package org.springframework.boot.buildpack.platform.docker.configuration;

import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.function.BiConsumer;
import java.util.function.Function;
import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfigurationMetadata;
import org.springframework.boot.buildpack.platform.docker.type.ImageReference;
import org.springframework.boot.buildpack.platform.system.Environment;
import org.springframework.util.StringUtils;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/springframework/boot/buildpack/platform/docker/configuration/DockerRegistryConfigAuthentication.class */
public class DockerRegistryConfigAuthentication implements DockerRegistryAuthentication {
    private static final String DEFAULT_DOMAIN = "docker.io";
    private static final String INDEX_URL = "https://index.docker.io/v1/";
    static Map<String, Credential> credentialFromHelperCache = new ConcurrentHashMap();
    private final DockerRegistryAuthentication fallback;
    private final BiConsumer<String, Exception> credentialHelperExceptionHandler;
    private final Function<String, CredentialHelper> credentialHelperFactory;
    private final DockerConfigurationMetadata.DockerConfig dockerConfig;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DockerRegistryConfigAuthentication(DockerRegistryAuthentication dockerRegistryAuthentication, BiConsumer<String, Exception> biConsumer) {
        this(dockerRegistryAuthentication, biConsumer, Environment.SYSTEM, str -> {
            return new CredentialHelper("docker-credential-" + str);
        });
    }

    DockerRegistryConfigAuthentication(DockerRegistryAuthentication dockerRegistryAuthentication, BiConsumer<String, Exception> biConsumer, Environment environment, Function<String, CredentialHelper> function) {
        this.fallback = dockerRegistryAuthentication;
        this.credentialHelperExceptionHandler = biConsumer;
        this.dockerConfig = DockerConfigurationMetadata.from(environment).getConfiguration();
        this.credentialHelperFactory = function;
    }

    @Override // org.springframework.boot.buildpack.platform.docker.configuration.DockerRegistryAuthentication
    public String getAuthHeader() {
        return getAuthHeader(null);
    }

    @Override // org.springframework.boot.buildpack.platform.docker.configuration.DockerRegistryAuthentication
    public String getAuthHeader(ImageReference imageReference) {
        DockerRegistryAuthentication authentication = getAuthentication(getServerUrl(imageReference));
        if (authentication != null) {
            return authentication.getAuthHeader(imageReference);
        }
        return null;
    }

    private String getServerUrl(ImageReference imageReference) {
        String domain = imageReference != null ? imageReference.getDomain() : null;
        return !DEFAULT_DOMAIN.equals(domain) ? domain : INDEX_URL;
    }

    private DockerRegistryAuthentication getAuthentication(String str) {
        Credential credentialsFromHelper = getCredentialsFromHelper(str);
        Map.Entry<String, DockerConfigurationMetadata.Auth> authConfigEntry = getAuthConfigEntry(str);
        DockerConfigurationMetadata.Auth value = authConfigEntry != null ? authConfigEntry.getValue() : null;
        return credentialsFromHelper != null ? getAuthentication(credentialsFromHelper, value, str) : value != null ? DockerRegistryAuthentication.user(value.getUsername(), value.getPassword(), authConfigEntry.getKey(), value.getEmail()) : this.fallback;
    }

    private DockerRegistryAuthentication getAuthentication(Credential credential, DockerConfigurationMetadata.Auth auth, String str) {
        if (credential.isIdentityToken()) {
            return DockerRegistryAuthentication.token(credential.getSecret());
        }
        return DockerRegistryAuthentication.user(credential.getUsername(), credential.getSecret(), StringUtils.hasLength(credential.getServerUrl()) ? credential.getServerUrl() : str, auth != null ? auth.getEmail() : null);
    }

    private Credential getCredentialsFromHelper(String str) {
        if (StringUtils.hasLength(str)) {
            return credentialFromHelperCache.computeIfAbsent(str, this::computeCredentialsFromHelper);
        }
        return null;
    }

    private Credential computeCredentialsFromHelper(String str) {
        CredentialHelper credentialHelper = getCredentialHelper(str);
        if (credentialHelper == null) {
            return null;
        }
        try {
            return credentialHelper.get(str);
        } catch (Exception e) {
            this.credentialHelperExceptionHandler.accept("Error retrieving credentials for '%s' due to: %s".formatted(str, e.getMessage()), e);
            return null;
        }
    }

    private CredentialHelper getCredentialHelper(String str) {
        String orDefault = this.dockerConfig.getCredHelpers().getOrDefault(str, this.dockerConfig.getCredsStore());
        if (StringUtils.hasLength(orDefault)) {
            return this.credentialHelperFactory.apply(orDefault);
        }
        return null;
    }

    private Map.Entry<String, DockerConfigurationMetadata.Auth> getAuthConfigEntry(String str) {
        for (Map.Entry<String, DockerConfigurationMetadata.Auth> entry : this.dockerConfig.getAuths().entrySet()) {
            if (entry.getKey().equals(str) || entry.getKey().endsWith("://" + str)) {
                return entry;
            }
        }
        return null;
    }
}
