package org.apache.flink.streaming.connectors.kinesis.util;

import java.net.URI;
import java.nio.file.Paths;
import java.time.Duration;
import java.util.Optional;
import java.util.Properties;
import org.apache.flink.annotation.Internal;
import org.apache.flink.annotation.VisibleForTesting;
import org.apache.flink.kinesis.shaded.com.amazonaws.ClientConfiguration;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.auth.credentials.EnvironmentVariableCredentialsProvider;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.auth.credentials.SystemPropertyCredentialsProvider;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.auth.credentials.WebIdentityTokenFileCredentialsProvider;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.core.client.config.SdkAdvancedClientOption;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.http.Protocol;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.http.async.SdkAsyncHttpClient;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.http.nio.netty.Http2Configuration;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.http.nio.netty.NettyNioAsyncHttpClient;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.profiles.ProfileFile;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.regions.Region;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.services.kinesis.KinesisAsyncClient;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.services.kinesis.KinesisAsyncClientBuilder;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.services.kinesis.model.LimitExceededException;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.services.kinesis.model.ProvisionedThroughputExceededException;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.services.sts.StsClient;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.services.sts.StsClientBuilder;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider;
import org.apache.flink.kinesis.shaded.software.amazon.awssdk.services.sts.model.AssumeRoleRequest;
import org.apache.flink.streaming.connectors.kinesis.config.AWSConfigConstants;
import org.apache.flink.streaming.connectors.kinesis.config.ConsumerConfigConstants;

@Internal
/* loaded from: input_file:org/apache/flink/streaming/connectors/kinesis/util/AwsV2Util.class */
public class AwsV2Util {
    private static final int INITIAL_WINDOW_SIZE_BYTES = 524288;
    private static final Duration HEALTH_CHECK_PING_PERIOD = Duration.ofSeconds(60);
    private static final Duration CONNECTION_ACQUISITION_TIMEOUT = Duration.ofSeconds(60);

    public static KinesisAsyncClient createKinesisAsyncClient(Properties properties, ClientConfiguration clientConfiguration, SdkAsyncHttpClient sdkAsyncHttpClient) {
        return createKinesisAsyncClient(properties, KinesisAsyncClient.builder(), sdkAsyncHttpClient, createClientOverrideConfiguration(clientConfiguration, ClientOverrideConfiguration.builder()));
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static SdkAsyncHttpClient createHttpClient(ClientConfiguration clientConfiguration, NettyNioAsyncHttpClient.Builder builder, Properties properties) {
        builder.maxConcurrency(Integer.valueOf(((Integer) Optional.ofNullable(properties.getProperty(ConsumerConfigConstants.EFO_HTTP_CLIENT_MAX_CONCURRENCY)).map(Integer::parseInt).orElse(10000)).intValue())).connectionTimeout(Duration.ofMillis(clientConfiguration.getConnectionTimeout())).readTimeout((Duration) Optional.ofNullable(properties.getProperty(ConsumerConfigConstants.EFO_HTTP_CLIENT_READ_TIMEOUT_MILLIS)).map(Integer::parseInt).map((v0) -> {
            return Duration.ofMillis(v0);
        }).orElse(ConsumerConfigConstants.DEFAULT_EFO_HTTP_CLIENT_READ_TIMEOUT)).tcpKeepAlive(Boolean.valueOf(clientConfiguration.useTcpKeepAlive())).writeTimeout(Duration.ofMillis(clientConfiguration.getSocketTimeout())).connectionMaxIdleTime(Duration.ofMillis(clientConfiguration.getConnectionMaxIdleMillis())).useIdleConnectionReaper(Boolean.valueOf(clientConfiguration.useReaper())).protocol(Protocol.HTTP2).connectionAcquisitionTimeout(CONNECTION_ACQUISITION_TIMEOUT).http2Configuration((Http2Configuration) Http2Configuration.builder().healthCheckPingPeriod(HEALTH_CHECK_PING_PERIOD).initialWindowSize(Integer.valueOf(INITIAL_WINDOW_SIZE_BYTES)).mo3701build());
        if (clientConfiguration.getConnectionTTL() > -1) {
            builder.connectionTimeToLive(Duration.ofMillis(clientConfiguration.getConnectionTTL()));
        }
        return builder.mo3701build();
    }

    /* JADX WARN: Multi-variable type inference failed */
    @VisibleForTesting
    static ClientOverrideConfiguration createClientOverrideConfiguration(ClientConfiguration clientConfiguration, ClientOverrideConfiguration.Builder builder) {
        builder.putAdvancedOption(SdkAdvancedClientOption.USER_AGENT_PREFIX, AWSUtil.formatFlinkUserAgentPrefix()).putAdvancedOption(SdkAdvancedClientOption.USER_AGENT_SUFFIX, clientConfiguration.getUserAgentSuffix());
        if (clientConfiguration.getRequestTimeout() > 0) {
            builder.apiCallAttemptTimeout(Duration.ofMillis(clientConfiguration.getRequestTimeout()));
        }
        if (clientConfiguration.getClientExecutionTimeout() > 0) {
            builder.apiCallTimeout(Duration.ofMillis(clientConfiguration.getClientExecutionTimeout()));
        }
        return (ClientOverrideConfiguration) builder.mo3701build();
    }

    @VisibleForTesting
    static KinesisAsyncClient createKinesisAsyncClient(Properties properties, KinesisAsyncClientBuilder kinesisAsyncClientBuilder, SdkAsyncHttpClient sdkAsyncHttpClient, ClientOverrideConfiguration clientOverrideConfiguration) {
        if (properties.containsKey(AWSConfigConstants.AWS_ENDPOINT)) {
            kinesisAsyncClientBuilder.endpointOverride(URI.create(properties.getProperty(AWSConfigConstants.AWS_ENDPOINT)));
        }
        return ((KinesisAsyncClientBuilder) ((KinesisAsyncClientBuilder) ((KinesisAsyncClientBuilder) ((KinesisAsyncClientBuilder) kinesisAsyncClientBuilder.httpClient(sdkAsyncHttpClient)).overrideConfiguration(clientOverrideConfiguration)).credentialsProvider(getCredentialsProvider(properties))).region(getRegion(properties))).mo3701build();
    }

    public static AwsCredentialsProvider getCredentialsProvider(Properties properties) {
        return getCredentialsProvider(properties, AWSConfigConstants.AWS_CREDENTIALS_PROVIDER);
    }

    private static AwsCredentialsProvider getCredentialsProvider(Properties properties, String str) {
        AWSConfigConstants.CredentialProvider credentialProviderType = AWSUtil.getCredentialProviderType(properties, str);
        switch (credentialProviderType) {
            case ENV_VAR:
                return EnvironmentVariableCredentialsProvider.create();
            case SYS_PROP:
                return SystemPropertyCredentialsProvider.create();
            case PROFILE:
                return getProfileCredentialProvider(properties, str);
            case BASIC:
                return () -> {
                    return AwsBasicCredentials.create(properties.getProperty(AWSConfigConstants.accessKeyId(str)), properties.getProperty(AWSConfigConstants.secretKey(str)));
                };
            case ASSUME_ROLE:
                return getAssumeRoleCredentialProvider(properties, str);
            case WEB_IDENTITY_TOKEN:
                return getWebIdentityTokenFileCredentialsProvider(WebIdentityTokenFileCredentialsProvider.builder(), properties, str);
            case AUTO:
                return DefaultCredentialsProvider.create();
            default:
                throw new IllegalArgumentException("Credential provider not supported: " + credentialProviderType);
        }
    }

    private static AwsCredentialsProvider getProfileCredentialProvider(Properties properties, String str) {
        String property = properties.getProperty(AWSConfigConstants.profileName(str), null);
        String property2 = properties.getProperty(AWSConfigConstants.profilePath(str), null);
        ProfileCredentialsProvider.Builder profileName = ProfileCredentialsProvider.builder().profileName(property);
        if (property2 != null) {
            profileName.profileFile(ProfileFile.builder().type(ProfileFile.Type.CREDENTIALS).content(Paths.get(property2, new String[0])).mo3701build());
        }
        return profileName.mo3701build();
    }

    private static AwsCredentialsProvider getAssumeRoleCredentialProvider(Properties properties, String str) {
        return StsAssumeRoleCredentialsProvider.builder().refreshRequest((AssumeRoleRequest) AssumeRoleRequest.builder().roleArn(properties.getProperty(AWSConfigConstants.roleArn(str))).roleSessionName(properties.getProperty(AWSConfigConstants.roleSessionName(str))).externalId(properties.getProperty(AWSConfigConstants.externalId(str))).mo3701build()).stsClient(((StsClientBuilder) ((StsClientBuilder) StsClient.builder().credentialsProvider(getCredentialsProvider(properties, AWSConfigConstants.roleCredentialsProvider(str)))).region(getRegion(properties))).mo3701build()).mo3701build();
    }

    @VisibleForTesting
    static AwsCredentialsProvider getWebIdentityTokenFileCredentialsProvider(WebIdentityTokenFileCredentialsProvider.Builder builder, Properties properties, String str) {
        builder.roleArn(properties.getProperty(AWSConfigConstants.roleArn(str), null)).roleSessionName(properties.getProperty(AWSConfigConstants.roleSessionName(str), null));
        Optional map = Optional.ofNullable(properties.getProperty(AWSConfigConstants.webIdentityTokenFile(str), null)).map(str2 -> {
            return Paths.get(str2, new String[0]);
        });
        builder.getClass();
        map.ifPresent(builder::webIdentityTokenFile);
        return builder.mo3701build();
    }

    public static Region getRegion(Properties properties) {
        return Region.of(properties.getProperty("aws.region"));
    }

    public static boolean isRecoverableException(Exception exc) {
        Throwable cause = exc.getCause();
        return (cause instanceof LimitExceededException) || (cause instanceof ProvisionedThroughputExceededException);
    }

    public static boolean isUsingEfoRecordPublisher(Properties properties) {
        return ConsumerConfigConstants.RecordPublisherType.EFO.name().equals(properties.get(ConsumerConfigConstants.RECORD_PUBLISHER_TYPE));
    }

    public static boolean isEagerEfoRegistrationType(Properties properties) {
        return ConsumerConfigConstants.EFORegistrationType.EAGER.name().equals(properties.get(ConsumerConfigConstants.EFO_REGISTRATION_TYPE));
    }

    public static boolean isLazyEfoRegistrationType(Properties properties) {
        return (isEagerEfoRegistrationType(properties) || isNoneEfoRegistrationType(properties)) ? false : true;
    }

    public static boolean isNoneEfoRegistrationType(Properties properties) {
        return ConsumerConfigConstants.EFORegistrationType.NONE.name().equals(properties.get(ConsumerConfigConstants.EFO_REGISTRATION_TYPE));
    }
}
