package com.amazonaws.auth;

import com.amazonaws.AmazonServiceException;
import com.amazonaws.AmazonWebServiceClient;
import com.amazonaws.AmazonWebServiceRequest;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.SDKGlobalConfiguration;
import com.amazonaws.logging.Log;
import com.amazonaws.logging.LogFactory;
import com.amazonaws.mobile.config.AWSConfiguration;
import com.amazonaws.regions.Region;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.cognitoidentity.AmazonCognitoIdentity;
import com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient;
import com.amazonaws.services.cognitoidentity.model.Credentials;
import com.amazonaws.services.cognitoidentity.model.GetCredentialsForIdentityRequest;
import com.amazonaws.services.cognitoidentity.model.GetCredentialsForIdentityResult;
import com.amazonaws.services.cognitoidentity.model.ResourceNotFoundException;
import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient;
import com.amazonaws.services.securitytoken.model.AssumeRoleWithWebIdentityRequest;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.locks.ReentrantReadWriteLock;

/* loaded from: classes.dex */
public class CognitoCredentialsProvider implements AWSCredentialsProvider {
    public static final int DEFAULT_DURATION_SECONDS = 3600;
    public static final int DEFAULT_THRESHOLD_SECONDS = 500;
    private static final Log o = LogFactory.getLog(AWSCredentialsProviderChain.class);
    private final String a;
    private AmazonCognitoIdentity b;

    /* renamed from: c, reason: collision with root package name */
    private final AWSCognitoIdentityProvider f1847c;

    /* renamed from: d, reason: collision with root package name */
    protected AWSSessionCredentials f1848d;

    /* renamed from: e, reason: collision with root package name */
    protected Date f1849e;

    /* renamed from: f, reason: collision with root package name */
    protected String f1850f;

    /* renamed from: g, reason: collision with root package name */
    protected AWSSecurityTokenService f1851g;

    /* renamed from: h, reason: collision with root package name */
    protected int f1852h;

    /* renamed from: i, reason: collision with root package name */
    protected int f1853i;

    /* renamed from: j, reason: collision with root package name */
    protected String f1854j;

    /* renamed from: k, reason: collision with root package name */
    protected String f1855k;

    /* renamed from: l, reason: collision with root package name */
    protected String f1856l;

    /* renamed from: m, reason: collision with root package name */
    protected final boolean f1857m;

    /* renamed from: n, reason: collision with root package name */
    protected final ReentrantReadWriteLock f1858n;

    public CognitoCredentialsProvider(AWSCognitoIdentityProvider aWSCognitoIdentityProvider, Regions regions) {
        this(aWSCognitoIdentityProvider, regions, new ClientConfiguration());
    }

    public CognitoCredentialsProvider(AWSCognitoIdentityProvider aWSCognitoIdentityProvider, Regions regions, ClientConfiguration clientConfiguration) {
        this(aWSCognitoIdentityProvider, b(clientConfiguration, regions));
    }

    public CognitoCredentialsProvider(AWSCognitoIdentityProvider aWSCognitoIdentityProvider, AmazonCognitoIdentityClient amazonCognitoIdentityClient) {
        this.b = amazonCognitoIdentityClient;
        this.a = amazonCognitoIdentityClient.getRegions().getName();
        this.f1847c = aWSCognitoIdentityProvider;
        this.f1854j = null;
        this.f1855k = null;
        this.f1851g = null;
        this.f1852h = 3600;
        this.f1853i = 500;
        this.f1857m = true;
        this.f1858n = new ReentrantReadWriteLock(true);
    }

    public CognitoCredentialsProvider(AWSCognitoIdentityProvider aWSCognitoIdentityProvider, String str, String str2) {
        this(aWSCognitoIdentityProvider, str, str2, new AWSSecurityTokenServiceClient(new AnonymousAWSCredentials(), new ClientConfiguration()));
    }

    public CognitoCredentialsProvider(AWSCognitoIdentityProvider aWSCognitoIdentityProvider, String str, String str2, AWSSecurityTokenService aWSSecurityTokenService) {
        this.f1847c = aWSCognitoIdentityProvider;
        if (aWSCognitoIdentityProvider instanceof AWSAbstractCognitoIdentityProvider) {
            AWSAbstractCognitoIdentityProvider aWSAbstractCognitoIdentityProvider = (AWSAbstractCognitoIdentityProvider) aWSCognitoIdentityProvider;
            Object obj = aWSAbstractCognitoIdentityProvider.a;
            if ((obj instanceof AmazonWebServiceClient) && ((AmazonWebServiceClient) obj).getRegions() != null) {
                this.a = ((AmazonWebServiceClient) aWSAbstractCognitoIdentityProvider.a).getRegions().getName();
                this.f1854j = str;
                this.f1855k = str2;
                this.f1851g = aWSSecurityTokenService;
                this.f1852h = 3600;
                this.f1853i = 500;
                this.f1857m = false;
                this.f1858n = new ReentrantReadWriteLock(true);
            }
        }
        o.warn("Could not determine region of the Cognito Identity client, using default us-east-1");
        this.a = Regions.US_EAST_1.getName();
        this.f1854j = str;
        this.f1855k = str2;
        this.f1851g = aWSSecurityTokenService;
        this.f1852h = 3600;
        this.f1853i = 500;
        this.f1857m = false;
        this.f1858n = new ReentrantReadWriteLock(true);
    }

    public CognitoCredentialsProvider(AWSConfiguration aWSConfiguration) {
        this((String) null, d(aWSConfiguration), (String) null, (String) null, f(aWSConfiguration), c(aWSConfiguration));
    }

    public CognitoCredentialsProvider(String str, Regions regions) {
        this((String) null, str, (String) null, (String) null, regions, new ClientConfiguration());
    }

    public CognitoCredentialsProvider(String str, Regions regions, ClientConfiguration clientConfiguration) {
        this((String) null, str, (String) null, (String) null, regions, clientConfiguration);
    }

    public CognitoCredentialsProvider(String str, String str2, String str3, String str4, Regions regions) {
        this(str, str2, str3, str4, regions, new ClientConfiguration());
    }

    public CognitoCredentialsProvider(String str, String str2, String str3, String str4, Regions regions, ClientConfiguration clientConfiguration) {
        this(str, str2, str3, str4, b(clientConfiguration, regions), (str3 == null && str4 == null) ? null : new AWSSecurityTokenServiceClient(new AnonymousAWSCredentials(), clientConfiguration));
    }

    public CognitoCredentialsProvider(String str, String str2, String str3, String str4, AmazonCognitoIdentityClient amazonCognitoIdentityClient, AWSSecurityTokenService aWSSecurityTokenService) {
        this.b = amazonCognitoIdentityClient;
        this.a = amazonCognitoIdentityClient.getRegions().getName();
        this.f1851g = aWSSecurityTokenService;
        this.f1854j = str3;
        this.f1855k = str4;
        this.f1852h = 3600;
        this.f1853i = 500;
        boolean z = str3 == null && str4 == null;
        this.f1857m = z;
        if (z) {
            this.f1847c = new AWSEnhancedCognitoIdentityProvider(str, str2, amazonCognitoIdentityClient);
        } else {
            this.f1847c = new AWSBasicCognitoIdentityProvider(str, str2, amazonCognitoIdentityClient);
        }
        this.f1858n = new ReentrantReadWriteLock(true);
    }

    private void a(AmazonWebServiceRequest amazonWebServiceRequest, String str) {
        amazonWebServiceRequest.getRequestClientOptions().appendUserAgent(str);
    }

    private static AmazonCognitoIdentityClient b(ClientConfiguration clientConfiguration, Regions regions) {
        AmazonCognitoIdentityClient amazonCognitoIdentityClient = new AmazonCognitoIdentityClient(new AnonymousAWSCredentials(), clientConfiguration);
        amazonCognitoIdentityClient.setRegion(Region.getRegion(regions));
        return amazonCognitoIdentityClient;
    }

    private static ClientConfiguration c(AWSConfiguration aWSConfiguration) {
        ClientConfiguration clientConfiguration = new ClientConfiguration();
        clientConfiguration.setUserAgent(aWSConfiguration.getUserAgent());
        return clientConfiguration;
    }

    private static String d(AWSConfiguration aWSConfiguration) {
        try {
            return aWSConfiguration.optJsonObject("CredentialsProvider").optJSONObject("CognitoIdentity").getJSONObject(aWSConfiguration.getConfiguration()).getString("PoolId");
        } catch (Exception e2) {
            throw new IllegalArgumentException("Failed to read CognitoIdentity please check your setup or awsconfiguration.json file", e2);
        }
    }

    private static Regions f(AWSConfiguration aWSConfiguration) {
        try {
            return Regions.fromName(aWSConfiguration.optJsonObject("CredentialsProvider").optJSONObject("CognitoIdentity").getJSONObject(aWSConfiguration.getConfiguration()).getString("Region"));
        } catch (Exception e2) {
            throw new IllegalArgumentException("Failed to read CognitoIdentity please check your setup or awsconfiguration.json file", e2);
        }
    }

    private void i(String str) {
        Map<String, String> logins;
        GetCredentialsForIdentityResult k2;
        if (str == null || str.isEmpty()) {
            logins = getLogins();
        } else {
            logins = new HashMap<>();
            logins.put(e(), str);
        }
        try {
            k2 = this.b.getCredentialsForIdentity(new GetCredentialsForIdentityRequest().withIdentityId(getIdentityId()).withLogins(logins).withCustomRoleArn(this.f1856l));
        } catch (ResourceNotFoundException unused) {
            k2 = k();
        } catch (AmazonServiceException e2) {
            if (!e2.getErrorCode().equals("ValidationException")) {
                throw e2;
            }
            k2 = k();
        }
        Credentials credentials = k2.getCredentials();
        this.f1848d = new BasicSessionCredentials(credentials.getAccessKeyId(), credentials.getSecretKey(), credentials.getSessionToken());
        setSessionCredentialsExpiration(credentials.getExpiration());
        if (k2.getIdentityId().equals(getIdentityId())) {
            return;
        }
        m(k2.getIdentityId());
    }

    private void j(String str) {
        AssumeRoleWithWebIdentityRequest withDurationSeconds = new AssumeRoleWithWebIdentityRequest().withWebIdentityToken(str).withRoleArn(this.f1847c.isAuthenticated() ? this.f1855k : this.f1854j).withRoleSessionName("ProviderSession").withDurationSeconds(Integer.valueOf(this.f1852h));
        a(withDurationSeconds, g());
        com.amazonaws.services.securitytoken.model.Credentials credentials = this.f1851g.assumeRoleWithWebIdentity(withDurationSeconds).getCredentials();
        this.f1848d = new BasicSessionCredentials(credentials.getAccessKeyId(), credentials.getSecretAccessKey(), credentials.getSessionToken());
        setSessionCredentialsExpiration(credentials.getExpiration());
    }

    private GetCredentialsForIdentityResult k() {
        Map<String, String> logins;
        String l2 = l();
        this.f1850f = l2;
        if (l2 == null || l2.isEmpty()) {
            logins = getLogins();
        } else {
            logins = new HashMap<>();
            logins.put(e(), this.f1850f);
        }
        return this.b.getCredentialsForIdentity(new GetCredentialsForIdentityRequest().withIdentityId(getIdentityId()).withLogins(logins).withCustomRoleArn(this.f1856l));
    }

    private String l() {
        m(null);
        String refresh = this.f1847c.refresh();
        this.f1850f = refresh;
        return refresh;
    }

    public void clear() {
        this.f1858n.writeLock().lock();
        try {
            clearCredentials();
            m(null);
            this.f1847c.setLogins(new HashMap());
        } finally {
            this.f1858n.writeLock().unlock();
        }
    }

    public void clearCredentials() {
        this.f1858n.writeLock().lock();
        try {
            this.f1848d = null;
            this.f1849e = null;
        } finally {
            this.f1858n.writeLock().unlock();
        }
    }

    protected String e() {
        return Regions.CN_NORTH_1.getName().equals(this.a) ? "cognito-identity.cn-north-1.amazonaws.com.cn" : "cognito-identity.amazonaws.com";
    }

    protected String g() {
        return "";
    }

    @Override // com.amazonaws.auth.AWSCredentialsProvider
    public AWSSessionCredentials getCredentials() {
        this.f1858n.writeLock().lock();
        try {
            if (h()) {
                n();
            }
            return this.f1848d;
        } finally {
            this.f1858n.writeLock().unlock();
        }
    }

    public String getCustomRoleArn() {
        return this.f1856l;
    }

    public String getIdentityId() {
        return this.f1847c.getIdentityId();
    }

    public String getIdentityPoolId() {
        return this.f1847c.getIdentityPoolId();
    }

    public AWSIdentityProvider getIdentityProvider() {
        return this.f1847c;
    }

    public Map<String, String> getLogins() {
        return this.f1847c.getLogins();
    }

    public int getRefreshThreshold() {
        return this.f1853i;
    }

    public Date getSessionCredentitalsExpiration() {
        this.f1858n.readLock().lock();
        try {
            return this.f1849e;
        } finally {
            this.f1858n.readLock().unlock();
        }
    }

    public int getSessionDuration() {
        return this.f1852h;
    }

    public String getToken() {
        return this.f1847c.getToken();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean h() {
        if (this.f1848d == null) {
            return true;
        }
        return this.f1849e.getTime() - (System.currentTimeMillis() - ((long) (SDKGlobalConfiguration.getGlobalTimeOffset() * 1000))) < ((long) (this.f1853i * 1000));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void m(String str) {
        this.f1847c.identityChanged(str);
    }

    protected void n() {
        try {
            this.f1850f = this.f1847c.refresh();
        } catch (ResourceNotFoundException unused) {
            this.f1850f = l();
        } catch (AmazonServiceException e2) {
            if (!e2.getErrorCode().equals("ValidationException")) {
                throw e2;
            }
            this.f1850f = l();
        }
        if (this.f1857m) {
            i(this.f1850f);
        } else {
            j(this.f1850f);
        }
    }

    @Override // com.amazonaws.auth.AWSCredentialsProvider
    public void refresh() {
        this.f1858n.writeLock().lock();
        try {
            n();
        } finally {
            this.f1858n.writeLock().unlock();
        }
    }

    public void registerIdentityChangedListener(IdentityChangedListener identityChangedListener) {
        this.f1847c.registerIdentityChangedListener(identityChangedListener);
    }

    public void setCustomRoleArn(String str) {
        this.f1856l = str;
    }

    public void setLogins(Map<String, String> map) {
        this.f1858n.writeLock().lock();
        try {
            this.f1847c.setLogins(map);
            clearCredentials();
        } finally {
            this.f1858n.writeLock().unlock();
        }
    }

    public void setRefreshThreshold(int i2) {
        this.f1853i = i2;
    }

    public void setSessionCredentialsExpiration(Date date) {
        this.f1858n.writeLock().lock();
        try {
            this.f1849e = date;
        } finally {
            this.f1858n.writeLock().unlock();
        }
    }

    public void setSessionDuration(int i2) {
        this.f1852h = i2;
    }

    public void unregisterIdentityChangedListener(IdentityChangedListener identityChangedListener) {
        this.f1847c.unregisterIdentityChangedListener(identityChangedListener);
    }

    public AWSCredentialsProvider withLogins(Map<String, String> map) {
        setLogins(map);
        return this;
    }

    public CognitoCredentialsProvider withRefreshThreshold(int i2) {
        setRefreshThreshold(i2);
        return this;
    }

    public CognitoCredentialsProvider withSessionDuration(int i2) {
        setSessionDuration(i2);
        return this;
    }
}
