package com.enginframe.plugin.hpc.clustermanager.backend.aws;

import com.enginframe.plugin.hpc.clustermanager.backend.aws.TemporaryCredentialsProvider;
import com.enginframe.plugin.hpc.common.HpcConfigOptions;
import com.enginframe.plugin.hpc.common.api.PluginContainer;
import java.io.Closeable;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.function.Function;
import kotlin.Metadata;
import kotlin.TuplesKt;
import kotlin.collections.MapsKt;
import kotlin.jdk7.AutoCloseableKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.random.Random;
import org.apache.axis2.util.CommandLineOptionConstants;
import org.apache.tomcat.jdbc.pool.JdbcInterceptor;
import org.apache.xalan.templates.Constants;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import software.amazon.awssdk.auth.credentials.AwsCredentials;
import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
import software.amazon.awssdk.auth.credentials.AwsSessionCredentials;
import software.amazon.awssdk.auth.credentials.InstanceProfileCredentialsProvider;
import software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider;
import software.amazon.awssdk.profiles.ProfileProperty;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.sts.StsClient;
import software.amazon.awssdk.services.sts.StsClientBuilder;
import software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider;
import software.amazon.awssdk.services.sts.model.AssumeRoleRequest;

/* compiled from: TemporaryCredentialsProvider.kt */
@Metadata(mv = {1, 4, 1}, bv = {1, 0, 3}, k = 1, d1 = {"��P\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n\u0002\b\u0005\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010$\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n\u0002\b\u0007\u0018��  2\u00020\u0001:\u0003\u001f !B1\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0005\u0012\u0006\u0010\u0007\u001a\u00020\u0005\u0012\n\b\u0002\u0010\b\u001a\u0004\u0018\u00010\u0005¢\u0006\u0002\u0010\tJ\b\u0010\n\u001a\u00020\u000bH\u0002J\u001c\u0010\f\u001a\u00020\r2\u0012\u0010\u000e\u001a\u000e\u0012\u0004\u0012\u00020\u0010\u0012\u0004\u0012\u00020\r0\u000fH\u0002J\u0012\u0010\u0011\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020\u00050\u0012J\u0010\u0010\u0013\u001a\n \u0015*\u0004\u0018\u00010\u00140\u0014H\u0002J\u0010\u0010\u0016\u001a\n \u0015*\u0004\u0018\u00010\u00170\u0017H\u0002J\b\u0010\u0018\u001a\u00020\u0019H\u0016J\b\u0010\u001a\u001a\u00020\u001bH\u0002J\u0010\u0010\u001c\u001a\u00020\r2\u0006\u0010\u001d\u001a\u00020\u000bH\u0002J\b\u0010\u001e\u001a\u00020\u001bH\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��R\u0010\u0010\b\u001a\u0004\u0018\u00010\u0005X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0006\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0007\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n��¨\u0006\""}, d2 = {"Lcom/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider;", "Lsoftware/amazon/awssdk/auth/credentials/AwsCredentialsProvider;", "container", "Lcom/enginframe/plugin/hpc/common/api/PluginContainer;", "profileName", "", ProfileProperty.REGION, "roleArn", "policy", "(Lcom/enginframe/plugin/hpc/common/api/PluginContainer;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V", "assumeRoleCredentialsProvider", "Lcom/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider$CloseableAwsCredentialsProvider;", "cachedStsClient", "Lsoftware/amazon/awssdk/services/sts/StsClient;", CommandLineOptionConstants.WSDL2JavaConstants.FLATTEN_FILES_OPTION, "Lkotlin/Function1;", "Lcom/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider$CredentialsKey;", "credentialsMap", "", "instanceProfileCredentialsProvider", "Lsoftware/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProvider;", "kotlin.jvm.PlatformType", "profileCredentialsProvider", "Lsoftware/amazon/awssdk/auth/credentials/ProfileCredentialsProvider;", "resolveCredentials", "Lsoftware/amazon/awssdk/auth/credentials/AwsCredentials;", "runningOnEC2", "", "stsClient", "provider", "useInstanceRole", "CloseableAwsCredentialsProvider", "Companion", "CredentialsKey", "cluster-manager"})
/* loaded from: input_file:hpc/ef_root/plugins/hpc/lib/jars/cluster-manager.jar:com/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider.class */
public final class TemporaryCredentialsProvider implements AwsCredentialsProvider {
    private final PluginContainer container;
    private final String profileName;
    private final String region;
    private final String roleArn;
    private final String policy;

    @NotNull
    public static final Companion Companion = new Companion(null);
    private static final Map<CredentialsKey, StsClient> cache = new LinkedHashMap();

    /* compiled from: TemporaryCredentialsProvider.kt */
    @Metadata(mv = {1, 4, 1}, bv = {1, 0, 3}, k = 1, d1 = {"��\u001e\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018��2\u00020\u00012\u00020\u0002B\r\u0012\u0006\u0010\u0003\u001a\u00020\u0001¢\u0006\u0002\u0010\u0004J\b\u0010\u0007\u001a\u00020\bH\u0016J\u0011\u0010\t\u001a\n \u000b*\u0004\u0018\u00010\n0\nH\u0096\u0001R\u0011\u0010\u0003\u001a\u00020\u0001¢\u0006\b\n��\u001a\u0004\b\u0005\u0010\u0006¨\u0006\f"}, d2 = {"Lcom/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider$CloseableAwsCredentialsProvider;", "Lsoftware/amazon/awssdk/auth/credentials/AwsCredentialsProvider;", "Ljava/io/Closeable;", CommandLineOptionConstants.WSDL2JavaConstants.PACKAGE_OPTION, "(Lsoftware/amazon/awssdk/auth/credentials/AwsCredentialsProvider;)V", "getP", "()Lsoftware/amazon/awssdk/auth/credentials/AwsCredentialsProvider;", "close", "", "resolveCredentials", "Lsoftware/amazon/awssdk/auth/credentials/AwsCredentials;", "kotlin.jvm.PlatformType", "cluster-manager"})
    /* loaded from: input_file:hpc/ef_root/plugins/hpc/lib/jars/cluster-manager.jar:com/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider$CloseableAwsCredentialsProvider.class */
    public static final class CloseableAwsCredentialsProvider implements AwsCredentialsProvider, Closeable {

        @NotNull
        private final AwsCredentialsProvider p;

        @Override // java.io.Closeable, java.lang.AutoCloseable
        public void close() {
            if (this.p instanceof Closeable) {
                ((Closeable) this.p).close();
            }
        }

        @NotNull
        public final AwsCredentialsProvider getP() {
            return this.p;
        }

        public CloseableAwsCredentialsProvider(@NotNull AwsCredentialsProvider p) {
            Intrinsics.checkNotNullParameter(p, "p");
            this.p = p;
        }

        @Override // software.amazon.awssdk.auth.credentials.AwsCredentialsProvider
        public AwsCredentials resolveCredentials() {
            return this.p.resolveCredentials();
        }
    }

    /* compiled from: TemporaryCredentialsProvider.kt */
    @Metadata(mv = {1, 4, 1}, bv = {1, 0, 3}, k = 1, d1 = {"��\u001a\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0010%\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u001a\u0010\u0003\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020\u00060\u0004X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0007"}, d2 = {"Lcom/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider$Companion;", "", "()V", "cache", "", "Lcom/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider$CredentialsKey;", "Lsoftware/amazon/awssdk/services/sts/StsClient;", "cluster-manager"})
    /* loaded from: input_file:hpc/ef_root/plugins/hpc/lib/jars/cluster-manager.jar:com/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* compiled from: TemporaryCredentialsProvider.kt */
    @Metadata(mv = {1, 4, 1}, bv = {1, 0, 3}, k = 1, d1 = {"��\"\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0010\u000e\n\u0002\b\u0006\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0010\b\n\u0002\b\u0002\b\u0086\b\u0018��2\u00020\u0001B\u0015\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0003¢\u0006\u0002\u0010\u0005J\t\u0010\u0006\u001a\u00020\u0003HÂ\u0003J\t\u0010\u0007\u001a\u00020\u0003HÂ\u0003J\u001d\u0010\b\u001a\u00020��2\b\b\u0002\u0010\u0002\u001a\u00020\u00032\b\b\u0002\u0010\u0004\u001a\u00020\u0003HÆ\u0001J\u0013\u0010\t\u001a\u00020\n2\b\u0010\u000b\u001a\u0004\u0018\u00010\u0001HÖ\u0003J\t\u0010\f\u001a\u00020\rHÖ\u0001J\t\u0010\u000e\u001a\u00020\u0003HÖ\u0001R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0004\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u000f"}, d2 = {"Lcom/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider$CredentialsKey;", "", "profileName", "", ProfileProperty.REGION, "(Ljava/lang/String;Ljava/lang/String;)V", "component1", "component2", Constants.ELEMNAME_COPY_STRING, JdbcInterceptor.EQUALS_VAL, "", Constants.ATTRVAL_OTHER, JdbcInterceptor.HASHCODE_VAL, "", JdbcInterceptor.TOSTRING_VAL, "cluster-manager"})
    /* loaded from: input_file:hpc/ef_root/plugins/hpc/lib/jars/cluster-manager.jar:com/enginframe/plugin/hpc/clustermanager/backend/aws/TemporaryCredentialsProvider$CredentialsKey.class */
    public static final class CredentialsKey {
        private final String profileName;
        private final String region;

        public CredentialsKey(@NotNull String profileName, @NotNull String region) {
            Intrinsics.checkNotNullParameter(profileName, "profileName");
            Intrinsics.checkNotNullParameter(region, "region");
            this.profileName = profileName;
            this.region = region;
        }

        private final String component1() {
            return this.profileName;
        }

        private final String component2() {
            return this.region;
        }

        @NotNull
        public final CredentialsKey copy(@NotNull String profileName, @NotNull String region) {
            Intrinsics.checkNotNullParameter(profileName, "profileName");
            Intrinsics.checkNotNullParameter(region, "region");
            return new CredentialsKey(profileName, region);
        }

        public static /* synthetic */ CredentialsKey copy$default(CredentialsKey credentialsKey, String str, String str2, int i, Object obj) {
            if ((i & 1) != 0) {
                str = credentialsKey.profileName;
            }
            if ((i & 2) != 0) {
                str2 = credentialsKey.region;
            }
            return credentialsKey.copy(str, str2);
        }

        @NotNull
        public String toString() {
            return "CredentialsKey(profileName=" + this.profileName + ", region=" + this.region + ")";
        }

        public int hashCode() {
            String str = this.profileName;
            int hashCode = (str != null ? str.hashCode() : 0) * 31;
            String str2 = this.region;
            return hashCode + (str2 != null ? str2.hashCode() : 0);
        }

        public boolean equals(@Nullable Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof CredentialsKey)) {
                return false;
            }
            CredentialsKey credentialsKey = (CredentialsKey) obj;
            return Intrinsics.areEqual(this.profileName, credentialsKey.profileName) && Intrinsics.areEqual(this.region, credentialsKey.region);
        }
    }

    @Override // software.amazon.awssdk.auth.credentials.AwsCredentialsProvider
    @NotNull
    public AwsCredentials resolveCredentials() {
        StsAssumeRoleCredentialsProvider build = StsAssumeRoleCredentialsProvider.builder().stsClient(cachedStsClient(new Function1<CredentialsKey, StsClient>() { // from class: com.enginframe.plugin.hpc.clustermanager.backend.aws.TemporaryCredentialsProvider$resolveCredentials$1
            @Override // kotlin.jvm.functions.Function1
            @NotNull
            public final StsClient invoke(@NotNull TemporaryCredentialsProvider.CredentialsKey it) {
                TemporaryCredentialsProvider.CloseableAwsCredentialsProvider assumeRoleCredentialsProvider;
                StsClient stsClient;
                Intrinsics.checkNotNullParameter(it, "it");
                TemporaryCredentialsProvider temporaryCredentialsProvider = TemporaryCredentialsProvider.this;
                assumeRoleCredentialsProvider = TemporaryCredentialsProvider.this.assumeRoleCredentialsProvider();
                stsClient = temporaryCredentialsProvider.stsClient(assumeRoleCredentialsProvider);
                return stsClient;
            }

            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super(1);
            }
        })).refreshRequest((AssumeRoleRequest) AssumeRoleRequest.builder().roleSessionName("ef-hpcc-" + Random.Default.nextInt(0, 100000)).roleArn(this.roleArn).policy(this.policy).mo10964build()).build();
        Throwable th = (Throwable) null;
        try {
            try {
                AwsCredentials resolveCredentials = build.resolveCredentials();
                AutoCloseableKt.closeFinally(build, th);
                Intrinsics.checkNotNullExpressionValue(resolveCredentials, "StsAssumeRoleCredentials…it.resolveCredentials() }");
                return resolveCredentials;
            } finally {
            }
        } catch (Throwable th2) {
            AutoCloseableKt.closeFinally(build, th);
            throw th2;
        }
    }

    private final StsClient cachedStsClient(Function1<? super CredentialsKey, ? extends StsClient> function1) {
        Map<CredentialsKey, StsClient> map = cache;
        CredentialsKey credentialsKey = new CredentialsKey(this.profileName, this.region);
        final Function1<? super CredentialsKey, ? extends StsClient> function12 = function1;
        Object obj = function12;
        if (function12 != null) {
            obj = new Function() { // from class: com.enginframe.plugin.hpc.clustermanager.backend.aws.TemporaryCredentialsProvider$sam$java_util_function_Function$0
                @Override // java.util.function.Function
                public final /* synthetic */ Object apply(Object obj2) {
                    return Function1.this.invoke(obj2);
                }
            };
        }
        StsClient computeIfAbsent = map.computeIfAbsent(credentialsKey, (Function) obj);
        Intrinsics.checkNotNullExpressionValue(computeIfAbsent, "cache.computeIfAbsent(Cr…ame, region = region), f)");
        return computeIfAbsent;
    }

    @NotNull
    public final Map<String, String> credentialsMap() {
        AwsCredentials resolveCredentials = resolveCredentials();
        if (resolveCredentials == null) {
            throw new NullPointerException("null cannot be cast to non-null type software.amazon.awssdk.auth.credentials.AwsSessionCredentials");
        }
        AwsSessionCredentials awsSessionCredentials = (AwsSessionCredentials) resolveCredentials;
        return MapsKt.mapOf(TuplesKt.to("AWS_ACCESS_KEY_ID", awsSessionCredentials.accessKeyId()), TuplesKt.to("AWS_SECRET_ACCESS_KEY", awsSessionCredentials.secretAccessKey()), TuplesKt.to("AWS_SESSION_TOKEN", awsSessionCredentials.sessionToken()));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final CloseableAwsCredentialsProvider assumeRoleCredentialsProvider() {
        AwsCredentialsProvider profileCredentialsProvider;
        if (runningOnEC2() && useInstanceRole()) {
            this.container.log().debug("RunningOnEC2=" + runningOnEC2() + " && useInstanceRole=" + useInstanceRole() + ": Using InstanceProfile identity to assume role and create session credentials");
            profileCredentialsProvider = instanceProfileCredentialsProvider();
        } else {
            this.container.log().debug("RunningOnEC2=" + runningOnEC2() + " && useInstanceRole=" + useInstanceRole() + ": Using local AWS Profile to assume role and create session credentials.");
            profileCredentialsProvider = profileCredentialsProvider();
        }
        Intrinsics.checkNotNullExpressionValue(profileCredentialsProvider, "if (runningOnEC2() && us…r()\n                    }");
        return new CloseableAwsCredentialsProvider(profileCredentialsProvider);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final StsClient stsClient(CloseableAwsCredentialsProvider closeableAwsCredentialsProvider) {
        StsClient build = ((StsClientBuilder) ((StsClientBuilder) StsClient.builder().credentialsProvider(closeableAwsCredentialsProvider)).region(Region.of(this.region))).mo10964build();
        Intrinsics.checkNotNullExpressionValue(build, "StsClient.builder()\n    …\n                .build()");
        return build;
    }

    private final boolean useInstanceRole() {
        return HpcConfigOptions.HpcBooleanConfigOptions.HPCC_USE_INSTANCE_PROFILE.INSTANCE.value(this.container.environment()).booleanValue();
    }

    private final boolean runningOnEC2() {
        return HpcConfigOptions.HpcBooleanConfigOptions.EF_RUNNING_ON_EC2.INSTANCE.value(this.container.environment()).booleanValue();
    }

    private final InstanceProfileCredentialsProvider instanceProfileCredentialsProvider() {
        return InstanceProfileCredentialsProvider.create();
    }

    private final ProfileCredentialsProvider profileCredentialsProvider() {
        return ProfileCredentialsProvider.create(this.profileName);
    }

    public TemporaryCredentialsProvider(@NotNull PluginContainer container, @NotNull String profileName, @NotNull String region, @NotNull String roleArn, @Nullable String str) {
        Intrinsics.checkNotNullParameter(container, "container");
        Intrinsics.checkNotNullParameter(profileName, "profileName");
        Intrinsics.checkNotNullParameter(region, "region");
        Intrinsics.checkNotNullParameter(roleArn, "roleArn");
        this.container = container;
        this.profileName = profileName;
        this.region = region;
        this.roleArn = roleArn;
        this.policy = str;
    }

    public /* synthetic */ TemporaryCredentialsProvider(PluginContainer pluginContainer, String str, String str2, String str3, String str4, int i, DefaultConstructorMarker defaultConstructorMarker) {
        this(pluginContainer, str, str2, str3, (i & 16) != 0 ? (String) null : str4);
    }
}
