package com.mongodb.internal.authentication;

import com.mongodb.AwsCredential;
import com.mongodb.MongoCredential;
import com.mongodb.MongoInternalException;
import com.mongodb.lang.NonNull;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPut;
import org.bson.BsonDocument;

/* loaded from: input_file:com/mongodb/internal/authentication/AwsCredentialHelper.class */
public final class AwsCredentialHelper {
    public static AwsCredential obtainFromEnvironment() {
        return System.getenv("AWS_ACCESS_KEY_ID") != null ? obtainFromEnvironmentVariables() : obtainFromEc2OrEcsResponse();
    }

    private static AwsCredential obtainFromEnvironmentVariables() {
        return new AwsCredential(System.getenv("AWS_ACCESS_KEY_ID"), System.getenv("AWS_SECRET_ACCESS_KEY"), System.getenv(MongoCredential.AWS_SESSION_TOKEN_KEY));
    }

    private static AwsCredential obtainFromEc2OrEcsResponse() {
        String str = System.getenv("AWS_CONTAINER_CREDENTIALS_RELATIVE_URI");
        BsonDocument parse = str == null ? BsonDocument.parse(getEc2Response()) : BsonDocument.parse(getEcsResponse(str));
        return new AwsCredential(parse.getString("AccessKeyId").getValue(), parse.getString("SecretAccessKey").getValue(), parse.getString("Token").getValue());
    }

    private static String getEcsResponse(String str) {
        return getHttpContents(HttpGet.METHOD_NAME, "http://169.254.170.2" + str, null);
    }

    private static String getEc2Response() {
        HashMap hashMap = new HashMap();
        hashMap.put("X-aws-ec2-metadata-token-ttl-seconds", "30");
        String httpContents = getHttpContents(HttpPut.METHOD_NAME, "http://169.254.169.254/latest/api/token", hashMap);
        hashMap.clear();
        hashMap.put("X-aws-ec2-metadata-token", httpContents);
        return getHttpContents(HttpGet.METHOD_NAME, "http://169.254.169.254/latest/meta-data/iam/security-credentials/" + getHttpContents(HttpGet.METHOD_NAME, "http://169.254.169.254/latest/meta-data/iam/security-credentials/", hashMap), hashMap);
    }

    @NonNull
    private static String getHttpContents(String str, String str2, Map<String, String> map) {
        StringBuilder sb = new StringBuilder();
        HttpURLConnection httpURLConnection = null;
        try {
            try {
                HttpURLConnection httpURLConnection2 = (HttpURLConnection) new URL(str2).openConnection();
                httpURLConnection2.setRequestMethod(str);
                httpURLConnection2.setReadTimeout(10000);
                if (map != null) {
                    for (Map.Entry<String, String> entry : map.entrySet()) {
                        httpURLConnection2.setRequestProperty(entry.getKey(), entry.getValue());
                    }
                }
                int responseCode = httpURLConnection2.getResponseCode();
                if (responseCode != 200) {
                    throw new IOException(String.format("%d %s", Integer.valueOf(responseCode), httpURLConnection2.getResponseMessage()));
                }
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpURLConnection2.getInputStream(), StandardCharsets.UTF_8));
                while (true) {
                    try {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        }
                        sb.append(readLine);
                    } catch (Throwable th) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                }
                bufferedReader.close();
                if (httpURLConnection2 != null) {
                    httpURLConnection2.disconnect();
                }
                return sb.toString();
            } catch (Throwable th3) {
                if (0 != 0) {
                    httpURLConnection.disconnect();
                }
                throw th3;
            }
        } catch (IOException e) {
            throw new MongoInternalException("Unexpected IOException", e);
        }
    }

    private AwsCredentialHelper() {
    }
}
