package ch.cyberduck.core.iam;

import ch.cyberduck.core.Credentials;
import ch.cyberduck.core.Host;
import ch.cyberduck.core.KeychainLoginService;
import ch.cyberduck.core.LocaleFactory;
import ch.cyberduck.core.LoginCallback;
import ch.cyberduck.core.LoginOptions;
import ch.cyberduck.core.PasswordStoreFactory;
import ch.cyberduck.core.PreferencesUseragentProvider;
import ch.cyberduck.core.exception.BackgroundException;
import ch.cyberduck.core.exception.LoginFailureException;
import ch.cyberduck.core.identity.IdentityConfiguration;
import ch.cyberduck.core.preferences.PreferencesFactory;
import ch.cyberduck.core.proxy.Proxy;
import ch.cyberduck.core.proxy.ProxyFactory;
import com.amazonaws.AmazonClientException;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.identitymanagement.AmazonIdentityManagement;
import com.amazonaws.services.identitymanagement.AmazonIdentityManagementClientBuilder;
import com.amazonaws.services.identitymanagement.model.AccessKeyMetadata;
import com.amazonaws.services.identitymanagement.model.CreateAccessKeyRequest;
import com.amazonaws.services.identitymanagement.model.CreateAccessKeyResult;
import com.amazonaws.services.identitymanagement.model.CreateUserRequest;
import com.amazonaws.services.identitymanagement.model.DeleteAccessKeyRequest;
import com.amazonaws.services.identitymanagement.model.DeleteUserPolicyRequest;
import com.amazonaws.services.identitymanagement.model.DeleteUserRequest;
import com.amazonaws.services.identitymanagement.model.EntityAlreadyExistsException;
import com.amazonaws.services.identitymanagement.model.GetUserRequest;
import com.amazonaws.services.identitymanagement.model.ListAccessKeysRequest;
import com.amazonaws.services.identitymanagement.model.ListUserPoliciesRequest;
import com.amazonaws.services.identitymanagement.model.NoSuchEntityException;
import com.amazonaws.services.identitymanagement.model.PutUserPolicyRequest;
import com.amazonaws.services.identitymanagement.model.User;
import java.util.concurrent.Callable;
import org.apache.log4j.Logger;

/* loaded from: input_file:ch/cyberduck/core/iam/AmazonIdentityConfiguration.class */
public class AmazonIdentityConfiguration implements IdentityConfiguration {
    private static final Logger log = Logger.getLogger(AmazonIdentityConfiguration.class);
    private final Host bookmark;
    private static final String prefix = "iam.";
    public final ClientConfiguration configuration;

    /* renamed from: ch.cyberduck.core.iam.AmazonIdentityConfiguration$4, reason: invalid class name */
    /* loaded from: input_file:ch/cyberduck/core/iam/AmazonIdentityConfiguration$4.class */
    static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] $SwitchMap$ch$cyberduck$core$proxy$Proxy$Type = new int[Proxy.Type.values().length];

        static {
            try {
                $SwitchMap$ch$cyberduck$core$proxy$Proxy$Type[Proxy.Type.HTTP.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$ch$cyberduck$core$proxy$Proxy$Type[Proxy.Type.HTTPS.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ch/cyberduck/core/iam/AmazonIdentityConfiguration$Authenticated.class */
    public interface Authenticated<T> extends Callable<T> {
        @Override // java.util.concurrent.Callable
        T call() throws BackgroundException;
    }

    public AmazonIdentityConfiguration(Host host) {
        this(host, PreferencesFactory.get().getInteger("connection.timeout.seconds") * 1000);
    }

    public AmazonIdentityConfiguration(Host host, int i) {
        this.bookmark = host;
        this.configuration = new ClientConfiguration();
        this.configuration.setConnectionTimeout(i);
        this.configuration.setSocketTimeout(i);
        this.configuration.setUserAgentPrefix(new PreferencesUseragentProvider().get());
        this.configuration.setMaxErrorRetry(0);
        this.configuration.setMaxConnections(1);
        this.configuration.setUseGzip(PreferencesFactory.get().getBoolean("http.compression.enable"));
        Proxy find = ProxyFactory.get().find(host);
        switch (AnonymousClass4.$SwitchMap$ch$cyberduck$core$proxy$Proxy$Type[find.getType().ordinal()]) {
            case 1:
            case 2:
                this.configuration.setProxyHost(find.getHostname());
                this.configuration.setProxyPort(find.getPort());
                return;
            default:
                return;
        }
    }

    private <T> T authenticated(Authenticated<T> authenticated, LoginCallback loginCallback) throws BackgroundException {
        LoginOptions publickey = new LoginOptions(this.bookmark.getProtocol()).anonymous(false).publickey(false);
        try {
            new KeychainLoginService(loginCallback, PasswordStoreFactory.get()).validate(this.bookmark, LocaleFactory.localizedString("AWS Identity and Access Management", "S3"), publickey);
            return authenticated.call();
        } catch (LoginFailureException e) {
            this.bookmark.setCredentials(loginCallback.prompt(this.bookmark, this.bookmark.getCredentials().getUsername(), LocaleFactory.localizedString("Login failed", "Credentials"), e.getMessage(), publickey));
            return (T) authenticated(authenticated, loginCallback);
        }
    }

    public void delete(final String str, LoginCallback loginCallback) throws BackgroundException {
        if (log.isInfoEnabled()) {
            log.info(String.format("Delete user %s", str));
        }
        authenticated(new Authenticated<Void>() { // from class: ch.cyberduck.core.iam.AmazonIdentityConfiguration.1
            @Override // ch.cyberduck.core.iam.AmazonIdentityConfiguration.Authenticated, java.util.concurrent.Callable
            public Void call() throws BackgroundException {
                PreferencesFactory.get().deleteProperty(String.format("%s%s", AmazonIdentityConfiguration.prefix, str));
                AmazonIdentityManagement client = AmazonIdentityConfiguration.this.client();
                try {
                    try {
                        for (AccessKeyMetadata accessKeyMetadata : client.listAccessKeys(new ListAccessKeysRequest().withUserName(str)).getAccessKeyMetadata()) {
                            if (AmazonIdentityConfiguration.log.isDebugEnabled()) {
                                AmazonIdentityConfiguration.log.debug(String.format("Delete access key %s for user %s", accessKeyMetadata, str));
                            }
                            client.deleteAccessKey(new DeleteAccessKeyRequest(str, accessKeyMetadata.getAccessKeyId()));
                        }
                        for (String str2 : client.listUserPolicies(new ListUserPoliciesRequest(str)).getPolicyNames()) {
                            if (AmazonIdentityConfiguration.log.isDebugEnabled()) {
                                AmazonIdentityConfiguration.log.debug(String.format("Delete policy %s for user %s", str2, str));
                            }
                            client.deleteUserPolicy(new DeleteUserPolicyRequest(str, str2));
                        }
                        client.deleteUser(new DeleteUserRequest(str));
                        client.shutdown();
                        return null;
                    } catch (NoSuchEntityException e) {
                        AmazonIdentityConfiguration.log.warn(String.format("User %s already removed", str));
                        client.shutdown();
                        return null;
                    } catch (AmazonClientException e2) {
                        throw new AmazonServiceExceptionMappingService().map("Cannot write user configuration", e2);
                    }
                } catch (Throwable th) {
                    client.shutdown();
                    throw th;
                }
            }
        }, loginCallback);
    }

    public Credentials getCredentials(String str) {
        String property = PreferencesFactory.get().getProperty(String.format("%s%s", prefix, str));
        if (log.isDebugEnabled()) {
            log.debug(String.format("Lookup access key for user %s with %s", str, property));
        }
        if (null != property) {
            return new Credentials(property, PasswordStoreFactory.get().getPassword(this.bookmark.getProtocol().getScheme(), this.bookmark.getPort(), this.bookmark.getHostname(), property));
        }
        log.warn(String.format("No access key found for user %s", str));
        return null;
    }

    public void create(final String str, final String str2, LoginCallback loginCallback) throws BackgroundException {
        if (log.isInfoEnabled()) {
            log.info(String.format("Create user %s with policy %s", str, str2));
        }
        authenticated(new Authenticated<Void>() { // from class: ch.cyberduck.core.iam.AmazonIdentityConfiguration.2
            @Override // ch.cyberduck.core.iam.AmazonIdentityConfiguration.Authenticated, java.util.concurrent.Callable
            public Void call() throws BackgroundException {
                User user;
                AmazonIdentityManagement client = AmazonIdentityConfiguration.this.client();
                try {
                    try {
                        try {
                            user = client.createUser(new CreateUserRequest().withUserName(str)).getUser();
                        } catch (Throwable th) {
                            client.shutdown();
                            throw th;
                        }
                    } catch (EntityAlreadyExistsException e) {
                        user = client.getUser(new GetUserRequest().withUserName(str)).getUser();
                    }
                    CreateAccessKeyResult createAccessKey = client.createAccessKey(new CreateAccessKeyRequest().withUserName(user.getUserName()));
                    if (AmazonIdentityConfiguration.log.isDebugEnabled()) {
                        AmazonIdentityConfiguration.log.debug(String.format("Created access key %s for user %s", createAccessKey, str));
                    }
                    client.putUserPolicy(new PutUserPolicyRequest(user.getUserName(), "Policy", str2));
                    String accessKeyId = createAccessKey.getAccessKey().getAccessKeyId();
                    if (AmazonIdentityConfiguration.log.isInfoEnabled()) {
                        AmazonIdentityConfiguration.log.info(String.format("Map user %s to access key %s", String.format("%s%s", AmazonIdentityConfiguration.prefix, str), accessKeyId));
                    }
                    PreferencesFactory.get().setProperty(String.format("%s%s", AmazonIdentityConfiguration.prefix, str), accessKeyId);
                    PasswordStoreFactory.get().addPassword(AmazonIdentityConfiguration.this.bookmark.getProtocol().getScheme(), AmazonIdentityConfiguration.this.bookmark.getPort(), AmazonIdentityConfiguration.this.bookmark.getHostname(), accessKeyId, createAccessKey.getAccessKey().getSecretAccessKey());
                    client.shutdown();
                    return null;
                } catch (AmazonClientException e2) {
                    throw new AmazonServiceExceptionMappingService().map("Cannot write user configuration", e2);
                }
            }
        }, loginCallback);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AmazonIdentityManagement client() {
        return (AmazonIdentityManagement) AmazonIdentityManagementClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(new AWSCredentials() { // from class: ch.cyberduck.core.iam.AmazonIdentityConfiguration.3
            public String getAWSAccessKeyId() {
                return AmazonIdentityConfiguration.this.bookmark.getCredentials().getUsername();
            }

            public String getAWSSecretKey() {
                return AmazonIdentityConfiguration.this.bookmark.getCredentials().getPassword();
            }
        })).withClientConfiguration(this.configuration).withRegion(Regions.DEFAULT_REGION).build();
    }
}
