package org.apache.nifi.authorization.azure;

import com.microsoft.aad.msal4j.ClientCredentialFactory;
import com.microsoft.aad.msal4j.ClientCredentialParameters;
import com.microsoft.aad.msal4j.ConfidentialClientApplication;
import com.microsoft.aad.msal4j.IAuthenticationResult;
import com.microsoft.graph.authentication.IAuthenticationProvider;
import com.microsoft.graph.http.IHttpRequest;
import java.net.MalformedURLException;
import java.time.Instant;
import java.time.LocalDateTime;
import java.time.ZoneId;
import java.util.Collections;
import java.util.Date;
import java.util.Objects;
import java.util.concurrent.ExecutionException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/nifi/authorization/azure/ClientCredentialAuthProvider.class */
public class ClientCredentialAuthProvider implements IAuthenticationProvider {
    private final String authorityEndpoint;
    private final String tenantId;
    private final String clientId;
    private final String clientSecret;
    private final String graphScope;
    private LocalDateTime tokenExpiresOnDate;
    private String lastAccessToken;
    private static final Logger logger = LoggerFactory.getLogger(ClientCredentialAuthProvider.class);

    /* loaded from: input_file:org/apache/nifi/authorization/azure/ClientCredentialAuthProvider$Builder.class */
    public static class Builder {
        private String authorityEndpoint = "";
        private String tenantId = "";
        private String clientId = "";
        private String clientSecret = "";
        private String graphScope = "";

        public Builder authorityEndpoint(String str) {
            this.authorityEndpoint = str;
            return this;
        }

        public String getAuthorityEndpoint() {
            return this.authorityEndpoint;
        }

        public Builder graphScope(String str) {
            this.graphScope = str;
            return this;
        }

        public String getGraphScope() {
            return this.graphScope;
        }

        public Builder tenantId(String str) {
            this.tenantId = str;
            return this;
        }

        public String getTenantId() {
            return this.tenantId;
        }

        public Builder clientId(String str) {
            this.clientId = str;
            return this;
        }

        public String getClientId() {
            return this.clientId;
        }

        public Builder clientSecret(String str) {
            this.clientSecret = str;
            return this;
        }

        public String getClientSecret() {
            return this.clientSecret;
        }

        public int hashCode() {
            return Objects.hash(this.authorityEndpoint, this.tenantId, this.clientId, this.clientSecret, this.graphScope);
        }

        public String toString() {
            return "{ authorityDNS='" + getAuthorityEndpoint() + "', tenantId='" + getTenantId() + "', clientId='" + getClientId() + "', clientSecret='" + getClientSecret() + "', graphScope='" + getGraphScope() + "'}";
        }

        public ClientCredentialAuthProvider build() {
            return new ClientCredentialAuthProvider(this);
        }
    }

    private ClientCredentialAuthProvider(Builder builder) {
        this.authorityEndpoint = builder.getAuthorityEndpoint();
        this.tenantId = builder.getTenantId();
        this.clientId = builder.getClientId();
        this.clientSecret = builder.getClientSecret();
        this.graphScope = builder.getGraphScope();
    }

    public int hashCode() {
        return Objects.hash(this.authorityEndpoint, this.tenantId, this.clientId, this.clientSecret, this.graphScope);
    }

    public String toString() {
        return "{ authorityDNS='" + this.authorityEndpoint + "', tenantId='" + this.tenantId + "', clientId='" + this.clientId + "', clientSecret='" + this.clientSecret + "', graphScope='" + this.graphScope + "'}";
    }

    private IAuthenticationResult getAccessTokenByClientCredentialGrant() throws MalformedURLException, ExecutionException, InterruptedException {
        return (IAuthenticationResult) ConfidentialClientApplication.builder(this.clientId, ClientCredentialFactory.createFromSecret(this.clientSecret)).authority(String.format("%s/%s", this.authorityEndpoint, this.tenantId)).build().acquireToken(ClientCredentialParameters.builder(Collections.singleton(this.graphScope)).build()).get();
    }

    /* JADX WARN: Type inference failed for: r0v4, types: [java.time.LocalDateTime] */
    private LocalDateTime convertToLocalDateTime(Date date) {
        return Instant.ofEpochMilli(date.getTime()).atZone(ZoneId.systemDefault()).toLocalDateTime();
    }

    private String getAccessToken() {
        if (this.lastAccessToken == null || this.tokenExpiresOnDate == null || !this.tokenExpiresOnDate.isAfter(LocalDateTime.now().plusMinutes(1L))) {
            try {
                IAuthenticationResult accessTokenByClientCredentialGrant = getAccessTokenByClientCredentialGrant();
                this.tokenExpiresOnDate = convertToLocalDateTime(accessTokenByClientCredentialGrant.expiresOnDate());
                this.lastAccessToken = accessTokenByClientCredentialGrant.accessToken();
            } catch (Exception e) {
                logger.error("Failed to get access token due to {}", e.getMessage(), e);
            }
        }
        return this.lastAccessToken;
    }

    public void authenticateRequest(IHttpRequest iHttpRequest) {
        String accessToken = getAccessToken();
        if (accessToken != null) {
            iHttpRequest.addHeader("Authorization", "Bearer " + accessToken);
        }
    }
}
