package org.ligoj.app.plugin.vm.azure;

import com.microsoft.aad.adal4j.AuthenticationCallback;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.ClientCredential;
import java.io.Serializable;
import java.net.MalformedURLException;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.apache.commons.lang3.StringUtils;
import org.ligoj.app.resource.plugin.AbstractToolPluginResource;
import org.ligoj.app.resource.plugin.CurlCacheToken;
import org.ligoj.app.resource.plugin.CurlProcessor;
import org.ligoj.app.resource.plugin.CurlRequest;
import org.ligoj.bootstrap.core.validation.ValidationJsonException;
import org.ligoj.bootstrap.resource.system.configuration.ConfigurationResource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:org/ligoj/app/plugin/vm/azure/AbstractAzureToolPluginResource.class */
public abstract class AbstractAzureToolPluginResource extends AbstractToolPluginResource {
    private static final Logger log = LoggerFactory.getLogger(AbstractAzureToolPluginResource.class);
    public static final String PLUGIN_KEY = "service:vm:azure";
    public static final String CONF_API_VERSION = "service:vm:azure:api";
    public static final String DEFAULT_API_VERSION = "2017-03-30";
    private static final String CONF_AUTH_RETRIES = "service:vm:azure:auth-retries";
    public static final int DEFAULT_AUTH_RETRIES = 2;
    private static final String CONF_AUTHORITY = "service:vm:azure:authority";
    public static final String DEFAULT_AUTHORITY = "https://login.windows.net/";
    private static final String CONF_MANAGEMENT_URL = "service:vm:azure:management";
    private static final String DEFAULT_MANAGEMENT_URL = "https://management.azure.com/";
    public static final String PARAMETER_SUBSCRIPTION = "service:vm:azure:subscription";
    public static final String PARAMETER_APPID = "service:vm:azure:application";
    public static final String PARAMETER_KEY = "service:vm:azure:key";
    public static final String PARAMETER_TENANT = "service:vm:azure:tenant";
    public static final String PARAMETER_RESOURCE_GROUP = "service:vm:azure:resource-group";
    public static final String COMPUTE_URL = "subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines";
    public static final String FIND_VM_URL = "subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines?api-version={apiVersion}";

    @Autowired
    protected CurlCacheToken curlCacheToken;

    @Autowired
    protected ConfigurationResource configuration;

    protected String authenticate(String str, String str2, String str3) {
        return this.curlCacheToken.getTokenCache(AbstractAzureToolPluginResource.class, str + "##" + str2 + "/" + str3, str4 -> {
            return getAccessTokenFromUserCredentials(str, str2, str3);
        }, getRetries(), () -> {
            return new ValidationJsonException(PARAMETER_KEY, "azure-login", new Serializable[0]);
        });
    }

    public String getVersion(Map<String, String> map) {
        return getApiVersion();
    }

    private String getAccessTokenFromUserCredentials(String str, String str2, String str3) {
        ExecutorService newExecutorService = newExecutorService();
        try {
            try {
                String accessToken = newAuthenticationContext(str, newExecutorService).acquireToken(getManagementUrl(), new ClientCredential(str2, str3), (AuthenticationCallback) null).get().getAccessToken();
                newExecutorService.shutdown();
                return accessToken;
            } catch (InterruptedException | MalformedURLException | ExecutionException e) {
                log.info("Azure authentication failed for tenant {} and principal {}", new Object[]{str, str2, e});
                newExecutorService.shutdown();
                return null;
            }
        } catch (Throwable th) {
            newExecutorService.shutdown();
            throw th;
        }
    }

    protected ExecutorService newExecutorService() {
        return Executors.newFixedThreadPool(1);
    }

    protected AuthenticationContext newAuthenticationContext(String str, ExecutorService executorService) throws MalformedURLException {
        return new AuthenticationContext(getAuthority() + str, true, executorService);
    }

    private String getAuthority() {
        return this.configuration.get(CONF_AUTHORITY, DEFAULT_AUTHORITY);
    }

    protected int getRetries() {
        return this.configuration.get(CONF_AUTH_RETRIES, 2);
    }

    protected String getManagementUrl() {
        return this.configuration.get(CONF_MANAGEMENT_URL, DEFAULT_MANAGEMENT_URL);
    }

    protected String getApiVersion() {
        return this.configuration.get(CONF_API_VERSION, DEFAULT_API_VERSION);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void authenticate(Map<String, String> map, AzureCurlProcessor azureCurlProcessor) {
        azureCurlProcessor.setToken(authenticate(StringUtils.trimToEmpty(map.get(PARAMETER_TENANT)), map.get(PARAMETER_APPID), StringUtils.trimToEmpty(map.get(PARAMETER_KEY))));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAzureResource(Map<String, String> map, String str) {
        return authenticateAndExecute(map, "GET", str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String authenticateAndExecute(Map<String, String> map, String str, String str2) {
        AzureCurlProcessor azureCurlProcessor = new AzureCurlProcessor();
        authenticate(map, azureCurlProcessor);
        String execute = execute(azureCurlProcessor, str, buildUrl(map, str2), "");
        azureCurlProcessor.close();
        return execute;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String buildUrl(Map<String, String> map, String str) {
        return getManagementUrl() + str.replace("{apiVersion}", getApiVersion()).replace("{resourceGroup}", map.getOrDefault(PARAMETER_RESOURCE_GROUP, "-")).replace("{subscriptionId}", map.getOrDefault(PARAMETER_SUBSCRIPTION, "-"));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String execute(CurlProcessor curlProcessor, String str, String str2, String str3) {
        CurlRequest curlRequest = new CurlRequest(str, StringUtils.removeEnd(StringUtils.appendIfMissing(str2, "/", new CharSequence[0]) + StringUtils.removeStart(str3, "/"), "/"), (String) null, new String[0]);
        curlRequest.setSaveResponse(true);
        curlProcessor.process(new CurlRequest[]{curlRequest});
        return curlRequest.getResponse();
    }

    protected void validateAdminAccess(Map<String, String> map) {
        if (getAzureResource(map, FIND_VM_URL) == null) {
            throw new ValidationJsonException(PARAMETER_SUBSCRIPTION, "azure-admin", new Serializable[0]);
        }
    }

    public boolean checkStatus(Map<String, String> map) throws Exception {
        validateAdminAccess(map);
        return true;
    }
}
