerUrl, String.format("Expected valid %s but none was provided.", "authorization server URL"));
            this.authorizationServer = new URL(this.authorizationServerUrl);
            if (this.keystorePath != null && !this.keystorePath.toFile().exists()) {
                throw new IllegalArgumentException("Keystore path does not exist: " + this.keystorePath);
            }
            if (this.truststorePath != null && !this.truststorePath.toFile().exists()) {
                throw new IllegalArgumentException("Truststore path does not exist: " + this.keystorePath);
            }
            this.credentialsCache = new File(this.credentialsCachePath);
            if (this.credentialsCache.isDirectory()) {
                throw new IllegalArgumentException("Expected specified credentials cache to be a file but found directory instead.");
            }
            validateTimeout(this.connectTimeout, "ConnectTimeout");
            validateTimeout(this.readTimeout, "ReadTimeout");
        } catch (IOException | NullPointerException e) {
            throw new IllegalArgumentException(e);
        }
    }

    private void validateTimeout(Duration duration, String str) {
        if (duration.isZero() || duration.isNegative() || duration.toMillis() > 2147483647L) {
            throw new IllegalArgumentException(String.format("%s timeout is %s milliseconds, expected timeout to be a positive number of milliseconds smaller than %s.", str, Long.valueOf(duration.toMillis()), Integer.MAX_VALUE));
        }
    }
}
