package com.google.auth.oauth2;

import com.google.api.client.http.GenericUrl;
import com.google.api.client.http.HttpBackOffIOExceptionHandler;
import com.google.api.client.http.HttpBackOffUnsuccessfulResponseHandler;
import com.google.api.client.http.HttpRequest;
import com.google.api.client.http.HttpResponse;
import com.google.api.client.json.JsonObjectParser;
import com.google.api.client.util.ExponentialBackOff;
import com.google.api.client.util.GenericData;
import com.google.auth.http.HttpTransportFactory;
import com.google.common.collect.Iterables;
import com.google.errorprone.annotations.CanIgnoreReturnValue;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.ServiceLoader;
import java.util.Set;
import javax.annotation.concurrent.ThreadSafe;

@ThreadSafe
/* loaded from: input_file:WEB-INF/lib/google-auth-library-oauth2-http-1.30.0.jar:com/google/auth/oauth2/SecureSessionAgent.class */
public class SecureSessionAgent {
    static final String S2A_PLAINTEXT_ADDRESS_JSON_KEY = "plaintext_address";
    static final String S2A_MTLS_ADDRESS_JSON_KEY = "mtls_address";
    static final String METADATA_FLAVOR = "Metadata-Flavor";
    static final String GOOGLE = "Google";
    private static final String PARSE_ERROR_S2A = "Error parsing S2A Config from MDS JSON response.";
    private transient HttpTransportFactory transportFactory;
    private static final Set<Integer> RETRYABLE_STATUS_CODES = new HashSet(Arrays.asList(500, 502, 503));
    static final String S2A_CONFIG_ENDPOINT_POSTFIX = "/computeMetadata/v1/instance/platform-security/auto-mtls-configuration";
    private static final String MDS_MTLS_ENDPOINT = ComputeEngineCredentials.getMetadataServerUrl() + S2A_CONFIG_ENDPOINT_POSTFIX;

    /* loaded from: input_file:WEB-INF/lib/google-auth-library-oauth2-http-1.30.0.jar:com/google/auth/oauth2/SecureSessionAgent$Builder.class */
    public static class Builder {
        private HttpTransportFactory transportFactory;

        protected Builder() {
        }

        @CanIgnoreReturnValue
        public Builder setHttpTransportFactory(HttpTransportFactory httpTransportFactory) {
            this.transportFactory = httpTransportFactory;
            return this;
        }

        public HttpTransportFactory getHttpTransportFactory() {
            return this.transportFactory;
        }

        public SecureSessionAgent build() {
            return new SecureSessionAgent(this);
        }
    }

    SecureSessionAgent(Builder builder) {
        this.transportFactory = builder.getHttpTransportFactory();
    }

    public SecureSessionAgentConfig getConfig() {
        return getSecureSessionAgentConfigFromMDS();
    }

    public static SecureSessionAgent create() {
        return newBuilder().build();
    }

    public static Builder newBuilder() {
        return new Builder();
    }

    private SecureSessionAgentConfig getSecureSessionAgentConfigFromMDS() {
        if (this.transportFactory == null) {
            this.transportFactory = (HttpTransportFactory) Iterables.getFirst(ServiceLoader.load(HttpTransportFactory.class), OAuth2Utils.HTTP_TRANSPORT_FACTORY);
        }
        try {
            HttpRequest buildGetRequest = this.transportFactory.create().createRequestFactory().buildGetRequest(new GenericUrl(MDS_MTLS_ENDPOINT));
            buildGetRequest.setParser(new JsonObjectParser(OAuth2Utils.JSON_FACTORY));
            buildGetRequest.getHeaders().set(METADATA_FLAVOR, (Object) GOOGLE);
            buildGetRequest.setThrowExceptionOnExecuteError(false);
            buildGetRequest.setNumberOfRetries(3);
            ExponentialBackOff build = new ExponentialBackOff.Builder().setInitialIntervalMillis(1000).setRandomizationFactor(0.1d).setMultiplier(2.0d).build();
            buildGetRequest.setUnsuccessfulResponseHandler(new HttpBackOffUnsuccessfulResponseHandler(build).setBackOffRequired(httpResponse -> {
                return RETRYABLE_STATUS_CODES.contains(Integer.valueOf(httpResponse.getStatusCode()));
            }));
            buildGetRequest.setIOExceptionHandler(new HttpBackOffIOExceptionHandler(build));
            try {
                HttpResponse execute = buildGetRequest.execute();
                if (execute.getContent() == null) {
                    return SecureSessionAgentConfig.createBuilder().build();
                }
                GenericData genericData = (GenericData) execute.parseAs(GenericData.class);
                String str = "";
                String str2 = "";
                try {
                    str = OAuth2Utils.validateString(genericData, S2A_PLAINTEXT_ADDRESS_JSON_KEY, PARSE_ERROR_S2A);
                } catch (IOException e) {
                }
                try {
                    str2 = OAuth2Utils.validateString(genericData, S2A_MTLS_ADDRESS_JSON_KEY, PARSE_ERROR_S2A);
                } catch (IOException e2) {
                }
                return SecureSessionAgentConfig.createBuilder().setPlaintextAddress(str).setMtlsAddress(str2).build();
            } catch (IOException e3) {
                return SecureSessionAgentConfig.createBuilder().build();
            }
        } catch (IOException e4) {
            return SecureSessionAgentConfig.createBuilder().build();
        }
    }
}
