package com.sap.cloud.sdk.cloudplatform.tenant;

import com.auth0.jwt.interfaces.DecodedJWT;
import com.auth0.jwt.interfaces.Payload;
import com.sap.cloud.environment.servicebinding.api.DefaultServiceBindingAccessor;
import com.sap.cloud.environment.servicebinding.api.ServiceBinding;
import com.sap.cloud.sdk.cloudplatform.exception.CloudPlatformException;
import com.sap.cloud.sdk.cloudplatform.security.AuthToken;
import com.sap.cloud.sdk.cloudplatform.security.AuthTokenAccessor;
import com.sap.cloud.sdk.cloudplatform.tenant.exception.TenantAccessException;
import com.sap.cloud.sdk.cloudplatform.thread.ThreadContextAccessor;
import com.sap.cloud.sdk.cloudplatform.thread.ThreadContextExecutor;
import com.sap.cloud.sdk.cloudplatform.thread.ThreadContextListener;
import io.vavr.control.Try;
import java.lang.invoke.SerializedLambda;
import java.net.URI;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.Callable;
import java.util.stream.Stream;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sap/cloud/sdk/cloudplatform/tenant/DefaultTenantFacade.class */
public class DefaultTenantFacade implements TenantFacade {
    private static final String JWT_ISSUER = "iss";

    @Generated
    private static final Logger log = LoggerFactory.getLogger(DefaultTenantFacade.class);
    private static final String XSUAA_JWT_ZONE_ID = "zid";
    private static final String IAS_JWT_APP_TID = "app_tid";
    private static final String IAS_JWT_ZONE_ID = "zone_uuid";
    private static final List<String> TENANT_ID_CLAIMS = Arrays.asList(XSUAA_JWT_ZONE_ID, IAS_JWT_APP_TID, IAS_JWT_ZONE_ID);

    @Nonnull
    private String getTenantId(@Nonnull Payload payload) {
        Optional findFirst = TENANT_ID_CLAIMS.stream().map(str -> {
            return payload.getClaim(str).asString();
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).findFirst();
        if (findFirst.isPresent()) {
            return (String) findFirst.get();
        }
        throw new TenantAccessException("No tenant identifier (one of these elements [" + TENANT_ID_CLAIMS + "]) found in JWT.");
    }

    @Nonnull
    private String getIssuer(@Nonnull DecodedJWT decodedJWT) {
        String asString = decodedJWT.getClaim(JWT_ISSUER).asString();
        if (asString == null) {
            throw new TenantAccessException("No subdomain ('iss' element) found in JWT.");
        }
        return asString;
    }

    @Nonnull
    private String getSubdomain(@Nonnull URI uri) {
        String host = uri.getHost();
        if (host == null || !host.contains(".")) {
            throw new TenantAccessException("Failed to get subdomain from issuer URI '" + uri + "'.");
        }
        return host.split("\\.")[0];
    }

    @Override // com.sap.cloud.sdk.cloudplatform.tenant.TenantFacade
    @Nonnull
    public Try<Tenant> tryGetCurrentTenant() {
        Try<Tenant> flatMap = ThreadContextAccessor.tryGetCurrentContext().flatMap(threadContext -> {
            return threadContext.getPropertyValue(TenantThreadContextListener.PROPERTY_TENANT);
        });
        if (flatMap.isSuccess()) {
            return flatMap;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(flatMap.getCause());
        Try<Tenant> tryGetTenantFromAuthToken = tryGetTenantFromAuthToken(AuthTokenAccessor.tryGetCurrentToken());
        Objects.requireNonNull(arrayList);
        Try orElse = tryGetTenantFromAuthToken.onFailure((v1) -> {
            r1.add(v1);
        }).orElse(this::tryGetTenantFromServiceBinding);
        Objects.requireNonNull(arrayList);
        return orElse.onFailure((v1) -> {
            r1.add(v1);
        }).orElse(() -> {
            return createFallbackException(arrayList);
        });
    }

    private Try<Tenant> createFallbackException(@Nonnull List<? extends Throwable> list) {
        TenantAccessException tenantAccessException = new TenantAccessException("Failed to get current tenant.");
        Objects.requireNonNull(tenantAccessException);
        list.forEach(tenantAccessException::addSuppressed);
        return Try.failure(tenantAccessException);
    }

    @Nonnull
    private Try<Tenant> tryGetTenantFromAuthToken(@Nonnull Try<AuthToken> r4) {
        Try map = r4.map((v0) -> {
            return v0.getJwt();
        });
        if (map.isFailure()) {
            return Try.failure(map.getCause());
        }
        Try map2 = map.map((v1) -> {
            return getTenantId(v1);
        });
        if (map2.isFailure()) {
            return Try.failure(map2.getCause());
        }
        Try map3 = map.map(this::getIssuer).map(URI::create).map(this::getSubdomain);
        return map3.isFailure() ? Try.failure(map3.getCause()) : Try.of(() -> {
            return new DefaultTenant((String) map2.get(), (String) map3.get());
        });
    }

    @Nonnull
    private Try<DefaultTenant> tryGetTenantFromServiceBinding() {
        List serviceBindings = DefaultServiceBindingAccessor.getInstance().getServiceBindings();
        for (ServiceBindingTenantExtractor serviceBindingTenantExtractor : ServiceBindingTenantExtractor.values()) {
            Optional findFirst = streamServiceCredentialsByPlan(serviceBindings, serviceBindingTenantExtractor.getService()).peek(map -> {
                log.trace("Trying to extract tenant information from service binding {}.", map);
            }).flatMap(map2 -> {
                return serviceBindingTenantExtractor.getExtractor().apply(map2).toJavaStream();
            }).findFirst();
            if (findFirst.isPresent()) {
                return Try.success((DefaultTenant) findFirst.get());
            }
        }
        return Try.failure(new CloudPlatformException("Failed to extract tenant from service bindings."));
    }

    @Nonnull
    private Stream<Map<String, Object>> streamServiceCredentialsByPlan(@Nonnull Collection<ServiceBinding> collection, @Nonnull String str) {
        return collection.stream().filter(serviceBinding -> {
            return str.equals(serviceBinding.getServiceName().orElse(null));
        }).map((v0) -> {
            return v0.getCredentials();
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public <T> T executeWithTenant(@Nonnull Tenant tenant, @Nonnull Callable<T> callable) {
        return (T) ThreadContextExecutor.fromCurrentOrNewContext().withListeners(new ThreadContextListener[]{new TenantThreadContextListener(tenant)}).execute(callable);
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1873018090:
                if (implMethodName.equals("lambda$tryGetTenantFromAuthToken$893ec91$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("io/vavr/CheckedFunction0") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/sap/cloud/sdk/cloudplatform/tenant/DefaultTenantFacade") && serializedLambda.getImplMethodSignature().equals("(Lio/vavr/control/Try;Lio/vavr/control/Try;)Lcom/sap/cloud/sdk/cloudplatform/tenant/Tenant;")) {
                    Try r0 = (Try) serializedLambda.getCapturedArg(0);
                    Try r1 = (Try) serializedLambda.getCapturedArg(1);
                    return () -> {
                        return new DefaultTenant((String) r0.get(), (String) r1.get());
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
