package com.okta.sdk.impl.client;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.module.SimpleModule;
import com.okta.commons.configcheck.ConfigurationValidator;
import com.okta.commons.http.config.Proxy;
import com.okta.commons.lang.ApplicationInfo;
import com.okta.commons.lang.Assert;
import com.okta.commons.lang.Classes;
import com.okta.commons.lang.Strings;
import com.okta.sdk.authc.credentials.ClientCredentials;
import com.okta.sdk.cache.CacheConfigurationBuilder;
import com.okta.sdk.cache.CacheManager;
import com.okta.sdk.cache.CacheManagerBuilder;
import com.okta.sdk.cache.Caches;
import com.okta.sdk.client.AuthenticationScheme;
import com.okta.sdk.client.AuthorizationMode;
import com.okta.sdk.client.ClientBuilder;
import com.okta.sdk.impl.api.DefaultClientCredentialsResolver;
import com.okta.sdk.impl.config.ClientConfiguration;
import com.okta.sdk.impl.config.EnvironmentVariablesPropertiesSource;
import com.okta.sdk.impl.config.OptionalPropertiesSource;
import com.okta.sdk.impl.config.PropertiesSource;
import com.okta.sdk.impl.config.ResourcePropertiesSource;
import com.okta.sdk.impl.config.SystemPropertiesSource;
import com.okta.sdk.impl.config.YAMLPropertiesSource;
import com.okta.sdk.impl.deserializer.GroupProfileDeserializer;
import com.okta.sdk.impl.deserializer.UserProfileDeserializer;
import com.okta.sdk.impl.io.DefaultResourceFactory;
import com.okta.sdk.impl.io.Resource;
import com.okta.sdk.impl.io.ResourceFactory;
import com.okta.sdk.impl.oauth2.AccessTokenRetrieverService;
import com.okta.sdk.impl.oauth2.AccessTokenRetrieverServiceImpl;
import com.okta.sdk.impl.oauth2.OAuth2ClientCredentials;
import com.okta.sdk.impl.retry.OktaHttpRequestRetryStrategy;
import com.okta.sdk.impl.serializer.GroupProfileSerializer;
import com.okta.sdk.impl.serializer.UserProfileSerializer;
import com.okta.sdk.impl.util.ConfigUtil;
import com.okta.sdk.impl.util.DefaultBaseUrlResolver;
import com.okta.sdk.resource.client.ApiClient;
import com.okta.sdk.resource.model.GroupProfile;
import com.okta.sdk.resource.model.UserProfile;
import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.InvalidPathException;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import org.apache.hc.client5.http.auth.AuthScope;
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
import org.apache.hc.client5.http.config.ConnectionConfig;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.impl.DefaultAuthenticationStrategy;
import org.apache.hc.client5.http.impl.DefaultConnectionKeepAliveStrategy;
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
import org.apache.hc.client5.http.impl.classic.DefaultBackoffStrategy;
import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.impl.DefaultConnectionReuseStrategy;
import org.apache.hc.core5.util.Timeout;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/okta/sdk/impl/client/DefaultClientBuilder.class */
public class DefaultClientBuilder implements ClientBuilder {
    private static final Logger log = LoggerFactory.getLogger(DefaultClientBuilder.class);
    private static final String ENVVARS_TOKEN = "envvars";
    private static final String SYSPROPS_TOKEN = "sysprops";
    private static final String OKTA_CONFIG_CP = "com/okta/sdk/config/";
    private static final String OKTA_YAML = "okta.yaml";
    private static final String OKTA_PROPERTIES = "okta.properties";
    private CacheManager cacheManager;
    private ClientCredentials clientCredentials;
    private boolean allowNonHttpsForTesting;
    private final ClientConfiguration clientConfig;
    private AccessTokenRetrieverService accessTokenRetrieverService;

    public DefaultClientBuilder() {
        this(new DefaultResourceFactory());
    }

    DefaultClientBuilder(ResourceFactory resourceFactory) {
        this.allowNonHttpsForTesting = false;
        this.clientConfig = new ClientConfiguration();
        ArrayList arrayList = new ArrayList();
        for (String str : configSources()) {
            if (ENVVARS_TOKEN.equalsIgnoreCase(str)) {
                arrayList.add(EnvironmentVariablesPropertiesSource.oktaFilteredPropertiesSource());
            } else if (SYSPROPS_TOKEN.equalsIgnoreCase(str)) {
                arrayList.add(SystemPropertiesSource.oktaFilteredPropertiesSource());
            } else {
                Resource createResource = resourceFactory.createResource(str);
                arrayList.add(new OptionalPropertiesSource(Strings.endsWithIgnoreCase(str, ".yaml") ? new YAMLPropertiesSource(createResource) : new ResourcePropertiesSource(createResource)));
            }
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            linkedHashMap.putAll(((PropertiesSource) it.next()).getProperties());
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.token"))) {
            this.clientConfig.setApiToken((String) linkedHashMap.get("okta.client.token"));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.cache.enabled"))) {
            this.clientConfig.setCacheManagerEnabled(Boolean.parseBoolean((String) linkedHashMap.get("okta.client.cache.enabled")));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.cache.defaultTtl"))) {
            this.clientConfig.setCacheManagerTtl(Long.parseLong((String) linkedHashMap.get("okta.client.cache.defaultTtl")));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.cache.defaultTti"))) {
            this.clientConfig.setCacheManagerTti(Long.parseLong((String) linkedHashMap.get("okta.client.cache.defaultTti")));
        }
        for (String str2 : linkedHashMap.keySet()) {
            if (!(str2.length() == "okta.client.cache.caches".length()) && str2.startsWith("okta.client.cache.caches")) {
                String substring = str2.substring("okta.client.cache.caches".length() + 1, str2.length() - 4);
                String str3 = (String) linkedHashMap.get("okta.client.cache.caches." + substring + ".tti");
                String str4 = (String) linkedHashMap.get("okta.client.cache.caches." + substring + ".ttl");
                CacheConfigurationBuilder forResource = Caches.forResource(Classes.forName(substring));
                if (Strings.hasText(str3)) {
                    forResource.withTimeToIdle(Long.parseLong(str3), TimeUnit.SECONDS);
                }
                if (Strings.hasText(str4)) {
                    forResource.withTimeToLive(Long.parseLong(str4), TimeUnit.SECONDS);
                }
                if (!this.clientConfig.getCacheManagerCaches().containsKey(substring)) {
                    this.clientConfig.getCacheManagerCaches().put(substring, forResource);
                }
            }
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.testing.disableHttpsCheck"))) {
            this.allowNonHttpsForTesting = Boolean.parseBoolean((String) linkedHashMap.get("okta.testing.disableHttpsCheck"));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.orgUrl"))) {
            String replace = ((String) linkedHashMap.get("okta.client.orgUrl")).replace("\\:", ":");
            ConfigurationValidator.assertOrgUrl(replace, this.allowNonHttpsForTesting);
            this.clientConfig.setBaseUrl(replace);
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.connectionTimeout"))) {
            this.clientConfig.setConnectionTimeout(Integer.parseInt((String) linkedHashMap.get("okta.client.connectionTimeout")));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.authenticationScheme"))) {
            this.clientConfig.setAuthenticationScheme((AuthenticationScheme) Enum.valueOf(AuthenticationScheme.class, (String) linkedHashMap.get("okta.client.authenticationScheme")));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.proxy.port"))) {
            this.clientConfig.setProxyPort(Integer.parseInt((String) linkedHashMap.get("okta.client.proxy.port")));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.proxy.host"))) {
            this.clientConfig.setProxyHost((String) linkedHashMap.get("okta.client.proxy.host"));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.proxy.username"))) {
            this.clientConfig.setProxyUsername((String) linkedHashMap.get("okta.client.proxy.username"));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.proxy.password"))) {
            this.clientConfig.setProxyPassword((String) linkedHashMap.get("okta.client.proxy.password"));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.authorizationMode"))) {
            this.clientConfig.setAuthorizationMode(AuthorizationMode.getAuthorizationMode((String) linkedHashMap.get("okta.client.authorizationMode")));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.clientId"))) {
            this.clientConfig.setClientId((String) linkedHashMap.get("okta.client.clientId"));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.scopes"))) {
            this.clientConfig.setScopes(new HashSet(Arrays.asList(((String) linkedHashMap.get("okta.client.scopes")).split("[\\s,]+"))));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.privateKey"))) {
            this.clientConfig.setPrivateKey((String) linkedHashMap.get("okta.client.privateKey"));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.oauth2.accessToken"))) {
            this.clientConfig.setOAuth2AccessToken((String) linkedHashMap.get("okta.client.oauth2.accessToken"));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.kid"))) {
            this.clientConfig.setKid((String) linkedHashMap.get("okta.client.kid"));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.requestTimeout"))) {
            this.clientConfig.setRetryMaxElapsed(Integer.parseInt((String) linkedHashMap.get("okta.client.requestTimeout")));
        }
        if (Strings.hasText((String) linkedHashMap.get("okta.client.rateLimit.maxRetries"))) {
            this.clientConfig.setRetryMaxAttempts(Integer.parseInt((String) linkedHashMap.get("okta.client.rateLimit.maxRetries")));
        }
    }

    public ClientBuilder setProxy(Proxy proxy) {
        if (proxy == null) {
            throw new IllegalArgumentException("proxy argument cannot be null.");
        }
        this.clientConfig.setProxyHost(proxy.getHost());
        this.clientConfig.setProxyPort(proxy.getPort());
        this.clientConfig.setProxyUsername(proxy.getUsername());
        this.clientConfig.setProxyPassword(proxy.getPassword());
        return this;
    }

    public ClientBuilder setCacheManager(CacheManager cacheManager) {
        this.cacheManager = cacheManager;
        return this;
    }

    public ClientBuilder setConnectionTimeout(int i) {
        Assert.isTrue(i >= 0, "Timeout cannot be a negative number.");
        this.clientConfig.setConnectionTimeout(i);
        return this;
    }

    public ClientBuilder setClientCredentials(ClientCredentials clientCredentials) {
        Assert.isInstanceOf(ClientCredentials.class, clientCredentials);
        this.clientCredentials = clientCredentials;
        return this;
    }

    public ClientBuilder setRetryMaxElapsed(int i) {
        this.clientConfig.setRetryMaxElapsed(i);
        return this;
    }

    public ClientBuilder setRetryMaxAttempts(int i) {
        this.clientConfig.setRetryMaxAttempts(i);
        return this;
    }

    public ApiClient build() {
        if (!this.clientConfig.isCacheManagerEnabled()) {
            log.debug("CacheManager disabled. Defaulting to DisabledCacheManager");
            this.cacheManager = Caches.newDisabledCacheManager();
        } else if (this.cacheManager == null) {
            log.debug("No CacheManager configured. Defaulting to in-memory CacheManager with default TTL and TTI of five minutes.");
            CacheManagerBuilder withDefaultTimeToLive = Caches.newCacheManager().withDefaultTimeToIdle(this.clientConfig.getCacheManagerTti(), TimeUnit.SECONDS).withDefaultTimeToLive(this.clientConfig.getCacheManagerTtl(), TimeUnit.SECONDS);
            if (this.clientConfig.getCacheManagerCaches().size() > 0) {
                Iterator<CacheConfigurationBuilder> it = this.clientConfig.getCacheManagerCaches().values().iterator();
                while (it.hasNext()) {
                    withDefaultTimeToLive.withCache(it.next());
                }
            }
            this.cacheManager = withDefaultTimeToLive.build();
        }
        if (this.clientConfig.getBaseUrlResolver() == null) {
            ConfigurationValidator.assertOrgUrl(this.clientConfig.getBaseUrl(), this.allowNonHttpsForTesting);
            this.clientConfig.setBaseUrlResolver(new DefaultBaseUrlResolver(this.clientConfig.getBaseUrl()));
        }
        HttpClientBuilder createHttpClientBuilder = createHttpClientBuilder(this.clientConfig);
        if (this.clientConfig.getProxy() != null) {
            setProxy(createHttpClientBuilder, this.clientConfig);
        }
        ApiClient apiClient = new ApiClient(createHttpClientBuilder.build(), this.cacheManager, this.clientConfig);
        apiClient.setBasePath(this.clientConfig.getBaseUrl());
        apiClient.setUserAgent((String) ApplicationInfo.get().entrySet().stream().map(entry -> {
            return ((String) entry.getKey()) + "/" + ((String) entry.getValue());
        }).collect(Collectors.joining(" ")));
        addCustomSerializerAndDeserializers(apiClient);
        if (isOAuth2Flow()) {
            this.clientConfig.setAuthenticationScheme(AuthenticationScheme.OAUTH2_PRIVATE_KEY);
            validateOAuth2ClientConfig(this.clientConfig);
            if (Strings.hasText(this.clientConfig.getOAuth2AccessToken())) {
                log.debug("Will use client provided Access token for OAuth2 authentication (private key, if supplied would be ignored)");
                apiClient.setAccessToken(this.clientConfig.getOAuth2AccessToken());
            } else {
                log.debug("Will retrieve Access Token automatically from Okta for OAuth2 authentication");
                this.accessTokenRetrieverService = new AccessTokenRetrieverServiceImpl(this.clientConfig, apiClient);
                OAuth2ClientCredentials oAuth2ClientCredentials = new OAuth2ClientCredentials(this.accessTokenRetrieverService);
                apiClient.replaceAuthentication("oauth2", oAuth2ClientCredentials);
                oAuth2ClientCredentials.refreshOAuth2AccessToken();
                this.clientConfig.setClientCredentialsResolver(new DefaultClientCredentialsResolver(oAuth2ClientCredentials));
            }
        } else {
            if (this.clientConfig.getClientCredentialsResolver() == null && this.clientCredentials != null) {
                this.clientConfig.setClientCredentialsResolver(new DefaultClientCredentialsResolver(this.clientCredentials));
            } else if (this.clientConfig.getClientCredentialsResolver() == null) {
                this.clientConfig.setClientCredentialsResolver(new DefaultClientCredentialsResolver(this.clientConfig));
            }
            apiClient.setApiKeyPrefix(AuthenticationScheme.SSWS.name());
            apiClient.setApiKey((String) this.clientConfig.getClientCredentialsResolver().getClientCredentials().getCredentials());
        }
        return apiClient;
    }

    protected HttpClientBuilder createHttpClientBuilder(ClientConfiguration clientConfiguration) {
        return HttpClients.custom().setDefaultRequestConfig(createHttpRequestConfigBuilder(clientConfiguration).build()).setConnectionManager(createHttpClientConnectionManagerBuilder(clientConfiguration).build()).setRetryStrategy(new OktaHttpRequestRetryStrategy(clientConfiguration.getRetryMaxAttempts())).setConnectionBackoffStrategy(new DefaultBackoffStrategy()).setKeepAliveStrategy(new DefaultConnectionKeepAliveStrategy()).setConnectionReuseStrategy(new DefaultConnectionReuseStrategy()).disableCookieManagement();
    }

    protected RequestConfig.Builder createHttpRequestConfigBuilder(ClientConfiguration clientConfiguration) {
        return RequestConfig.custom().setResponseTimeout(Timeout.ofSeconds(clientConfiguration.getConnectionTimeout())).setConnectionRequestTimeout(Timeout.ofSeconds(clientConfiguration.getConnectionTimeout()));
    }

    protected PoolingHttpClientConnectionManagerBuilder createHttpClientConnectionManagerBuilder(ClientConfiguration clientConfiguration) {
        return PoolingHttpClientConnectionManagerBuilder.create().setDefaultConnectionConfig(ConnectionConfig.custom().setConnectTimeout(Timeout.ofSeconds(clientConfiguration.getConnectionTimeout())).build());
    }

    private void setProxy(HttpClientBuilder httpClientBuilder, ClientConfiguration clientConfiguration) {
        httpClientBuilder.useSystemProperties();
        httpClientBuilder.setProxy(new HttpHost(clientConfiguration.getProxyHost(), clientConfiguration.getProxyPort()));
        if (clientConfiguration.getProxyUsername() != null) {
            BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
            basicCredentialsProvider.setCredentials(new AuthScope(clientConfiguration.getProxyHost(), clientConfiguration.getProxyPort()), new UsernamePasswordCredentials(clientConfiguration.getProxyUsername(), clientConfiguration.getProxyPassword().toCharArray()));
            httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
            httpClientBuilder.setProxyAuthenticationStrategy(new DefaultAuthenticationStrategy());
        }
    }

    private void validateOAuth2ClientConfig(ClientConfiguration clientConfiguration) {
        Assert.notNull(clientConfiguration.getClientId(), "clientId cannot be null");
        Assert.isTrue((clientConfiguration.getScopes() == null || clientConfiguration.getScopes().isEmpty()) ? false : true, "At least one scope is required");
        String privateKey = clientConfiguration.getPrivateKey();
        Assert.isTrue(Objects.nonNull(privateKey) || Objects.nonNull(clientConfiguration.getOAuth2AccessToken()), "Either Private Key (or) Access Token must be supplied for OAuth2 Authentication mode");
        if (!Strings.hasText(privateKey) || ConfigUtil.hasPrivateKeyContentWrapper(privateKey)) {
            return;
        }
        try {
            Assert.isTrue(Files.exists(Paths.get(privateKey, new String[0]), LinkOption.NOFOLLOW_LINKS), "privateKey file does not exist");
        } catch (InvalidPathException e) {
            throw new IllegalArgumentException("Invalid privateKey file path", e);
        }
    }

    private void addCustomSerializerAndDeserializers(ApiClient apiClient) {
        ObjectMapper objectMapper = apiClient.getObjectMapper();
        SimpleModule simpleModule = new SimpleModule();
        simpleModule.addSerializer(UserProfile.class, new UserProfileSerializer());
        simpleModule.addDeserializer(UserProfile.class, new UserProfileDeserializer());
        simpleModule.addSerializer(GroupProfile.class, new GroupProfileSerializer());
        simpleModule.addDeserializer(GroupProfile.class, new GroupProfileDeserializer());
        objectMapper.registerModule(simpleModule);
    }

    public ClientBuilder setOrgUrl(String str) {
        ConfigurationValidator.assertOrgUrl(str, this.allowNonHttpsForTesting);
        this.clientConfig.setBaseUrl(str);
        return this;
    }

    public ClientBuilder setAuthorizationMode(AuthorizationMode authorizationMode) {
        this.clientConfig.setAuthorizationMode(authorizationMode);
        this.clientConfig.setAuthenticationScheme(authorizationMode.getAuthenticationScheme());
        return this;
    }

    public ClientBuilder setScopes(Set<String> set) {
        Assert.isTrue((set == null || set.isEmpty()) ? false : true, "At least one scope is required");
        this.clientConfig.setScopes(set);
        return this;
    }

    public ClientBuilder setPrivateKey(String str) {
        Assert.notNull(str, "Missing privateKey");
        this.clientConfig.setPrivateKey(str);
        return this;
    }

    public ClientBuilder setPrivateKey(Path path) {
        Assert.notNull(path, "Missing privateKeyPath");
        this.clientConfig.setPrivateKey(getFileContent(path));
        return this;
    }

    public ClientBuilder setPrivateKey(InputStream inputStream) {
        Assert.notNull(inputStream, "Missing privateKeyStream");
        this.clientConfig.setPrivateKey(getFileContent(inputStream));
        return this;
    }

    public ClientBuilder setPrivateKey(PrivateKey privateKey) {
        Assert.notNull(privateKey, "Missing privateKey");
        String algorithm = privateKey.getAlgorithm();
        if (algorithm.equals("RSA")) {
            try {
                this.clientConfig.setPrivateKey("-----BEGIN RSA PRIVATE KEY-----\n" + Base64.getEncoder().encodeToString(PrivateKeyInfo.getInstance(privateKey.getEncoded()).parsePrivateKey().toASN1Primitive().getEncoded()) + "\n" + ConfigUtil.RSA_PRIVATE_KEY_FOOTER);
            } catch (IOException e) {
                throw new IllegalArgumentException("Could not parse private key");
            }
        } else {
            if (!algorithm.equals("EC")) {
                throw new IllegalArgumentException("Supplied privateKey is not an RSA or EC key - " + algorithm);
            }
            this.clientConfig.setPrivateKey("-----BEGIN EC PRIVATE KEY-----\n" + Base64.getEncoder().encodeToString(privateKey.getEncoded()) + "\n" + ConfigUtil.EC_PRIVATE_KEY_FOOTER);
        }
        return this;
    }

    private String getFileContent(File file) {
        try {
            InputStream newInputStream = Files.newInputStream(file.toPath(), new OpenOption[0]);
            try {
                String readFromInputStream = readFromInputStream(newInputStream);
                if (newInputStream != null) {
                    newInputStream.close();
                }
                return readFromInputStream;
            } finally {
            }
        } catch (IOException e) {
            throw new IllegalArgumentException("Could not read from supplied private key file");
        }
    }

    private String getFileContent(Path path) {
        Assert.notNull(path, "The path to the privateKey cannot be null.");
        return getFileContent(path.toFile());
    }

    private String getFileContent(InputStream inputStream) {
        try {
            return readFromInputStream(inputStream);
        } catch (IOException e) {
            throw new IllegalArgumentException("Could not read from supplied privateKey input stream");
        }
    }

    private String readFromInputStream(InputStream inputStream) throws IOException {
        Assert.notNull(inputStream, "InputStream cannot be null.");
        StringBuilder sb = new StringBuilder();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8));
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    bufferedReader.close();
                    return sb.toString();
                }
                sb.append(readLine).append("\n");
            } catch (Throwable th) {
                try {
                    bufferedReader.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }
    }

    public ClientBuilder setClientId(String str) {
        ConfigurationValidator.assertClientId(str);
        this.clientConfig.setClientId(str);
        return this;
    }

    public ClientBuilder setOAuth2AccessToken(String str) {
        Assert.notNull(str, "oAuth2AccessToken cannot be null.");
        this.clientConfig.setOAuth2AccessToken(str);
        return this;
    }

    public ClientBuilder setKid(String str) {
        Assert.notNull(str, "kid cannot be null.");
        this.clientConfig.setKid(str);
        return this;
    }

    boolean isOAuth2Flow() {
        return getClientConfiguration().getAuthorizationMode() == AuthorizationMode.PRIVATE_KEY;
    }

    public ClientConfiguration getClientConfiguration() {
        return this.clientConfig;
    }

    private static String[] configSources() {
        return new String[]{"classpath:com/okta/sdk/config/okta.properties", "classpath:com/okta/sdk/config/okta.yaml", "classpath:okta.properties", "classpath:okta.yaml", System.getProperty("user.home") + File.separatorChar + ".okta" + File.separatorChar + OKTA_YAML, ENVVARS_TOKEN, SYSPROPS_TOKEN};
    }
}
