package com.rabbitmq.client.impl;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.api.client.http.HttpMethods;
import com.google.api.client.http.UrlEncodedParser;
import com.rabbitmq.client.ConnectionFactory;
import com.rabbitmq.client.TrustEverythingTrustManager;
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import java.util.function.Consumer;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;

/* loaded from: classes2.dex */
public class OAuth2ClientCredentialsGrantCredentialsProvider extends RefreshProtectedCredentialsProvider<Token> {
    private static final String UTF_8_CHARSET = "UTF-8";
    private final String clientId;
    private final String clientSecret;
    private final Consumer<HttpURLConnection> connectionConfigurator;
    private final String grantType;
    private final HostnameVerifier hostnameVerifier;

    /* renamed from: id, reason: collision with root package name */
    private final String f21id;
    private final ObjectMapper objectMapper;
    private final Map<String, String> parameters;
    private final SSLSocketFactory sslSocketFactory;
    private final String tokenEndpointUri;

    /* loaded from: classes2.dex */
    public static class OAuth2ClientCredentialsGrantCredentialsProviderBuilder {
        private String clientId;
        private String clientSecret;
        private Consumer<HttpURLConnection> connectionConfigurator;
        private String tokenEndpointUri;
        private final Map<String, String> parameters = new HashMap();
        private String grantType = "client_credentials";
        private TlsConfiguration tlsConfiguration = new TlsConfiguration(this);

        public OAuth2ClientCredentialsGrantCredentialsProvider build() {
            return new OAuth2ClientCredentialsGrantCredentialsProvider(this.tokenEndpointUri, this.clientId, this.clientSecret, this.grantType, this.parameters, this.tlsConfiguration.hostnameVerifier, this.tlsConfiguration.sslSocketFactory(), this.connectionConfigurator);
        }

        public OAuth2ClientCredentialsGrantCredentialsProviderBuilder clientId(String str) {
            this.clientId = str;
            return this;
        }

        public OAuth2ClientCredentialsGrantCredentialsProviderBuilder clientSecret(String str) {
            this.clientSecret = str;
            return this;
        }

        public OAuth2ClientCredentialsGrantCredentialsProviderBuilder connectionConfigurator(Consumer<HttpURLConnection> consumer) {
            this.connectionConfigurator = consumer;
            return this;
        }

        public OAuth2ClientCredentialsGrantCredentialsProviderBuilder grantType(String str) {
            this.grantType = str;
            return this;
        }

        public OAuth2ClientCredentialsGrantCredentialsProviderBuilder parameter(String str, String str2) {
            this.parameters.put(str, str2);
            return this;
        }

        public TlsConfiguration tls() {
            return this.tlsConfiguration;
        }

        public OAuth2ClientCredentialsGrantCredentialsProviderBuilder tokenEndpointUri(String str) {
            this.tokenEndpointUri = str;
            return this;
        }
    }

    /* loaded from: classes2.dex */
    public static class TlsConfiguration {
        private final OAuth2ClientCredentialsGrantCredentialsProviderBuilder builder;
        private HostnameVerifier hostnameVerifier;
        private SSLContext sslContext;
        private SSLSocketFactory sslSocketFactory;

        public TlsConfiguration(OAuth2ClientCredentialsGrantCredentialsProviderBuilder oAuth2ClientCredentialsGrantCredentialsProviderBuilder) {
            this.builder = oAuth2ClientCredentialsGrantCredentialsProviderBuilder;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public SSLSocketFactory sslSocketFactory() {
            SSLSocketFactory sSLSocketFactory = this.sslSocketFactory;
            if (sSLSocketFactory != null) {
                return sSLSocketFactory;
            }
            SSLContext sSLContext = this.sslContext;
            if (sSLContext != null) {
                return sSLContext.getSocketFactory();
            }
            return null;
        }

        public OAuth2ClientCredentialsGrantCredentialsProviderBuilder builder() {
            return this.builder;
        }

        public TlsConfiguration dev() {
            try {
                SSLContext sSLContext = SSLContext.getInstance(ConnectionFactory.computeDefaultTlsProtocol(SSLContext.getDefault().getSupportedSSLParameters().getProtocols()));
                sSLContext.init(null, new TrustManager[]{new TrustEverythingTrustManager()}, null);
                this.sslContext = sSLContext;
                return this;
            } catch (KeyManagementException | NoSuchAlgorithmException e) {
                throw new OAuthTokenManagementException("Error while creating TLS context for development configuration", e);
            }
        }

        public TlsConfiguration hostnameVerifier(HostnameVerifier hostnameVerifier) {
            this.hostnameVerifier = hostnameVerifier;
            return this;
        }

        public TlsConfiguration sslContext(SSLContext sSLContext) {
            this.sslContext = sSLContext;
            return this;
        }

        public TlsConfiguration sslSocketFactory(SSLSocketFactory sSLSocketFactory) {
            this.sslSocketFactory = sSLSocketFactory;
            return this;
        }
    }

    /* loaded from: classes2.dex */
    public static class Token {
        private final String access;
        private final int expiresIn;
        private final Instant receivedAt;

        public Token(String str, int i, Instant instant) {
            this.access = str;
            this.expiresIn = i;
            this.receivedAt = instant;
        }

        public String getAccess() {
            return this.access;
        }

        public int getExpiresIn() {
            return this.expiresIn;
        }

        public Instant getReceivedAt() {
            return this.receivedAt;
        }

        public Duration getTimeBeforeExpiration() {
            return Duration.ofSeconds(this.expiresIn - this.receivedAt.until(Instant.now(), ChronoUnit.SECONDS));
        }
    }

    public OAuth2ClientCredentialsGrantCredentialsProvider(String str, String str2, String str3, String str4) {
        this(str, str2, str3, str4, new HashMap());
    }

    public OAuth2ClientCredentialsGrantCredentialsProvider(String str, String str2, String str3, String str4, Map<String, String> map) {
        this(str, str2, str3, str4, map, null, null, null);
    }

    public OAuth2ClientCredentialsGrantCredentialsProvider(String str, String str2, String str3, String str4, Map<String, String> map, Consumer<HttpURLConnection> consumer) {
        this(str, str2, str3, str4, map, null, null, consumer);
    }

    public OAuth2ClientCredentialsGrantCredentialsProvider(String str, String str2, String str3, String str4, Map<String, String> map, HostnameVerifier hostnameVerifier, SSLSocketFactory sSLSocketFactory) {
        this(str, str2, str3, str4, map, hostnameVerifier, sSLSocketFactory, null);
    }

    public OAuth2ClientCredentialsGrantCredentialsProvider(String str, String str2, String str3, String str4, Map<String, String> map, HostnameVerifier hostnameVerifier, SSLSocketFactory sSLSocketFactory, Consumer<HttpURLConnection> consumer) {
        this.objectMapper = new ObjectMapper();
        this.tokenEndpointUri = str;
        this.clientId = str2;
        this.clientSecret = str3;
        this.grantType = str4;
        this.parameters = Collections.unmodifiableMap(new HashMap(map));
        this.hostnameVerifier = hostnameVerifier;
        this.sslSocketFactory = sSLSocketFactory;
        this.connectionConfigurator = consumer == null ? new Consumer() { // from class: com.rabbitmq.client.impl.-$$Lambda$OAuth2ClientCredentialsGrantCredentialsProvider$n0rKpLgZbcduZ0ThIVuqhK9LlZ0
            @Override // java.util.function.Consumer
            public final void accept(Object obj) {
                OAuth2ClientCredentialsGrantCredentialsProvider.lambda$new$0((HttpURLConnection) obj);
            }
        } : consumer;
        this.f21id = UUID.randomUUID().toString();
    }

    public OAuth2ClientCredentialsGrantCredentialsProvider(String str, String str2, String str3, String str4, HostnameVerifier hostnameVerifier, SSLSocketFactory sSLSocketFactory) {
        this(str, str2, str3, str4, new HashMap(), hostnameVerifier, sSLSocketFactory, null);
    }

    private static String basicAuthentication(String str, String str2) {
        return "Basic " + new String(Base64.getEncoder().encode((str + ":" + str2).getBytes(StandardCharsets.ISO_8859_1)), StandardCharsets.ISO_8859_1);
    }

    private static String encode(String str, String str2) throws UnsupportedEncodingException {
        return URLEncoder.encode(str, str2);
    }

    private static StringBuilder encode(StringBuilder sb, String str, String str2) throws UnsupportedEncodingException {
        if (str2 != null) {
            if (sb.length() > 0) {
                sb.append("&");
            }
            sb.append(encode(str, "UTF-8"));
            sb.append("=");
            sb.append(encode(str2, "UTF-8"));
        }
        return sb;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$new$0(HttpURLConnection httpURLConnection) {
    }

    protected void checkContentType(String str) throws OAuthTokenManagementException {
        if (str == null || !str.toLowerCase().contains("json")) {
            throw new OAuthTokenManagementException("HTTP request for token retrieval is not JSON: " + str);
        }
    }

    protected void checkResponseCode(int i) throws OAuthTokenManagementException {
        if (i == 200) {
            return;
        }
        throw new OAuthTokenManagementException("HTTP request for token retrieval did not return 200 response code: " + i);
    }

    protected void configureConnection(HttpURLConnection httpURLConnection) {
        this.connectionConfigurator.accept(httpURLConnection);
        configureConnectionForHttps(httpURLConnection);
    }

    protected void configureConnectionForHttps(HttpURLConnection httpURLConnection) {
        if (httpURLConnection instanceof HttpsURLConnection) {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection;
            HostnameVerifier hostnameVerifier = this.hostnameVerifier;
            if (hostnameVerifier != null) {
                httpsURLConnection.setHostnameVerifier(hostnameVerifier);
            }
            SSLSocketFactory sSLSocketFactory = this.sslSocketFactory;
            if (sSLSocketFactory != null) {
                httpsURLConnection.setSSLSocketFactory(sSLSocketFactory);
            }
        }
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        return this.f21id.equals(((OAuth2ClientCredentialsGrantCredentialsProvider) obj).f21id);
    }

    protected String extractResponseBody(InputStream inputStream) throws IOException {
        StringBuffer stringBuffer = new StringBuffer();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    bufferedReader.close();
                    return stringBuffer.toString();
                }
                stringBuffer.append(readLine);
            } catch (Throwable th) {
                try {
                    throw th;
                } catch (Throwable th2) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                    throw th2;
                }
            }
        }
    }

    @Override // com.rabbitmq.client.impl.RefreshProtectedCredentialsProvider, com.rabbitmq.client.impl.CredentialsProvider
    public String getUsername() {
        return "";
    }

    public int hashCode() {
        return this.f21id.hashCode();
    }

    protected Token parseToken(String str) {
        try {
            Map map = (Map) this.objectMapper.readValue(str, Map.class);
            return new Token(map.get("access_token").toString(), ((Number) map.get("expires_in")).intValue(), Instant.now());
        } catch (IOException e) {
            throw new OAuthTokenManagementException("Error while parsing OAuth 2 token", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.rabbitmq.client.impl.RefreshProtectedCredentialsProvider
    public String passwordFromToken(Token token) {
        return token.getAccess();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.rabbitmq.client.impl.RefreshProtectedCredentialsProvider
    public Token retrieveToken() {
        try {
            StringBuilder sb = new StringBuilder();
            encode(sb, "grant_type", this.grantType);
            for (Map.Entry<String, String> entry : this.parameters.entrySet()) {
                encode(sb, entry.getKey(), entry.getValue());
            }
            byte[] bytes = sb.toString().getBytes(StandardCharsets.UTF_8);
            int length = bytes.length;
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(this.tokenEndpointUri).openConnection();
            httpURLConnection.setDoOutput(true);
            httpURLConnection.setInstanceFollowRedirects(false);
            httpURLConnection.setRequestMethod(HttpMethods.POST);
            httpURLConnection.setRequestProperty("authorization", basicAuthentication(this.clientId, this.clientSecret));
            httpURLConnection.setRequestProperty("content-type", UrlEncodedParser.CONTENT_TYPE);
            httpURLConnection.setRequestProperty("charset", "UTF-8");
            httpURLConnection.setRequestProperty("accept", "application/json");
            httpURLConnection.setRequestProperty("content-length", Integer.toString(length));
            httpURLConnection.setUseCaches(false);
            httpURLConnection.setConnectTimeout(60000);
            httpURLConnection.setReadTimeout(60000);
            configureConnection(httpURLConnection);
            DataOutputStream dataOutputStream = new DataOutputStream(httpURLConnection.getOutputStream());
            try {
                dataOutputStream.write(bytes);
                dataOutputStream.close();
                checkResponseCode(httpURLConnection.getResponseCode());
                checkContentType(httpURLConnection.getHeaderField("content-type"));
                return parseToken(extractResponseBody(httpURLConnection.getInputStream()));
            } finally {
            }
        } catch (IOException e) {
            throw new OAuthTokenManagementException("Error while retrieving OAuth 2 token", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.rabbitmq.client.impl.RefreshProtectedCredentialsProvider
    public Duration timeBeforeExpiration(Token token) {
        return token.getTimeBeforeExpiration();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.rabbitmq.client.impl.RefreshProtectedCredentialsProvider
    public String usernameFromToken(Token token) {
        return "";
    }
}
