package io.kubernetes.client.util;

import io.kubernetes.client.openapi.ApiClient;
import io.kubernetes.client.openapi.ApiException;
import io.kubernetes.client.openapi.models.V1CertificateSigningRequest;
import io.kubernetes.client.util.credentials.AccessTokenAuthentication;
import io.kubernetes.client.util.credentials.Authentication;
import io.kubernetes.client.util.credentials.ClientCertificateAuthentication;
import io.kubernetes.client.util.credentials.KubeconfigAuthentication;
import io.kubernetes.client.util.credentials.TokenFileAuthentication;
import io.kubernetes.client.util.exception.CSRNotApprovedException;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.PrivateKey;
import java.time.Duration;
import java.util.Arrays;
import java.util.List;
import okhttp3.Protocol;
import org.apache.commons.compress.utils.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/bundled-dependencies/client-java-12.0.1.jar:io/kubernetes/client/util/ClientBuilder.class */
public class ClientBuilder {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) ClientBuilder.class);
    private Authentication authentication;
    private String keyStorePassphrase;
    private String basePath = Config.DEFAULT_FALLBACK_HOST;
    private byte[] caCertBytes = null;
    private boolean verifyingSsl = true;
    private List<Protocol> protocols = Arrays.asList(Protocol.HTTP_2, Protocol.HTTP_1_1);
    private Duration readTimeout = Duration.ZERO;
    private Duration pingInterval = Duration.ofMinutes(1);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:META-INF/bundled-dependencies/client-java-12.0.1.jar:io/kubernetes/client/util/ClientBuilder$KubeConfigEnvParser.class */
    public static class KubeConfigEnvParser {
        private KubeConfigEnvParser() {
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String parseKubeConfigPath(String str) {
            if (str == null) {
                return null;
            }
            String[] split = str.split(File.pathSeparator);
            String str2 = split[0];
            if (split.length > 1) {
                ClientBuilder.log.warn("Found multiple kubeconfigs files, $KUBECONFIG: " + str + " using first: {}", str2);
            }
            return str2;
        }
    }

    public static ApiClient defaultClient() throws IOException {
        return standard().build();
    }

    public static ClientBuilder standard() throws IOException {
        return standard(true);
    }

    public static ClientBuilder standard(boolean z) throws IOException {
        ClientBuilder clientBuilder = getClientBuilder(z, findConfigFromEnv());
        if (clientBuilder != null) {
            return clientBuilder;
        }
        ClientBuilder clientBuilder2 = getClientBuilder(z, findConfigInHomeDir());
        return clientBuilder2 != null ? clientBuilder2 : new File(Config.SERVICEACCOUNT_CA_PATH).exists() ? cluster() : new ClientBuilder();
    }

    private static ClientBuilder getClientBuilder(boolean z, File file) throws IOException {
        if (file == null) {
            return null;
        }
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new FileInputStream(file), StandardCharsets.UTF_8.name()));
        Throwable th = null;
        try {
            KubeConfig loadKubeConfig = KubeConfig.loadKubeConfig(bufferedReader);
            if (z) {
                loadKubeConfig.setPersistConfig(new FilePersister(file));
            }
            loadKubeConfig.setFile(file);
            ClientBuilder kubeconfig = kubeconfig(loadKubeConfig);
            if (bufferedReader != null) {
                if (0 != 0) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    bufferedReader.close();
                }
            }
            return kubeconfig;
        } catch (Throwable th3) {
            if (bufferedReader != null) {
                if (0 != 0) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    bufferedReader.close();
                }
            }
            throw th3;
        }
    }

    private static File findConfigFromEnv() {
        String parseKubeConfigPath = new KubeConfigEnvParser().parseKubeConfigPath(System.getenv(Config.ENV_KUBECONFIG));
        if (parseKubeConfigPath == null) {
            return null;
        }
        File file = new File(parseKubeConfigPath);
        if (file.exists()) {
            return file;
        }
        log.debug("Could not find file specified in $KUBECONFIG");
        return null;
    }

    private static File findHomeDir() {
        String str = System.getenv(KubeConfig.ENV_HOME);
        if (str != null && str.length() > 0) {
            File file = new File(str);
            if (file.exists()) {
                return file;
            }
        }
        if (!System.getProperty("os.name").toLowerCase().startsWith("windows")) {
            return null;
        }
        String str2 = System.getenv("HOMEDRIVE");
        String str3 = System.getenv("HOMEPATH");
        if (str2 != null && str2.length() > 0 && str3 != null && str3.length() > 0) {
            File file2 = new File(new File(str2), str3);
            if (file2.exists()) {
                return file2;
            }
        }
        String str4 = System.getenv("USERPROFILE");
        if (str4 == null || str4.length() <= 0) {
            return null;
        }
        File file3 = new File(str4);
        if (file3.exists()) {
            return file3;
        }
        return null;
    }

    private static File findConfigInHomeDir() {
        File findHomeDir = findHomeDir();
        if (findHomeDir != null) {
            File file = new File(new File(findHomeDir, KubeConfig.KUBEDIR), "config");
            if (file.exists()) {
                return file;
            }
        }
        log.debug("Could not find ~/.kube/config");
        return null;
    }

    public static ClientBuilder oldCluster() throws IOException {
        ClientBuilder clientBuilder = new ClientBuilder();
        clientBuilder.setBasePath(System.getenv(Config.ENV_SERVICE_HOST), System.getenv(Config.ENV_SERVICE_PORT));
        String str = new String(Files.readAllBytes(Paths.get(Config.SERVICEACCOUNT_TOKEN_PATH, new String[0])), Charset.defaultCharset());
        clientBuilder.setCertificateAuthority(Files.readAllBytes(Paths.get(Config.SERVICEACCOUNT_CA_PATH, new String[0])));
        clientBuilder.setAuthentication(new AccessTokenAuthentication(str));
        return clientBuilder;
    }

    public static ClientBuilder cluster() throws IOException {
        ClientBuilder clientBuilder = new ClientBuilder();
        clientBuilder.setBasePath(System.getenv(Config.ENV_SERVICE_HOST), System.getenv(Config.ENV_SERVICE_PORT));
        clientBuilder.setCertificateAuthority(Files.readAllBytes(Paths.get(Config.SERVICEACCOUNT_CA_PATH, new String[0])));
        clientBuilder.setAuthentication(new TokenFileAuthentication(Config.SERVICEACCOUNT_TOKEN_PATH));
        return clientBuilder;
    }

    protected ClientBuilder setBasePath(String str, String str2) {
        try {
            setBasePath(new URI("https", null, str, Integer.valueOf(str2).intValue(), null, null, null).toString());
            return this;
        } catch (NumberFormatException | URISyntaxException e) {
            throw new IllegalStateException(e);
        }
    }

    public static ClientBuilder kubeconfig(KubeConfig kubeConfig) throws IOException {
        ClientBuilder clientBuilder = new ClientBuilder();
        String server = kubeConfig.getServer();
        if (!server.contains("://")) {
            server = server.contains(":443") ? "https://" + server : "http://" + server;
        }
        byte[] dataOrFileRelative = kubeConfig.getDataOrFileRelative(kubeConfig.getCertificateAuthorityData(), kubeConfig.getCertificateAuthorityFile());
        if (dataOrFileRelative != null) {
            clientBuilder.setCertificateAuthority(dataOrFileRelative);
        }
        clientBuilder.setVerifyingSsl(kubeConfig.verifySSL());
        clientBuilder.setBasePath(server);
        clientBuilder.setAuthentication(new KubeconfigAuthentication(kubeConfig));
        return clientBuilder;
    }

    public static ApiClient fromCertificateSigningRequest(KubeConfig kubeConfig, PrivateKey privateKey, V1CertificateSigningRequest v1CertificateSigningRequest) throws IOException, CSRNotApprovedException, ApiException {
        return fromCertificateSigningRequest(kubeconfig(kubeConfig).build(), privateKey, v1CertificateSigningRequest);
    }

    public static ApiClient fromCertificateSigningRequest(ApiClient apiClient, PrivateKey privateKey, V1CertificateSigningRequest v1CertificateSigningRequest) throws IOException, CSRNotApprovedException, ApiException {
        byte[] createAndWaitUntilCertificateSigned = CSRUtils.createAndWaitUntilCertificateSigned(apiClient, v1CertificateSigningRequest);
        InputStream sslCaCert = apiClient.getSslCaCert();
        sslCaCert.reset();
        ClientBuilder clientBuilder = new ClientBuilder();
        clientBuilder.setAuthentication(new ClientCertificateAuthentication(createAndWaitUntilCertificateSigned, SSLUtils.dumpKey(privateKey)));
        clientBuilder.setBasePath(apiClient.getBasePath());
        clientBuilder.setVerifyingSsl(apiClient.isVerifyingSsl());
        clientBuilder.setCertificateAuthority(IOUtils.toByteArray(sslCaCert));
        return clientBuilder.build();
    }

    public String getBasePath() {
        return this.basePath;
    }

    public ClientBuilder setBasePath(String str) {
        this.basePath = str;
        return this;
    }

    public Authentication getAuthentication() {
        return this.authentication;
    }

    public ClientBuilder setAuthentication(Authentication authentication) {
        this.authentication = authentication;
        return this;
    }

    public ClientBuilder setCertificateAuthority(byte[] bArr) {
        this.caCertBytes = bArr;
        return this;
    }

    public boolean isVerifyingSsl() {
        return this.verifyingSsl;
    }

    public ClientBuilder setVerifyingSsl(boolean z) {
        this.verifyingSsl = z;
        return this;
    }

    public ClientBuilder setProtocols(List<Protocol> list) {
        this.protocols = list;
        return this;
    }

    public List<Protocol> getProtocols() {
        return this.protocols;
    }

    public ClientBuilder setReadTimeout(Duration duration) {
        this.readTimeout = duration;
        return this;
    }

    public Duration getReadTimeout() {
        return this.readTimeout;
    }

    public ClientBuilder setPingInterval(Duration duration) {
        this.pingInterval = duration;
        return this;
    }

    public Duration getPingInterval() {
        return this.pingInterval;
    }

    public String getKeyStorePassphrase() {
        return this.keyStorePassphrase;
    }

    public ClientBuilder setKeyStorePassphrase(String str) {
        this.keyStorePassphrase = str;
        return this;
    }

    public ApiClient build() {
        ApiClient apiClient = new ApiClient();
        apiClient.setHttpClient(apiClient.getHttpClient().newBuilder().protocols(this.protocols).readTimeout(this.readTimeout).pingInterval(this.pingInterval).build());
        if (this.basePath != null) {
            if (this.basePath.endsWith("/")) {
                this.basePath = this.basePath.substring(0, this.basePath.length() - 1);
            }
            apiClient.setBasePath(this.basePath);
        }
        apiClient.setVerifyingSsl(this.verifyingSsl);
        if (this.authentication != null) {
            if (StringUtils.isNotEmpty(this.keyStorePassphrase) && (this.authentication instanceof KubeconfigAuthentication) && (((KubeconfigAuthentication) this.authentication).getDelegateAuthentication() instanceof ClientCertificateAuthentication)) {
                ((ClientCertificateAuthentication) ((KubeconfigAuthentication) this.authentication).getDelegateAuthentication()).setPassphrase(this.keyStorePassphrase);
            }
            this.authentication.provide(apiClient);
        }
        if (this.caCertBytes != null) {
            apiClient.setSslCaCert(new ByteArrayInputStream(this.caCertBytes));
        }
        return apiClient;
    }
}
