package com.azure.identity;

import com.azure.core.credential.AccessToken;
import com.azure.core.credential.TokenCredential;
import com.azure.core.credential.TokenRequestContext;
import com.azure.core.util.Configuration;
import com.azure.core.util.logging.ClientLogger;
import com.azure.identity.implementation.IdentityClientBuilder;
import com.azure.identity.implementation.IdentityClientOptions;
import com.azure.identity.implementation.util.LoggingUtil;
import java.time.Duration;
import reactor.core.publisher.Mono;

/* loaded from: input_file:WEB-INF/classes/bundles/net.tirasa.connid.bundles.azure-2.0.0-bundle.jar:lib/azure-identity-1.4.2.jar:com/azure/identity/ManagedIdentityCredential.class */
public final class ManagedIdentityCredential implements TokenCredential {
    private final ManagedIdentityServiceCredential managedIdentityServiceCredential;
    private final ClientLogger logger = new ClientLogger((Class<?>) ManagedIdentityCredential.class);
    static final String PROPERTY_IMDS_ENDPOINT = "IMDS_ENDPOINT";
    static final String PROPERTY_IDENTITY_SERVER_THUMBPRINT = "IDENTITY_SERVER_THUMBPRINT";
    static final String AZURE_FEDERATED_TOKEN_FILE = "AZURE_FEDERATED_TOKEN_FILE";

    /* JADX INFO: Access modifiers changed from: package-private */
    public ManagedIdentityCredential(String str, IdentityClientOptions identityClientOptions) {
        IdentityClientBuilder identityClientOptions2 = new IdentityClientBuilder().clientId(str).identityClientOptions(identityClientOptions);
        Configuration mo172clone = identityClientOptions.getConfiguration() == null ? Configuration.getGlobalConfiguration().mo172clone() : identityClientOptions.getConfiguration();
        if (mo172clone.contains(Configuration.PROPERTY_MSI_ENDPOINT)) {
            this.managedIdentityServiceCredential = new AppServiceMsiCredential(str, identityClientOptions2.build());
        } else if (mo172clone.contains(Configuration.PROPERTY_IDENTITY_ENDPOINT)) {
            if (mo172clone.contains(Configuration.PROPERTY_IDENTITY_HEADER)) {
                if (mo172clone.get(PROPERTY_IDENTITY_SERVER_THUMBPRINT) != null) {
                    this.managedIdentityServiceCredential = new ServiceFabricMsiCredential(str, identityClientOptions2.build());
                } else {
                    this.managedIdentityServiceCredential = new VirtualMachineMsiCredential(str, identityClientOptions2.build());
                }
            } else if (mo172clone.get(PROPERTY_IMDS_ENDPOINT) != null) {
                this.managedIdentityServiceCredential = new ArcIdentityCredential(str, identityClientOptions2.build());
            } else {
                this.managedIdentityServiceCredential = new VirtualMachineMsiCredential(str, identityClientOptions2.build());
            }
        } else if (!mo172clone.contains(Configuration.PROPERTY_AZURE_TENANT_ID) || mo172clone.get(AZURE_FEDERATED_TOKEN_FILE) == null) {
            this.managedIdentityServiceCredential = new VirtualMachineMsiCredential(str, identityClientOptions2.build());
        } else {
            String str2 = str == null ? mo172clone.get(Configuration.PROPERTY_AZURE_CLIENT_ID) : str;
            identityClientOptions2.clientId(str2);
            identityClientOptions2.tenantId(mo172clone.get(Configuration.PROPERTY_AZURE_TENANT_ID));
            identityClientOptions2.clientAssertionPath(mo172clone.get(AZURE_FEDERATED_TOKEN_FILE));
            identityClientOptions2.clientAssertionTimeout(Duration.ofMinutes(5L));
            this.managedIdentityServiceCredential = new ClientAssertionCredential(str2, identityClientOptions2.build());
        }
        LoggingUtil.logAvailableEnvironmentVariables(this.logger, mo172clone);
    }

    public String getClientId() {
        return this.managedIdentityServiceCredential.getClientId();
    }

    @Override // com.azure.core.credential.TokenCredential
    public Mono<AccessToken> getToken(TokenRequestContext tokenRequestContext) {
        return this.managedIdentityServiceCredential == null ? Mono.error(this.logger.logExceptionAsError(new CredentialUnavailableException("ManagedIdentityCredential authentication unavailable. The Target Azure platform could not be determined from environment variables.To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/net/identity/managedidentitycredential/troubleshoot"))) : this.managedIdentityServiceCredential.authenticate(tokenRequestContext).doOnSuccess(accessToken -> {
            this.logger.info("Azure Identity => Managed Identity environment: {}", this.managedIdentityServiceCredential.getEnvironment());
        }).doOnNext(accessToken2 -> {
            LoggingUtil.logTokenSuccess(this.logger, tokenRequestContext);
        }).doOnError(th -> {
            LoggingUtil.logTokenError(this.logger, tokenRequestContext, th);
        });
    }
}
