package com.azure.identity.implementation;

import com.azure.core.util.CoreUtils;
import com.azure.core.util.logging.ClientLogger;
import com.azure.identity.AzureAuthorityHosts;
import com.azure.identity.CredentialUnavailableException;
import com.azure.identity.implementation.intellij.IntelliJKdbxDatabase;
import com.microsoft.aad.msal4jextensions.persistence.mac.KeyChainAccessor;
import com.sun.jna.Platform;
import com.sun.jna.platform.win32.Crypt32Util;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.nio.file.Paths;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.pinot.shaded.com.fasterxml.jackson.databind.DeserializationFeature;
import org.apache.pinot.shaded.com.fasterxml.jackson.databind.JsonNode;
import org.apache.pinot.shaded.com.fasterxml.jackson.databind.ObjectMapper;

/* loaded from: input_file:com/azure/identity/implementation/IntelliJCacheAccessor.class */
public class IntelliJCacheAccessor {
    private final String keePassDatabasePath;
    private static final ClientLogger LOGGER = new ClientLogger((Class<?>) IntelliJCacheAccessor.class);
    private static final byte[] CRYPTO_KEY = {80, 114, 111, 120, 121, 32, 67, 111, 110, 102, 105, 103, 32, 83, 101, 99};
    private static final ObjectMapper DEFAULT_MAPPER = new ObjectMapper();
    private static final ObjectMapper DONT_FAIL_ON_UNKNOWN_PROPERTIES_MAPPER = new ObjectMapper().configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);

    public IntelliJCacheAccessor(String str) {
        this.keePassDatabasePath = str;
    }

    private List<String> getAzureToolsForIntelliJPluginConfigPaths() {
        return Arrays.asList(Paths.get(System.getProperty("user.home"), "AzureToolsForIntelliJ").toString(), Paths.get(System.getProperty("user.home"), ".AzureToolsForIntelliJ").toString());
    }

    public String getIntelliJCredentialsFromIdentityMsalCache() {
        if (Platform.isMac()) {
            try {
                return parseRefreshTokenFromJson(new String(new KeyChainAccessor(null, "Microsoft.Developer.IdentityService", "azure-toolkit.cache").read(), StandardCharsets.UTF_8));
            } catch (Error | Exception e) {
                LOGGER.verbose("IntelliJCredential => Refresh Token Cache Unavailable: " + e.getMessage());
                return null;
            }
        }
        if (Platform.isLinux()) {
            try {
                return parseRefreshTokenFromJson(new String(new LinuxKeyRingAccessor("com.intellij.credentialStore.Credential", "service", "Microsoft.Developer.IdentityService", "account", "azure-toolkit.cache").read(), StandardCharsets.UTF_8));
            } catch (Error | Exception e2) {
                LOGGER.verbose("IntelliJCredential => Refresh Token Cache Unavailable: " + e2.getMessage());
                return null;
            }
        }
        if (!Platform.isWindows()) {
            LOGGER.verbose(String.format("OS %s Platform not supported.", Integer.valueOf(Platform.getOSType())));
            return null;
        }
        try {
            return parseRefreshTokenFromJson(new WindowsCredentialAccessor("Microsoft.Developer.IdentityService", "azure-toolkit.cache").read());
        } catch (Error | Exception e3) {
            LOGGER.verbose("IntelliJCredential => Refresh Token Cache Unavailable: " + e3.getMessage());
            return null;
        }
    }

    private String parseRefreshTokenFromJson(String str) {
        try {
            JsonNode jsonNode = DEFAULT_MAPPER.readTree(str).get("RefreshToken");
            String obj = jsonNode.get(jsonNode.fieldNames().next()).get("secret").toString();
            return obj.startsWith("\"") ? obj.substring(1, obj.length() - 1) : obj;
        } catch (Exception e) {
            LOGGER.verbose("IntelliJCredential => Refresh Token not found: " + e.getMessage());
            return null;
        }
    }

    public JsonNode getDeviceCodeCredentials() throws IOException {
        if (Platform.isMac()) {
            return DEFAULT_MAPPER.readTree(new String(new KeyChainAccessor(null, "ADAuthManager", "cachedAuthResult").read(), StandardCharsets.UTF_8));
        }
        if (!Platform.isLinux()) {
            if (Platform.isWindows()) {
                return getCredentialFromKdbx();
            }
            throw LOGGER.logExceptionAsError(new RuntimeException(String.format("OS %s Platform not supported.", Integer.valueOf(Platform.getOSType()))));
        }
        String str = new String(new LinuxKeyRingAccessor("com.intellij.credentialStore.Credential", "service", "ADAuthManager", "account", "cachedAuthResult").read(), StandardCharsets.UTF_8);
        if (str.startsWith("cachedAuthResult@")) {
            str = str.substring("cachedAuthResult@".length());
        }
        return DEFAULT_MAPPER.readTree(str);
    }

    public Map<String, String> getIntellijServicePrincipalDetails(String str) throws IOException {
        BufferedReader bufferedReader = null;
        HashMap hashMap = new HashMap(8);
        try {
            bufferedReader = new BufferedReader(new FileReader(str));
            for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
                String[] split = readLine.split("=");
                split[1] = split[1].replace("\\", "");
                hashMap.put(split[0], split[1]);
            }
            if (bufferedReader != null) {
                bufferedReader.close();
            }
            return hashMap;
        } catch (Throwable th) {
            if (bufferedReader != null) {
                bufferedReader.close();
            }
            throw th;
        }
    }

    private JsonNode getCredentialFromKdbx() throws IOException {
        if (CoreUtils.isNullOrEmpty(this.keePassDatabasePath)) {
            throw new CredentialUnavailableException("The KeePass database path is either empty or not configured. Please configure it on the builder. It is required to use IntelliJ credential on the windows platform.");
        }
        String kdbxPassword = getKdbxPassword();
        SecretKeySpec secretKeySpec = new SecretKeySpec(CRYPTO_KEY, "AES");
        byte[] cryptUnprotectData = Crypt32Util.cryptUnprotectData(Base64.getDecoder().decode(kdbxPassword));
        ByteBuffer wrap = ByteBuffer.wrap(cryptUnprotectData);
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            int i = wrap.getInt();
            cipher.init(2, secretKeySpec, new IvParameterSpec(cryptUnprotectData, wrap.position(), i));
            int position = wrap.position() + i;
            String str = new String(cipher.doFinal(cryptUnprotectData, position, cryptUnprotectData.length - position), StandardCharsets.UTF_8);
            try {
                FileInputStream fileInputStream = new FileInputStream(this.keePassDatabasePath);
                try {
                    String databaseEntryValue = IntelliJKdbxDatabase.parse(fileInputStream, str).getDatabaseEntryValue("ADAuthManager");
                    if (CoreUtils.isNullOrEmpty(databaseEntryValue)) {
                        throw new CredentialUnavailableException("No credentials found in the cache. Please login with IntelliJ Azure Tools plugin in the IDE.");
                    }
                    JsonNode readTree = DEFAULT_MAPPER.readTree(databaseEntryValue);
                    fileInputStream.close();
                    return readTree;
                } finally {
                }
            } catch (Exception e) {
                throw LOGGER.logExceptionAsError(new RuntimeException("Failed to read KeePass database.", e));
            }
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e2) {
            throw LOGGER.logExceptionAsError(new RuntimeException("Unable to access cache.", e2));
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:14:0x0086, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x00a2, code lost:
    
        return r8;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.lang.String getKdbxPassword() throws java.io.IOException {
        /*
            r6 = this;
            java.lang.StringBuilder r0 = new java.lang.StringBuilder
            r1 = r0
            r1.<init>()
            java.io.File r1 = new java.io.File
            r2 = r1
            r3 = r6
            java.lang.String r3 = r3.keePassDatabasePath
            r2.<init>(r3)
            java.lang.String r1 = r1.getParent()
            java.lang.StringBuilder r0 = r0.append(r1)
            java.lang.String r1 = java.io.File.separator
            java.lang.StringBuilder r0 = r0.append(r1)
            java.lang.String r1 = "c.pwd"
            java.lang.StringBuilder r0 = r0.append(r1)
            java.lang.String r0 = r0.toString()
            r7 = r0
            java.lang.String r0 = ""
            r8 = r0
            java.io.BufferedReader r0 = new java.io.BufferedReader
            r1 = r0
            java.io.FileReader r2 = new java.io.FileReader
            r3 = r2
            r4 = r7
            r3.<init>(r4)
            r1.<init>(r2)
            r9 = r0
            r0 = r9
            java.lang.String r0 = r0.readLine()     // Catch: java.lang.Throwable -> L8c
            r10 = r0
        L42:
            r0 = r10
            if (r0 == 0) goto L85
            r0 = r10
            java.lang.String r1 = "value"
            boolean r0 = r0.contains(r1)     // Catch: java.lang.Throwable -> L8c
            if (r0 == 0) goto L7c
            r0 = r10
            java.lang.String r1 = " "
            java.lang.String[] r0 = r0.split(r1)     // Catch: java.lang.Throwable -> L8c
            r11 = r0
            r0 = r11
            int r0 = r0.length     // Catch: java.lang.Throwable -> L8c
            r1 = 3
            if (r0 != r1) goto L6b
            r0 = r11
            r1 = 2
            r0 = r0[r1]     // Catch: java.lang.Throwable -> L8c
            r8 = r0
            goto L85
        L6b:
            com.azure.core.util.logging.ClientLogger r0 = com.azure.identity.implementation.IntelliJCacheAccessor.LOGGER     // Catch: java.lang.Throwable -> L8c
            java.lang.RuntimeException r1 = new java.lang.RuntimeException     // Catch: java.lang.Throwable -> L8c
            r2 = r1
            java.lang.String r3 = "Password not found in the file."
            r2.<init>(r3)     // Catch: java.lang.Throwable -> L8c
            java.lang.RuntimeException r0 = r0.logExceptionAsError(r1)     // Catch: java.lang.Throwable -> L8c
            throw r0     // Catch: java.lang.Throwable -> L8c
        L7c:
            r0 = r9
            java.lang.String r0 = r0.readLine()     // Catch: java.lang.Throwable -> L8c
            r10 = r0
            goto L42
        L85:
            r0 = r9
            r0.close()
            goto La1
        L8c:
            r10 = move-exception
            r0 = r9
            r0.close()     // Catch: java.lang.Throwable -> L95
            goto L9e
        L95:
            r11 = move-exception
            r0 = r10
            r1 = r11
            r0.addSuppressed(r1)
        L9e:
            r0 = r10
            throw r0
        La1:
            r0 = r8
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.azure.identity.implementation.IntelliJCacheAccessor.getKdbxPassword():java.lang.String");
    }

    public String getAzureAuthHost(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 64093495:
                if (str.equals("CHINA")) {
                    z = true;
                    break;
                }
                break;
            case 713318962:
                if (str.equals("US_GOVERNMENT")) {
                    z = 3;
                    break;
                }
                break;
            case 2098911622:
                if (str.equals("GERMAN")) {
                    z = 2;
                    break;
                }
                break;
            case 2105276323:
                if (str.equals("GLOBAL")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return AzureAuthorityHosts.AZURE_PUBLIC_CLOUD;
            case true:
                return AzureAuthorityHosts.AZURE_CHINA;
            case true:
                return AzureAuthorityHosts.AZURE_GERMANY;
            case true:
                return AzureAuthorityHosts.AZURE_GOVERNMENT;
            default:
                return AzureAuthorityHosts.AZURE_PUBLIC_CLOUD;
        }
    }

    public IntelliJAuthMethodDetails parseAuthMethodDetails(File file) throws IOException {
        return (IntelliJAuthMethodDetails) DONT_FAIL_ON_UNKNOWN_PROPERTIES_MAPPER.readValue(file, IntelliJAuthMethodDetails.class);
    }

    public IntelliJAuthMethodDetails getAuthDetailsIfAvailable() throws IOException {
        File file = null;
        Iterator<String> it = getAzureToolsForIntelliJPluginConfigPaths().iterator();
        while (it.hasNext()) {
            file = new File(Paths.get(it.next(), "AuthMethodDetails.json").toString());
            if (file.exists()) {
                break;
            }
        }
        if (file == null || !file.exists()) {
            return null;
        }
        IntelliJAuthMethodDetails parseAuthMethodDetails = parseAuthMethodDetails(file);
        String authMethod = parseAuthMethodDetails.getAuthMethod();
        if (CoreUtils.isNullOrEmpty(authMethod)) {
            return null;
        }
        if ("SP".equalsIgnoreCase(authMethod)) {
            if (CoreUtils.isNullOrEmpty(parseAuthMethodDetails.getCredFilePath())) {
                return null;
            }
        } else if ("DC".equalsIgnoreCase(authMethod) && CoreUtils.isNullOrEmpty(parseAuthMethodDetails.getAccountEmail())) {
            return null;
        }
        return parseAuthMethodDetails;
    }
}
