package com.amazon.redshift.core;

import com.amazon.redshift.AuthMech;
import com.amazon.redshift.RedshiftProperty;
import com.amazon.redshift.jdbc.RedshiftConnectionImpl;
import com.amazon.redshift.logger.LogLevel;
import com.amazon.redshift.logger.RedshiftLogger;
import com.amazon.redshift.plugin.utils.RequestUtils;
import com.amazon.redshift.util.GT;
import com.amazon.redshift.util.RedshiftException;
import com.amazon.redshift.util.RedshiftState;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.auth.BasicSessionCredentials;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.redshift.AmazonRedshift;
import com.amazonaws.services.redshift.AmazonRedshiftClientBuilder;
import com.amazonaws.services.redshift.model.AuthenticationProfile;
import com.amazonaws.services.redshift.model.DescribeAuthenticationProfilesRequest;
import com.amazonaws.util.StringUtils;
import com.amazonaws.util.json.Jackson;
import com.fasterxml.jackson.databind.JsonNode;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;

/* loaded from: input_file:com/amazon/redshift/core/IdpAuthHelper.class */
public class IdpAuthHelper {
    public static final int SAML_PLUGIN = 1;
    public static final int JWT_PLUGIN = 2;

    /* JADX INFO: Access modifiers changed from: protected */
    public static Properties setAuthProperties(Properties properties, RedshiftJDBCSettings redshiftJDBCSettings, RedshiftLogger redshiftLogger) throws RedshiftException {
        try {
            if (redshiftJDBCSettings.m_authMech == null || redshiftJDBCSettings.m_authMech.ordinal() < AuthMech.VERIFY_CA.ordinal()) {
                redshiftJDBCSettings.m_authMech = AuthMech.VERIFY_CA;
            }
            String optionalConnSetting = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.IAM_ACCESS_KEY_ID.getName(), properties);
            String optionalConnSetting2 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.IAM_SECRET_ACCESS_KEY.getName(), properties);
            String optionalConnSetting3 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.IAM_SESSION_TOKEN.getName(), properties);
            String optionalConnSetting4 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.AUTH_PROFILE.getName(), properties);
            if (!StringUtils.isNullOrEmpty(optionalConnSetting4)) {
                if (StringUtils.isNullOrEmpty(optionalConnSetting)) {
                    RedshiftException redshiftException = new RedshiftException(GT.tr("Dependent connection property setting for {0} is missing {1}", RedshiftProperty.AUTH_PROFILE.getName(), RedshiftProperty.IAM_ACCESS_KEY_ID.getName()), RedshiftState.UNEXPECTED_ERROR);
                    if (RedshiftLogger.isEnable()) {
                        redshiftLogger.log(LogLevel.ERROR, redshiftException.toString(), new Object[0]);
                    }
                    throw redshiftException;
                }
                Properties readAuthProfile = readAuthProfile(optionalConnSetting4, optionalConnSetting, optionalConnSetting2, optionalConnSetting3, redshiftLogger, properties);
                if (readAuthProfile != null) {
                    readAuthProfile.putAll(properties);
                    properties = readAuthProfile;
                }
            }
            String optionalConnSetting5 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.UID.getName(), properties);
            if (optionalConnSetting5 == null) {
                optionalConnSetting5 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.USER.getName(), properties);
            }
            String optionalConnSetting6 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.PWD.getName(), properties);
            if (optionalConnSetting6 == null) {
                optionalConnSetting6 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.PASSWORD.getName(), properties);
            }
            String optionalConnSetting7 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.CREDENTIALS_PROVIDER.getName(), properties);
            String optionalConnSetting8 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.IAM_DISABLE_CACHE.getName(), properties);
            if (null != optionalConnSetting5) {
                redshiftJDBCSettings.m_username = optionalConnSetting5;
            }
            if (null != optionalConnSetting6) {
                redshiftJDBCSettings.m_password = optionalConnSetting6;
            }
            if (null != optionalConnSetting7) {
                redshiftJDBCSettings.m_credentialsProvider = optionalConnSetting7;
            }
            redshiftJDBCSettings.m_iamDisableCache = optionalConnSetting8 == null ? false : Boolean.valueOf(optionalConnSetting8).booleanValue();
            Enumeration<?> propertyNames = properties.propertyNames();
            while (propertyNames.hasMoreElements()) {
                String str = (String) propertyNames.nextElement();
                String property = properties.getProperty(str);
                String lowerCase = str.toLowerCase(Locale.getDefault());
                if (!"*".equals(property)) {
                    redshiftJDBCSettings.m_pluginArgs.put(lowerCase, property);
                }
            }
            return properties;
        } catch (RedshiftException e) {
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.logError(e);
            }
            throw e;
        }
    }

    private static Properties readAuthProfile(String str, String str2, String str3, String str4, RedshiftLogger redshiftLogger, Properties properties) throws RedshiftException {
        String optionalConnSetting = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.AWS_REGION.getName(), properties);
        String optionalConnSetting2 = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.ENDPOINT_URL.getName(), properties);
        AWSStaticCredentialsProvider aWSStaticCredentialsProvider = new AWSStaticCredentialsProvider(!StringUtils.isNullOrEmpty(str4) ? new BasicSessionCredentials(str2, str3, str4) : new BasicAWSCredentials(str2, str3));
        AmazonRedshiftClientBuilder standard = AmazonRedshiftClientBuilder.standard();
        ClientConfiguration proxyClientConfig = RequestUtils.getProxyClientConfig(redshiftLogger);
        if (proxyClientConfig != null) {
            standard.setClientConfiguration(proxyClientConfig);
        }
        if (optionalConnSetting2 != null) {
            standard.setEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration(optionalConnSetting2, optionalConnSetting));
        } else if (optionalConnSetting != null && !optionalConnSetting.isEmpty()) {
            standard.setRegion(optionalConnSetting);
        }
        AmazonRedshift amazonRedshift = (AmazonRedshift) standard.withCredentials(aWSStaticCredentialsProvider).build();
        DescribeAuthenticationProfilesRequest describeAuthenticationProfilesRequest = new DescribeAuthenticationProfilesRequest();
        describeAuthenticationProfilesRequest.setAuthenticationProfileName(str);
        String authenticationProfileContent = ((AuthenticationProfile) amazonRedshift.describeAuthenticationProfiles(describeAuthenticationProfilesRequest).getAuthenticationProfiles().get(0)).getAuthenticationProfileContent();
        Properties properties2 = new Properties(properties);
        JsonNode jsonNodeOf = Jackson.jsonNodeOf(authenticationProfileContent);
        if (jsonNodeOf == null) {
            RedshiftException redshiftException = new RedshiftException(GT.tr("Auth profile JSON error", new Object[0]), RedshiftState.UNEXPECTED_ERROR);
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.log(LogLevel.ERROR, redshiftException.toString(), new Object[0]);
            }
            throw redshiftException;
        }
        Iterator<Map.Entry<String, JsonNode>> fields = jsonNodeOf.fields();
        while (fields.hasNext()) {
            Map.Entry<String, JsonNode> next = fields.next();
            properties2.put(next.getKey(), next.getValue().asText());
        }
        return properties2;
    }
}
