package net.snowflake.client.core;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.Charset;
import java.security.PrivateKey;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.UUID;
import net.snowflake.client.core.Event;
import net.snowflake.client.jdbc.ErrorCode;
import net.snowflake.client.jdbc.SnowflakeDriver;
import net.snowflake.client.jdbc.SnowflakeSQLException;
import net.snowflake.client.jdbc.SnowflakeType;
import net.snowflake.client.jdbc.SnowflakeUtil;
import net.snowflake.client.jdbc.internal.amazonaws.util.JavaVersionParser;
import net.snowflake.client.jdbc.internal.apache.commons.lang3.StringUtils;
import net.snowflake.client.jdbc.internal.apache.http.client.HttpClient;
import net.snowflake.client.jdbc.internal.apache.http.client.methods.HttpGet;
import net.snowflake.client.jdbc.internal.apache.http.client.methods.HttpPost;
import net.snowflake.client.jdbc.internal.apache.http.client.utils.URIBuilder;
import net.snowflake.client.jdbc.internal.apache.http.entity.StringEntity;
import net.snowflake.client.jdbc.internal.apache.http.impl.client.SystemDefaultHttpClient;
import net.snowflake.client.jdbc.internal.apache.http.message.BasicHeader;
import net.snowflake.client.jdbc.internal.apache.http.message.HeaderGroup;
import net.snowflake.client.jdbc.internal.apache.http.params.BasicHttpParams;
import net.snowflake.client.jdbc.internal.apache.http.params.HttpConnectionParams;
import net.snowflake.client.jdbc.internal.fasterxml.jackson.databind.JsonNode;
import net.snowflake.client.jdbc.internal.fasterxml.jackson.databind.ObjectMapper;
import net.snowflake.client.jdbc.internal.joda.time.DateTimeConstants;
import net.snowflake.client.jdbc.internal.microsoft.azure.storage.table.TableConstants;
import net.snowflake.client.jdbc.internal.org.jsoup.Jsoup;
import net.snowflake.client.jdbc.internal.snowflake.common.core.ClientAuthnDTO;
import net.snowflake.client.jdbc.internal.snowflake.common.core.ClientAuthnParameter;
import net.snowflake.client.jdbc.internal.snowflake.common.core.SqlState;
import net.snowflake.client.jdbc.internal.software.amazon.ion.SystemSymbols;
import net.snowflake.client.log.SFLogger;
import net.snowflake.client.log.SFLoggerFactory;

/* loaded from: input_file:net/snowflake/client/core/SessionUtil.class */
public class SessionUtil {
    public static final String SF_QUERY_DATABASE = "databaseName";
    public static final String SF_QUERY_SCHEMA = "schemaName";
    public static final String SF_QUERY_WAREHOUSE = "warehouse";
    public static final String SF_QUERY_ROLE = "roleName";
    public static final String SF_QUERY_REQUEST_ID = "requestId";
    public static final String SF_PATH_AUTHENTICATOR_REQUEST = "/session/authenticator-request";
    private static final String SF_PATH_LOGIN_REQUEST = "/session/v1/login-request";
    private static final String SF_PATH_TOKEN_REQUEST = "/session/token-request";
    public static final String SF_QUERY_SESSION_DELETE = "delete";
    private static final String SF_PATH_SESSION = "/session";
    public static final String SF_HEADER_AUTHORIZATION = "Authorization";
    public static final String SF_HEADER_BASIC_AUTHTYPE = "Basic";
    public static final String SF_HEADER_SNOWFLAKE_AUTHTYPE = "Snowflake";
    public static final String SF_HEADER_TOKEN_TAG = "Token";
    private static ObjectMapper mapper = new ObjectMapper();
    private static int DEFAULT_HTTP_CLIENT_CONNECTION_TIMEOUT = DateTimeConstants.MILLIS_PER_MINUTE;
    private static int DEFAULT_HTTP_CLIENT_SOCKET_TIMEOUT = net.snowflake.client.jdbc.internal.microsoft.azure.storage.Constants.DEFAULT_READ_TIMEOUT;
    private static int DEFAULT_HEALTH_CHECK_INTERVAL = 45;
    static final SFLogger logger = SFLoggerFactory.getLogger(SessionUtil.class);
    private static Set<String> STRING_PARAMS = new HashSet(Arrays.asList("TIMEZONE", "TIMESTAMP_OUTPUT_FORMAT", "TIMESTAMP_NTZ_OUTPUT_FORMAT", "TIMESTAMP_LTZ_OUTPUT_FORMAT", "TIMESTAMP_TZ_OUTPUT_FORMAT", "DATE_OUTPUT_FORMAT", "TIME_OUTPUT_FORMAT", "BINARY_OUTPUT_FORMAT", "CLIENT_TIMESTAMP_TYPE_MAPPING"));
    private static Set<String> INT_PARAMS = new HashSet(Arrays.asList("CLIENT_RESULT_PREFETCH_SLOTS", "CLIENT_RESULT_PREFETCH_THREADS", "CLIENT_PREFETCH_THREADS", "CLIENT_MEMORY_LIMIT"));
    private static Set<String> BOOLEAN_PARAMS = new HashSet(Arrays.asList("CLIENT_HONOR_CLIENT_TZ_FOR_TIMESTAMP_NTZ", "JDBC_EXECUTE_RETURN_COUNT_FOR_DML", "CLIENT_DISABLE_INCIDENTS", "CLIENT_SESSION_KEEP_ALIVE", "JDBC_USE_JSON_PARSER", "AUTOCOMMIT", "JDBC_EFFICIENT_CHUNK_STORAGE", "JDBC_RS_COLUMN_CASE_INSENSITIVE", "CLIENT_METADATA_REQUEST_USE_CONNECTION_CTX", "JDBC_TREAT_DECIMAL_AS_INT", "JDBC_ENABLE_COMBINED_DESCRIBE"));

    /* loaded from: input_file:net/snowflake/client/core/SessionUtil$LoginInput.class */
    public static class LoginInput {
        private String serverUrl;
        private String databaseName;
        private String schemaName;
        private String warehouse;
        private String role;
        private String authenticator;
        private HttpClient httpClient;
        private String accountName;
        private String userName;
        private String password;
        private Properties clientInfo;
        private boolean passcodeInPassword;
        private String passcode;
        private String token;
        private String appId;
        private String appVersion;
        private String sessionToken;
        private String masterToken;
        private Map<String, Object> sessionParameters;
        private PrivateKey privateKey;
        private int loginTimeout = -1;
        private int connectionTimeout = SessionUtil.DEFAULT_HTTP_CLIENT_CONNECTION_TIMEOUT;
        private int socketTimeout = SessionUtil.DEFAULT_HTTP_CLIENT_SOCKET_TIMEOUT;

        public LoginInput setServerUrl(String str) {
            this.serverUrl = str;
            return this;
        }

        public LoginInput setDatabaseName(String str) {
            this.databaseName = str;
            return this;
        }

        public LoginInput setSchemaName(String str) {
            this.schemaName = str;
            return this;
        }

        public LoginInput setWarehouse(String str) {
            this.warehouse = str;
            return this;
        }

        public LoginInput setRole(String str) {
            this.role = str;
            return this;
        }

        public LoginInput setAuthenticator(String str) {
            this.authenticator = str;
            return this;
        }

        public LoginInput setHttpClient(HttpClient httpClient) {
            this.httpClient = httpClient;
            return this;
        }

        public LoginInput setAccountName(String str) {
            this.accountName = str;
            return this;
        }

        public LoginInput setLoginTimeout(int i) {
            this.loginTimeout = i;
            return this;
        }

        public LoginInput setUserName(String str) {
            this.userName = str;
            return this;
        }

        public LoginInput setPassword(String str) {
            this.password = str;
            return this;
        }

        public LoginInput setToken(String str) {
            this.token = str;
            return this;
        }

        public LoginInput setClientInfo(Properties properties) {
            this.clientInfo = properties;
            return this;
        }

        public LoginInput setPasscodeInPassword(boolean z) {
            this.passcodeInPassword = z;
            return this;
        }

        public LoginInput setPasscode(String str) {
            this.passcode = str;
            return this;
        }

        public LoginInput setConnectionTimeout(int i) {
            this.connectionTimeout = i;
            return this;
        }

        public LoginInput setSocketTimeout(int i) {
            this.socketTimeout = i;
            return this;
        }

        public LoginInput setAppId(String str) {
            this.appId = str;
            return this;
        }

        public LoginInput setAppVersion(String str) {
            this.appVersion = str;
            return this;
        }

        public LoginInput setSessionToken(String str) {
            this.sessionToken = str;
            return this;
        }

        public LoginInput setMasterToken(String str) {
            this.masterToken = str;
            return this;
        }

        public LoginInput setSessionParameters(Map<String, Object> map) {
            this.sessionParameters = map;
            return this;
        }

        public LoginInput setPrivateKey(PrivateKey privateKey) {
            this.privateKey = privateKey;
            return this;
        }

        public HttpClient getHttpClient() {
            return this.httpClient;
        }

        public String getServerUrl() {
            return this.serverUrl;
        }

        public String getDatabaseName() {
            return this.databaseName;
        }

        public String getSchemaName() {
            return this.schemaName;
        }

        public String getWarehouse() {
            return this.warehouse;
        }

        public String getRole() {
            return this.role;
        }

        public String getAuthenticator() {
            return this.authenticator;
        }

        public String getAccountName() {
            return this.accountName;
        }

        public int getLoginTimeout() {
            return this.loginTimeout;
        }

        public String getUserName() {
            return this.userName;
        }

        public String getPassword() {
            return this.password;
        }

        public Properties getClientInfo() {
            return this.clientInfo;
        }

        public String getPasscode() {
            return this.passcode;
        }

        public String getToken() {
            return this.token;
        }

        public int getConnectionTimeout() {
            return this.connectionTimeout;
        }

        public int getSocketTimeout() {
            return this.socketTimeout;
        }

        public boolean isPasscodeInPassword() {
            return this.passcodeInPassword;
        }

        public String getAppId() {
            return this.appId;
        }

        public String getAppVersion() {
            return this.appVersion;
        }

        public String getSessionToken() {
            return this.sessionToken;
        }

        public String getMasterToken() {
            return this.masterToken;
        }

        public Map<String, Object> getSessionParameters() {
            return this.sessionParameters;
        }

        public PrivateKey getPrivateKey() {
            return this.privateKey;
        }
    }

    /* loaded from: input_file:net/snowflake/client/core/SessionUtil$LoginOutput.class */
    public static class LoginOutput {
        String sessionToken;
        String masterToken;
        long masterTokenValidityInSeconds;
        String remMeToken;
        String databaseVersion;
        int databaseMajorVersion;
        int databaseMinorVersion;
        String newClientForUpgrade;
        int healthCheckInterval;
        int httpClientSocketTimeout;
        String sessionDatabase;
        String sessionSchema;
        String sessionRole;
        Map<String, Object> commonParams;

        public LoginOutput() {
        }

        public LoginOutput(String str, String str2, long j, String str3, String str4, int i, int i2, String str5, int i3, int i4, String str6, String str7, String str8, Map<String, Object> map) {
            this.sessionToken = str;
            this.masterToken = str2;
            this.remMeToken = str3;
            this.databaseVersion = str4;
            this.databaseMajorVersion = i;
            this.databaseMinorVersion = i2;
            this.newClientForUpgrade = str5;
            this.healthCheckInterval = i3;
            this.httpClientSocketTimeout = i4;
            this.sessionDatabase = str6;
            this.sessionSchema = str7;
            this.sessionRole = str8;
            this.commonParams = map;
            this.masterTokenValidityInSeconds = j;
        }

        public LoginOutput setSessionToken(String str) {
            this.sessionToken = str;
            return this;
        }

        public LoginOutput setMasterToken(String str) {
            this.masterToken = str;
            return this;
        }

        public LoginOutput setRemMeToken(String str) {
            this.remMeToken = str;
            return this;
        }

        public LoginOutput setDatabaseVersion(String str) {
            this.databaseVersion = str;
            return this;
        }

        public LoginOutput setDatabaseMajorVersion(int i) {
            this.databaseMajorVersion = i;
            return this;
        }

        public LoginOutput setDatabaseMinorVersion(int i) {
            this.databaseMinorVersion = i;
            return this;
        }

        public LoginOutput setNewClientForUpgrade(String str) {
            this.newClientForUpgrade = str;
            return this;
        }

        public LoginOutput setHealthCheckInterval(int i) {
            this.healthCheckInterval = i;
            return this;
        }

        public LoginOutput setHttpClientSocketTimeout(int i) {
            this.httpClientSocketTimeout = i;
            return this;
        }

        public LoginOutput setCommonParams(Map<String, Object> map) {
            this.commonParams = map;
            return this;
        }

        public String getSessionToken() {
            return this.sessionToken;
        }

        public String getMasterToken() {
            return this.masterToken;
        }

        public String getRemMeToken() {
            return this.remMeToken;
        }

        public String getDatabaseVersion() {
            return this.databaseVersion;
        }

        public int getDatabaseMajorVersion() {
            return this.databaseMajorVersion;
        }

        public int getDatabaseMinorVersion() {
            return this.databaseMinorVersion;
        }

        public String getNewClientForUpgrade() {
            return this.newClientForUpgrade;
        }

        public int getHealthCheckInterval() {
            return this.healthCheckInterval;
        }

        public int getHttpClientSocketTimeout() {
            return this.httpClientSocketTimeout;
        }

        public Map<String, Object> getCommonParams() {
            return this.commonParams;
        }

        public String getSessionDatabase() {
            return this.sessionDatabase;
        }

        public void setSessionDatabase(String str) {
            this.sessionDatabase = str;
        }

        public String getSessionSchema() {
            return this.sessionSchema;
        }

        public void setSessionSchema(String str) {
            this.sessionSchema = str;
        }

        public String getSessionRole() {
            return this.sessionRole;
        }

        public long getMasterTokenValidityInSeconds() {
            return this.masterTokenValidityInSeconds;
        }
    }

    private static ClientAuthnDTO.AuthenticatorType getAuthenticator(LoginInput loginInput) {
        if (loginInput.getAuthenticator() != null) {
            if (loginInput.getAuthenticator().equalsIgnoreCase(ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER.name())) {
                return ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER;
            }
            if (loginInput.getAuthenticator().equalsIgnoreCase(ClientAuthnDTO.AuthenticatorType.OAUTH.name())) {
                return ClientAuthnDTO.AuthenticatorType.OAUTH;
            }
            if (loginInput.getAuthenticator().equalsIgnoreCase(ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT.name())) {
                return ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT;
            }
            if (!loginInput.getAuthenticator().equalsIgnoreCase(ClientAuthnDTO.AuthenticatorType.SNOWFLAKE.name())) {
                return ClientAuthnDTO.AuthenticatorType.OKTA;
            }
        }
        return loginInput.getPrivateKey() != null ? ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT : ClientAuthnDTO.AuthenticatorType.SNOWFLAKE;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r29v2 */
    /* JADX WARN: Type inference failed for: r29v3 */
    /* JADX WARN: Type inference failed for: r29v4 */
    /* JADX WARN: Type inference failed for: r29v5, types: [net.snowflake.client.jdbc.internal.apache.http.client.methods.HttpPost, net.snowflake.client.jdbc.internal.apache.http.client.methods.HttpRequestBase] */
    public static LoginOutput openSession(LoginInput loginInput) throws SFException, SnowflakeSQLException {
        AssertUtil.assertTrue(loginInput.getServerUrl() != null, "missing server URL for opening session");
        AssertUtil.assertTrue(loginInput.getUserName() != null, "missing user name for opening session");
        AssertUtil.assertTrue(loginInput.getAppId() != null, "missing app id for opening session");
        AssertUtil.assertTrue(loginInput.getHttpClient() != null, "missing http client for opening session");
        AssertUtil.assertTrue(loginInput.getLoginTimeout() >= 0, "negative login timeout for opening session");
        String str = null;
        String str2 = null;
        String str3 = null;
        int i = 0;
        int i2 = 0;
        String str4 = null;
        int i3 = DEFAULT_HEALTH_CHECK_INTERVAL;
        int socketTimeout = loginInput.getSocketTimeout();
        ClientAuthnDTO.AuthenticatorType authenticator = getAuthenticator(loginInput);
        try {
            URIBuilder uRIBuilder = new URIBuilder(loginInput.getServerUrl());
            if (loginInput.getDatabaseName() != null) {
                uRIBuilder.addParameter(SF_QUERY_DATABASE, loginInput.getDatabaseName());
            }
            if (loginInput.getSchemaName() != null) {
                uRIBuilder.addParameter(SF_QUERY_SCHEMA, loginInput.getSchemaName());
            }
            if (loginInput.getWarehouse() != null) {
                uRIBuilder.addParameter(SF_QUERY_WAREHOUSE, loginInput.getWarehouse());
            }
            if (loginInput.getRole() != null) {
                uRIBuilder.addParameter(SF_QUERY_ROLE, loginInput.getRole());
            }
            if (authenticator == ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER) {
                SessionUtilExternalBrowser sessionUtilExternalBrowser = new SessionUtilExternalBrowser(loginInput);
                sessionUtilExternalBrowser.authenticate();
                str = sessionUtilExternalBrowser.getToken();
                str2 = sessionUtilExternalBrowser.getProofKey();
            } else if (authenticator == ClientAuthnDTO.AuthenticatorType.OKTA) {
                str = getSamlResponseUsingOkta(loginInput);
            } else if (authenticator == ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT) {
                loginInput.setToken(new SessionUtilKeyPair(loginInput.getPrivateKey(), loginInput.getAccountName(), loginInput.getUserName()).issueJwtToken());
            }
            uRIBuilder.addParameter("requestId", UUID.randomUUID().toString());
            uRIBuilder.setPath(SF_PATH_LOGIN_REQUEST);
            URI build = uRIBuilder.build();
            HttpClient httpClient = loginInput.getHttpClient();
            Object obj = 0;
            try {
                ClientAuthnDTO clientAuthnDTO = new ClientAuthnDTO();
                HashMap hashMap = new HashMap();
                hashMap.put(ClientAuthnParameter.CLIENT_APP_ID.name(), loginInput.getAppId());
                hashMap.put(ClientAuthnParameter.LOGIN_NAME.name(), loginInput.getUserName());
                if (authenticator == ClientAuthnDTO.AuthenticatorType.SNOWFLAKE) {
                    hashMap.put(ClientAuthnParameter.PASSWORD.name(), loginInput.getPassword());
                } else if (authenticator == ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER) {
                    hashMap.put(ClientAuthnParameter.AUTHENTICATOR.name(), ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER.name());
                    hashMap.put(ClientAuthnParameter.PROOF_KEY.name(), str2);
                    hashMap.put(ClientAuthnParameter.TOKEN.name(), str);
                } else if (authenticator == ClientAuthnDTO.AuthenticatorType.OKTA) {
                    hashMap.put(ClientAuthnParameter.RAW_SAML_RESPONSE.name(), str);
                } else if (authenticator == ClientAuthnDTO.AuthenticatorType.OAUTH || authenticator == ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT) {
                    hashMap.put(ClientAuthnParameter.AUTHENTICATOR.name(), authenticator.name());
                    hashMap.put(ClientAuthnParameter.TOKEN.name(), loginInput.getToken());
                }
                HashMap hashMap2 = new HashMap();
                hashMap2.put("OS", System.getProperty("os.name"));
                hashMap2.put("OS_VERSION", System.getProperty("os.version"));
                hashMap2.put("JAVA_VERSION", System.getProperty(JavaVersionParser.JAVA_VERSION_PROPERTY));
                hashMap2.put("JAVA_RUNTIME", System.getProperty("java.runtime.name"));
                hashMap2.put("JAVA_VM", System.getProperty("java.vm.name"));
                hashMap2.put("CRL_ENABLED", Boolean.valueOf(checkCRLSystemProperty()));
                String property = System.getProperty("sun.java.command");
                if (property != null) {
                    if (property.indexOf(StringUtils.SPACE) > 0) {
                        property = property.substring(0, property.indexOf(StringUtils.SPACE));
                    }
                    hashMap2.put("APPLICATION", property);
                }
                Properties clientInfo = loginInput.getClientInfo();
                if (clientInfo != null) {
                    for (Map.Entry entry : clientInfo.entrySet()) {
                        if (entry != null && entry.getKey() != null && entry.getValue() != null) {
                            hashMap2.put(entry.getKey().toString(), entry.getValue().toString());
                        }
                    }
                }
                String property2 = System.getProperty("snowflake.client.info");
                if (property2 != null) {
                    JsonNode jsonNode = null;
                    try {
                        jsonNode = mapper.readTree(property2);
                    } catch (Throwable th) {
                        logger.warn("failed to process snowflake.client.info property as JSON: " + property2, th);
                    }
                    if (jsonNode != null) {
                        Iterator<Map.Entry<String, JsonNode>> fields = jsonNode.fields();
                        while (fields.hasNext()) {
                            Map.Entry<String, JsonNode> next = fields.next();
                            hashMap2.put(next.getKey(), next.getValue().asText());
                        }
                    }
                }
                hashMap.put(ClientAuthnParameter.CLIENT_ENVIRONMENT.name(), hashMap2);
                if (loginInput.getSessionParameters() != null) {
                    hashMap.put(ClientAuthnParameter.SESSION_PARAMETERS.name(), loginInput.getSessionParameters());
                }
                if (loginInput.getAccountName() != null) {
                    hashMap.put(ClientAuthnParameter.ACCOUNT_NAME.name(), loginInput.getAccountName());
                }
                if (loginInput.isPasscodeInPassword()) {
                    hashMap.put(ClientAuthnParameter.EXT_AUTHN_DUO_METHOD.name(), "passcode");
                } else if (loginInput.getPasscode() != null) {
                    hashMap.put(ClientAuthnParameter.EXT_AUTHN_DUO_METHOD.name(), "passcode");
                    hashMap.put(ClientAuthnParameter.PASSCODE.name(), loginInput.getPasscode());
                } else {
                    hashMap.put(ClientAuthnParameter.EXT_AUTHN_DUO_METHOD.name(), "push");
                }
                logger.debug("implementation version = {}", SnowflakeDriver.implementVersion);
                hashMap.put(ClientAuthnParameter.CLIENT_APP_VERSION.name(), loginInput.getAppVersion());
                clientAuthnDTO.setData(hashMap);
                String writeValueAsString = mapper.writeValueAsString(clientAuthnDTO);
                obj = new HttpPost(build);
                StringEntity stringEntity = new StringEntity(writeValueAsString, Charset.forName("UTF-8"));
                stringEntity.setContentType(TableConstants.HeaderConstants.JSON_CONTENT_TYPE);
                obj.setEntity(stringEntity);
                obj.addHeader("accept", TableConstants.HeaderConstants.JSON_CONTENT_TYPE);
                obj.setHeader("Authorization", "Basic");
                String executeRequest = HttpUtil.executeRequest(obj, loginInput.getHttpClient(), loginInput.getLoginTimeout(), 0, null);
                logger.debug("login response: {}", executeRequest);
                JsonNode readTree = mapper.readTree(executeRequest);
                if (!readTree.path("success").asBoolean()) {
                    logger.debug("response = {}", executeRequest);
                    throw new SnowflakeSQLException(SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, ErrorCode.CONNECTION_ERROR.getMessageCode().intValue(), readTree.path(TableConstants.ErrorConstants.ERROR_CODE).asText(), readTree.path(TableConstants.ErrorConstants.ERROR_MESSAGE).asText());
                }
                String asText = readTree.path("data").path("token").asText();
                String asText2 = readTree.path("data").path("masterToken").asText();
                String asText3 = readTree.path("data").path("remMeToken").asText();
                long asLong = readTree.path("data").path("masterValidityInSeconds").asLong();
                String asText4 = readTree.path("data").path("serverVersion").asText();
                JsonNode path = readTree.path("data").path("sessionInfo").path(SF_QUERY_DATABASE);
                String asText5 = path.isNull() ? null : path.asText();
                JsonNode path2 = readTree.path("data").path("sessionInfo").path(SF_QUERY_SCHEMA);
                String asText6 = path2.isNull() ? null : path2.asText();
                JsonNode path3 = readTree.path("data").path("sessionInfo").path(SF_QUERY_ROLE);
                String asText7 = path3.isNull() ? null : path3.asText();
                Map<String, Object> commonParams = getCommonParams(readTree.path("data").path("parameters"));
                if (asText4 != null) {
                    logger.debug("server version = {}", asText4);
                    str3 = asText4.indexOf(StringUtils.SPACE) > 0 ? asText4.substring(0, asText4.indexOf(StringUtils.SPACE)) : asText4;
                } else {
                    logger.warn("server version is null");
                }
                if (str3 != null) {
                    String[] split = str3.split("\\.");
                    if (split != null && split.length >= 2) {
                        try {
                            i = Integer.parseInt(split[0]);
                            i2 = Integer.parseInt(split[1]);
                        } catch (Exception e) {
                            logger.error("Exception encountered when parsing server version: {} Exception: {}", str3, e.getMessage());
                        }
                    }
                } else {
                    logger.warn("database version is null");
                }
                if (!readTree.path("data").path("newClientForUpgrade").isNull()) {
                    str4 = readTree.path("data").path("newClientForUpgrade").asText();
                    logger.debug("new client: {}", str4);
                }
                int asInt = readTree.path("data").path("healthCheckInterval").asInt();
                logger.debug("health check interval = {}", Integer.valueOf(asInt));
                if (asInt > 0 && asInt != i3) {
                    i3 = asInt;
                    socketTimeout = loginInput.getSocketTimeout() + (asInt * 1000);
                    BasicHttpParams basicHttpParams = new BasicHttpParams();
                    HttpConnectionParams.setConnectionTimeout(basicHttpParams, loginInput.getConnectionTimeout());
                    HttpConnectionParams.setSoTimeout(basicHttpParams, socketTimeout);
                    ((SystemDefaultHttpClient) httpClient).setParams(basicHttpParams);
                    logger.debug("adjusted connection timeout to = {}", Integer.valueOf(loginInput.getConnectionTimeout()));
                    logger.debug("adjusted socket timeout to = {}", Integer.valueOf(socketTimeout));
                }
                return new LoginOutput(asText, asText2, asLong, asText3, str3, i, i2, str4, i3, socketTimeout, asText5, asText6, asText7, commonParams);
            } catch (IOException e2) {
                logger.error("IOException when creating session: " + obj, e2);
                throw new SnowflakeSQLException(e2, SqlState.IO_ERROR, ErrorCode.NETWORK_ERROR.getMessageCode().intValue(), "Exception encountered when opening connection: " + e2.getMessage());
            } catch (SnowflakeSQLException e3) {
                throw e3;
            } catch (Throwable th2) {
                logger.error("Exception when creating session: " + obj, th2);
                throw new SnowflakeSQLException(th2, SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, ErrorCode.CONNECTION_ERROR.getMessageCode().intValue(), ErrorCode.CONNECTION_ERROR.getMessageCode(), th2.getMessage());
            }
        } catch (URISyntaxException e4) {
            logger.error("Exception when building URL", e4);
            throw new SFException(e4, ErrorCode.INTERNAL_ERROR, "unexpected URI syntax exception:1");
        }
    }

    public static LoginOutput renewSession(LoginInput loginInput) throws SFException, SnowflakeSQLException {
        AssertUtil.assertTrue(loginInput.getServerUrl() != null, "missing server URL for renewing session");
        AssertUtil.assertTrue(loginInput.getSessionToken() != null, "missing session token for renewing session");
        AssertUtil.assertTrue(loginInput.getMasterToken() != null, "missing master token for renewing session");
        AssertUtil.assertTrue(loginInput.getHttpClient() != null, "missing http client for renewing session");
        AssertUtil.assertTrue(loginInput.getLoginTimeout() >= 0, "negative login timeout for renewing session");
        try {
            URIBuilder uRIBuilder = new URIBuilder(loginInput.getServerUrl());
            uRIBuilder.setPath(SF_PATH_TOKEN_REQUEST);
            uRIBuilder.addParameter("requestId", UUID.randomUUID().toString());
            HttpPost httpPost = new HttpPost(uRIBuilder.build());
            try {
                StringEntity stringEntity = new StringEntity("{\"oldSessionToken\":\"" + loginInput.getSessionToken() + "\", \"requestType\":0}", Charset.forName("UTF-8"));
                stringEntity.setContentType(TableConstants.HeaderConstants.JSON_CONTENT_TYPE);
                httpPost.setEntity(stringEntity);
                httpPost.addHeader("accept", TableConstants.HeaderConstants.JSON_CONTENT_TYPE);
                httpPost.setHeader("Authorization", "Snowflake Token=\"" + loginInput.getMasterToken() + "\"");
                logger.debug("old session token: {}, request type: 0, master token: {}", loginInput.getSessionToken(), loginInput.getMasterToken());
                String executeRequest = HttpUtil.executeRequest(httpPost, loginInput.getHttpClient(), loginInput.getLoginTimeout(), 0, null);
                JsonNode readTree = mapper.readTree(executeRequest);
                if (!readTree.path("success").asBoolean()) {
                    logger.debug("response = {}", executeRequest);
                    EventUtil.triggerBasicEvent(Event.EventType.NETWORK_ERROR, "SessionUtil:renewSession failure, error code=" + readTree.path(TableConstants.ErrorConstants.ERROR_CODE).asText() + ", message=" + readTree.path(TableConstants.ErrorConstants.ERROR_MESSAGE).asText(), true);
                    SnowflakeUtil.checkErrorAndThrowException(readTree);
                }
                String asText = readTree.path("data").path("sessionToken").asText();
                String asText2 = readTree.path("data").path("masterToken").asText();
                LoginOutput loginOutput = new LoginOutput();
                loginOutput.setSessionToken(asText).setMasterToken(asText2);
                return loginOutput;
            } catch (IOException e) {
                logger.error("IOException when renewing session: " + httpPost, e);
                throw new SFException(e, ErrorCode.NETWORK_ERROR, e.getMessage());
            }
        } catch (URISyntaxException e2) {
            logger.error("Exception when creating http request", e2);
            throw new SFException(e2, ErrorCode.INTERNAL_ERROR, "unexpected URI syntax exception:3");
        }
    }

    public static void closeSession(LoginInput loginInput) throws SFException, SnowflakeSQLException {
        logger.debug(" public void close() throws SFException");
        AssertUtil.assertTrue(loginInput.getServerUrl() != null, "missing server URL for closing session");
        AssertUtil.assertTrue(loginInput.getSessionToken() != null, "missing session token for closing session");
        AssertUtil.assertTrue(loginInput.getHttpClient() != null, "missing http client for closing session");
        AssertUtil.assertTrue(loginInput.getLoginTimeout() >= 0, "missing login timeout for closing session");
        HttpPost httpPost = null;
        try {
            URIBuilder uRIBuilder = new URIBuilder(loginInput.getServerUrl());
            uRIBuilder.addParameter(SF_QUERY_SESSION_DELETE, net.snowflake.client.jdbc.internal.microsoft.azure.storage.Constants.TRUE);
            uRIBuilder.addParameter("requestId", UUID.randomUUID().toString());
            uRIBuilder.setPath(SF_PATH_SESSION);
            httpPost = new HttpPost(uRIBuilder.build());
            httpPost.setHeader("Authorization", "Snowflake Token=\"" + loginInput.getSessionToken() + "\"");
            String executeRequest = HttpUtil.executeRequest(httpPost, loginInput.getHttpClient(), loginInput.getLoginTimeout(), 0, null);
            logger.debug("connection close response: {}", executeRequest);
            SnowflakeUtil.checkErrorAndThrowException(mapper.readTree(executeRequest));
        } catch (IOException e) {
            logger.error("unexpected IO exception for: " + httpPost, e);
        } catch (URISyntaxException e2) {
            throw new RuntimeException("unexpected URI syntax exception", e2);
        } catch (SnowflakeSQLException e3) {
            if (e3.getErrorCode() != 390112) {
                throw e3;
            }
        }
    }

    private static String federatedFlowStep4(LoginInput loginInput, String str, String str2) throws SnowflakeSQLException {
        String postBackUrlFromHTML;
        String str3 = "";
        try {
            URL url = new URL(str);
            HttpGet httpGet = new HttpGet(new URIBuilder().setScheme(url.getProtocol()).setHost(url.getHost()).setPath(url.getPath()).setParameter("RelayState", "%2Fsome%2Fdeep%2Flink").setParameter("onetimetoken", str2).build());
            HeaderGroup headerGroup = new HeaderGroup();
            headerGroup.addHeader(new BasicHeader("Accept", "*/*"));
            httpGet.setHeaders(headerGroup.getAllHeaders());
            str3 = HttpUtil.executeRequest(httpGet, loginInput.getHttpClient(), loginInput.getLoginTimeout(), 0, null);
            postBackUrlFromHTML = getPostBackUrlFromHTML(str3);
        } catch (IOException | URISyntaxException e) {
            handleFederatedFlowError(loginInput, e);
        }
        if (isPrefixEqual(postBackUrlFromHTML, loginInput.getServerUrl())) {
            return str3;
        }
        logger.debug("The specified authenticator {} and the destination URL in the SAML assertion {} do not match.", loginInput.getAuthenticator(), postBackUrlFromHTML);
        throw new SnowflakeSQLException(SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, ErrorCode.IDP_INCORRECT_DESTINATION.getMessageCode().intValue());
    }

    private static String federatedFlowStep3(LoginInput loginInput, String str) throws SnowflakeSQLException {
        String str2 = "";
        try {
            HttpPost httpPost = new HttpPost(new URL(str).toURI());
            httpPost.setEntity(new StringEntity("{\"username\":\"" + loginInput.getUserName() + "\",\"password\":\"" + loginInput.getPassword() + "\"}"));
            HeaderGroup headerGroup = new HeaderGroup();
            headerGroup.addHeader(new BasicHeader("Accept", TableConstants.HeaderConstants.JSON_CONTENT_TYPE));
            headerGroup.addHeader(new BasicHeader("Content-Type", TableConstants.HeaderConstants.JSON_CONTENT_TYPE));
            httpPost.setHeaders(headerGroup.getAllHeaders());
            String executeRequestWithoutCookies = HttpUtil.executeRequestWithoutCookies(httpPost, loginInput.getHttpClient(), loginInput.getLoginTimeout(), 0, null);
            logger.debug("user is authenticated against {}.", loginInput.getAuthenticator());
            str2 = mapper.readTree(executeRequestWithoutCookies).get("cookieToken").asText();
        } catch (IOException | URISyntaxException e) {
            handleFederatedFlowError(loginInput, e);
        }
        return str2;
    }

    private static void federatedFlowStep2(LoginInput loginInput, String str, String str2) throws SnowflakeSQLException {
        try {
            if (isPrefixEqual(loginInput.getAuthenticator(), str) && isPrefixEqual(loginInput.getAuthenticator(), str2)) {
                return;
            }
            logger.debug("The specified authenticator {} is not supported.", loginInput.getAuthenticator());
            throw new SnowflakeSQLException(SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, ErrorCode.IDP_CONNECTION_ERROR.getMessageCode().intValue());
        } catch (MalformedURLException e) {
            handleFederatedFlowError(loginInput, e);
        }
    }

    private static JsonNode federatedFlowStep1(LoginInput loginInput) throws SnowflakeSQLException {
        String executeRequest;
        JsonNode readTree;
        JsonNode jsonNode = null;
        try {
            URIBuilder uRIBuilder = new URIBuilder(loginInput.getServerUrl());
            uRIBuilder.setPath(SF_PATH_AUTHENTICATOR_REQUEST);
            URI build = uRIBuilder.build();
            HashMap hashMap = new HashMap();
            hashMap.put(ClientAuthnParameter.ACCOUNT_NAME.name(), loginInput.getAccountName());
            hashMap.put(ClientAuthnParameter.AUTHENTICATOR.name(), loginInput.getAuthenticator());
            hashMap.put(ClientAuthnParameter.CLIENT_APP_ID.name(), loginInput.getAppId());
            hashMap.put(ClientAuthnParameter.CLIENT_APP_VERSION.name(), loginInput.getAppVersion());
            ClientAuthnDTO clientAuthnDTO = new ClientAuthnDTO();
            clientAuthnDTO.setData(hashMap);
            StringEntity stringEntity = new StringEntity(mapper.writeValueAsString(clientAuthnDTO), Charset.forName("UTF-8"));
            stringEntity.setContentType(TableConstants.HeaderConstants.JSON_CONTENT_TYPE);
            HttpPost httpPost = new HttpPost(build);
            httpPost.setEntity(stringEntity);
            httpPost.addHeader("accept", TableConstants.HeaderConstants.JSON_CONTENT_TYPE);
            executeRequest = HttpUtil.executeRequest(httpPost, loginInput.getHttpClient(), loginInput.getLoginTimeout(), 0, null);
            logger.debug("authenticator-request response: {}", executeRequest);
            readTree = mapper.readTree(executeRequest);
        } catch (IOException | URISyntaxException e) {
            handleFederatedFlowError(loginInput, e);
        }
        if (readTree.path("success").asBoolean()) {
            jsonNode = readTree.path("data");
            return jsonNode;
        }
        logger.debug("response = {}", executeRequest);
        throw new SnowflakeSQLException(SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, ErrorCode.CONNECTION_ERROR.getMessageCode().intValue(), readTree.path(TableConstants.ErrorConstants.ERROR_CODE).asText(), readTree.path(TableConstants.ErrorConstants.ERROR_MESSAGE).asText());
    }

    private static void handleFederatedFlowError(LoginInput loginInput, Exception exc) throws SnowflakeSQLException {
        if (exc instanceof IOException) {
            logger.error("IOException when authenticating with " + loginInput.getAuthenticator(), exc);
            throw new SnowflakeSQLException(exc, SqlState.IO_ERROR, ErrorCode.NETWORK_ERROR.getMessageCode().intValue(), "Exception encountered when opening connection: " + exc.getMessage());
        }
        logger.error("Exception when authenticating with " + loginInput.getAuthenticator(), exc);
        throw new SnowflakeSQLException(exc, SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, ErrorCode.CONNECTION_ERROR.getMessageCode().intValue(), ErrorCode.CONNECTION_ERROR.getMessageCode(), exc.getMessage());
    }

    private static String getSamlResponseUsingOkta(LoginInput loginInput) throws SnowflakeSQLException {
        JsonNode federatedFlowStep1 = federatedFlowStep1(loginInput);
        String asText = federatedFlowStep1.path("tokenUrl").asText();
        String asText2 = federatedFlowStep1.path("ssoUrl").asText();
        federatedFlowStep2(loginInput, asText, asText2);
        return federatedFlowStep4(loginInput, asText2, federatedFlowStep3(loginInput, asText));
    }

    private static boolean isPrefixEqual(String str, String str2) throws MalformedURLException {
        URL url = new URL(str);
        URL url2 = new URL(str2);
        return url.getHost().equalsIgnoreCase(url2.getHost()) && url.getProtocol().equalsIgnoreCase(url2.getProtocol()) && url.getPort() == url2.getPort();
    }

    private static String getPostBackUrlFromHTML(String str) {
        return Jsoup.parse(str).getElementsByTag("body").get(0).getElementsByTag("form").first().attr("action");
    }

    public static boolean checkCRLSystemProperty() {
        String property = System.getProperty("com.sun.security.enableCRLDP");
        String property2 = System.getProperty("com.sun.net.ssl.checkRevocation");
        boolean z = false;
        if (property != null && net.snowflake.client.jdbc.internal.microsoft.azure.storage.Constants.TRUE.equalsIgnoreCase(property) && property2 != null && net.snowflake.client.jdbc.internal.microsoft.azure.storage.Constants.TRUE.equalsIgnoreCase(property2)) {
            z = true;
        }
        return z;
    }

    public static Map<String, Object> getCommonParams(JsonNode jsonNode) {
        HashMap hashMap = new HashMap();
        Iterator<JsonNode> it = jsonNode.iterator();
        while (it.hasNext()) {
            JsonNode next = it.next();
            if (next.hasNonNull(SystemSymbols.NAME)) {
                String asText = next.path(SystemSymbols.NAME).asText();
                if (next.hasNonNull("value")) {
                    if (STRING_PARAMS.contains(asText.toUpperCase())) {
                        hashMap.put(asText, next.path("value").asText());
                    } else if (INT_PARAMS.contains(asText.toUpperCase())) {
                        hashMap.put(asText, Integer.valueOf(next.path("value").asInt()));
                    } else if (BOOLEAN_PARAMS.contains(asText.toUpperCase())) {
                        hashMap.put(asText, Boolean.valueOf(next.path("value").asBoolean()));
                    } else {
                        logger.debug("Unknown Common Parameter: {}", asText);
                    }
                    logger.debug("Parameter {}: {}", asText, next.path("value").asText());
                } else {
                    logger.debug("No value found for Common Parameter {}", next.path(SystemSymbols.NAME).asText());
                }
            } else {
                logger.error("Common Parameter JsonNode encountered with no parameter name!");
            }
        }
        return hashMap;
    }

    public static void updateSfDriverParamValues(Map<String, Object> map, SFSession sFSession) {
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            logger.debug("processing parameter {}", entry.getKey());
            if ("CLIENT_DISABLE_INCIDENTS".equalsIgnoreCase(entry.getKey())) {
                SnowflakeDriver.setDisableIncidents(((Boolean) entry.getValue()).booleanValue());
            } else if ("JDBC_EXECUTE_RETURN_COUNT_FOR_DML".equalsIgnoreCase(entry.getKey())) {
                if (sFSession != null) {
                    sFSession.setExecuteReturnCountForDML(((Boolean) entry.getValue()).booleanValue());
                }
            } else if ("CLIENT_SESSION_KEEP_ALIVE".equalsIgnoreCase(entry.getKey())) {
                if (sFSession != null) {
                    sFSession.setEnableHeartbeat(((Boolean) entry.getValue()).booleanValue());
                }
            } else if ("AUTOCOMMIT".equalsIgnoreCase(entry.getKey())) {
                boolean booleanValue = ((Boolean) entry.getValue()).booleanValue();
                if (sFSession != null && sFSession.getAutoCommit() != booleanValue) {
                    sFSession.setAutoCommit(booleanValue);
                }
            } else if ("JDBC_RS_COLUMN_CASE_INSENSITIVE".equalsIgnoreCase(entry.getKey())) {
                if (sFSession != null) {
                    sFSession.setRsColumnCaseInsensitive(((Boolean) entry.getValue()).booleanValue());
                }
            } else if ("CLIENT_METADATA_REQUEST_USE_CONNECTION_CTX".equalsIgnoreCase(entry.getKey())) {
                if (sFSession != null) {
                    sFSession.setMetadataRequestUseConnectionCtx(((Boolean) entry.getValue()).booleanValue());
                }
            } else if ("CLIENT_TIMESTAMP_TYPE_MAPPING".equalsIgnoreCase(entry.getKey())) {
                if (sFSession != null) {
                    sFSession.setTimestampMappedType(SnowflakeType.valueOf(((String) entry.getValue()).toUpperCase()));
                }
            } else if ("JDBC_TREAT_DECIMAL_AS_INT".equalsIgnoreCase(entry.getKey())) {
                if (sFSession != null) {
                    sFSession.setJdbcTreatDecimalAsInt(((Boolean) entry.getValue()).booleanValue());
                }
            } else if ("JDBC_ENABLE_COMBINED_DESCRIBE".equalsIgnoreCase(entry.getKey()) && sFSession != null) {
                sFSession.setEnableCombineDescribe(((Boolean) entry.getValue()).booleanValue());
            }
        }
    }
}
