package io.camunda.operate.auth;

import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.time.LocalDateTime;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.hc.client5.http.classic.methods.HttpPost;
import org.apache.hc.client5.http.entity.UrlEncodedFormEntity;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.core5.http.Header;
import org.apache.hc.core5.http.message.BasicNameValuePair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/camunda/operate/auth/SimpleAuthentication.class */
public class SimpleAuthentication implements Authentication {
    private static final String CSRF_HEADER = "OPERATE-X-CSRF-TOKEN";
    private static final Logger LOG = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
    private final SimpleCredential simpleCredential;
    private SimpleAuthToken token;
    private LocalDateTime sessionTimeout;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken.class */
    public static final class SimpleAuthToken extends Record {
        private final String sessionCookie;
        private final String csrfCookie;
        private final String csrfToken;

        private SimpleAuthToken(String str, String str2, String str3) {
            this.sessionCookie = str;
            this.csrfCookie = str2;
            this.csrfToken = str3;
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, SimpleAuthToken.class), SimpleAuthToken.class, "sessionCookie;csrfCookie;csrfToken", "FIELD:Lio/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken;->sessionCookie:Ljava/lang/String;", "FIELD:Lio/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken;->csrfCookie:Ljava/lang/String;", "FIELD:Lio/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken;->csrfToken:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, SimpleAuthToken.class), SimpleAuthToken.class, "sessionCookie;csrfCookie;csrfToken", "FIELD:Lio/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken;->sessionCookie:Ljava/lang/String;", "FIELD:Lio/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken;->csrfCookie:Ljava/lang/String;", "FIELD:Lio/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken;->csrfToken:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, SimpleAuthToken.class, Object.class), SimpleAuthToken.class, "sessionCookie;csrfCookie;csrfToken", "FIELD:Lio/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken;->sessionCookie:Ljava/lang/String;", "FIELD:Lio/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken;->csrfCookie:Ljava/lang/String;", "FIELD:Lio/camunda/operate/auth/SimpleAuthentication$SimpleAuthToken;->csrfToken:Ljava/lang/String;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }

        public String sessionCookie() {
            return this.sessionCookie;
        }

        public String csrfCookie() {
            return this.csrfCookie;
        }

        public String csrfToken() {
            return this.csrfToken;
        }
    }

    public SimpleAuthentication(SimpleCredential simpleCredential) {
        this.simpleCredential = simpleCredential;
    }

    private SimpleAuthToken retrieveToken() {
        try {
            CloseableHttpClient createSystem = HttpClients.createSystem();
            try {
                SimpleAuthToken simpleAuthToken = (SimpleAuthToken) createSystem.execute(buildRequest(this.simpleCredential), classicHttpResponse -> {
                    if (classicHttpResponse.getCode() > 299) {
                        throw new RuntimeException("Unable to login, response code " + classicHttpResponse.getCode());
                    }
                    Header header = classicHttpResponse.getHeader(CSRF_HEADER);
                    String value = header != null ? header.getValue() : null;
                    String str = null;
                    String str2 = null;
                    for (Header header2 : classicHttpResponse.getHeaders("Set-Cookie")) {
                        if (header2.getValue().startsWith("OPERATE-SESSION")) {
                            str = header2.getValue();
                        }
                        if (header2.getValue().startsWith(CSRF_HEADER)) {
                            str2 = header2.getValue();
                        }
                    }
                    return new SimpleAuthToken(str, str2, value);
                });
                if (simpleAuthToken.sessionCookie() == null) {
                    throw new RuntimeException("Unable to authenticate due to missing Set-Cookie OPERATE-SESSION");
                }
                if (simpleAuthToken.csrfToken() == null) {
                    LOG.info("No CSRF token found");
                }
                if (simpleAuthToken.csrfCookie() == null) {
                    LOG.info("No CSRF cookie found");
                }
                this.sessionTimeout = LocalDateTime.now().plus((TemporalAmount) this.simpleCredential.sessionTimeout());
                if (createSystem != null) {
                    createSystem.close();
                }
                return simpleAuthToken;
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException("Unable to authenticate", e);
        }
    }

    private HttpPost buildRequest(SimpleCredential simpleCredential) {
        HttpPost httpPost = new HttpPost(simpleCredential.baseUrl().toString() + "/api/login");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("username", simpleCredential.username()));
        arrayList.add(new BasicNameValuePair("password", simpleCredential.password()));
        httpPost.setEntity(new UrlEncodedFormEntity(arrayList));
        return httpPost;
    }

    @Override // io.camunda.operate.auth.Authentication
    public Map<String, String> getTokenHeader() {
        if (this.token == null || this.sessionTimeout.isBefore(LocalDateTime.now())) {
            this.token = retrieveToken();
        }
        HashMap hashMap = new HashMap();
        if (this.token.csrfToken() != null) {
            hashMap.put(CSRF_HEADER, this.token.csrfToken());
        }
        hashMap.put("Cookie", (String) Stream.of((Object[]) new String[]{this.token.sessionCookie(), this.token.csrfCookie()}).filter((v0) -> {
            return Objects.nonNull(v0);
        }).collect(Collectors.joining(";")));
        return hashMap;
    }

    @Override // io.camunda.operate.auth.Authentication
    public void resetToken() {
        this.token = null;
    }
}
