package org.cloudfoundry.spring.uaa;

import java.net.URI;
import java.time.Duration;
import java.util.concurrent.TimeUnit;
import lombok.NonNull;
import org.cloudfoundry.client.CloudFoundryClient;
import org.cloudfoundry.client.v2.info.GetInfoRequest;
import org.cloudfoundry.client.v2.info.GetInfoResponse;
import org.cloudfoundry.spring.client.SpringCloudFoundryClient;
import org.cloudfoundry.spring.uaa.accesstokenadministration.SpringAccessTokenAdministration;
import org.cloudfoundry.spring.uaa.identityzonemanagement.SpringIdentityZoneManagement;
import org.cloudfoundry.spring.util.SchedulerGroupBuilder;
import org.cloudfoundry.spring.util.network.ConnectionContext;
import org.cloudfoundry.spring.util.network.FallbackHttpMessageConverter;
import org.cloudfoundry.spring.util.network.OAuth2RestTemplateBuilder;
import org.cloudfoundry.spring.util.network.SslCertificateTruster;
import org.cloudfoundry.uaa.UaaClient;
import org.cloudfoundry.uaa.accesstokenadministration.AccessTokenAdministration;
import org.cloudfoundry.uaa.identityzonemanagement.IdentityZoneManagement;
import org.springframework.security.oauth2.client.OAuth2RestOperations;
import org.springframework.web.client.RestOperations;
import reactor.core.publisher.Mono;
import reactor.core.scheduler.Scheduler;

/* loaded from: input_file:lib/cloudfoundry-client-spring-2.0.0.M4.jar:org/cloudfoundry/spring/uaa/SpringUaaClient.class */
public final class SpringUaaClient implements UaaClient {
    private final SpringAccessTokenAdministration accessTokenAdministration;
    private final SpringIdentityZoneManagement identityZoneManagement;

    /* loaded from: input_file:lib/cloudfoundry-client-spring-2.0.0.M4.jar:org/cloudfoundry/spring/uaa/SpringUaaClient$SpringUaaClientBuilder.class */
    public static class SpringUaaClientBuilder {
        private SpringCloudFoundryClient cloudFoundryClient;

        SpringUaaClientBuilder() {
        }

        public SpringUaaClientBuilder cloudFoundryClient(SpringCloudFoundryClient springCloudFoundryClient) {
            this.cloudFoundryClient = springCloudFoundryClient;
            return this;
        }

        public SpringUaaClient build() {
            return new SpringUaaClient(this.cloudFoundryClient);
        }

        public String toString() {
            return "SpringUaaClient.SpringUaaClientBuilder(cloudFoundryClient=" + this.cloudFoundryClient + ")";
        }
    }

    SpringUaaClient(RestOperations restOperations, URI uri, Scheduler scheduler) {
        this.accessTokenAdministration = new SpringAccessTokenAdministration(restOperations, uri, scheduler);
        this.identityZoneManagement = new SpringIdentityZoneManagement(restOperations, uri, scheduler);
    }

    SpringUaaClient(@NonNull SpringCloudFoundryClient springCloudFoundryClient) {
        this(getRestOperations(springCloudFoundryClient.getConnectionContext()), getRoot(springCloudFoundryClient.getConnectionContext().getCloudFoundryClient(), springCloudFoundryClient.getConnectionContext().getSslCertificateTruster()), getSchedulerGroup());
        if (springCloudFoundryClient == null) {
            throw new NullPointerException("cloudFoundryClient");
        }
    }

    @Override // org.cloudfoundry.uaa.UaaClient
    public AccessTokenAdministration accessTokenAdministration() {
        return this.accessTokenAdministration;
    }

    @Override // org.cloudfoundry.uaa.UaaClient
    public IdentityZoneManagement identityZoneManagement() {
        return this.identityZoneManagement;
    }

    private static OAuth2RestOperations getRestOperations(ConnectionContext connectionContext) {
        return new OAuth2RestTemplateBuilder().clientContext(connectionContext.getClientContext()).protectedResourceDetails(connectionContext.getProtectedResourceDetails()).hostnameVerifier(connectionContext.getHostnameVerifier()).sslContext(connectionContext.getSslContext()).messageConverter(new FallbackHttpMessageConverter()).build();
    }

    private static URI getRoot(CloudFoundryClient cloudFoundryClient, SslCertificateTruster sslCertificateTruster) {
        URI uri = (URI) requestInfo(cloudFoundryClient).map((v0) -> {
            return v0.getTokenEndpoint();
        }).map(URI::create).get(Duration.ofSeconds(5L));
        sslCertificateTruster.trust(uri.getHost(), uri.getPort(), 5, TimeUnit.SECONDS);
        return uri;
    }

    private static Scheduler getSchedulerGroup() {
        return new SchedulerGroupBuilder().name("uaa").autoShutdown(false).build();
    }

    private static Mono<GetInfoResponse> requestInfo(CloudFoundryClient cloudFoundryClient) {
        return cloudFoundryClient.info().get(GetInfoRequest.builder().build());
    }

    public static SpringUaaClientBuilder builder() {
        return new SpringUaaClientBuilder();
    }

    public String toString() {
        return "SpringUaaClient(accessTokenAdministration=" + this.accessTokenAdministration + ", identityZoneManagement=" + this.identityZoneManagement + ")";
    }
}
