package com.ibm.cloud.sdk.core.security;

import com.google.gson.reflect.TypeToken;
import com.ibm.cloud.sdk.core.http.HttpHeaders;
import com.ibm.cloud.sdk.core.http.HttpMediaType;
import com.ibm.cloud.sdk.core.http.RequestBuilder;
import com.ibm.cloud.sdk.core.util.GsonSingleton;
import com.ibm.cloud.sdk.core.util.RequestUtils;
import java.io.InputStream;
import java.net.Proxy;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import okhttp3.OkHttpClient;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/ibm/cloud/sdk/core/security/MCSPV2Authenticator.class */
public class MCSPV2Authenticator extends TokenRequestBasedAuthenticatorImmutable<MCSPToken, MCSPV2TokenResponse> implements Authenticator {
    private static final Logger LOG = Logger.getLogger(MCSPV2Authenticator.class.getName());
    private static final String OPERATION_PATH = "/api/2.0/{scopeCollectionType}/{scopeId}/apikeys/token";
    private String apikey;
    private String url;
    private String scopeCollectionType;
    private String scopeId;
    private boolean includeBuiltinActions;
    private boolean includeCustomActions;
    private boolean includeRoles;
    private boolean prefixRoles;
    private Map<String, String> callerExtClaim;

    /* loaded from: input_file:com/ibm/cloud/sdk/core/security/MCSPV2Authenticator$Builder.class */
    public static class Builder {
        private String apikey;
        private String url;
        private String scopeCollectionType;
        private String scopeId;
        private boolean includeBuiltinActions;
        private boolean includeCustomActions;
        private boolean includeRoles;
        private boolean prefixRoles;
        private Map<String, String> callerExtClaim;
        private boolean disableSSLVerification;
        private Map<String, String> headers;
        private Proxy proxy;
        private okhttp3.Authenticator proxyAuthenticator;
        private OkHttpClient client;

        public Builder() {
            this.includeRoles = true;
        }

        private Builder(MCSPV2Authenticator mCSPV2Authenticator) {
            this.apikey = mCSPV2Authenticator.apikey;
            this.url = mCSPV2Authenticator.getURL();
            this.scopeCollectionType = mCSPV2Authenticator.getScopeCollectionType();
            this.scopeId = mCSPV2Authenticator.getScopeId();
            this.includeBuiltinActions = mCSPV2Authenticator.includeBuiltinActions();
            this.includeCustomActions = mCSPV2Authenticator.includeCustomActions();
            this.includeRoles = mCSPV2Authenticator.includeRoles();
            this.prefixRoles = mCSPV2Authenticator.prefixRoles();
            this.callerExtClaim = mCSPV2Authenticator.getCallerExtClaim();
            this.disableSSLVerification = mCSPV2Authenticator.getDisableSSLVerification();
            this.headers = mCSPV2Authenticator.getHeaders();
            this.proxy = mCSPV2Authenticator.getProxy();
            this.proxyAuthenticator = mCSPV2Authenticator.getProxyAuthenticator();
            this.client = mCSPV2Authenticator.getClient();
        }

        public MCSPV2Authenticator build() {
            return new MCSPV2Authenticator(this);
        }

        public Builder apikey(String str) {
            this.apikey = str;
            return this;
        }

        public Builder url(String str) {
            this.url = str;
            return this;
        }

        public Builder scopeCollectionType(String str) {
            this.scopeCollectionType = str;
            return this;
        }

        public Builder scopeId(String str) {
            this.scopeId = str;
            return this;
        }

        public Builder includeBuiltinActions(boolean z) {
            this.includeBuiltinActions = z;
            return this;
        }

        public Builder includeCustomActions(boolean z) {
            this.includeCustomActions = z;
            return this;
        }

        public Builder includeRoles(boolean z) {
            this.includeRoles = z;
            return this;
        }

        public Builder prefixRoles(boolean z) {
            this.prefixRoles = z;
            return this;
        }

        public Builder callerExtClaim(Map<String, String> map) {
            this.callerExtClaim = map;
            return this;
        }

        public Builder disableSSLVerification(boolean z) {
            this.disableSSLVerification = z;
            return this;
        }

        public Builder headers(Map<String, String> map) {
            this.headers = map;
            return this;
        }

        public Builder proxy(Proxy proxy) {
            this.proxy = proxy;
            return this;
        }

        public Builder proxyAuthenticator(okhttp3.Authenticator authenticator) {
            this.proxyAuthenticator = authenticator;
            return this;
        }

        public Builder client(OkHttpClient okHttpClient) {
            this.client = okHttpClient;
            return this;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/ibm/cloud/sdk/core/security/MCSPV2Authenticator$MCSPV2RequestBody.class */
    public static class MCSPV2RequestBody {
        private String apikey;
        private Map<String, String> callerExtClaim;

        MCSPV2RequestBody(String str, Map<String, String> map) {
            this.apikey = str;
            this.callerExtClaim = map;
        }
    }

    protected MCSPV2Authenticator() {
        setUserAgent(RequestUtils.buildUserAgent("mcspv2-authenticator"));
        this.includeRoles = true;
    }

    protected MCSPV2Authenticator(Builder builder) {
        this();
        this.apikey = builder.apikey;
        this.url = builder.url;
        this.scopeCollectionType = builder.scopeCollectionType;
        this.scopeId = builder.scopeId;
        this.includeBuiltinActions = builder.includeBuiltinActions;
        this.includeCustomActions = builder.includeCustomActions;
        this.includeRoles = builder.includeRoles;
        this.prefixRoles = builder.prefixRoles;
        this.callerExtClaim = builder.callerExtClaim;
        _setDisableSSLVerification(builder.disableSSLVerification);
        _setHeaders(builder.headers);
        _setProxy(builder.proxy);
        _setProxyAuthenticator(builder.proxyAuthenticator);
        _setClient(builder.client);
        validate();
    }

    public Builder newBuilder() {
        return new Builder();
    }

    /* JADX WARN: Type inference failed for: r0v38, types: [com.ibm.cloud.sdk.core.security.MCSPV2Authenticator$1] */
    public static MCSPV2Authenticator fromConfiguration(Map<String, String> map) {
        Builder scopeId = new Builder().apikey(map.get(Authenticator.PROPNAME_APIKEY)).url(map.get(Authenticator.PROPNAME_URL)).scopeCollectionType(map.get(Authenticator.PROPNAME_SCOPE_COLLECTION_TYPE)).scopeId(map.get(Authenticator.PROPNAME_SCOPE_ID));
        String str = map.get(Authenticator.PROPNAME_INCLUDE_BUILTIN_ACTIONS);
        if (StringUtils.isNotEmpty(str)) {
            Boolean booleanObject = BooleanUtils.toBooleanObject(str);
            if (booleanObject == null) {
                throw new IllegalArgumentException(String.format(AuthenticatorBase.ERRORMSG_PROP_INVALID_BOOL, Authenticator.PROPNAME_INCLUDE_BUILTIN_ACTIONS, str));
            }
            scopeId.includeBuiltinActions(booleanObject.booleanValue());
        }
        String str2 = map.get(Authenticator.PROPNAME_INCLUDE_CUSTOM_ACTIONS);
        if (StringUtils.isNotEmpty(str2)) {
            Boolean booleanObject2 = BooleanUtils.toBooleanObject(str2);
            if (booleanObject2 == null) {
                throw new IllegalArgumentException(String.format(AuthenticatorBase.ERRORMSG_PROP_INVALID_BOOL, Authenticator.PROPNAME_INCLUDE_CUSTOM_ACTIONS, str2));
            }
            scopeId.includeCustomActions(booleanObject2.booleanValue());
        }
        String str3 = map.get(Authenticator.PROPNAME_INCLUDE_ROLES);
        if (StringUtils.isNotEmpty(str3)) {
            Boolean booleanObject3 = BooleanUtils.toBooleanObject(str3);
            if (booleanObject3 == null) {
                throw new IllegalArgumentException(String.format(AuthenticatorBase.ERRORMSG_PROP_INVALID_BOOL, Authenticator.PROPNAME_INCLUDE_ROLES, str3));
            }
            scopeId.includeRoles(booleanObject3.booleanValue());
        }
        String str4 = map.get(Authenticator.PROPNAME_PREFIX_ROLES);
        if (StringUtils.isNotEmpty(str4)) {
            Boolean booleanObject4 = BooleanUtils.toBooleanObject(str4);
            if (booleanObject4 == null) {
                throw new IllegalArgumentException(String.format(AuthenticatorBase.ERRORMSG_PROP_INVALID_BOOL, Authenticator.PROPNAME_PREFIX_ROLES, str4));
            }
            scopeId.prefixRoles(booleanObject4.booleanValue());
        }
        String str5 = map.get(Authenticator.PROPNAME_DISABLE_SSL);
        if (StringUtils.isNotEmpty(str5)) {
            Boolean booleanObject5 = BooleanUtils.toBooleanObject(str5);
            if (booleanObject5 == null) {
                throw new IllegalArgumentException(String.format(AuthenticatorBase.ERRORMSG_PROP_INVALID_BOOL, Authenticator.PROPNAME_DISABLE_SSL, str5));
            }
            scopeId.disableSSLVerification(booleanObject5.booleanValue());
        }
        String str6 = map.get(Authenticator.PROPNAME_CALLER_EXT_CLAIM);
        if (StringUtils.isNotEmpty(str6)) {
            scopeId.callerExtClaim((Map) GsonSingleton.getGsonWithoutPrettyPrinting().fromJson(str6, new TypeToken<Map<String, String>>() { // from class: com.ibm.cloud.sdk.core.security.MCSPV2Authenticator.1
            }.getType()));
        }
        return scopeId.build();
    }

    @Override // com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticatorImmutable, com.ibm.cloud.sdk.core.security.Authenticator
    public void validate() {
        if (StringUtils.isEmpty(getURL())) {
            throw new IllegalArgumentException(String.format(AuthenticatorBase.ERRORMSG_PROP_MISSING, "url"));
        }
        if (StringUtils.isEmpty(this.apikey)) {
            throw new IllegalArgumentException(String.format(AuthenticatorBase.ERRORMSG_PROP_MISSING, "apikey"));
        }
        if (StringUtils.isEmpty(this.scopeCollectionType)) {
            throw new IllegalArgumentException(String.format(AuthenticatorBase.ERRORMSG_PROP_MISSING, "scopeCollectionType"));
        }
        if (StringUtils.isEmpty(this.scopeId)) {
            throw new IllegalArgumentException(String.format(AuthenticatorBase.ERRORMSG_PROP_MISSING, "scopeId"));
        }
    }

    @Override // com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticatorImmutable, com.ibm.cloud.sdk.core.security.Authenticator
    public String authenticationType() {
        return Authenticator.AUTHTYPE_MCSPV2;
    }

    public String getApiKey() {
        return this.apikey;
    }

    public String getURL() {
        return this.url;
    }

    public String getScopeCollectionType() {
        return this.scopeCollectionType;
    }

    public String getScopeId() {
        return this.scopeId;
    }

    public boolean includeBuiltinActions() {
        return this.includeBuiltinActions;
    }

    public boolean includeCustomActions() {
        return this.includeCustomActions;
    }

    public boolean includeRoles() {
        return this.includeRoles;
    }

    public boolean prefixRoles() {
        return this.prefixRoles;
    }

    public Map<String, String> getCallerExtClaim() {
        return this.callerExtClaim;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticatorImmutable
    public MCSPToken requestToken() {
        MCSPToken mCSPToken;
        HashMap hashMap = new HashMap();
        hashMap.put("scopeCollectionType", getScopeCollectionType());
        hashMap.put("scopeId", getScopeId());
        RequestBuilder post = RequestBuilder.post(RequestBuilder.resolveRequestUrl(getURL(), OPERATION_PATH, hashMap));
        post.header(HttpHeaders.ACCEPT, HttpMediaType.APPLICATION_JSON);
        post.header(HttpHeaders.CONTENT_TYPE, HttpMediaType.APPLICATION_JSON);
        post.header(HttpHeaders.USER_AGENT, getUserAgent());
        post.query("includeBuiltinActions", Boolean.valueOf(includeBuiltinActions()));
        post.query("includeCustomActions", Boolean.valueOf(includeCustomActions()));
        post.query("includeRoles", Boolean.valueOf(includeRoles()));
        post.query("prefixRolesWithDefinitionScope", Boolean.valueOf(prefixRoles()));
        post.bodyContent(HttpMediaType.APPLICATION_JSON, new MCSPV2RequestBody(getApiKey(), getCallerExtClaim()), (Object) null, (InputStream) null);
        try {
            LOG.log(Level.FINE, "Invoking MCSPv2 token service operation: POST {0}", post.toUrl());
            MCSPV2TokenResponse invokeRequest = invokeRequest(post, MCSPV2TokenResponse.class);
            LOG.log(Level.FINE, "Returned from MCSPv2 token service operation");
            mCSPToken = new MCSPToken(invokeRequest);
        } catch (Throwable th) {
            mCSPToken = new MCSPToken(th);
            LOG.log(Level.FINE, "Exception from MCSPv2 token service operation: ", th);
        }
        return mCSPToken;
    }
}
