package io.camunda.common.auth;

import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.time.Duration;
import java.time.LocalDateTime;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.hc.client5.http.classic.methods.HttpPost;
import org.apache.hc.client5.http.entity.UrlEncodedFormEntity;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.core5.http.ClassicHttpResponse;
import org.apache.hc.core5.http.Header;
import org.apache.hc.core5.http.ProtocolException;
import org.apache.hc.core5.http.message.BasicNameValuePair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/camunda/common/auth/SimpleAuthentication.class */
public class SimpleAuthentication implements Authentication {
    private static final Set<String> CSRF_HEADER_CANDIDATES = Set.of("X-CSRF-TOKEN", "OPERATE-X-CSRF-TOKEN", "TASKLIST-X-CSRF-TOKEN");
    private static final Logger LOG = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
    private final SimpleConfig simpleConfig;
    private final Map<Product, SimpleAuthToken> tokens = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/camunda/common/auth/SimpleAuthentication$SimpleAuthToken.class */
    public static final class SimpleAuthToken extends Record {
        private final String sessionCookie;
        private final String csrfCookie;
        private final String csrfToken;
        private final String csrfTokenHeaderName;
        private final LocalDateTime sessionTimeout;

        private SimpleAuthToken(String str, String str2, String str3, String str4, LocalDateTime localDateTime) {
            this.sessionCookie = str;
            this.csrfCookie = str2;
            this.csrfToken = str3;
            this.csrfTokenHeaderName = str4;
            this.sessionTimeout = localDateTime;
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, SimpleAuthToken.class), SimpleAuthToken.class, "sessionCookie;csrfCookie;csrfToken;csrfTokenHeaderName;sessionTimeout", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->sessionCookie:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->csrfCookie:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->csrfToken:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->csrfTokenHeaderName:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->sessionTimeout:Ljava/time/LocalDateTime;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, SimpleAuthToken.class), SimpleAuthToken.class, "sessionCookie;csrfCookie;csrfToken;csrfTokenHeaderName;sessionTimeout", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->sessionCookie:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->csrfCookie:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->csrfToken:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->csrfTokenHeaderName:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->sessionTimeout:Ljava/time/LocalDateTime;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, SimpleAuthToken.class, Object.class), SimpleAuthToken.class, "sessionCookie;csrfCookie;csrfToken;csrfTokenHeaderName;sessionTimeout", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->sessionCookie:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->csrfCookie:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->csrfToken:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->csrfTokenHeaderName:Ljava/lang/String;", "FIELD:Lio/camunda/common/auth/SimpleAuthentication$SimpleAuthToken;->sessionTimeout:Ljava/time/LocalDateTime;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }

        public String sessionCookie() {
            return this.sessionCookie;
        }

        public String csrfCookie() {
            return this.csrfCookie;
        }

        public String csrfToken() {
            return this.csrfToken;
        }

        public String csrfTokenHeaderName() {
            return this.csrfTokenHeaderName;
        }

        public LocalDateTime sessionTimeout() {
            return this.sessionTimeout;
        }
    }

    public SimpleAuthentication(SimpleConfig simpleConfig) {
        this.simpleConfig = simpleConfig;
    }

    public static SimpleAuthenticationBuilder builder() {
        return new SimpleAuthenticationBuilder();
    }

    public SimpleConfig getSimpleConfig() {
        return this.simpleConfig;
    }

    private SimpleAuthToken retrieveToken(Product product, SimpleCredential simpleCredential) {
        try {
            CloseableHttpClient createSystem = HttpClients.createSystem();
            try {
                this.tokens.put(product, (SimpleAuthToken) createSystem.execute(buildRequest(simpleCredential), classicHttpResponse -> {
                    if (classicHttpResponse.getCode() > 299) {
                        throw new RuntimeException("Unable to login, response code " + classicHttpResponse.getCode());
                    }
                    String str = null;
                    String str2 = null;
                    Header findCsrfTokenHeader = findCsrfTokenHeader(product, classicHttpResponse);
                    if (findCsrfTokenHeader != null) {
                        str = findCsrfTokenHeader.getValue();
                        str2 = findCsrfTokenHeader.getName();
                    }
                    Header[] headers = classicHttpResponse.getHeaders("Set-Cookie");
                    String str3 = null;
                    String str4 = null;
                    String str5 = product.name().toUpperCase() + "-SESSION";
                    for (Header header : headers) {
                        if (header.getValue().startsWith(str5)) {
                            str3 = header.getValue();
                        }
                        Iterator<String> it = CSRF_HEADER_CANDIDATES.iterator();
                        while (it.hasNext()) {
                            if (header.getValue().startsWith(it.next())) {
                                str4 = header.getValue();
                            }
                        }
                    }
                    return new SimpleAuthToken(str3, str4, str, str2, LocalDateTime.now().plus((TemporalAmount) Duration.ofMinutes(5L)));
                }));
                if (createSystem != null) {
                    createSystem.close();
                }
                return this.tokens.get(product);
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException("Unable to authenticate to " + String.valueOf(product), e);
        }
    }

    private Header findCsrfTokenHeader(Product product, ClassicHttpResponse classicHttpResponse) throws ProtocolException {
        SimpleAuthToken simpleAuthToken = this.tokens.get(product);
        if (simpleAuthToken != null) {
            return classicHttpResponse.getHeader(simpleAuthToken.csrfTokenHeaderName());
        }
        for (String str : CSRF_HEADER_CANDIDATES) {
            if (classicHttpResponse.containsHeader(str)) {
                return classicHttpResponse.getHeader(str);
            }
        }
        return null;
    }

    private HttpPost buildRequest(SimpleCredential simpleCredential) {
        HttpPost httpPost = new HttpPost(simpleCredential.getBaseUrl() + "/api/login");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("username", simpleCredential.getUser()));
        arrayList.add(new BasicNameValuePair("password", simpleCredential.getPassword()));
        httpPost.setEntity(new UrlEncodedFormEntity(arrayList));
        return httpPost;
    }

    @Override // io.camunda.common.auth.Authentication
    public Map<String, String> getTokenHeader(Product product) {
        SimpleAuthToken simpleAuthToken = this.tokens.get(product);
        SimpleCredential product2 = this.simpleConfig.getProduct(product);
        if (simpleAuthToken == null || simpleAuthToken.sessionTimeout().isBefore(LocalDateTime.now())) {
            simpleAuthToken = retrieveToken(product, product2);
        }
        HashMap hashMap = new HashMap();
        if (simpleAuthToken.csrfToken() != null) {
            hashMap.put(simpleAuthToken.csrfTokenHeaderName(), simpleAuthToken.csrfToken());
        }
        hashMap.put("Cookie", (String) Stream.of((Object[]) new String[]{simpleAuthToken.sessionCookie(), simpleAuthToken.csrfCookie()}).filter((v0) -> {
            return Objects.nonNull(v0);
        }).collect(Collectors.joining("; ")));
        return hashMap;
    }

    @Override // io.camunda.common.auth.Authentication
    public void resetToken(Product product) {
        this.tokens.remove(product);
    }
}
