package software.amazon.awssdk.services.sts.internal;

import java.net.URI;
import software.amazon.awssdk.annotations.SdkInternalApi;
import software.amazon.awssdk.auth.credentials.AwsCredentials;
import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
import software.amazon.awssdk.auth.credentials.ChildProfileCredentialsProviderFactory;
import software.amazon.awssdk.profiles.Profile;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.regions.providers.DefaultAwsRegionProviderChain;
import software.amazon.awssdk.services.sts.StsClient;
import software.amazon.awssdk.services.sts.StsClientBuilder;
import software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider;
import software.amazon.awssdk.services.sts.model.AssumeRoleRequest;
import software.amazon.awssdk.utils.IoUtils;
import software.amazon.awssdk.utils.SdkAutoCloseable;

@SdkInternalApi
/* loaded from: input_file:META-INF/bundled-dependencies/sts-2.10.56.jar:software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory.class */
public final class StsProfileCredentialsProviderFactory implements ChildProfileCredentialsProviderFactory {
    private static final String MISSING_PROPERTY_ERROR_FORMAT = "'%s' must be set to use role-based credential loading in the '%s' profile.";

    /* loaded from: input_file:META-INF/bundled-dependencies/sts-2.10.56.jar:software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory$StsProfileCredentialsProvider.class */
    private static final class StsProfileCredentialsProvider implements AwsCredentialsProvider, SdkAutoCloseable {
        private final StsClient stsClient;
        private final AwsCredentialsProvider parentCredentialsProvider;
        private final StsAssumeRoleCredentialsProvider credentialsProvider;

        private StsProfileCredentialsProvider(AwsCredentialsProvider awsCredentialsProvider, Profile profile) {
            String requireProperty = requireProperty(profile, "role_arn");
            String orElseGet = profile.property("role_session_name").orElseGet(() -> {
                return "aws-sdk-java-" + System.currentTimeMillis();
            });
            AssumeRoleRequest assumeRoleRequest = (AssumeRoleRequest) AssumeRoleRequest.builder().roleArn(requireProperty).roleSessionName(orElseGet).externalId(profile.property("external_id").orElse(null)).mo3440build();
            this.stsClient = ((StsClientBuilder) ((StsClientBuilder) StsClient.builder().applyMutation(stsClientBuilder -> {
                configureEndpoint(stsClientBuilder, profile);
            })).credentialsProvider(awsCredentialsProvider)).mo3440build();
            this.parentCredentialsProvider = awsCredentialsProvider;
            this.credentialsProvider = StsAssumeRoleCredentialsProvider.builder().stsClient(this.stsClient).refreshRequest(assumeRoleRequest).build();
        }

        private void configureEndpoint(StsClientBuilder stsClientBuilder, Profile profile) {
            Region region = (Region) profile.property("region").map(Region::of).orElseGet(() -> {
                try {
                    return new DefaultAwsRegionProviderChain().getRegion();
                } catch (RuntimeException e) {
                    return null;
                }
            });
            if (region != null) {
                stsClientBuilder.region(region);
            } else {
                stsClientBuilder.region(Region.US_EAST_1);
                stsClientBuilder.endpointOverride(URI.create("https://sts.amazonaws.com"));
            }
        }

        private String requireProperty(Profile profile, String str) {
            return profile.property(str).orElseThrow(() -> {
                return new IllegalArgumentException(String.format(StsProfileCredentialsProviderFactory.MISSING_PROPERTY_ERROR_FORMAT, str, profile.name()));
            });
        }

        @Override // software.amazon.awssdk.auth.credentials.AwsCredentialsProvider
        public AwsCredentials resolveCredentials() {
            return this.credentialsProvider.resolveCredentials();
        }

        @Override // software.amazon.awssdk.utils.SdkAutoCloseable, java.lang.AutoCloseable
        public void close() {
            IoUtils.closeIfCloseable(this.parentCredentialsProvider, null);
            IoUtils.closeQuietly(this.credentialsProvider, null);
            IoUtils.closeQuietly(this.stsClient, null);
        }
    }

    @Override // software.amazon.awssdk.auth.credentials.ChildProfileCredentialsProviderFactory
    public AwsCredentialsProvider create(AwsCredentialsProvider awsCredentialsProvider, Profile profile) {
        return new StsProfileCredentialsProvider(awsCredentialsProvider, profile);
    }
}
