package com.oneidentity.safeguard.safeguardjava.authentication;

import com.oneidentity.safeguard.safeguardjava.Utils;
import com.oneidentity.safeguard.safeguardjava.data.CertificateContext;
import com.oneidentity.safeguard.safeguardjava.data.OauthBody;
import com.oneidentity.safeguard.safeguardjava.exceptions.ObjectDisposedException;
import com.oneidentity.safeguard.safeguardjava.exceptions.SafeguardForJavaException;
import java.util.Map;
import javax.net.ssl.HostnameVerifier;
import org.apache.http.client.methods.CloseableHttpResponse;

/* loaded from: input_file:com/oneidentity/safeguard/safeguardjava/authentication/CertificateAuthenticator.class */
public class CertificateAuthenticator extends AuthenticatorBase {
    private boolean disposed;
    private final CertificateContext clientCertificate;
    private String provider;

    public CertificateAuthenticator(String str, String str2, char[] cArr, String str3, int i, boolean z, HostnameVerifier hostnameVerifier) {
        super(str, i, z, hostnameVerifier);
        this.clientCertificate = new CertificateContext(str3, str2, null, cArr);
    }

    public CertificateAuthenticator(String str, String str2, int i, boolean z, HostnameVerifier hostnameVerifier) throws SafeguardForJavaException {
        super(str, i, z, hostnameVerifier);
        this.clientCertificate = new CertificateContext(str2);
    }

    public CertificateAuthenticator(String str, String str2, char[] cArr, int i, boolean z, HostnameVerifier hostnameVerifier) {
        super(str, i, z, hostnameVerifier);
        this.clientCertificate = new CertificateContext(null, str2, null, cArr);
    }

    public CertificateAuthenticator(String str, byte[] bArr, char[] cArr, String str2, int i, boolean z, HostnameVerifier hostnameVerifier) {
        super(str, i, z, hostnameVerifier);
        this.clientCertificate = new CertificateContext(str2, null, bArr, cArr);
    }

    private CertificateAuthenticator(String str, CertificateContext certificateContext, int i, boolean z, HostnameVerifier hostnameVerifier) {
        super(str, i, z, hostnameVerifier);
        this.clientCertificate = certificateContext.cloneObject();
    }

    public CertificateAuthenticator(String str, String str2, char[] cArr, String str3, int i, boolean z, HostnameVerifier hostnameVerifier, String str4) {
        super(str, i, z, hostnameVerifier);
        this.provider = str4;
        this.clientCertificate = new CertificateContext(str3, str2, null, cArr);
    }

    public CertificateAuthenticator(String str, String str2, int i, boolean z, HostnameVerifier hostnameVerifier, String str3) throws SafeguardForJavaException {
        super(str, i, z, hostnameVerifier);
        this.provider = str3;
        this.clientCertificate = new CertificateContext(str2);
    }

    public CertificateAuthenticator(String str, String str2, char[] cArr, int i, boolean z, HostnameVerifier hostnameVerifier, String str3) {
        super(str, i, z, hostnameVerifier);
        this.provider = str3;
        this.clientCertificate = new CertificateContext(null, str2, null, cArr);
    }

    public CertificateAuthenticator(String str, byte[] bArr, char[] cArr, String str2, int i, boolean z, HostnameVerifier hostnameVerifier, String str3) {
        super(str, i, z, hostnameVerifier);
        this.provider = str3;
        this.clientCertificate = new CertificateContext(str2, null, bArr, cArr);
    }

    private CertificateAuthenticator(String str, CertificateContext certificateContext, int i, boolean z, HostnameVerifier hostnameVerifier, String str2) {
        super(str, i, z, hostnameVerifier);
        this.provider = str2;
        this.clientCertificate = certificateContext.cloneObject();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public String getId() {
        return "Certificate";
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase
    protected char[] getRstsTokenInternal() throws ObjectDisposedException, SafeguardForJavaException {
        if (this.disposed) {
            throw new ObjectDisposedException("CertificateAuthenticator");
        }
        CloseableHttpResponse execPOST = this.rstsClient.execPOST("oauth2/token", null, null, null, new OauthBody("client_credentials", Utils.isNullOrEmpty(this.provider) ? "rsts:sts:primaryproviderid:certificate" : resolveProviderToScope(this.provider)), this.clientCertificate);
        if (execPOST == null) {
            throw new SafeguardForJavaException(String.format("Unable to connect to RSTS service %s", this.rstsClient.getBaseURL()));
        }
        String response = Utils.getResponse(execPOST);
        if (!Utils.isSuccessful(execPOST.getStatusLine().getStatusCode())) {
            String format = Utils.isNullOrEmpty(this.clientCertificate.getCertificateAlias()) ? String.format("file=%s", this.clientCertificate.getCertificatePath()) : String.format("alias=%s", this.clientCertificate.getCertificateAlias());
            throw new SafeguardForJavaException("Error using client_credentials grant_type with " + this.clientCertificate.toString() + String.format(", Error: %d %s", Integer.valueOf(execPOST.getStatusLine().getStatusCode()), response));
        }
        Map<String, String> parseResponse = Utils.parseResponse(response);
        if (parseResponse.containsKey("access_token")) {
            return parseResponse.get("access_token").toCharArray();
        }
        throw new SafeguardForJavaException(String.format("Error retrieving the access token for certificate: %s", this.clientCertificate.getCertificatePath()));
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public Object cloneObject() throws SafeguardForJavaException {
        CertificateAuthenticator certificateAuthenticator = new CertificateAuthenticator(getNetworkAddress(), this.clientCertificate, getApiVersion(), isIgnoreSsl(), getValidationCallback());
        if (this.accessToken != null) {
            certificateAuthenticator.accessToken = (char[]) this.accessToken.clone();
        }
        return certificateAuthenticator;
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public void dispose() {
        super.dispose();
        this.clientCertificate.dispose();
        this.disposed = true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase
    public void finalize() throws Throwable {
        try {
            this.clientCertificate.dispose();
        } finally {
            this.disposed = true;
            super.finalize();
        }
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ String resolveProviderToScope(String str) throws SafeguardForJavaException {
        return super.resolveProviderToScope(str);
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ void refreshAccessToken() throws ObjectDisposedException, SafeguardForJavaException {
        super.refreshAccessToken();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ int getAccessTokenLifetimeRemaining() throws ObjectDisposedException, SafeguardForJavaException {
        return super.getAccessTokenLifetimeRemaining();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ char[] getAccessToken() throws ObjectDisposedException {
        return super.getAccessToken();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ void clearAccessToken() {
        super.clearAccessToken();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ boolean hasAccessToken() {
        return super.hasAccessToken();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ boolean isAnonymous() {
        return super.isAnonymous();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ HostnameVerifier getValidationCallback() {
        return super.getValidationCallback();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ boolean isIgnoreSsl() {
        return super.isIgnoreSsl();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ int getApiVersion() {
        return super.getApiVersion();
    }

    @Override // com.oneidentity.safeguard.safeguardjava.authentication.AuthenticatorBase, com.oneidentity.safeguard.safeguardjava.authentication.IAuthenticationMechanism
    public /* bridge */ /* synthetic */ String getNetworkAddress() {
        return super.getNetworkAddress();
    }
}
