package com.amazon.redshift.core;

import com.amazon.redshift.CredentialsHolder;
import com.amazon.redshift.IPlugin;
import com.amazon.redshift.RedshiftProperty;
import com.amazon.redshift.jdbc.RedshiftConnectionImpl;
import com.amazon.redshift.logger.LogLevel;
import com.amazon.redshift.logger.RedshiftLogger;
import com.amazon.redshift.plugin.utils.RequestUtils;
import com.amazon.redshift.util.GT;
import com.amazon.redshift.util.RedshiftException;
import com.amazon.redshift.util.RedshiftProperties;
import com.amazon.redshift.util.RedshiftState;
import com.amazonaws.AmazonClientException;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.auth.BasicSessionCredentials;
import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.redshift.AmazonRedshift;
import com.amazonaws.services.redshift.AmazonRedshiftClient;
import com.amazonaws.services.redshift.AmazonRedshiftClientBuilder;
import com.amazonaws.services.redshift.model.Association;
import com.amazonaws.services.redshift.model.CertificateAssociation;
import com.amazonaws.services.redshift.model.Cluster;
import com.amazonaws.services.redshift.model.DescribeClustersRequest;
import com.amazonaws.services.redshift.model.DescribeCustomDomainAssociationsRequest;
import com.amazonaws.services.redshift.model.DescribeCustomDomainAssociationsResult;
import com.amazonaws.services.redshift.model.Endpoint;
import com.amazonaws.services.redshift.model.GetClusterCredentialsRequest;
import com.amazonaws.services.redshift.model.GetClusterCredentialsResult;
import com.amazonaws.services.redshift.model.GetClusterCredentialsWithIAMRequest;
import com.amazonaws.services.redshift.model.GetClusterCredentialsWithIAMResult;
import com.amazonaws.util.StringUtils;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:com/amazon/redshift/core/IamHelper.class */
public final class IamHelper extends IdpAuthHelper {
    static final int MAX_AMAZONCLIENT_RETRY = 5;
    static final int MAX_AMAZONCLIENT_RETRY_DELAY_MS = 1000;
    private static final String KEY_PREFERRED_ROLE = "preferred_role";
    private static final String KEY_ROLE_SESSION_NAME = "roleSessionName";
    private static final String KEY_ROLE_ARN = "roleArn";
    public static final int GET_CLUSTER_CREDENTIALS_V1_API = 1;
    public static final int GET_CLUSTER_CREDENTIALS_IAM_V2_API = 2;
    public static final int GET_CLUSTER_CREDENTIALS_SAML_V2_API = 3;
    public static final int GET_CLUSTER_CREDENTIALS_JWT_V2_API = 4;
    public static final int GET_SERVERLESS_CREDENTIALS_V1_API = 5;
    private static final Pattern HOST_PATTERN = Pattern.compile("(.+)\\.(.+)\\.(.+).redshift(-dev)?\\.amazonaws\\.com(.)*");
    private static final Pattern SERVERLESS_WORKGROUP_HOST_PATTERN = Pattern.compile("(.+)\\.(.+)\\.(.+).redshift-serverless(-dev)?\\.amazonaws\\.com(.)*");
    private static Map<String, GetClusterCredentialsResult> credentialsCache = new HashMap();
    private static Map<String, GetClusterCredentialsWithIAMResult> credentialsV2Cache = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/amazon/redshift/core/IamHelper$CredentialProviderType.class */
    public enum CredentialProviderType {
        NONE,
        PROFILE,
        IAM_KEYS_WITH_SESSION,
        IAM_KEYS,
        PLUGIN
    }

    private IamHelper() {
    }

    public static RedshiftProperties setIAMProperties(RedshiftProperties redshiftProperties, RedshiftJDBCSettings redshiftJDBCSettings, RedshiftLogger redshiftLogger) throws RedshiftException {
        List<String> emptyList;
        try {
            RedshiftProperties authProperties = setAuthProperties(redshiftProperties, redshiftJDBCSettings, redshiftLogger);
            String optionalConnSetting = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.IAM_ACCESS_KEY_ID.getName(), authProperties);
            String optionalConnSetting2 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.IAM_SECRET_ACCESS_KEY.getName(), authProperties);
            String optionalConnSetting3 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.IAM_SESSION_TOKEN.getName(), authProperties);
            String optionalConnSetting4 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.AUTH_PROFILE.getName(), authProperties);
            String optionalConnSetting5 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.HOST.getName(), authProperties);
            String optionalConnSetting6 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.IS_SERVERLESS.getName(), authProperties);
            Boolean bool = false;
            if (null != optionalConnSetting6) {
                bool = Boolean.valueOf("true".equalsIgnoreCase(optionalConnSetting6));
            }
            String str = null;
            String str2 = null;
            Matcher matcher = null;
            Matcher matcher2 = null;
            if (null != optionalConnSetting5) {
                matcher = HOST_PATTERN.matcher(optionalConnSetting5);
                matcher2 = SERVERLESS_WORKGROUP_HOST_PATTERN.matcher(optionalConnSetting5);
            }
            String optionalConnSetting7 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.CLUSTER_IDENTIFIER.getName(), authProperties);
            if ((null != matcher && matcher.matches()) || (null != optionalConnSetting7 && optionalConnSetting7.startsWith("redshift-serverless-"))) {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("Code flow for regular provisioned cluster", new Object[0]);
                }
                optionalConnSetting7 = RedshiftConnectionImpl.getRequiredConnSetting(RedshiftProperty.CLUSTER_IDENTIFIER.getName(), authProperties);
            } else if (null != matcher2 && matcher2.matches()) {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("Code flow for regular serverless cluster", new Object[0]);
                }
                redshiftJDBCSettings.m_isServerless = true;
                str = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.SERVERLESS_ACCT_ID.getName(), authProperties);
                str2 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.SERVERLESS_WORK_GROUP.getName(), authProperties);
            } else if (bool.booleanValue()) {
                redshiftJDBCSettings.m_isServerless = true;
                str2 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.SERVERLESS_WORK_GROUP.getName(), authProperties);
                str = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.SERVERLESS_ACCT_ID.getName(), authProperties);
                if (str2 == null) {
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.logInfo("Code flow for cname serverless cluster", new Object[0]);
                    }
                    redshiftJDBCSettings.m_isCname = true;
                } else if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("Code flow for nlb serverless cluster", new Object[0]);
                }
            } else {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("Code flow for nlb/cname in provisioned clusters", new Object[0]);
                }
                redshiftJDBCSettings.m_isCname = true;
            }
            String optionalConnSetting8 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.AWS_REGION.getName(), authProperties);
            String optionalConnSetting9 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.ENDPOINT_URL.getName(), authProperties);
            String optionalConnSetting10 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.STS_ENDPOINT_URL.getName(), authProperties);
            String optionalConnSetting11 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.AWS_PROFILE.getName(), authProperties);
            if (optionalConnSetting11 == null) {
                optionalConnSetting11 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.AWS_PROFILE.getName().toLowerCase(), authProperties);
            }
            String optionalConnSetting12 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.IAM_DURATION.getName(), authProperties);
            String optionalConnSetting13 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.USER_AUTOCREATE.getName(), authProperties);
            String optionalConnSetting14 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.DB_USER.getName(), authProperties);
            String optionalConnSetting15 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.DB_GROUPS.getName(), authProperties);
            String optionalConnSetting16 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.FORCE_LOWERCASE.getName(), authProperties);
            String optionalConnSetting17 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.GROUP_FEDERATION.getName(), authProperties);
            String optionalConnSetting18 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.DBNAME.getName(), authProperties);
            String optionalConnSetting19 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.HOST.getName(), authProperties);
            String optionalConnSetting20 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.PORT.getName(), authProperties);
            redshiftJDBCSettings.m_clusterIdentifier = optionalConnSetting7;
            if (!redshiftJDBCSettings.m_isServerless && !redshiftJDBCSettings.m_isCname && (null == redshiftJDBCSettings.m_clusterIdentifier || redshiftJDBCSettings.m_clusterIdentifier.isEmpty())) {
                RedshiftException redshiftException = new RedshiftException(GT.tr("Missing connection property {0}", RedshiftProperty.CLUSTER_IDENTIFIER.getName()), RedshiftState.UNEXPECTED_ERROR);
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.ERROR, redshiftException.toString(), new Object[0]);
                }
                throw redshiftException;
            }
            if (redshiftJDBCSettings.m_isServerless) {
                redshiftJDBCSettings.m_acctId = str;
                redshiftJDBCSettings.m_workGroup = str2;
            }
            if (null != optionalConnSetting8) {
                redshiftJDBCSettings.m_awsRegion = optionalConnSetting8.trim().toLowerCase();
            }
            if (null != optionalConnSetting9) {
                redshiftJDBCSettings.m_endpoint = optionalConnSetting9;
            } else {
                redshiftJDBCSettings.m_endpoint = System.getProperty("redshift.endpoint-url");
            }
            if (null != optionalConnSetting10) {
                redshiftJDBCSettings.m_stsEndpoint = optionalConnSetting10;
            } else {
                redshiftJDBCSettings.m_stsEndpoint = System.getProperty("sts.endpoint-url");
            }
            if (null != optionalConnSetting11) {
                redshiftJDBCSettings.m_profile = optionalConnSetting11;
            }
            if (null != optionalConnSetting12) {
                try {
                    redshiftJDBCSettings.m_iamDuration = Integer.parseInt(optionalConnSetting12);
                    if (redshiftJDBCSettings.m_iamDuration < 900 || redshiftJDBCSettings.m_iamDuration > 3600) {
                        RedshiftException redshiftException2 = new RedshiftException(GT.tr("Invalid connection property value or type range(900-3600) {0}", RedshiftProperty.IAM_DURATION.getName()), RedshiftState.UNEXPECTED_ERROR);
                        if (RedshiftLogger.isEnable()) {
                            redshiftLogger.log(LogLevel.ERROR, redshiftException2.toString(), new Object[0]);
                        }
                        throw redshiftException2;
                    }
                } catch (NumberFormatException e) {
                    RedshiftException redshiftException3 = new RedshiftException(GT.tr("Invalid connection property value {0} : {1}", RedshiftProperty.IAM_DURATION.getName(), optionalConnSetting12), RedshiftState.UNEXPECTED_ERROR, e);
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.log(LogLevel.DEBUG, redshiftException3.toString(), new Object[0]);
                    }
                    throw redshiftException3;
                }
            }
            if (null != optionalConnSetting) {
                redshiftJDBCSettings.m_iamAccessKeyID = optionalConnSetting;
            }
            if (null == optionalConnSetting2) {
                redshiftJDBCSettings.m_iamSecretKey = redshiftJDBCSettings.m_password;
            } else {
                if (StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_iamAccessKeyID)) {
                    RedshiftException redshiftException4 = new RedshiftException(GT.tr("Missing connection property {0}", RedshiftProperty.IAM_ACCESS_KEY_ID.getName()), RedshiftState.UNEXPECTED_ERROR);
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.log(LogLevel.ERROR, redshiftException4.toString(), new Object[0]);
                    }
                    throw redshiftException4;
                }
                redshiftJDBCSettings.m_iamSecretKey = optionalConnSetting2;
                if (redshiftJDBCSettings.m_iamSecretKey.isEmpty()) {
                    redshiftJDBCSettings.m_iamSecretKey = redshiftJDBCSettings.m_password;
                }
            }
            if (null != optionalConnSetting3) {
                if (StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_iamAccessKeyID)) {
                    RedshiftException redshiftException5 = new RedshiftException(GT.tr("Missing connection property {0}", RedshiftProperty.IAM_ACCESS_KEY_ID.getName()), RedshiftState.UNEXPECTED_ERROR);
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.log(LogLevel.ERROR, redshiftException5.toString(), new Object[0]);
                    }
                    throw redshiftException5;
                }
                redshiftJDBCSettings.m_iamSessionToken = optionalConnSetting3;
            }
            redshiftJDBCSettings.m_autocreate = optionalConnSetting13 == null ? null : Boolean.valueOf(optionalConnSetting13);
            redshiftJDBCSettings.m_forceLowercase = optionalConnSetting16 == null ? null : Boolean.valueOf(optionalConnSetting16);
            redshiftJDBCSettings.m_groupFederation = Boolean.valueOf(optionalConnSetting17 == null ? false : Boolean.valueOf(optionalConnSetting17).booleanValue());
            if (null != optionalConnSetting14) {
                redshiftJDBCSettings.m_dbUser = optionalConnSetting14;
            }
            if (optionalConnSetting15 != null) {
                emptyList = Arrays.asList(((redshiftJDBCSettings.m_forceLowercase == null || !redshiftJDBCSettings.m_forceLowercase.booleanValue()) ? optionalConnSetting15 : optionalConnSetting15.toLowerCase(Locale.getDefault())).split(","));
            } else {
                emptyList = Collections.emptyList();
            }
            redshiftJDBCSettings.m_dbGroups = emptyList;
            redshiftJDBCSettings.m_Schema = optionalConnSetting18;
            if (optionalConnSetting19 != null) {
                redshiftJDBCSettings.m_host = optionalConnSetting19;
            }
            if (optionalConnSetting20 != null) {
                redshiftJDBCSettings.m_port = Integer.parseInt(optionalConnSetting20);
            }
            setIAMCredentials(redshiftJDBCSettings, redshiftLogger, optionalConnSetting4);
            return authProperties;
        } catch (RedshiftException e2) {
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.logError(e2);
            }
            throw e2;
        }
    }

    private static void setIAMCredentials(RedshiftJDBCSettings redshiftJDBCSettings, RedshiftLogger redshiftLogger, String str) throws RedshiftException {
        AWSCredentialsProvider defaultAWSCredentialsProviderChain;
        BasicSessionCredentials basicAWSCredentials;
        CredentialProviderType credentialProviderType = CredentialProviderType.NONE;
        boolean z = false;
        String str2 = null;
        if (!StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_credentialsProvider)) {
            if (!StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_profile)) {
                RedshiftException redshiftException = new RedshiftException(GT.tr("Conflict in connection property setting {0} and {1}", RedshiftProperty.CREDENTIALS_PROVIDER.getName(), RedshiftProperty.AWS_PROFILE.getName()), RedshiftState.UNEXPECTED_ERROR);
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.ERROR, redshiftException.toString(), new Object[0]);
                }
                throw redshiftException;
            }
            if (StringUtils.isNullOrEmpty(str) && !StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_iamAccessKeyID)) {
                RedshiftException redshiftException2 = new RedshiftException(GT.tr("Conflict in connection property setting {0} and {1}", RedshiftProperty.CREDENTIALS_PROVIDER.getName(), RedshiftProperty.IAM_ACCESS_KEY_ID.getName()), RedshiftState.UNEXPECTED_ERROR);
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.ERROR, redshiftException2.toString(), new Object[0]);
                }
                throw redshiftException2;
            }
            try {
                defaultAWSCredentialsProviderChain = (AWSCredentialsProvider) Class.forName(redshiftJDBCSettings.m_credentialsProvider).asSubclass(AWSCredentialsProvider.class).newInstance();
                if (defaultAWSCredentialsProviderChain instanceof IPlugin) {
                    IPlugin iPlugin = (IPlugin) defaultAWSCredentialsProviderChain;
                    credentialProviderType = CredentialProviderType.PLUGIN;
                    iPlugin.setLogger(redshiftLogger);
                    iPlugin.setGroupFederation(redshiftJDBCSettings.m_groupFederation.booleanValue());
                    for (Map.Entry<String, String> entry : redshiftJDBCSettings.m_pluginArgs.entrySet()) {
                        String key = entry.getKey();
                        iPlugin.addParameter(key, entry.getValue());
                        if (KEY_PREFERRED_ROLE.equalsIgnoreCase(key)) {
                            redshiftJDBCSettings.m_preferredRole = entry.getValue();
                        } else if (KEY_ROLE_ARN.equalsIgnoreCase(key)) {
                            redshiftJDBCSettings.m_roleArn = entry.getValue();
                        } else if (KEY_ROLE_SESSION_NAME.equalsIgnoreCase(key)) {
                            redshiftJDBCSettings.m_roleSessionName = entry.getValue();
                        } else if (RedshiftProperty.DB_GROUPS_FILTER.getName().equalsIgnoreCase(key)) {
                            redshiftJDBCSettings.m_dbGroupsFilter = entry.getValue();
                        }
                    }
                }
            } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
                RedshiftException redshiftException3 = new RedshiftException(GT.tr("Invalid credentials provider class {0}", redshiftJDBCSettings.m_credentialsProvider), RedshiftState.UNEXPECTED_ERROR, e);
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.ERROR, redshiftException3.toString(), new Object[0]);
                }
                throw redshiftException3;
            } catch (NumberFormatException e2) {
                RedshiftException redshiftException4 = new RedshiftException(GT.tr("{0} : {1}", e2.getMessage(), redshiftJDBCSettings.m_credentialsProvider), RedshiftState.UNEXPECTED_ERROR, e2);
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.ERROR, redshiftException4.toString(), new Object[0]);
                }
                throw redshiftException4;
            }
        } else if (!StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_profile)) {
            if (StringUtils.isNullOrEmpty(str) && !StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_iamAccessKeyID)) {
                RedshiftException redshiftException5 = new RedshiftException(GT.tr("Conflict in connection property setting {0} and {1}", RedshiftProperty.AWS_PROFILE.getName(), RedshiftProperty.IAM_ACCESS_KEY_ID.getName()), RedshiftState.UNEXPECTED_ERROR);
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.ERROR, redshiftException5.toString(), new Object[0]);
                }
                throw redshiftException5;
            }
            defaultAWSCredentialsProviderChain = new ProfileCredentialsProvider(new PluginProfilesConfigFile(redshiftJDBCSettings, redshiftLogger), redshiftJDBCSettings.m_profile);
            credentialProviderType = CredentialProviderType.PROFILE;
        } else if (StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_iamAccessKeyID)) {
            defaultAWSCredentialsProviderChain = new DefaultAWSCredentialsProviderChain();
        } else {
            if (StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_iamSessionToken)) {
                basicAWSCredentials = new BasicAWSCredentials(redshiftJDBCSettings.m_iamAccessKeyID, redshiftJDBCSettings.m_iamSecretKey);
                credentialProviderType = CredentialProviderType.IAM_KEYS;
            } else {
                basicAWSCredentials = new BasicSessionCredentials(redshiftJDBCSettings.m_iamAccessKeyID, redshiftJDBCSettings.m_iamSecretKey, redshiftJDBCSettings.m_iamSessionToken);
                credentialProviderType = CredentialProviderType.IAM_KEYS_WITH_SESSION;
            }
            defaultAWSCredentialsProviderChain = new AWSStaticCredentialsProvider(basicAWSCredentials);
        }
        if (RedshiftLogger.isEnable()) {
            redshiftLogger.log(LogLevel.DEBUG, "IDP Credential Provider {0}:{1}", defaultAWSCredentialsProviderChain, redshiftJDBCSettings.m_credentialsProvider);
        }
        int findTypeOfGetClusterCredentialsAPI = findTypeOfGetClusterCredentialsAPI(redshiftJDBCSettings, credentialProviderType, defaultAWSCredentialsProviderChain);
        if (findTypeOfGetClusterCredentialsAPI == 1 || findTypeOfGetClusterCredentialsAPI == 2 || findTypeOfGetClusterCredentialsAPI == 5) {
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.log(LogLevel.DEBUG, "Calling provider.getCredentials()", new Object[0]);
            }
            AWSCredentials credentials = defaultAWSCredentialsProviderChain.getCredentials();
            if (credentials instanceof CredentialsHolder) {
                z = ((CredentialsHolder) credentials).isRefresh();
                CredentialsHolder.IamMetadata metadata = ((CredentialsHolder) credentials).getMetadata();
                if (null != metadata) {
                    Boolean autoCreate = metadata.getAutoCreate();
                    String dbUser = metadata.getDbUser();
                    String samlDbUser = metadata.getSamlDbUser();
                    String profileDbUser = metadata.getProfileDbUser();
                    String dbGroups = metadata.getDbGroups();
                    boolean forceLowercase = metadata.getForceLowercase();
                    boolean allowDbUserOverride = metadata.getAllowDbUserOverride();
                    if (null == redshiftJDBCSettings.m_autocreate) {
                        redshiftJDBCSettings.m_autocreate = autoCreate;
                    }
                    if (null == redshiftJDBCSettings.m_forceLowercase) {
                        redshiftJDBCSettings.m_forceLowercase = Boolean.valueOf(forceLowercase);
                    }
                    if (allowDbUserOverride) {
                        if (null != samlDbUser) {
                            redshiftJDBCSettings.m_dbUser = samlDbUser;
                        } else if (null != dbUser) {
                            redshiftJDBCSettings.m_dbUser = dbUser;
                        } else if (null != profileDbUser) {
                            redshiftJDBCSettings.m_dbUser = profileDbUser;
                        }
                    } else if (null != dbUser) {
                        redshiftJDBCSettings.m_dbUser = dbUser;
                    } else if (null != profileDbUser) {
                        redshiftJDBCSettings.m_dbUser = profileDbUser;
                    } else if (null != samlDbUser) {
                        redshiftJDBCSettings.m_dbUser = samlDbUser;
                    }
                    if (redshiftJDBCSettings.m_dbGroups.isEmpty() && null != dbGroups) {
                        redshiftJDBCSettings.m_dbGroups = Arrays.asList((redshiftJDBCSettings.m_forceLowercase.booleanValue() ? dbGroups.toLowerCase(Locale.getDefault()) : dbGroups).split(","));
                    }
                }
            }
            if ("*".equals(redshiftJDBCSettings.m_username) && null == redshiftJDBCSettings.m_dbUser) {
                RedshiftException redshiftException6 = new RedshiftException(GT.tr("Missing connection property {0}", RedshiftProperty.DB_USER.getName()), RedshiftState.UNEXPECTED_ERROR);
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.ERROR, redshiftException6.toString(), new Object[0]);
                }
                throw redshiftException6;
            }
        } else {
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.log(LogLevel.DEBUG, "groupFederation=" + redshiftJDBCSettings.m_groupFederation, new Object[0]);
            }
            GetClusterCredentialsWithIAMResult getClusterCredentialsWithIAMResult = redshiftJDBCSettings.m_iamDisableCache ? null : credentialsV2Cache.get(getCredentialsV2CacheKey(redshiftJDBCSettings, credentialProviderType, defaultAWSCredentialsProviderChain, findTypeOfGetClusterCredentialsAPI, false));
            if (getClusterCredentialsWithIAMResult == null || RequestUtils.isCredentialExpired(getClusterCredentialsWithIAMResult.getExpiration())) {
                if (credentialProviderType == CredentialProviderType.PLUGIN) {
                    IPlugin iPlugin2 = (IPlugin) defaultAWSCredentialsProviderChain;
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.log(LogLevel.DEBUG, "Calling plugin.getIdpToken()", new Object[0]);
                    }
                    str2 = iPlugin2.getIdpToken();
                }
                redshiftJDBCSettings.m_idpToken = str2;
            }
        }
        setClusterCredentials(defaultAWSCredentialsProviderChain, redshiftJDBCSettings, redshiftLogger, credentialProviderType, z, findTypeOfGetClusterCredentialsAPI);
    }

    private static void setClusterCredentials(AWSCredentialsProvider aWSCredentialsProvider, RedshiftJDBCSettings redshiftJDBCSettings, RedshiftLogger redshiftLogger, CredentialProviderType credentialProviderType, boolean z, int i) throws RedshiftException {
        try {
            AmazonRedshiftClientBuilder builderConfiguration = setBuilderConfiguration(redshiftJDBCSettings, redshiftLogger, AmazonRedshiftClientBuilder.standard());
            switch (i) {
                case 1:
                    AmazonRedshift amazonRedshift = (AmazonRedshift) builderConfiguration.withCredentials(aWSCredentialsProvider).build();
                    callDescribeCustomDomainNameAssociationsAPIForV1(redshiftJDBCSettings, amazonRedshift, redshiftLogger);
                    callDescribeClustersAPIForV1(redshiftJDBCSettings, amazonRedshift, redshiftLogger);
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.log(LogLevel.DEBUG, "Call V1 API of GetClusterCredentials", new Object[0]);
                    }
                    GetClusterCredentialsResult clusterCredentialsResult = getClusterCredentialsResult(redshiftJDBCSettings, amazonRedshift, redshiftLogger, credentialProviderType, z);
                    redshiftJDBCSettings.m_username = clusterCredentialsResult.getDbUser();
                    redshiftJDBCSettings.m_password = clusterCredentialsResult.getDbPassword();
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.logInfo(new Date() + ": Using GetClusterCredentialsResult with expiration " + clusterCredentialsResult.getExpiration(), new Object[0]);
                        break;
                    }
                    break;
                case 2:
                    AmazonRedshiftClient amazonRedshiftClient = (AmazonRedshiftClient) builderConfiguration.withCredentials(aWSCredentialsProvider).build();
                    callDescribeCustomDomainNameAssociationsAPIForV2(redshiftJDBCSettings, amazonRedshiftClient, redshiftLogger);
                    callDescribeClustersAPIForV2(redshiftJDBCSettings, amazonRedshiftClient, redshiftLogger);
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.log(LogLevel.DEBUG, "Call V2 API of GetClusterCredentials", new Object[0]);
                    }
                    GetClusterCredentialsWithIAMResult clusterCredentialsResultV2 = getClusterCredentialsResultV2(redshiftJDBCSettings, amazonRedshiftClient, redshiftLogger, credentialProviderType, z, aWSCredentialsProvider, i);
                    redshiftJDBCSettings.m_username = clusterCredentialsResultV2.getDbUser();
                    redshiftJDBCSettings.m_password = clusterCredentialsResultV2.getDbPassword();
                    if (RedshiftLogger.isEnable()) {
                        Date date = new Date();
                        redshiftLogger.logInfo(date + ": Using GetClusterCredentialsResultV2 with expiration " + clusterCredentialsResultV2.getExpiration(), new Object[0]);
                        redshiftLogger.logInfo(date + ": Using GetClusterCredentialsResultV2 with TimeToRefresh " + clusterCredentialsResultV2.getNextRefreshTime(), new Object[0]);
                        break;
                    }
                    break;
                case 5:
                    ServerlessIamHelper serverlessIamHelper = new ServerlessIamHelper(redshiftJDBCSettings, redshiftLogger, aWSCredentialsProvider);
                    if (null == redshiftJDBCSettings.m_host || redshiftJDBCSettings.m_port == 0) {
                        serverlessIamHelper.describeConfiguration(redshiftJDBCSettings);
                    }
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.log(LogLevel.DEBUG, "Call Serverless V1 API of GetCredentials", new Object[0]);
                    }
                    serverlessIamHelper.getCredentialsResult(redshiftJDBCSettings, credentialProviderType, z);
                    break;
            }
        } catch (AmazonClientException e) {
            RedshiftException redshiftException = new RedshiftException(GT.tr("IAM error retrieving temp credentials: {0}", e.getMessage()), RedshiftState.UNEXPECTED_ERROR, e);
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.log(LogLevel.ERROR, redshiftException.toString(), new Object[0]);
            }
            throw redshiftException;
        }
    }

    static void callDescribeClustersAPIForV2(RedshiftJDBCSettings redshiftJDBCSettings, AmazonRedshiftClient amazonRedshiftClient, RedshiftLogger redshiftLogger) {
        if (null == redshiftJDBCSettings.m_host || redshiftJDBCSettings.m_port == 0) {
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.logInfo("calling describe clusters API with clusterID : " + redshiftJDBCSettings.m_clusterIdentifier, new Object[0]);
            }
            DescribeClustersRequest describeClustersRequest = new DescribeClustersRequest();
            describeClustersRequest.setClusterIdentifier(redshiftJDBCSettings.m_clusterIdentifier);
            List clusters = amazonRedshiftClient.describeClusters(describeClustersRequest).getClusters();
            if (clusters.isEmpty()) {
                throw new AmazonClientException("Failed to describeClusters.");
            }
            Endpoint endpoint = ((Cluster) clusters.get(0)).getEndpoint();
            if (null == endpoint) {
                throw new AmazonClientException("Cluster is not fully created yet.");
            }
            redshiftJDBCSettings.m_host = endpoint.getAddress();
            redshiftJDBCSettings.m_port = endpoint.getPort().intValue();
        }
    }

    static void callDescribeClustersAPIForV1(RedshiftJDBCSettings redshiftJDBCSettings, AmazonRedshift amazonRedshift, RedshiftLogger redshiftLogger) {
        if (null == redshiftJDBCSettings.m_host || redshiftJDBCSettings.m_port == 0) {
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.logInfo("calling describe clusters API with clusterID : " + redshiftJDBCSettings.m_clusterIdentifier, new Object[0]);
            }
            DescribeClustersRequest describeClustersRequest = new DescribeClustersRequest();
            describeClustersRequest.setClusterIdentifier(redshiftJDBCSettings.m_clusterIdentifier);
            List clusters = amazonRedshift.describeClusters(describeClustersRequest).getClusters();
            if (clusters.isEmpty()) {
                throw new AmazonClientException("Failed to describeClusters.");
            }
            Endpoint endpoint = ((Cluster) clusters.get(0)).getEndpoint();
            if (null == endpoint) {
                throw new AmazonClientException("Cluster is not fully created yet.");
            }
            redshiftJDBCSettings.m_host = endpoint.getAddress();
            redshiftJDBCSettings.m_port = endpoint.getPort().intValue();
        }
    }

    static void callDescribeCustomDomainNameAssociationsAPIForV2(RedshiftJDBCSettings redshiftJDBCSettings, AmazonRedshiftClient amazonRedshiftClient, RedshiftLogger redshiftLogger) throws RedshiftException {
        if (redshiftJDBCSettings.m_isCname) {
            DescribeCustomDomainAssociationsRequest describeCustomDomainAssociationsRequest = new DescribeCustomDomainAssociationsRequest();
            if (null != redshiftJDBCSettings.m_host) {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("calling describe cname associations API with hostname : " + redshiftJDBCSettings.m_host, new Object[0]);
                }
                describeCustomDomainAssociationsRequest.setCustomDomainName(redshiftJDBCSettings.m_host);
            } else if (null == redshiftJDBCSettings.m_clusterIdentifier) {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("No CNAME provided. No-op.", new Object[0]);
                    return;
                }
                return;
            } else {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("calling describe cname associations API with clusterID : " + redshiftJDBCSettings.m_clusterIdentifier, new Object[0]);
                }
                describeCustomDomainAssociationsRequest.setCustomDomainName(redshiftJDBCSettings.m_clusterIdentifier);
            }
            try {
                DescribeCustomDomainAssociationsResult describeCustomDomainAssociations = amazonRedshiftClient.describeCustomDomainAssociations(describeCustomDomainAssociationsRequest);
                if (describeCustomDomainAssociations.getAssociations().stream().count() > 1) {
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.logInfo("Multiple associations received for provided custom domain name : " + describeCustomDomainAssociationsRequest.getCustomDomainName() + ". Only one expected.", new Object[0]);
                    }
                } else {
                    String clusterIdentifier = ((CertificateAssociation) ((Association) describeCustomDomainAssociations.getAssociations().get(0)).getCertificateAssociations().get(0)).getClusterIdentifier();
                    if (null != clusterIdentifier && !clusterIdentifier.isEmpty()) {
                        redshiftJDBCSettings.m_clusterIdentifier = clusterIdentifier;
                        if (RedshiftLogger.isEnable()) {
                            redshiftLogger.logDebug("setting cluster ID to : " + redshiftJDBCSettings.m_clusterIdentifier, new Object[0]);
                        }
                    }
                }
            } catch (Exception e) {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("No cluster identifier received from Redshift CNAME lookup. Setting CNAME to false.", new Object[0]);
                }
                redshiftJDBCSettings.m_isCname = false;
            }
        }
    }

    static void callDescribeCustomDomainNameAssociationsAPIForV1(RedshiftJDBCSettings redshiftJDBCSettings, AmazonRedshift amazonRedshift, RedshiftLogger redshiftLogger) throws RedshiftException {
        if (redshiftJDBCSettings.m_isCname) {
            DescribeCustomDomainAssociationsRequest describeCustomDomainAssociationsRequest = new DescribeCustomDomainAssociationsRequest();
            if (null != redshiftJDBCSettings.m_host) {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("calling describe cname associations API with hostname : " + redshiftJDBCSettings.m_host, new Object[0]);
                }
                describeCustomDomainAssociationsRequest.setCustomDomainName(redshiftJDBCSettings.m_host);
            } else if (null == redshiftJDBCSettings.m_clusterIdentifier) {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("No CNAME provided. No-op.", new Object[0]);
                    return;
                }
                return;
            } else {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("calling describe cname associations API with clusterID : " + redshiftJDBCSettings.m_clusterIdentifier, new Object[0]);
                }
                describeCustomDomainAssociationsRequest.setCustomDomainName(redshiftJDBCSettings.m_clusterIdentifier);
            }
            try {
                DescribeCustomDomainAssociationsResult describeCustomDomainAssociations = amazonRedshift.describeCustomDomainAssociations(describeCustomDomainAssociationsRequest);
                if (describeCustomDomainAssociations.getAssociations().stream().count() > 1) {
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.logInfo("Multiple associations received for provided custom domain name : " + describeCustomDomainAssociationsRequest.getCustomDomainName() + ". Only one expected.", new Object[0]);
                    }
                } else {
                    String clusterIdentifier = ((CertificateAssociation) ((Association) describeCustomDomainAssociations.getAssociations().get(0)).getCertificateAssociations().get(0)).getClusterIdentifier();
                    if (null != clusterIdentifier && !clusterIdentifier.isEmpty()) {
                        redshiftJDBCSettings.m_clusterIdentifier = clusterIdentifier;
                        if (RedshiftLogger.isEnable()) {
                            redshiftLogger.logDebug("setting cluster ID to : " + redshiftJDBCSettings.m_clusterIdentifier, new Object[0]);
                        }
                    }
                }
            } catch (Exception e) {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logInfo("No cluster identifier received from Redshift CNAME lookup. Setting CNAME to false.", new Object[0]);
                }
                redshiftJDBCSettings.m_isCname = false;
            }
        }
    }

    private static synchronized GetClusterCredentialsResult getClusterCredentialsResult(RedshiftJDBCSettings redshiftJDBCSettings, AmazonRedshift amazonRedshift, RedshiftLogger redshiftLogger, CredentialProviderType credentialProviderType, boolean z) throws AmazonClientException {
        String str = null;
        GetClusterCredentialsResult getClusterCredentialsResult = null;
        if (!redshiftJDBCSettings.m_iamDisableCache) {
            str = getCredentialsCacheKey(redshiftJDBCSettings, credentialProviderType, false);
            getClusterCredentialsResult = credentialsCache.get(str);
        }
        if (getClusterCredentialsResult == null || ((credentialProviderType == CredentialProviderType.PLUGIN && z) || RequestUtils.isCredentialExpired(getClusterCredentialsResult.getExpiration()))) {
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.logInfo("GetClusterCredentials NOT from cache", new Object[0]);
            }
            if (!redshiftJDBCSettings.m_iamDisableCache) {
                credentialsCache.remove(str);
            }
            if (redshiftJDBCSettings.m_isCname) {
                try {
                    getClusterCredentialsResult = makeGetClusterCredentialsAPICall(constructRequestForGetClusterCredentials(redshiftJDBCSettings, true, redshiftLogger), getClusterCredentialsResult, amazonRedshift, redshiftLogger);
                } catch (AmazonClientException e) {
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.logInfo("GetClusterCredentials API call failed with CNAME request. Retrying with ClusterID.", new Object[0]);
                    }
                    getClusterCredentialsResult = makeGetClusterCredentialsAPICall(constructRequestForGetClusterCredentials(redshiftJDBCSettings, false, redshiftLogger), getClusterCredentialsResult, amazonRedshift, redshiftLogger);
                }
            } else {
                getClusterCredentialsResult = makeGetClusterCredentialsAPICall(constructRequestForGetClusterCredentials(redshiftJDBCSettings, false, redshiftLogger), getClusterCredentialsResult, amazonRedshift, redshiftLogger);
            }
            if (!redshiftJDBCSettings.m_iamDisableCache) {
                credentialsCache.put(str, getClusterCredentialsResult);
            }
        } else if (RedshiftLogger.isEnable()) {
            redshiftLogger.logInfo("GetClusterCredentials from cache", new Object[0]);
        }
        return getClusterCredentialsResult;
    }

    static GetClusterCredentialsRequest constructRequestForGetClusterCredentials(RedshiftJDBCSettings redshiftJDBCSettings, boolean z, RedshiftLogger redshiftLogger) {
        GetClusterCredentialsRequest getClusterCredentialsRequest = new GetClusterCredentialsRequest();
        if (redshiftJDBCSettings.m_iamDuration > 0) {
            getClusterCredentialsRequest.setDurationSeconds(Integer.valueOf(redshiftJDBCSettings.m_iamDuration));
        }
        getClusterCredentialsRequest.setDbName(redshiftJDBCSettings.m_Schema);
        getClusterCredentialsRequest.setDbUser(redshiftJDBCSettings.m_dbUser == null ? redshiftJDBCSettings.m_username : redshiftJDBCSettings.m_dbUser);
        getClusterCredentialsRequest.setAutoCreate(redshiftJDBCSettings.m_autocreate);
        getClusterCredentialsRequest.setDbGroups(redshiftJDBCSettings.m_dbGroups);
        if (z) {
            getClusterCredentialsRequest.setCustomDomainName(redshiftJDBCSettings.m_host);
        } else {
            getClusterCredentialsRequest.setClusterIdentifier(redshiftJDBCSettings.m_clusterIdentifier);
        }
        if (RedshiftLogger.isEnable()) {
            redshiftLogger.logInfo(getClusterCredentialsRequest.toString(), new Object[0]);
        }
        return getClusterCredentialsRequest;
    }

    static GetClusterCredentialsResult makeGetClusterCredentialsAPICall(GetClusterCredentialsRequest getClusterCredentialsRequest, GetClusterCredentialsResult getClusterCredentialsResult, AmazonRedshift amazonRedshift, RedshiftLogger redshiftLogger) {
        for (int i = 0; i < 5; i++) {
            try {
                getClusterCredentialsResult = amazonRedshift.getClusterCredentials(getClusterCredentialsRequest);
                break;
            } catch (AmazonClientException e) {
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.logDebug("Call to getClusterCredentials failed with error: " + e.getMessage(), new Object[0]);
                }
                checkForApiCallRateExceedError(e, i, "getClusterCredentialsResult", redshiftLogger);
            }
        }
        return getClusterCredentialsResult;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void checkForApiCallRateExceedError(AmazonClientException amazonClientException, int i, String str, RedshiftLogger redshiftLogger) throws AmazonClientException {
        if (!amazonClientException.getMessage().contains("Rate exceeded") || i >= 4) {
            throw amazonClientException;
        }
        if (RedshiftLogger.isEnable()) {
            redshiftLogger.logInfo(str + " caught 'Rate exceeded' error...", new Object[0]);
        }
        try {
            Thread.sleep(1000L);
        } catch (InterruptedException e) {
            Thread.currentThread().interrupt();
        }
    }

    private static synchronized GetClusterCredentialsWithIAMResult getClusterCredentialsResultV2(RedshiftJDBCSettings redshiftJDBCSettings, AmazonRedshiftClient amazonRedshiftClient, RedshiftLogger redshiftLogger, CredentialProviderType credentialProviderType, boolean z, AWSCredentialsProvider aWSCredentialsProvider, int i) throws AmazonClientException {
        String str = null;
        GetClusterCredentialsWithIAMResult getClusterCredentialsWithIAMResult = null;
        if (!redshiftJDBCSettings.m_iamDisableCache) {
            str = getCredentialsV2CacheKey(redshiftJDBCSettings, credentialProviderType, aWSCredentialsProvider, i, false);
            getClusterCredentialsWithIAMResult = credentialsV2Cache.get(str);
        }
        if (getClusterCredentialsWithIAMResult == null || ((credentialProviderType == CredentialProviderType.PLUGIN && redshiftJDBCSettings.m_idpToken != null) || RequestUtils.isCredentialExpired(getClusterCredentialsWithIAMResult.getExpiration()))) {
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.logInfo("GetClusterCredentialsV2 NOT from cache", new Object[0]);
            }
            if (!redshiftJDBCSettings.m_iamDisableCache) {
                credentialsV2Cache.remove(str);
            }
            if (redshiftJDBCSettings.m_isCname) {
                try {
                    getClusterCredentialsWithIAMResult = makeGetClusterCredentialsWithIAMAPICall(constructRequestForGetClusterCredentialsWithIAM(redshiftJDBCSettings, true, redshiftLogger), getClusterCredentialsWithIAMResult, amazonRedshiftClient, redshiftLogger);
                } catch (AmazonClientException e) {
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.logInfo("GetClusterCredentials API call failed with CNAME request. Retrying with ClusterID.", new Object[0]);
                    }
                    getClusterCredentialsWithIAMResult = makeGetClusterCredentialsWithIAMAPICall(constructRequestForGetClusterCredentialsWithIAM(redshiftJDBCSettings, false, redshiftLogger), getClusterCredentialsWithIAMResult, amazonRedshiftClient, redshiftLogger);
                }
            } else {
                getClusterCredentialsWithIAMResult = makeGetClusterCredentialsWithIAMAPICall(constructRequestForGetClusterCredentialsWithIAM(redshiftJDBCSettings, false, redshiftLogger), getClusterCredentialsWithIAMResult, amazonRedshiftClient, redshiftLogger);
            }
            if (!redshiftJDBCSettings.m_iamDisableCache) {
                credentialsV2Cache.put(str, getClusterCredentialsWithIAMResult);
            }
        } else if (RedshiftLogger.isEnable()) {
            redshiftLogger.logInfo("GetClusterCredentialsV2 from cache", new Object[0]);
        }
        return getClusterCredentialsWithIAMResult;
    }

    static GetClusterCredentialsWithIAMRequest constructRequestForGetClusterCredentialsWithIAM(RedshiftJDBCSettings redshiftJDBCSettings, boolean z, RedshiftLogger redshiftLogger) {
        GetClusterCredentialsWithIAMRequest getClusterCredentialsWithIAMRequest = new GetClusterCredentialsWithIAMRequest();
        if (redshiftJDBCSettings.m_iamDuration > 0) {
            getClusterCredentialsWithIAMRequest.setDurationSeconds(Integer.valueOf(redshiftJDBCSettings.m_iamDuration));
        }
        getClusterCredentialsWithIAMRequest.setDbName(redshiftJDBCSettings.m_Schema);
        if (z) {
            getClusterCredentialsWithIAMRequest.setCustomDomainName(redshiftJDBCSettings.m_host);
        } else {
            getClusterCredentialsWithIAMRequest.setClusterIdentifier(redshiftJDBCSettings.m_clusterIdentifier);
        }
        if (RedshiftLogger.isEnable()) {
            redshiftLogger.logInfo(getClusterCredentialsWithIAMRequest.toString(), new Object[0]);
        }
        return getClusterCredentialsWithIAMRequest;
    }

    static GetClusterCredentialsWithIAMResult makeGetClusterCredentialsWithIAMAPICall(GetClusterCredentialsWithIAMRequest getClusterCredentialsWithIAMRequest, GetClusterCredentialsWithIAMResult getClusterCredentialsWithIAMResult, AmazonRedshiftClient amazonRedshiftClient, RedshiftLogger redshiftLogger) {
        for (int i = 0; i < 5; i++) {
            try {
                getClusterCredentialsWithIAMResult = amazonRedshiftClient.getClusterCredentialsWithIAM(getClusterCredentialsWithIAMRequest);
                break;
            } catch (AmazonClientException e) {
                checkForApiCallRateExceedError(e, i, "getClusterCredentialsResultV2", redshiftLogger);
            }
        }
        return getClusterCredentialsWithIAMResult;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getCredentialsCacheKey(RedshiftJDBCSettings redshiftJDBCSettings, CredentialProviderType credentialProviderType, boolean z) {
        String str = "";
        if (redshiftJDBCSettings.m_dbGroups != null && !redshiftJDBCSettings.m_dbGroups.isEmpty()) {
            Collections.sort(redshiftJDBCSettings.m_dbGroups);
            str = String.join(",", redshiftJDBCSettings.m_dbGroups);
        }
        String str2 = (!z ? redshiftJDBCSettings.m_clusterIdentifier : redshiftJDBCSettings.m_acctId) + ";" + ((!z || redshiftJDBCSettings.m_workGroup == null) ? "" : redshiftJDBCSettings.m_workGroup) + ";" + (redshiftJDBCSettings.m_dbUser == null ? redshiftJDBCSettings.m_username : redshiftJDBCSettings.m_dbUser) + ";" + (redshiftJDBCSettings.m_Schema == null ? "" : redshiftJDBCSettings.m_Schema) + ";" + str + ";" + redshiftJDBCSettings.m_autocreate + ";" + redshiftJDBCSettings.m_iamDuration;
        switch (credentialProviderType) {
            case PROFILE:
                str2 = str2 + ";" + redshiftJDBCSettings.m_profile;
                break;
            case IAM_KEYS_WITH_SESSION:
                str2 = str2 + ";" + redshiftJDBCSettings.m_iamAccessKeyID + ";" + redshiftJDBCSettings.m_iamSecretKey + ";" + redshiftJDBCSettings.m_iamSessionToken;
                break;
            case IAM_KEYS:
                str2 = str2 + ";" + redshiftJDBCSettings.m_iamAccessKeyID + ";" + redshiftJDBCSettings.m_iamSecretKey;
                break;
        }
        return str2;
    }

    static String getCredentialsV2CacheKey(RedshiftJDBCSettings redshiftJDBCSettings, CredentialProviderType credentialProviderType, AWSCredentialsProvider aWSCredentialsProvider, int i, boolean z) {
        String str = (credentialProviderType == CredentialProviderType.PLUGIN ? ((IPlugin) aWSCredentialsProvider).getCacheKey() : "") + (!z ? redshiftJDBCSettings.m_clusterIdentifier : redshiftJDBCSettings.m_acctId) + ";" + ((!z || redshiftJDBCSettings.m_workGroup == null) ? "" : redshiftJDBCSettings.m_workGroup) + ";" + (redshiftJDBCSettings.m_Schema == null ? "" : redshiftJDBCSettings.m_Schema) + ";" + redshiftJDBCSettings.m_iamDuration;
        if (i == 3) {
            if (redshiftJDBCSettings.m_preferredRole != null) {
                str = str + redshiftJDBCSettings.m_preferredRole + ";";
            }
            if (redshiftJDBCSettings.m_dbGroupsFilter != null) {
                str = str + redshiftJDBCSettings.m_dbGroupsFilter + ";";
            }
        } else if (i == 4) {
            if (redshiftJDBCSettings.m_idpToken != null) {
                str = str + redshiftJDBCSettings.m_idpToken + ";";
            }
            if (redshiftJDBCSettings.m_roleArn != null) {
                str = str + redshiftJDBCSettings.m_roleArn + ";";
            }
            if (redshiftJDBCSettings.m_roleSessionName != null) {
                str = str + redshiftJDBCSettings.m_roleSessionName + ";";
            }
        }
        switch (credentialProviderType) {
            case PROFILE:
                str = str + ";" + redshiftJDBCSettings.m_profile;
                break;
            case IAM_KEYS_WITH_SESSION:
                str = str + ";" + redshiftJDBCSettings.m_iamAccessKeyID + ";" + redshiftJDBCSettings.m_iamSecretKey + ";" + redshiftJDBCSettings.m_iamSessionToken;
                break;
            case IAM_KEYS:
                str = str + ";" + redshiftJDBCSettings.m_iamAccessKeyID + ";" + redshiftJDBCSettings.m_iamSecretKey;
                break;
        }
        return str;
    }

    private static int findTypeOfGetClusterCredentialsAPI(RedshiftJDBCSettings redshiftJDBCSettings, CredentialProviderType credentialProviderType, AWSCredentialsProvider aWSCredentialsProvider) {
        if (redshiftJDBCSettings.m_isServerless) {
            return 5;
        }
        return !redshiftJDBCSettings.m_groupFederation.booleanValue() ? 1 : 2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AwsClientBuilder setBuilderConfiguration(RedshiftJDBCSettings redshiftJDBCSettings, RedshiftLogger redshiftLogger, AwsClientBuilder awsClientBuilder) {
        ClientConfiguration proxyClientConfig = RequestUtils.getProxyClientConfig(redshiftLogger);
        if (proxyClientConfig != null) {
            awsClientBuilder.setClientConfiguration(proxyClientConfig);
        }
        if (RedshiftLogger.isEnable()) {
            redshiftLogger.logInfo("setBuilderConfiguration: settings.m_endpoint= " + redshiftJDBCSettings.m_endpoint + " settings.m_awsRegion = " + redshiftJDBCSettings.m_awsRegion, new Object[0]);
        }
        if (redshiftJDBCSettings.m_endpoint != null) {
            awsClientBuilder.setEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration(redshiftJDBCSettings.m_endpoint, redshiftJDBCSettings.m_awsRegion));
        } else if (redshiftJDBCSettings.m_awsRegion != null && !redshiftJDBCSettings.m_awsRegion.isEmpty()) {
            awsClientBuilder.setRegion(redshiftJDBCSettings.m_awsRegion);
        }
        return awsClientBuilder;
    }
}
