package com.ibm.cloud.objectstorage.oauth;

import com.ibm.cloud.objectstorage.SDKGlobalConfiguration;
import com.ibm.cloud.objectstorage.auth.json.internal.JsonKeyConstants;
import com.ibm.cloud.objectstorage.http.apache.client.impl.ApacheConnectionManagerFactory;
import com.ibm.cloud.objectstorage.http.conn.ssl.SdkTLSSocketFactory;
import com.ibm.cloud.objectstorage.log.InternalLogApi;
import com.ibm.cloud.objectstorage.log.InternalLogFactory;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.HttpHeaders;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.HttpResponse;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.NameValuePair;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.client.ClientProtocolException;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.client.entity.UrlEncodedFormEntity;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.client.methods.HttpPost;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.client.methods.HttpUriRequest;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.conn.ssl.DefaultHostnameVerifier;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.impl.client.CloseableHttpClient;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.impl.client.HttpClientBuilder;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.message.BasicNameValuePair;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.ssl.SSLContexts;
import com.ibm.cloud.objectstorage.thirdparty.apache.http.util.EntityUtils;
import com.ibm.cloud.objectstorage.thirdparty.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;

/* loaded from: input_file:com/ibm/cloud/objectstorage/oauth/DefaultTokenProvider.class */
public class DefaultTokenProvider implements TokenProvider {
    protected static final InternalLogApi log = InternalLogFactory.getLog((Class<?>) DefaultTokenProvider.class);
    private static final String BASIC_AUTH = "Basic Yng6Yng=";
    private static final String CONTENT_TYPE = "application/x-www-form-urlencoded";
    private static final String ACCEPT = "application/json";
    private static final String GRANT_TYPE = "urn:ibm:params:oauth:grant-type:apikey";
    private static final String RESPONSE_TYPE = "cloud_iam";
    private String apiKey;
    private String iamEndpoint = SDKGlobalConfiguration.IAM_ENDPOINT;

    public DefaultTokenProvider(String str) {
        this.apiKey = str;
    }

    public void setIamEndpoint(String str) {
        this.iamEndpoint = str;
    }

    @Override // com.ibm.cloud.objectstorage.oauth.TokenProvider
    public Token retrieveToken() {
        SSLContext createDefault;
        log.debug("DefaultTokenProvider retrieveToken()");
        try {
            if (SDKGlobalConfiguration.isCertCheckingDisabled()) {
                if (log.isWarnEnabled()) {
                    log.warn("SSL Certificate checking for endpoints has been explicitly disabled.");
                }
                createDefault = SSLContext.getInstance("TLS");
                createDefault.init(null, new TrustManager[]{new ApacheConnectionManagerFactory.TrustingX509TrustManager()}, null);
            } else {
                createDefault = SSLContexts.createDefault();
            }
            CloseableHttpClient build = HttpClientBuilder.create().setSSLSocketFactory(new SdkTLSSocketFactory(createDefault, new DefaultHostnameVerifier())).build();
            HttpPost httpPost = new HttpPost(this.iamEndpoint);
            httpPost.setHeader("Authorization", BASIC_AUTH);
            httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");
            httpPost.setHeader(HttpHeaders.ACCEPT, ACCEPT);
            ArrayList arrayList = new ArrayList();
            arrayList.add(new BasicNameValuePair("grant_type", GRANT_TYPE));
            arrayList.add(new BasicNameValuePair("response_type", RESPONSE_TYPE));
            arrayList.add(new BasicNameValuePair(JsonKeyConstants.IBM_API_KEY, this.apiKey));
            httpPost.setEntity(new UrlEncodedFormEntity((List<? extends NameValuePair>) arrayList));
            HttpResponse execute = build.execute((HttpUriRequest) httpPost);
            if (execute.getStatusLine().getStatusCode() == 200) {
                return (Token) new ObjectMapper().readValue(EntityUtils.toString(execute.getEntity()), Token.class);
            }
            log.info("Response code= " + execute.getStatusLine().getStatusCode() + ", Reason= " + execute.getStatusLine().getReasonPhrase() + ".Throwing OAuthServiceException");
            OAuthServiceException oAuthServiceException = new OAuthServiceException("Token retrival from IAM service failed with refresh token");
            oAuthServiceException.setStatusCode(execute.getStatusLine().getStatusCode());
            oAuthServiceException.setStatusMessage(execute.getStatusLine().getReasonPhrase());
            throw oAuthServiceException;
        } catch (ClientProtocolException e) {
            e.printStackTrace();
            return null;
        } catch (UnsupportedEncodingException e2) {
            e2.printStackTrace();
            return null;
        } catch (IOException e3) {
            e3.printStackTrace();
            return null;
        } catch (KeyManagementException e4) {
            e4.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e5) {
            e5.printStackTrace();
            return null;
        }
    }
}
