package com.teradata.jdbc.jdbc;

import com.teradata.jdbc.Const;
import com.teradata.jdbc.URLParameters;
import com.teradata.jdbc.Utility;
import com.teradata.jdbc.encode.Encoder;
import com.teradata.jdbc.jdbc.TokenCache;
import com.teradata.jdbc.jdbc_4.logging.Log;
import com.teradata.jdbc.jdbc_4.parcel.Parcel;
import com.teradata.jdbc.jdbc_4.util.ErrorFactory;
import java.io.IOException;
import java.sql.SQLException;

/* loaded from: input_file:com/teradata/jdbc/jdbc/BrowserAuth.class */
public class BrowserAuth {
    private static final String PLACEHOLDER = "PLACEHOLDER";

    public static void browserAuth(GenericTeradataConnection genericTeradataConnection, String str, String str2) throws SQLException {
        URLParameters uRLParameters = genericTeradataConnection.getURLParameters();
        Log log = genericTeradataConnection.getLog();
        if (str2 != null && str2.length() > 0) {
            throw ErrorFactory.makeDriverJDBCException("TJ1539");
        }
        if (uRLParameters.getLogData() != null && uRLParameters.getLogData().length() > 0) {
            throw ErrorFactory.makeDriverJDBCException("TJ1540");
        }
        String browser = uRLParameters.getBrowser();
        if (browser == null || browser.length() == 0) {
            String property = System.getProperty("os.name");
            String upperCase = property != null ? property.toUpperCase() : Const.URL_LSS_TYPE_DEFAULT;
            if (upperCase.indexOf("WIN") >= 0) {
                browser = "cmd /c start \"title\" \"PLACEHOLDER\"";
            } else {
                if (upperCase.indexOf("MAC") < 0) {
                    throw ErrorFactory.makeDriverJDBCException("TJ1541", property);
                }
                browser = "open PLACEHOLDER";
            }
        }
        GenericTeradataConnection makeLogMechNoneConnection = ConnectionFactory.makeLogMechNoneConnection(genericTeradataConnection);
        if (makeLogMechNoneConnection.getGtwConfig() == null || makeLogMechNoneConnection.getGtwConfig().getIdentityProviderURL() == null || makeLogMechNoneConnection.getGtwConfig().getIdentityProviderClientID() == null) {
            throw ErrorFactory.makeDriverJDBCException("TJ1542");
        }
        String coalesce = Utility.coalesce(uRLParameters.getOIDCMetadata(), makeLogMechNoneConnection.getGtwConfig().getIdentityProviderURL());
        String oIDCClientID = uRLParameters.getOIDCClientID();
        if (oIDCClientID == null) {
            oIDCClientID = makeLogMechNoneConnection.getGtwConfig().getIdentityProviderClientID();
        }
        String oIDCScope = uRLParameters.getOIDCScope();
        if (oIDCScope == null) {
            oIDCScope = makeLogMechNoneConnection.getGtwConfig().getOIDCScope();
        }
        if (oIDCScope == null) {
            oIDCScope = "openid";
        }
        if (log.isDebugEnabled()) {
            log.debug("sIdProURL=" + coalesce);
            log.debug("sClientID=" + oIDCClientID);
            log.debug("urlParams.getOIDCScope=" + uRLParameters.getOIDCScope() + " con.getGtwConfig ().getOIDCScope=" + makeLogMechNoneConnection.getGtwConfig().getOIDCScope() + " --> sOIDCScope=" + oIDCScope);
        }
        String replaceFirst = coalesce.replaceFirst("/+$", Const.URL_LSS_TYPE_DEFAULT);
        if (replaceFirst.length() == 0 || oIDCClientID.length() == 0) {
            throw ErrorFactory.makeDriverJDBCException("TJ1550");
        }
        if (!replaceFirst.toLowerCase().endsWith("/.well-known/openid-configuration")) {
            replaceFirst = replaceFirst + "/.well-known/openid-configuration";
            if (log.isDebugEnabled()) {
                log.debug("Modified sIdProURL=" + replaceFirst);
            }
        }
        for (String str3 : Utility.joinStrings(oIDCScope, "|", uRLParameters.getOAuthScopes()).split("\\|")) {
            doBrowserAuth(genericTeradataConnection, str, str2, browser, replaceFirst, oIDCClientID, str3);
        }
    }

    private static void doBrowserAuth(GenericTeradataConnection genericTeradataConnection, String str, String str2, String str3, String str4, String str5, String str6) throws SQLException {
        URLParameters uRLParameters = genericTeradataConnection.getURLParameters();
        Log log = genericTeradataConnection.getLog();
        TokenCache.CacheContext cacheEntry = TokenCache.getCacheEntry(genericTeradataConnection, str, str2, str4, str5, str6);
        if (cacheEntry == null) {
            return;
        }
        Utility.HttpResponse doHttpRequest = Utility.doHttpRequest(uRLParameters, log, "GET", str4, null, null, true, new int[]{Parcel.PCLRECOVERABLEPROTOCOL});
        genericTeradataConnection.m_extraClientAttributes.sIdpProxyUsed = doHttpRequest.sProxyUsed;
        genericTeradataConnection.m_extraClientAttributes.sIdpProtocol = doHttpRequest.sProtocol;
        genericTeradataConnection.m_extraClientAttributes.sIdpCipher = doHttpRequest.sCipher;
        genericTeradataConnection.m_extraClientAttributes.sIdpCertStatus = doHttpRequest.sCertStatus;
        String str7 = doHttpRequest.sBody;
        String stringFromJSON = Utility.getStringFromJSON("authorization_endpoint", str7, "TJ1544", str4);
        String stringFromJSON2 = Utility.getStringFromJSON("token_endpoint", str7, "TJ1544", str4);
        String base64Encode = Utility.base64Encode(true, Utility.getRandomBytes(32));
        String base64Encode2 = Utility.base64Encode(true, Utility.hashBytes(log, "SHA-256", Encoder.encodeStringAsciiReplace(genericTeradataConnection, base64Encode)));
        int browserTimeout = uRLParameters.getBrowserTimeout() * 1000;
        int browserTabTimeout = uRLParameters.getBrowserTabTimeout() * 1000;
        if (log.isTimingEnabled()) {
            log.timing("Starting HttpServer with Browser Authentication timeout " + browserTimeout + " ms and browser tab timeout " + browserTabTimeout + " ms");
        }
        HttpServer httpServer = new HttpServer(log, "/openid-callback?", browserTimeout, browserTabTimeout);
        String str8 = "http://127.0.0.1:" + httpServer.getLocalPort() + "/openid-callback";
        if (log.isDebugEnabled()) {
            log.debug("sJSON=" + str7);
            log.debug("sAuthURL=" + stringFromJSON);
            log.debug("sTokenURL=" + stringFromJSON2);
            log.debug("sCodeVerifier=" + base64Encode);
            log.debug("sCodeChallenge=" + base64Encode2);
            log.debug("sRedirectURL=" + str8);
            log.debug("(before PLACEHOLDER swap) sBrowser=" + str3);
        }
        String replaceAll = str3.replaceAll(PLACEHOLDER, stringFromJSON + "?response_type=code&client_id=" + Utility.safeForURL(str5) + "&redirect_uri=" + Utility.safeForURL(str8) + "&code_challenge=" + Utility.safeForURL(base64Encode2) + "&code_challenge_method=S256&scope=" + Utility.safeForURL(str6) + ((str == null || str.length() <= 0) ? Const.URL_LSS_TYPE_DEFAULT : "&login_hint=" + Utility.safeForURL(str)));
        if (log.isTimingEnabled()) {
            log.timing("Launching browser " + replaceAll);
        }
        try {
            Process exec = Runtime.getRuntime().exec(replaceAll);
            try {
                exec.getInputStream().close();
                exec.getOutputStream().close();
                exec.getErrorStream().close();
            } catch (IOException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Ignoring Process stream close exception: " + e);
                }
            }
            String str9 = httpServer.waitForRequestParams(log).get("code");
            if (str9 == null || str9.length() == 0) {
                throw ErrorFactory.makeDriverJDBCException("TJ1548");
            }
            String str10 = "grant_type=authorization_code&client_id=" + Utility.safeForURL(str5) + "&code=" + Utility.safeForURL(str9) + "&redirect_uri=" + Utility.safeForURL(str8) + "&code_verifier=" + Utility.safeForURL(base64Encode);
            if (log.isDebugEnabled()) {
                log.debug("sClientID=" + str5);
                log.debug("sCode=" + str9);
                log.debug("sRedirectURL=" + str8);
                log.debug("sCodeVerifier=" + base64Encode);
                log.debug("sFormData=" + str10);
            }
            TokenCache.putCacheEntry(genericTeradataConnection, str, str2, str4, str5, str6, stringFromJSON2, Utility.doHttpRequest(uRLParameters, log, "POST", stringFromJSON2, new String[]{"Content-Type: application/x-www-form-urlencoded"}, Encoder.encodeStringUTF8(str10), true, new int[]{Parcel.PCLRECOVERABLEPROTOCOL}).sBody, cacheEntry);
        } catch (IOException e2) {
            throw Utility.logEx(log, "Runtime exec", Utility.wrapEx(e2, ErrorFactory.makeDriverJDBCException("TJ1551", replaceAll)));
        }
    }
}
