package com.oxygenxml.positron.vertex.connector.auth;

import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.auth.oauth2.GoogleCredentials;
import com.oxygenxml.positron.api.connector.ProxyConnectionInfo;
import com.oxygenxml.positron.api.connector.ProxyProvider;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.UnknownHostException;
import java.nio.charset.StandardCharsets;
import java.security.PrivilegedExceptionAction;
import java.util.Collections;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Supplier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ro.sync.basic.util.URLUtil;
import ro.sync.security.Sandbox;

/* loaded from: input_file:oxygen-ai-positron-vertex-ai-connector-addon-1.0.0-SNAPSHOT/lib/oxygen-ai-positron-vertex-ai-connector-addon-1.0.0-SNAPSHOT.jar:com/oxygenxml/positron/vertex/connector/auth/AccessTokenProvider.class */
public class AccessTokenProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(AccessTokenProvider.class.getName());
    private static final String AUTH_SCOPE = "https://www.googleapis.com/auth/cloud-platform";
    private static final String OAUTH2_URL = "https://oauth2.googleapis.com/";
    private Optional<String> accessToken = Optional.empty();
    private ProxyProvider proxyProvider;
    private Supplier<String> credentialConfigSupplier;

    public AccessTokenProvider(ProxyProvider proxyProvider, Supplier<String> supplier) {
        this.proxyProvider = proxyProvider;
        this.credentialConfigSupplier = supplier;
    }

    public Optional<String> getAccessToken() {
        return this.accessToken;
    }

    public void setAccessToken(String str) {
        this.accessToken = Optional.ofNullable(str);
    }

    public void loadAuthenticationToken() throws AuthRequestException {
        GoogleCredentials createScoped;
        NetHttpTransport.Builder builder = new NetHttpTransport.Builder();
        ProxyConnectionInfo proxyConnectionInfo = this.proxyProvider.getProxyConnectionInfo(URLUtil.convertToURL(OAUTH2_URL));
        if (proxyConnectionInfo != null) {
            try {
                builder.setProxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(InetAddress.getByName(proxyConnectionInfo.getHost()), proxyConnectionInfo.getPort())));
            } catch (UnknownHostException e) {
                LOGGER.debug(e, e);
            }
        }
        try {
            String str = this.credentialConfigSupplier.get();
            if (str == null || str.trim().isEmpty()) {
                Objects.requireNonNull(builder);
                createScoped = GoogleCredentials.getApplicationDefault(builder::build).createScoped(Collections.singletonList(AUTH_SCOPE));
            } else {
                ByteArrayInputStream byteArrayInputStream = null;
                try {
                    try {
                        byteArrayInputStream = new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8));
                        Objects.requireNonNull(builder);
                        createScoped = GoogleCredentials.fromStream(byteArrayInputStream, builder::build).createScoped(Collections.singletonList(AUTH_SCOPE));
                        if (byteArrayInputStream != null) {
                            byteArrayInputStream.close();
                        }
                    } catch (IOException e2) {
                        LOGGER.debug(e2.getMessage(), e2);
                        throw new AuthRequestException("Error reading credential content from configuration: " + e2.getMessage(), e2);
                    }
                } catch (Throwable th) {
                    if (byteArrayInputStream != null) {
                        byteArrayInputStream.close();
                    }
                    throw th;
                }
            }
            final GoogleCredentials googleCredentials = createScoped;
            this.accessToken = Optional.of((String) Sandbox.runInSafeConnectContext(new PrivilegedExceptionAction<String>() { // from class: com.oxygenxml.positron.vertex.connector.auth.AccessTokenProvider.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public String run() throws Exception {
                    googleCredentials.refreshIfExpired();
                    return googleCredentials.getAccessToken().getTokenValue();
                }
            }));
        } catch (Exception e3) {
            LOGGER.debug(e3.getMessage(), e3);
            throw new AuthRequestException(e3.getMessage(), e3);
        }
    }
}
