package net.snowflake.client.core.auth.wif;

import com.google.common.base.Strings;
import java.util.Objects;
import java.util.function.Supplier;
import net.snowflake.client.core.SFException;
import net.snowflake.client.core.SnowflakeJdbcInternalApi;
import net.snowflake.client.jdbc.ErrorCode;
import net.snowflake.client.log.SFLogger;
import net.snowflake.client.log.SFLoggerFactory;

@SnowflakeJdbcInternalApi
/* loaded from: input_file:net/snowflake/client/core/auth/wif/WorkloadIdentityAttestationProvider.class */
public class WorkloadIdentityAttestationProvider {
    private static final SFLogger logger = SFLoggerFactory.getLogger((Class<?>) WorkloadIdentityAttestationProvider.class);
    private final AwsIdentityAttestationCreator awsAttestationCreator;
    private final GcpIdentityAttestationCreator gcpAttestationCreator;
    private final AzureIdentityAttestationCreator azureAttestationCreator;
    private final OidcIdentityAttestationCreator oidcAttestationCreator;

    public WorkloadIdentityAttestationProvider(AwsIdentityAttestationCreator awsIdentityAttestationCreator, GcpIdentityAttestationCreator gcpIdentityAttestationCreator, AzureIdentityAttestationCreator azureIdentityAttestationCreator, OidcIdentityAttestationCreator oidcIdentityAttestationCreator) {
        this.awsAttestationCreator = awsIdentityAttestationCreator;
        this.gcpAttestationCreator = gcpIdentityAttestationCreator;
        this.azureAttestationCreator = azureIdentityAttestationCreator;
        this.oidcAttestationCreator = oidcIdentityAttestationCreator;
    }

    public WorkloadIdentityAttestation getAttestation(String str) throws SFException {
        if (!Strings.isNullOrEmpty(str)) {
            return getCreator(str).createAttestation();
        }
        logger.debug("Workload Identity Provider has not been specified. Using autodetect...", new Object[0]);
        return createAutodetectAttestation();
    }

    WorkloadIdentityAttestationCreator getCreator(String str) throws SFException {
        if (WorkloadIdentityProviderType.AWS.name().equalsIgnoreCase(str)) {
            return this.awsAttestationCreator;
        }
        if (WorkloadIdentityProviderType.GCP.name().equalsIgnoreCase(str)) {
            return this.gcpAttestationCreator;
        }
        if (WorkloadIdentityProviderType.AZURE.name().equalsIgnoreCase(str)) {
            return this.azureAttestationCreator;
        }
        if (WorkloadIdentityProviderType.OIDC.name().equalsIgnoreCase(str)) {
            return this.oidcAttestationCreator;
        }
        throw new SFException(ErrorCode.WORKLOAD_IDENTITY_FLOW_ERROR, "Unknown Workload Identity provider specified: " + str);
    }

    private WorkloadIdentityAttestation createAutodetectAttestation() throws SFException {
        OidcIdentityAttestationCreator oidcIdentityAttestationCreator = this.oidcAttestationCreator;
        Objects.requireNonNull(oidcIdentityAttestationCreator);
        WorkloadIdentityAttestation attestationForAutodetect = getAttestationForAutodetect(oidcIdentityAttestationCreator::createAttestation, WorkloadIdentityProviderType.OIDC);
        if (attestationForAutodetect != null) {
            return attestationForAutodetect;
        }
        AwsIdentityAttestationCreator awsIdentityAttestationCreator = this.awsAttestationCreator;
        Objects.requireNonNull(awsIdentityAttestationCreator);
        WorkloadIdentityAttestation attestationForAutodetect2 = getAttestationForAutodetect(awsIdentityAttestationCreator::createAttestation, WorkloadIdentityProviderType.AWS);
        if (attestationForAutodetect2 != null) {
            return attestationForAutodetect2;
        }
        GcpIdentityAttestationCreator gcpIdentityAttestationCreator = this.gcpAttestationCreator;
        Objects.requireNonNull(gcpIdentityAttestationCreator);
        WorkloadIdentityAttestation attestationForAutodetect3 = getAttestationForAutodetect(gcpIdentityAttestationCreator::createAttestation, WorkloadIdentityProviderType.GCP);
        if (attestationForAutodetect3 != null) {
            return attestationForAutodetect3;
        }
        AzureIdentityAttestationCreator azureIdentityAttestationCreator = this.azureAttestationCreator;
        Objects.requireNonNull(azureIdentityAttestationCreator);
        WorkloadIdentityAttestation attestationForAutodetect4 = getAttestationForAutodetect(azureIdentityAttestationCreator::createAttestation, WorkloadIdentityProviderType.AZURE);
        if (attestationForAutodetect4 != null) {
            return attestationForAutodetect4;
        }
        throw new SFException(ErrorCode.WORKLOAD_IDENTITY_FLOW_ERROR, "Unable to autodetect Workload Identity. None of supported Workload Identity environments has been identified.");
    }

    private WorkloadIdentityAttestation getAttestationForAutodetect(Supplier<WorkloadIdentityAttestation> supplier, WorkloadIdentityProviderType workloadIdentityProviderType) {
        try {
            return supplier.get();
        } catch (Exception e) {
            logger.debug("Unable to create identity attestation for {}, error: {}", workloadIdentityProviderType, e);
            return null;
        }
    }
}
