package com.sap.cloud.security.servlet;

import com.sap.cloud.security.client.HttpClientException;
import com.sap.cloud.security.config.CredentialType;
import com.sap.cloud.security.config.OAuth2ServiceConfiguration;
import com.sap.cloud.security.token.Token;
import com.sap.cloud.security.xsuaa.Assertions;
import com.sap.cloud.security.xsuaa.client.OAuth2TokenResponse;
import com.sap.cloud.security.xsuaa.client.OAuth2TokenService;
import com.sap.cloud.security.xsuaa.client.XsuaaDefaultEndpoints;
import com.sap.cloud.security.xsuaa.tokenflows.TokenFlowException;
import com.sap.cloud.security.xsuaa.tokenflows.XsuaaTokenFlows;
import javax.annotation.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sap/cloud/security/servlet/IasXsuaaExchangeBroker.class */
class IasXsuaaExchangeBroker {
    private static final Logger LOGGER = LoggerFactory.getLogger(IasXsuaaExchangeBroker.class);
    private XsuaaTokenFlows xsuaaTokenFlows;

    private IasXsuaaExchangeBroker() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static IasXsuaaExchangeBroker build(OAuth2ServiceConfiguration oAuth2ServiceConfiguration, OAuth2TokenService oAuth2TokenService) {
        IasXsuaaExchangeBroker iasXsuaaExchangeBroker = new IasXsuaaExchangeBroker();
        Assertions.assertNotNull(oAuth2ServiceConfiguration, "Service configuration must not be null");
        Assertions.assertNotNull(oAuth2TokenService, "Oauth2 Token Service must not be null");
        LOGGER.debug("Initializing XsuaaTokenFlow ({} based authentication)", oAuth2ServiceConfiguration.getCredentialType() == CredentialType.X509 ? "certificate" : "client secret");
        iasXsuaaExchangeBroker.xsuaaTokenFlows = new XsuaaTokenFlows(oAuth2TokenService, new XsuaaDefaultEndpoints(oAuth2ServiceConfiguration), oAuth2ServiceConfiguration.getClientIdentity());
        return iasXsuaaExchangeBroker;
    }

    @Nullable
    public String resolve(Token token) throws TokenFlowException, HttpClientException {
        OAuth2TokenResponse execute = this.xsuaaTokenFlows.userTokenFlow().token(token).execute();
        LOGGER.debug("Response token from Ias to Xsuaa token exchange {}", execute.getAccessToken());
        return execute.getAccessToken();
    }
}
