package com.palantir.foundry.sql.multipass.oauth.flow;

import com.palantir.foundry.sql.driver.logging.DriverLoggerFactory;
import com.palantir.logsafe.Arg;
import com.palantir.logsafe.exceptions.SafeRuntimeException;
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpServer;
import java.io.IOException;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.nio.charset.StandardCharsets;
import java.sql.SQLException;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import shadow.palantir.driver.com.google.common.annotations.VisibleForTesting;
import shadow.palantir.driver.com.google.common.util.concurrent.MoreExecutors;
import shadow.palantir.driver.com.google.common.util.concurrent.SettableFuture;
import shadow.palantir.driver.org.apache.hc.core5.net.URLEncodedUtils;

/* loaded from: input_file:com/palantir/foundry/sql/multipass/oauth/flow/OAuthCallBackServer.class */
final class OAuthCallBackServer implements AutoCloseable {
    private static final Logger log = DriverLoggerFactory.getLogger(OAuthCallBackServer.class);
    private static final String AUTHORIZATION_CODE_QUERY_PARAMETER = "code";
    private static final int AUTHORIZATION_TIMEOUT_MINUTES = 2;
    private static final int MAX_QUEUED_CONNECTIONS = 1;
    private static final String STATE_QUERY_PARAMETER = "state";

    @VisibleForTesting
    static final String AUTHORIZE_COMPLETE_HTML_RESPONSE = "<html><body>Please return to the app.</body></html>";
    private final SettableFuture<String> authorizationCode = SettableFuture.create();
    private final HttpServer server;
    private final String expectedState;

    /* loaded from: input_file:com/palantir/foundry/sql/multipass/oauth/flow/OAuthCallBackServer$RedirectHandler.class */
    final class RedirectHandler implements HttpHandler {
        RedirectHandler() {
        }

        public void handle(HttpExchange httpExchange) throws IOException {
            Map map = (Map) URLEncodedUtils.parse(httpExchange.getRequestURI(), StandardCharsets.UTF_8).stream().collect(Collectors.toMap((v0) -> {
                return v0.getName();
            }, (v0) -> {
                return v0.getValue();
            }));
            httpExchange.sendResponseHeaders(200, OAuthCallBackServer.AUTHORIZE_COMPLETE_HTML_RESPONSE.length());
            OutputStream responseBody = httpExchange.getResponseBody();
            try {
                responseBody.write(OAuthCallBackServer.AUTHORIZE_COMPLETE_HTML_RESPONSE.getBytes(StandardCharsets.UTF_8));
                if (responseBody != null) {
                    responseBody.close();
                }
                httpExchange.close();
                Optional ofNullable = Optional.ofNullable((String) map.get(OAuthCallBackServer.STATE_QUERY_PARAMETER));
                if (!ofNullable.isPresent()) {
                    OAuthCallBackServer.this.authorizationCode.setException(new SafeRuntimeException("State not present", new Arg[0]));
                } else if (!OAuthCallBackServer.this.expectedState.equals(ofNullable.get())) {
                    OAuthCallBackServer.this.authorizationCode.setException(new SafeRuntimeException("Received invalid state", new Arg[0]));
                }
                Optional ofNullable2 = Optional.ofNullable((String) map.get(OAuthCallBackServer.AUTHORIZATION_CODE_QUERY_PARAMETER));
                if (ofNullable2.isPresent()) {
                    OAuthCallBackServer.this.authorizationCode.set((String) ofNullable2.get());
                } else {
                    OAuthCallBackServer.this.authorizationCode.setException(new SafeRuntimeException("Authorization code not present", new Arg[0]));
                }
            } catch (Throwable th) {
                if (responseBody != null) {
                    try {
                        responseBody.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OAuthCallBackServer(String str, int i, String str2) throws IOException {
        this.server = HttpServer.create(new InetSocketAddress(InetAddress.getLoopbackAddress(), i), 1);
        this.expectedState = str2;
        this.server.createContext(str, new RedirectHandler());
        this.server.setExecutor(MoreExecutors.directExecutor());
        this.server.start();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String awaitCallback() throws SQLException {
        log.info("Awaiting OAuth callback");
        try {
            return this.authorizationCode.get(2L, TimeUnit.MINUTES);
        } catch (InterruptedException e) {
            throw new SQLException("Interrupted whilst waiting for OAuth callback", e);
        } catch (ExecutionException e2) {
            throw new SQLException("Received an invalid callback: " + e2.getMessage(), e2);
        } catch (TimeoutException e3) {
            throw new SQLException("Timed out waiting for OAuth callback", e3);
        }
    }

    @Override // java.lang.AutoCloseable
    public void close() {
        log.info("Stopping OAuth callback server");
        this.server.stop(0);
    }
}
