package com.google.auth.oauth2;

import com.facebook.common.util.UriUtil;
import com.google.api.client.http.o00O0O;
import com.google.api.client.http.oo000o;
import com.google.auth.oauth2.ExternalAccountCredentials;
import com.google.auth.oauth2.OooOo;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Pattern;
import javax.annotation.Nullable;
import org.litepal.util.Const;

/* loaded from: classes2.dex */
public class IdentityPoolCredentials extends ExternalAccountCredentials {
    private final IdentityPoolCredentialSource identityPoolCredentialSource;

    @Nullable
    private String workforcePoolUserProject;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public static class IdentityPoolCredentialSource extends ExternalAccountCredentials.OooO0OO {

        /* renamed from: OooO00o, reason: collision with root package name */
        private IdentityPoolCredentialSourceType f19163OooO00o;

        /* renamed from: OooO0O0, reason: collision with root package name */
        private CredentialFormatType f19164OooO0O0;

        /* renamed from: OooO0OO, reason: collision with root package name */
        private String f19165OooO0OO;

        /* renamed from: OooO0Oo, reason: collision with root package name */
        @Nullable
        private String f19166OooO0Oo;

        /* renamed from: OooO0o0, reason: collision with root package name */
        @Nullable
        private Map<String, String> f19167OooO0o0;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: classes2.dex */
        public enum CredentialFormatType {
            TEXT,
            JSON
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: classes2.dex */
        public enum IdentityPoolCredentialSourceType {
            FILE,
            URL
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public IdentityPoolCredentialSource(Map<String, Object> map) {
            super(map);
            if (map.containsKey(UriUtil.LOCAL_FILE_SCHEME) && map.containsKey("url")) {
                throw new IllegalArgumentException("Only one credential source type can be set, either file or url.");
            }
            if (map.containsKey(UriUtil.LOCAL_FILE_SCHEME)) {
                this.f19165OooO0OO = (String) map.get(UriUtil.LOCAL_FILE_SCHEME);
                this.f19163OooO00o = IdentityPoolCredentialSourceType.FILE;
            } else {
                if (!map.containsKey("url")) {
                    throw new IllegalArgumentException("Missing credential source file location or URL. At least one must be specified.");
                }
                this.f19165OooO0OO = (String) map.get("url");
                this.f19163OooO00o = IdentityPoolCredentialSourceType.URL;
            }
            Map map2 = (Map) map.get("headers");
            if (map2 != null && !map2.isEmpty()) {
                HashMap hashMap = new HashMap();
                this.f19167OooO0o0 = hashMap;
                hashMap.putAll(map2);
            }
            CredentialFormatType credentialFormatType = CredentialFormatType.TEXT;
            this.f19164OooO0O0 = credentialFormatType;
            Map map3 = (Map) map.get("format");
            if (map3 == null || !map3.containsKey(Const.TableSchema.COLUMN_TYPE)) {
                return;
            }
            String str = (String) map3.get(Const.TableSchema.COLUMN_TYPE);
            if (!"text".equals(str) && !"json".equals(str)) {
                throw new IllegalArgumentException(String.format("Invalid credential source format type: %s.", str));
            }
            this.f19164OooO0O0 = str.equals("text") ? credentialFormatType : CredentialFormatType.JSON;
            if (!map3.containsKey("subject_token_field_name")) {
                throw new IllegalArgumentException("When specifying a JSON credential type, the subject_token_field_name must be set.");
            }
            this.f19166OooO0Oo = (String) map3.get("subject_token_field_name");
        }

        /* JADX INFO: Access modifiers changed from: private */
        public boolean OooO0oO() {
            Map<String, String> map = this.f19167OooO0o0;
            return (map == null || map.isEmpty()) ? false : true;
        }
    }

    /* loaded from: classes2.dex */
    public static class OooO00o extends ExternalAccountCredentials.OooO0O0 {

        /* renamed from: OooOOOo, reason: collision with root package name */
        @Nullable
        private String f19168OooOOOo;

        OooO00o() {
        }

        OooO00o(IdentityPoolCredentials identityPoolCredentials) {
            super(identityPoolCredentials);
            OooOo00(identityPoolCredentials.getWorkforcePoolUserProject());
        }

        @Override // com.google.auth.oauth2.ExternalAccountCredentials.OooO0O0
        /* renamed from: OooOOoo, reason: merged with bridge method [inline-methods] and merged with bridge method [inline-methods] and merged with bridge method [inline-methods] */
        public IdentityPoolCredentials OooO0o() {
            return new IdentityPoolCredentials(this);
        }

        public OooO00o OooOo00(String str) {
            this.f19168OooOOOo = str;
            return this;
        }
    }

    IdentityPoolCredentials(OooO00o oooO00o) {
        super(oooO00o.f19154OooOO0, oooO00o.f19149OooO0Oo, oooO00o.f19151OooO0o0, oooO00o.f19150OooO0o, oooO00o.f19153OooO0oo, oooO00o.f19152OooO0oO, oooO00o.f19155OooOO0O, oooO00o.f19156OooOO0o, oooO00o.f19158OooOOO0, oooO00o.f19157OooOOO, oooO00o.f19159OooOOOO, oooO00o.f19148OooO);
        this.identityPoolCredentialSource = (IdentityPoolCredentialSource) oooO00o.f19153OooO0oo;
        String str = oooO00o.f19168OooOOOo;
        this.workforcePoolUserProject = str;
        if (str != null && !isWorkforcePoolConfiguration()) {
            throw new IllegalArgumentException("The workforce_pool_user_project parameter should only be provided for a Workforce Pool configuration.");
        }
    }

    private String getSubjectTokenFromMetadataServer() throws IOException {
        oo000o OooO00o2 = this.transportFactory.create().OooO0OO().OooO00o(new com.google.api.client.http.OooOOO(this.identityPoolCredentialSource.f19165OooO0OO));
        OooO00o2.OooOoO(new oo0O.OooO(OooOOOO.f19243OooO0o));
        if (this.identityPoolCredentialSource.OooO0oO()) {
            o00O0O o00o0o2 = new o00O0O();
            o00o0o2.putAll(this.identityPoolCredentialSource.f19167OooO0o0);
            OooO00o2.OooOo0o(o00o0o2);
        }
        try {
            return parseToken(OooO00o2.OooO0O0().OooO0OO());
        } catch (IOException e) {
            throw new IOException(String.format("Error getting subject token from metadata server: %s", e.getMessage()), e);
        }
    }

    public static OooO00o newBuilder() {
        return new OooO00o();
    }

    public static OooO00o newBuilder(IdentityPoolCredentials identityPoolCredentials) {
        return new OooO00o(identityPoolCredentials);
    }

    private String parseToken(InputStream inputStream) throws IOException {
        if (this.identityPoolCredentialSource.f19164OooO0O0 == IdentityPoolCredentialSource.CredentialFormatType.TEXT) {
            return com.google.common.io.OooO0OO.OooO0o(new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8)));
        }
        oo0O.OooO0O0 oooO0O0 = (oo0O.OooO0O0) new oo0O.OooO(OooOOOO.f19243OooO0o).OooO00o(inputStream, StandardCharsets.UTF_8, oo0O.OooO0O0.class);
        if (oooO0O0.containsKey(this.identityPoolCredentialSource.f19166OooO0Oo)) {
            return (String) oooO0O0.get(this.identityPoolCredentialSource.f19166OooO0Oo);
        }
        throw new IOException("Invalid subject token field name. No subject token was found.");
    }

    private String retrieveSubjectTokenFromCredentialFile() throws IOException {
        String str = this.identityPoolCredentialSource.f19165OooO0OO;
        if (!Files.exists(Paths.get(str, new String[0]), LinkOption.NOFOLLOW_LINKS)) {
            throw new IOException(String.format("Invalid credential location. The file at %s does not exist.", str));
        }
        try {
            return parseToken(new FileInputStream(new File(str)));
        } catch (IOException e) {
            throw new IOException("Error when attempting to read the subject token from the credential file.", e);
        }
    }

    @Override // com.google.auth.oauth2.GoogleCredentials
    public /* bridge */ /* synthetic */ GoogleCredentials createScoped(Collection collection) {
        return createScoped((Collection<String>) collection);
    }

    @Override // com.google.auth.oauth2.GoogleCredentials
    public IdentityPoolCredentials createScoped(Collection<String> collection) {
        return new IdentityPoolCredentials((OooO00o) newBuilder(this).OooOOO0(collection));
    }

    @Nullable
    public String getWorkforcePoolUserProject() {
        return this.workforcePoolUserProject;
    }

    public boolean isWorkforcePoolConfiguration() {
        return this.workforcePoolUserProject != null && Pattern.compile("^//iam.googleapis.com/locations/.+/workforcePools/.+/providers/.+$").matcher(getAudience()).matches();
    }

    @Override // com.google.auth.oauth2.OAuth2Credentials
    public AccessToken refreshAccessToken() throws IOException {
        OooOo.OooO0O0 OooO0O02 = OooOo.OooOOO(retrieveSubjectToken(), getSubjectTokenType()).OooO0O0(getAudience());
        Collection<String> scopes = getScopes();
        if (scopes != null && !scopes.isEmpty()) {
            OooO0O02.OooO0o0(new ArrayList(scopes));
        }
        if (isWorkforcePoolConfiguration()) {
            oo0O.OooO0O0 oooO0O0 = new oo0O.OooO0O0();
            oooO0O0.OooO0OO(OooOOOO.f19243OooO0o);
            oooO0O0.put("userProject", (Object) this.workforcePoolUserProject);
            OooO0O02.OooO0OO(oooO0O0.toString());
        }
        return exchangeExternalCredentialForAccessToken(OooO0O02.OooO00o());
    }

    @Override // com.google.auth.oauth2.ExternalAccountCredentials
    public String retrieveSubjectToken() throws IOException {
        return this.identityPoolCredentialSource.f19163OooO00o == IdentityPoolCredentialSource.IdentityPoolCredentialSourceType.FILE ? retrieveSubjectTokenFromCredentialFile() : getSubjectTokenFromMetadataServer();
    }
}
