package com.oracle.bmc.auth.internal;

import com.oracle.bmc.auth.InstancePrincipalsAuthenticationDetailsProvider;
import com.oracle.bmc.auth.SessionKeySupplier;
import com.oracle.bmc.circuitbreaker.CircuitBreakerConfiguration;
import com.oracle.bmc.http.ClientConfigurator;
import com.oracle.bmc.http.internal.ResponseHelper;
import com.oracle.bmc.http.internal.WrappedWebTarget;
import com.oracle.bmc.model.BmcException;
import java.security.KeyPair;
import java.security.interfaces.RSAPublicKey;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/oracle/bmc/auth/internal/ResourcePrincipalsFederationClient.class */
public class ResourcePrincipalsFederationClient extends AbstractFederationClient {
    private static final Logger LOG = LoggerFactory.getLogger(ResourcePrincipalsFederationClient.class);
    private final InstancePrincipalsAuthenticationDetailsProvider provider;
    private final RptPathProvider resourcePrincipalTokenPathProvider;

    public ResourcePrincipalsFederationClient(String str, RptPathProvider rptPathProvider, String str2, SessionKeySupplier sessionKeySupplier, InstancePrincipalsAuthenticationDetailsProvider instancePrincipalsAuthenticationDetailsProvider, ClientConfigurator clientConfigurator, CircuitBreakerConfiguration circuitBreakerConfiguration) {
        super(str, str2, sessionKeySupplier, instancePrincipalsAuthenticationDetailsProvider, clientConfigurator, circuitBreakerConfiguration);
        this.provider = instancePrincipalsAuthenticationDetailsProvider;
        this.resourcePrincipalTokenPathProvider = rptPathProvider;
    }

    @Override // com.oracle.bmc.auth.internal.AbstractFederationClient
    protected SecurityTokenAdapter getSecurityTokenFromServer() {
        LOG.info("Getting security token from the auth server");
        KeyPair keyPair = this.sessionKeySupplier.getKeyPair();
        if (keyPair == null) {
            throw new IllegalStateException("Keypair for session was not provided");
        }
        RSAPublicKey rSAPublicKey = (RSAPublicKey) keyPair.getPublic();
        if (rSAPublicKey == null) {
            throw new IllegalArgumentException("Public key is not present");
        }
        try {
            this.provider.refresh();
            this.restClient.setEndpoint(this.resourcePrincipalTokenEndpoint);
            WrappedWebTarget m72path = this.restClient.getBaseTarget().m72path(this.resourcePrincipalTokenPathProvider.getPath());
            Response makeCall = makeCall(m72path.request(), m72path.getUri());
            ResponseHelper.throwIfNotSuccessful(makeCall);
            GetResourcePrincipalTokenResponse getResourcePrincipalTokenResponse = (GetResourcePrincipalTokenResponse) ResponseHelper.readEntity(makeCall, GetResourcePrincipalTokenResponse.class);
            String servicePrincipalSessionToken = getResourcePrincipalTokenResponse.getServicePrincipalSessionToken();
            String resourcePrincipalToken = getResourcePrincipalTokenResponse.getResourcePrincipalToken();
            this.restClient.setEndpoint(this.federationEndpoint);
            GetResourcePrincipalSessionTokenRequest getResourcePrincipalSessionTokenRequest = new GetResourcePrincipalSessionTokenRequest(resourcePrincipalToken, servicePrincipalSessionToken, AuthUtils.base64EncodeNoChunking(rSAPublicKey));
            WrappedWebTarget m72path2 = this.restClient.getBaseTarget().m72path("v1").m72path("resourcePrincipalSessionToken");
            Response makeCall2 = makeCall(m72path2.request(), m72path2.getUri(), getResourcePrincipalSessionTokenRequest);
            ResponseHelper.throwIfNotSuccessful(makeCall2);
            return new SecurityTokenAdapter(SECURITY_TOKEN_FN.apply(makeCall2).getItem().getToken(), this.sessionKeySupplier);
        } catch (BmcException e) {
            throw e;
        }
    }
}
