package org.openmetadata.client.security;

import feign.RequestTemplate;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Date;
import org.openmetadata.client.ApiClient;
import org.openmetadata.client.interceptors.Auth0AccessTokenRequestInterceptor;
import org.openmetadata.client.model.AccessTokenResponse;
import org.openmetadata.client.security.interfaces.Auth0AccessTokenApi;
import org.openmetadata.client.security.interfaces.AuthenticationProvider;
import org.openmetadata.schema.security.client.Auth0SSOClientConfig;
import org.openmetadata.schema.services.connections.metadata.OpenMetadataConnection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/openmetadata/client/security/Auth0AuthenticationProvider.class */
public class Auth0AuthenticationProvider implements AuthenticationProvider {
    private static final Logger LOG = LoggerFactory.getLogger(Auth0AuthenticationProvider.class);
    private String generatedAuthToken;
    private Long expirationTimeMillis;
    private final Auth0AccessTokenApi auth0SSOClient;

    public Auth0AuthenticationProvider(OpenMetadataConnection openMetadataConnection) {
        if (!openMetadataConnection.getAuthProvider().equals(OpenMetadataConnection.AuthProvider.AUTH_0)) {
            LOG.error("Required type to invoke is Auth0 for Auth0Authentication Provider");
            throw new RuntimeException("Required type to invoke is Auth0 for Auth0Authentication Provider");
        }
        Auth0SSOClientConfig auth0SSOClientConfig = (Auth0SSOClientConfig) openMetadataConnection.getSecurityConfig();
        if (auth0SSOClientConfig == null) {
            LOG.error("Security Config is missing, it is required");
            throw new RuntimeException("Security Config is missing, it is required");
        }
        this.generatedAuthToken = "";
        ApiClient apiClient = new ApiClient();
        apiClient.setBasePath("https://" + auth0SSOClientConfig.getDomain());
        apiClient.addAuthorization("0AuthToken", new Auth0AccessTokenRequestInterceptor(auth0SSOClientConfig));
        this.auth0SSOClient = (Auth0AccessTokenApi) apiClient.buildClient(Auth0AccessTokenApi.class);
    }

    @Override // org.openmetadata.client.security.interfaces.AuthenticationProvider
    public AuthenticationProvider create(OpenMetadataConnection openMetadataConnection) {
        return new Auth0AuthenticationProvider(openMetadataConnection);
    }

    @Override // org.openmetadata.client.security.interfaces.AuthenticationProvider
    public String authToken() {
        AccessTokenResponse accessToken = this.auth0SSOClient.getAccessToken();
        this.generatedAuthToken = accessToken.getAccessToken();
        this.expirationTimeMillis = Long.valueOf(Date.from(Instant.now().plus(accessToken.getExpiresIn().longValue(), (TemporalUnit) ChronoUnit.SECONDS)).getTime());
        return this.generatedAuthToken;
    }

    @Override // org.openmetadata.client.security.interfaces.AuthenticationProvider
    public String getAccessToken() {
        return this.generatedAuthToken;
    }

    public void apply(RequestTemplate requestTemplate) {
        if (requestTemplate.url().contains("version") || requestTemplate.headers().containsKey("Authorization")) {
            return;
        }
        if (this.expirationTimeMillis == null || System.currentTimeMillis() >= this.expirationTimeMillis.longValue()) {
            authToken();
        }
        if (getAccessToken() != null) {
            requestTemplate.header("Authorization", new String[]{"Bearer " + getAccessToken()});
        }
    }
}
