package com.sap.cloud.sdk.cloudplatform.security;

import com.auth0.jwt.interfaces.DecodedJWT;
import com.google.gson.JsonObject;
import com.sap.cloud.sdk.cloudplatform.CloudPlatform;
import com.sap.cloud.sdk.cloudplatform.CloudPlatformAccessor;
import com.sap.cloud.sdk.cloudplatform.ScpCfCloudPlatform;
import com.sap.cloud.sdk.cloudplatform.exception.CloudPlatformException;
import com.sap.cloud.sdk.cloudplatform.security.OAuth2ServiceProvider;
import com.sap.cloud.security.config.ClientCertificate;
import com.sap.cloud.security.config.ClientCredentials;
import com.sap.cloud.security.config.ClientIdentity;
import com.sap.cloud.security.config.OAuth2ServiceConfiguration;
import com.sap.cloud.security.config.Service;
import com.sap.cloud.security.config.cf.CFConstants;
import com.sap.cloud.security.config.cf.CFEnvironment;
import com.sap.cloud.security.xsuaa.client.OAuth2ServiceEndpointsProvider;
import com.sap.cloud.security.xsuaa.client.OAuth2TokenService;
import com.sap.cloud.security.xsuaa.client.XsuaaDefaultEndpoints;
import com.sap.cloud.security.xsuaa.tokenflows.XsuaaTokenFlows;
import io.vavr.Lazy;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.UnaryOperator;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/sap/cloud/sdk/cloudplatform/security/DefaultOAuth2ServiceProvider.class */
public final class DefaultOAuth2ServiceProvider implements OAuth2ServiceProvider {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(DefaultOAuth2ServiceProvider.class);

    @Nonnull
    private final CloudPlatform platform;

    @Nonnull
    private final OAuth2TokenServiceCache tokenServiceCache;

    @Nullable
    private final OAuth2TokenService staticTokenService;

    @Nullable
    private final ClientIdentity staticClientIdentity;

    @Nullable
    private final OAuth2ServiceEndpointsProvider staticEndpointsProvider;

    @Nullable
    private final DecodedJWT staticAccessToken;

    @Nonnull
    private final Lazy<CFEnvironment> cfEnvironment;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/sap/cloud/sdk/cloudplatform/security/DefaultOAuth2ServiceProvider$DefaultOAuth2ServiceProviderBuilder.class */
    public static class DefaultOAuth2ServiceProviderBuilder implements OAuth2ServiceProvider.OAuth2ServiceProviderBuilder {

        @Generated
        private OAuth2TokenServiceCache tokenServiceCache;

        @Generated
        private CloudPlatform platform;

        @Generated
        private OAuth2TokenService staticTokenService;

        @Generated
        private DecodedJWT staticAccessToken;

        @Generated
        private Credentials staticCredentials;

        @Generated
        private OAuth2ServiceSettings serviceSettings;

        @Generated
        DefaultOAuth2ServiceProviderBuilder() {
        }

        @Override // com.sap.cloud.sdk.cloudplatform.security.OAuth2ServiceProvider.OAuth2ServiceProviderBuilder
        @Nonnull
        @Generated
        public DefaultOAuth2ServiceProviderBuilder tokenServiceCache(@Nullable OAuth2TokenServiceCache oAuth2TokenServiceCache) {
            this.tokenServiceCache = oAuth2TokenServiceCache;
            return this;
        }

        @Override // com.sap.cloud.sdk.cloudplatform.security.OAuth2ServiceProvider.OAuth2ServiceProviderBuilder
        @Nonnull
        @Generated
        public DefaultOAuth2ServiceProviderBuilder platform(@Nullable CloudPlatform cloudPlatform) {
            this.platform = cloudPlatform;
            return this;
        }

        @Nonnull
        @Generated
        public DefaultOAuth2ServiceProviderBuilder staticTokenService(@Nullable OAuth2TokenService oAuth2TokenService) {
            this.staticTokenService = oAuth2TokenService;
            return this;
        }

        @Override // com.sap.cloud.sdk.cloudplatform.security.OAuth2ServiceProvider.OAuth2ServiceProviderBuilder
        @Nonnull
        @Generated
        public DefaultOAuth2ServiceProviderBuilder staticAccessToken(@Nullable DecodedJWT decodedJWT) {
            this.staticAccessToken = decodedJWT;
            return this;
        }

        @Override // com.sap.cloud.sdk.cloudplatform.security.OAuth2ServiceProvider.OAuth2ServiceProviderBuilder
        @Nonnull
        @Generated
        public DefaultOAuth2ServiceProviderBuilder staticCredentials(@Nullable Credentials credentials) {
            this.staticCredentials = credentials;
            return this;
        }

        @Override // com.sap.cloud.sdk.cloudplatform.security.OAuth2ServiceProvider.OAuth2ServiceProviderBuilder
        @Nonnull
        @Generated
        public DefaultOAuth2ServiceProviderBuilder serviceSettings(@Nullable OAuth2ServiceSettings oAuth2ServiceSettings) {
            this.serviceSettings = oAuth2ServiceSettings;
            return this;
        }

        @Override // com.sap.cloud.sdk.cloudplatform.security.OAuth2ServiceProvider.OAuth2ServiceProviderBuilder
        @Nonnull
        @Generated
        public DefaultOAuth2ServiceProvider build() {
            return new DefaultOAuth2ServiceProvider(this.tokenServiceCache, this.platform, this.staticTokenService, this.staticAccessToken, this.staticCredentials, this.serviceSettings);
        }

        @Nonnull
        @Generated
        public String toString() {
            return "DefaultOAuth2ServiceProvider.DefaultOAuth2ServiceProviderBuilder(tokenServiceCache=" + this.tokenServiceCache + ", platform=" + this.platform + ", staticTokenService=" + this.staticTokenService + ", staticAccessToken=" + this.staticAccessToken + ", staticCredentials=" + this.staticCredentials + ", serviceSettings=" + this.serviceSettings + ")";
        }
    }

    private DefaultOAuth2ServiceProvider(@Nullable OAuth2TokenServiceCache oAuth2TokenServiceCache, @Nullable CloudPlatform cloudPlatform, @Nullable OAuth2TokenService oAuth2TokenService, @Nullable DecodedJWT decodedJWT, @Nullable Credentials credentials, @Nullable OAuth2ServiceSettings oAuth2ServiceSettings) {
        this.cfEnvironment = Lazy.of(this::createEnvironment);
        this.staticClientIdentity = credentials == null ? null : getClientIdentity(credentials);
        this.staticEndpointsProvider = oAuth2ServiceSettings == null ? null : oAuth2ServiceSettings.toOAuth2Endpoints();
        this.platform = cloudPlatform != null ? cloudPlatform : CloudPlatformAccessor.getCloudPlatform();
        this.tokenServiceCache = oAuth2TokenServiceCache != null ? oAuth2TokenServiceCache : OAuth2TokenServiceCache.create();
        this.staticAccessToken = decodedJWT;
        this.staticTokenService = oAuth2TokenService;
    }

    @Nonnull
    private static ClientIdentity getClientIdentity(@Nonnull Credentials credentials) {
        if (credentials instanceof ClientCredentials) {
            return new ClientCredentials(((ClientCredentials) credentials).getClientId(), ((ClientCredentials) credentials).getClientSecret());
        }
        if (credentials instanceof ClientCertificate) {
            return new ClientCertificate(((ClientCertificate) credentials).getCertificate(), ((ClientCertificate) credentials).getKey(), ((ClientCertificate) credentials).getClientId());
        }
        throw new IllegalStateException("Unsupported credentials type for authenticating against OAuth2 endpoint: " + credentials.getClass().getSimpleName());
    }

    @Nonnull
    OAuth2ServiceConfiguration getCurrentServiceConfiguration() {
        CFEnvironment cFEnvironment = (CFEnvironment) this.cfEnvironment.get();
        if (cFEnvironment.getXsuaaConfiguration() == null && cFEnvironment.getIasConfiguration() == null) {
            throw new CloudPlatformException("No XSUAA or IAS bindings found.");
        }
        String currentXsuaaServicePlan = getCurrentXsuaaServicePlan(this.platform, this.staticAccessToken != null ? this.staticAccessToken : getCurrentAccessToken());
        if (currentXsuaaServicePlan == null) {
            log.debug("Could not find any XSUAA service binding matching the current user access token. Falling back to default XSUAA binding.");
            return (OAuth2ServiceConfiguration) Objects.requireNonNull(cFEnvironment.getXsuaaConfiguration(), "No XSUAA bindings found.");
        }
        OAuth2ServiceConfiguration loadForServicePlan = cFEnvironment.loadForServicePlan(Service.XSUAA, CFConstants.Plan.from(currentXsuaaServicePlan));
        if (loadForServicePlan == null) {
            throw new IllegalStateException("Unable to load XSUAA service information for plan " + currentXsuaaServicePlan);
        }
        return loadForServicePlan;
    }

    @Nullable
    private static String getCurrentXsuaaServicePlan(@Nonnull CloudPlatform cloudPlatform, @Nullable DecodedJWT decodedJWT) {
        Map<String, List<JsonObject>> currentXsuaaServiceCredentials = getCurrentXsuaaServiceCredentials(cloudPlatform, decodedJWT);
        if (currentXsuaaServiceCredentials.size() > 1) {
            log.warn("Found more than one matching XSUAA service binding plan for provided token.");
        }
        if (currentXsuaaServiceCredentials.isEmpty()) {
            return null;
        }
        return currentXsuaaServiceCredentials.keySet().iterator().next();
    }

    @Nonnull
    private static Map<String, List<JsonObject>> getCurrentXsuaaServiceCredentials(@Nonnull CloudPlatform cloudPlatform, @Nullable DecodedJWT decodedJWT) throws CloudPlatformException {
        Map<String, List<JsonObject>> xsuaaCredentialsByPlan = castScpCfPlatform(cloudPlatform).getXsuaaCredentialsByPlan(decodedJWT);
        if (xsuaaCredentialsByPlan.isEmpty()) {
            if (decodedJWT != null) {
                log.debug("Unable to find matching XSUAA service binding for token: {}", decodedJWT.getToken());
            } else {
                log.debug("Unable to find any XSUAA service binding.");
            }
        }
        return xsuaaCredentialsByPlan;
    }

    @Nonnull
    private CFEnvironment createEnvironment() {
        UnaryOperator unaryOperator;
        if (this.platform instanceof ScpCfCloudPlatform) {
            unaryOperator = str -> {
                return (String) this.platform.getEnvironmentVariable(str).getOrNull();
            };
        } else {
            unaryOperator = System::getenv;
            log.warn("Provided platform object is not of type {}.", ScpCfCloudPlatform.class.getSimpleName());
        }
        return CFEnvironment.getInstance(unaryOperator, System::getProperty);
    }

    @Nonnull
    private static ScpCfCloudPlatform castScpCfPlatform(@Nonnull CloudPlatform cloudPlatform) {
        if (cloudPlatform instanceof ScpCfCloudPlatform) {
            return (ScpCfCloudPlatform) cloudPlatform;
        }
        throw new CloudPlatformException("This operation requires a platform instance of type: " + ScpCfCloudPlatform.class.getSimpleName());
    }

    @Nullable
    private static DecodedJWT getCurrentAccessToken() {
        return (DecodedJWT) AuthTokenAccessor.tryGetCurrentToken().map((v0) -> {
            return v0.getJwt();
        }).onFailure(th -> {
            log.debug("Current user access token not found.");
        }).getOrNull();
    }

    @Override // com.sap.cloud.sdk.cloudplatform.security.OAuth2ServiceProvider
    @Nonnull
    public XsuaaTokenFlows getXsuaaTokenFlows() {
        OAuth2ServiceConfiguration oAuth2ServiceConfiguration = null;
        if (this.staticClientIdentity == null || this.staticEndpointsProvider == null) {
            oAuth2ServiceConfiguration = getCurrentServiceConfiguration();
        }
        ClientIdentity clientIdentity = this.staticClientIdentity;
        if (clientIdentity == null) {
            clientIdentity = oAuth2ServiceConfiguration.getClientIdentity();
        }
        OAuth2TokenService oAuth2TokenService = this.staticTokenService;
        if (oAuth2TokenService == null) {
            oAuth2TokenService = this.tokenServiceCache.getTokenService(clientIdentity);
        }
        XsuaaDefaultEndpoints xsuaaDefaultEndpoints = this.staticEndpointsProvider;
        if (xsuaaDefaultEndpoints == null) {
            xsuaaDefaultEndpoints = new XsuaaDefaultEndpoints(oAuth2ServiceConfiguration);
        }
        return new XsuaaTokenFlows(oAuth2TokenService, xsuaaDefaultEndpoints, clientIdentity);
    }

    @Nonnull
    @Generated
    public static DefaultOAuth2ServiceProviderBuilder builder() {
        return new DefaultOAuth2ServiceProviderBuilder();
    }

    @Nonnull
    @Generated
    public CloudPlatform getPlatform() {
        return this.platform;
    }

    @Nonnull
    @Generated
    public OAuth2TokenServiceCache getTokenServiceCache() {
        return this.tokenServiceCache;
    }

    @Generated
    @Nullable
    public OAuth2TokenService getStaticTokenService() {
        return this.staticTokenService;
    }

    @Generated
    @Nullable
    public ClientIdentity getStaticClientIdentity() {
        return this.staticClientIdentity;
    }

    @Generated
    @Nullable
    public OAuth2ServiceEndpointsProvider getStaticEndpointsProvider() {
        return this.staticEndpointsProvider;
    }

    @Generated
    @Nullable
    public DecodedJWT getStaticAccessToken() {
        return this.staticAccessToken;
    }

    @Nonnull
    @Generated
    public Lazy<CFEnvironment> getCfEnvironment() {
        return this.cfEnvironment;
    }

    @Generated
    public boolean equals(@Nullable Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof DefaultOAuth2ServiceProvider)) {
            return false;
        }
        DefaultOAuth2ServiceProvider defaultOAuth2ServiceProvider = (DefaultOAuth2ServiceProvider) obj;
        CloudPlatform platform = getPlatform();
        CloudPlatform platform2 = defaultOAuth2ServiceProvider.getPlatform();
        if (platform == null) {
            if (platform2 != null) {
                return false;
            }
        } else if (!platform.equals(platform2)) {
            return false;
        }
        OAuth2TokenServiceCache tokenServiceCache = getTokenServiceCache();
        OAuth2TokenServiceCache tokenServiceCache2 = defaultOAuth2ServiceProvider.getTokenServiceCache();
        if (tokenServiceCache == null) {
            if (tokenServiceCache2 != null) {
                return false;
            }
        } else if (!tokenServiceCache.equals(tokenServiceCache2)) {
            return false;
        }
        OAuth2TokenService staticTokenService = getStaticTokenService();
        OAuth2TokenService staticTokenService2 = defaultOAuth2ServiceProvider.getStaticTokenService();
        if (staticTokenService == null) {
            if (staticTokenService2 != null) {
                return false;
            }
        } else if (!staticTokenService.equals(staticTokenService2)) {
            return false;
        }
        ClientIdentity staticClientIdentity = getStaticClientIdentity();
        ClientIdentity staticClientIdentity2 = defaultOAuth2ServiceProvider.getStaticClientIdentity();
        if (staticClientIdentity == null) {
            if (staticClientIdentity2 != null) {
                return false;
            }
        } else if (!staticClientIdentity.equals(staticClientIdentity2)) {
            return false;
        }
        OAuth2ServiceEndpointsProvider staticEndpointsProvider = getStaticEndpointsProvider();
        OAuth2ServiceEndpointsProvider staticEndpointsProvider2 = defaultOAuth2ServiceProvider.getStaticEndpointsProvider();
        if (staticEndpointsProvider == null) {
            if (staticEndpointsProvider2 != null) {
                return false;
            }
        } else if (!staticEndpointsProvider.equals(staticEndpointsProvider2)) {
            return false;
        }
        DecodedJWT staticAccessToken = getStaticAccessToken();
        DecodedJWT staticAccessToken2 = defaultOAuth2ServiceProvider.getStaticAccessToken();
        if (staticAccessToken == null) {
            if (staticAccessToken2 != null) {
                return false;
            }
        } else if (!staticAccessToken.equals(staticAccessToken2)) {
            return false;
        }
        Lazy<CFEnvironment> cfEnvironment = getCfEnvironment();
        Lazy<CFEnvironment> cfEnvironment2 = defaultOAuth2ServiceProvider.getCfEnvironment();
        return cfEnvironment == null ? cfEnvironment2 == null : cfEnvironment.equals(cfEnvironment2);
    }

    @Generated
    public int hashCode() {
        CloudPlatform platform = getPlatform();
        int hashCode = (1 * 59) + (platform == null ? 43 : platform.hashCode());
        OAuth2TokenServiceCache tokenServiceCache = getTokenServiceCache();
        int hashCode2 = (hashCode * 59) + (tokenServiceCache == null ? 43 : tokenServiceCache.hashCode());
        OAuth2TokenService staticTokenService = getStaticTokenService();
        int hashCode3 = (hashCode2 * 59) + (staticTokenService == null ? 43 : staticTokenService.hashCode());
        ClientIdentity staticClientIdentity = getStaticClientIdentity();
        int hashCode4 = (hashCode3 * 59) + (staticClientIdentity == null ? 43 : staticClientIdentity.hashCode());
        OAuth2ServiceEndpointsProvider staticEndpointsProvider = getStaticEndpointsProvider();
        int hashCode5 = (hashCode4 * 59) + (staticEndpointsProvider == null ? 43 : staticEndpointsProvider.hashCode());
        DecodedJWT staticAccessToken = getStaticAccessToken();
        int hashCode6 = (hashCode5 * 59) + (staticAccessToken == null ? 43 : staticAccessToken.hashCode());
        Lazy<CFEnvironment> cfEnvironment = getCfEnvironment();
        return (hashCode6 * 59) + (cfEnvironment == null ? 43 : cfEnvironment.hashCode());
    }

    @Nonnull
    @Generated
    public String toString() {
        return "DefaultOAuth2ServiceProvider(platform=" + getPlatform() + ", tokenServiceCache=" + getTokenServiceCache() + ", staticTokenService=" + getStaticTokenService() + ", staticClientIdentity=" + getStaticClientIdentity() + ", staticEndpointsProvider=" + getStaticEndpointsProvider() + ", staticAccessToken=" + getStaticAccessToken() + ", cfEnvironment=" + getCfEnvironment() + ")";
    }
}
