package com.obs.services;

import com.kaodeshang.goldbg.net.StatusCode;
import com.obs.log.ILogger;
import com.obs.log.LoggerBuilder;
import com.obs.services.internal.security.BasicSecurityKey;
import com.obs.services.model.ISecurityKey;
import com.umeng.analytics.pro.bt;
import java.io.IOException;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import java.util.function.Function;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import okhttp3.Call;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;

/* loaded from: classes2.dex */
public class RefreshAkSkStsTokenProvider implements IObsCredentialsProvider {
    private static final long REFRESH_INTERVAL_MINUTES = 10;
    private static final ILogger log = LoggerBuilder.getLogger((Class<?>) RefreshAkSkStsTokenProvider.class);
    private final OkHttpClient httpClient;
    private String iamDomain;
    private String iamEndpoint;
    private String iamPassword;
    private String iamUser;
    private ISecurityKey securityKey;
    private final ScheduledExecutorService scheduler = Executors.newScheduledThreadPool(1);
    private boolean refreshTaskStarted = false;
    private final Map<String, Pattern> patternCache = new ConcurrentHashMap();

    public RefreshAkSkStsTokenProvider(String str, String str2, String str3, String str4, OkHttpClient okHttpClient) {
        this.iamDomain = str;
        this.iamUser = str2;
        this.iamPassword = str3;
        this.iamEndpoint = str4;
        this.httpClient = okHttpClient == null ? new OkHttpClient() : okHttpClient;
    }

    private String extractJsonField(String str, final String str2) {
        Matcher matcher = this.patternCache.computeIfAbsent(str2, new Function() { // from class: com.obs.services.RefreshAkSkStsTokenProvider$$ExternalSyntheticLambda0
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                Pattern compile;
                compile = Pattern.compile("\"" + str2 + "\":\"([^\"]+)\"");
                return compile;
            }
        }).matcher(str);
        if (matcher.find()) {
            return matcher.group(1);
        }
        return null;
    }

    private ISecurityKey fetchAkSkStsToken() throws IOException {
        String subjectToken = getSubjectToken();
        if (subjectToken != null) {
            return getSecurityToken(subjectToken);
        }
        log.error((CharSequence) "Failed to fetch subject token.");
        throw new IOException("Subject token is null.");
    }

    private ISecurityKey getSecurityToken(String str) throws IOException {
        Response execute = this.httpClient.newCall(new Request.Builder().url(this.iamEndpoint + "/v3.0/OS-CREDENTIAL/securitytokens").post(RequestBody.create("{ \"auth\": { \"identity\": { \"methods\": [\"token\"], \"token\": { \"id\": \"" + str + "\", \"duration_seconds\": 900 } } } }", MediaType.get(StatusCode.MediaType_Parse))).build()).execute();
        try {
            if (!execute.isSuccessful()) {
                throw new IOException("Unexpected code " + execute);
            }
            ResponseBody body = execute.body();
            if (body == null) {
                throw new IOException("Response body is null");
            }
            String string = body.string();
            String extractJsonField = extractJsonField(string, bt.Q);
            String extractJsonField2 = extractJsonField(string, "secret");
            String extractJsonField3 = extractJsonField(string, "securitytoken");
            if (extractJsonField == null || extractJsonField2 == null || extractJsonField3 == null) {
                throw new IllegalStateException("Failed to extract security keys.");
            }
            BasicSecurityKey basicSecurityKey = new BasicSecurityKey(extractJsonField, extractJsonField2, extractJsonField3);
            if (execute != null) {
                execute.close();
            }
            return basicSecurityKey;
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                if (execute != null) {
                    try {
                        execute.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                }
                throw th2;
            }
        }
    }

    private String getSubjectToken() throws IOException {
        Call newCall = this.httpClient.newCall(new Request.Builder().url(this.iamEndpoint + "/v3/auth/tokens").post(RequestBody.create("{ \"auth\": { \"identity\": { \"methods\": [\"password\"], \"password\": { \"user\": { \"domain\": { \"name\": \"" + this.iamDomain + "\" }, \"name\": \"" + this.iamUser + "\", \"password\": \"" + this.iamPassword + "\" } } }, \"scope\": { \"domain\": { \"name\": \"" + this.iamDomain + "\" } } } }", MediaType.get(StatusCode.MediaType_Parse))).build());
        if (newCall == null) {
            throw new IllegalStateException("OkHttpClient failed to create a new Call. Ensure httpClient is properly initialized with " + this.iamEndpoint + "/v3/auth/tokens");
        }
        Response execute = newCall.execute();
        try {
            if (!execute.isSuccessful()) {
                throw new IOException("Unexpected code " + execute);
            }
            String header = execute.header("X-Subject-Token");
            if (execute != null) {
                execute.close();
            }
            return header;
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                if (execute != null) {
                    try {
                        execute.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                }
                throw th2;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void refreshSecurityKey() {
        try {
            setSecurityKey(fetchAkSkStsToken());
            log.debug((CharSequence) "Security key refreshed successfully.");
        } catch (Exception e) {
            log.error("Failed to refresh security key: " + e.getMessage(), e);
        }
    }

    @Override // com.obs.services.IObsCredentialsProvider
    public ISecurityKey getSecurityKey() {
        refreshSecurityKey();
        return this.securityKey;
    }

    @Override // com.obs.services.IObsCredentialsProvider
    public void setSecurityKey(ISecurityKey iSecurityKey) {
        this.securityKey = iSecurityKey;
    }

    public void startTokenRefreshTask() {
        if (this.refreshTaskStarted) {
            return;
        }
        this.scheduler.scheduleAtFixedRate(new Runnable() { // from class: com.obs.services.RefreshAkSkStsTokenProvider$$ExternalSyntheticLambda1
            @Override // java.lang.Runnable
            public final void run() {
                RefreshAkSkStsTokenProvider.this.refreshSecurityKey();
            }
        }, 0L, REFRESH_INTERVAL_MINUTES, TimeUnit.MINUTES);
        this.refreshTaskStarted = true;
    }
}
