package com.vmware.vapi.vmc.client.authz;

import com.vmware.vapi.core.AsyncHandle;
import com.vmware.vapi.core.ExecutionContext;
import com.vmware.vapi.core.MethodResult;
import com.vmware.vapi.internal.protocol.client.rest.DefaultRequestExecutorFactory;
import com.vmware.vapi.internal.protocol.client.rest.RequestExecutor;
import com.vmware.vapi.internal.protocol.client.rest.RequestExecutorFactory;
import com.vmware.vapi.internal.protocol.client.rest.ResponseParser;
import com.vmware.vapi.internal.protocol.client.rest.authn.HttpRequestAuthorizer;
import com.vmware.vapi.internal.protocol.client.rpc.HttpRequest;
import com.vmware.vapi.internal.protocol.client.rpc.HttpResponse;
import com.vmware.vapi.internal.protocol.client.rpc.RestTransport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/vmware/vapi/vmc/client/authz/AuthzRefreshingRequestExecutorFactory.class */
public final class AuthzRefreshingRequestExecutorFactory implements RequestExecutorFactory {
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthzRefreshingRequestExecutorFactory.class);
    private final HttpRequestAuthorizer authorizer;
    private final AccessRequestor accessRequestor;

    /* loaded from: input_file:com/vmware/vapi/vmc/client/authz/AuthzRefreshingRequestExecutorFactory$AuthzRefreshingRequestExecutor.class */
    private class AuthzRefreshingRequestExecutor implements RequestExecutor {
        private final RestTransport transport;
        private final ResponseParser parser;

        /* loaded from: input_file:com/vmware/vapi/vmc/client/authz/AuthzRefreshingRequestExecutorFactory$AuthzRefreshingRequestExecutor$AuthzRefreshingHttpResponseHandler.class */
        private class AuthzRefreshingHttpResponseHandler extends DefaultRequestExecutorFactory.DefaultHttpResponseHandler {
            private final HttpRequest request;
            private final ExecutionContext.SecurityContext securityContext;

            public AuthzRefreshingHttpResponseHandler(ResponseParser responseParser, String str, String str2, AsyncHandle<MethodResult> asyncHandle, HttpRequest httpRequest, ExecutionContext.SecurityContext securityContext) {
                super(responseParser, str, str2, asyncHandle);
                this.request = httpRequest;
                this.securityContext = securityContext;
            }

            public void onResult(final HttpResponse httpResponse) {
                if (httpResponse.getStatusCode() != 401) {
                    super.onResult(httpResponse);
                } else {
                    AuthzRefreshingRequestExecutorFactory.LOGGER.debug("Received 401. Access token might have expired. Will refresh it and try again.");
                    AuthzRefreshingRequestExecutor.this.forceRefreshContext(this.securityContext, new RefreshAuthzAccessHandler() { // from class: com.vmware.vapi.vmc.client.authz.AuthzRefreshingRequestExecutorFactory.AuthzRefreshingRequestExecutor.AuthzRefreshingHttpResponseHandler.1
                        @Override // com.vmware.vapi.vmc.client.authz.AuthzRefreshingRequestExecutorFactory.RefreshAuthzAccessHandler
                        public void onComplete(boolean z) {
                            if (!z) {
                                AuthzRefreshingHttpResponseHandler.super.onResult(httpResponse);
                            } else {
                                AuthzRefreshingRequestExecutorFactory.LOGGER.trace("Access token got refreshed. Retrying invocation");
                                AuthzRefreshingRequestExecutor.this.authorizeAndExecute(AuthzRefreshingHttpResponseHandler.this.request, AuthzRefreshingHttpResponseHandler.this.securityContext, new DefaultRequestExecutorFactory.DefaultHttpResponseHandler(AuthzRefreshingHttpResponseHandler.this.parser, AuthzRefreshingHttpResponseHandler.this.serviceId, AuthzRefreshingHttpResponseHandler.this.operationId, AuthzRefreshingHttpResponseHandler.this.asyncHandle));
                            }
                        }
                    });
                }
            }
        }

        AuthzRefreshingRequestExecutor(RestTransport restTransport, ResponseParser responseParser) {
            this.transport = restTransport;
            this.parser = responseParser;
        }

        public void execute(final String str, final String str2, final HttpRequest httpRequest, ExecutionContext executionContext, final AsyncHandle<MethodResult> asyncHandle) {
            final ExecutionContext.SecurityContext retrieveSecurityContext = executionContext.retrieveSecurityContext();
            refreshContextIfNeeded(retrieveSecurityContext, new RefreshAuthzAccessHandler() { // from class: com.vmware.vapi.vmc.client.authz.AuthzRefreshingRequestExecutorFactory.AuthzRefreshingRequestExecutor.1
                @Override // com.vmware.vapi.vmc.client.authz.AuthzRefreshingRequestExecutorFactory.RefreshAuthzAccessHandler
                public void onComplete(boolean z) {
                    AuthzRefreshingRequestExecutor.this.authorizeAndExecute(httpRequest, retrieveSecurityContext, z ? new DefaultRequestExecutorFactory.DefaultHttpResponseHandler(AuthzRefreshingRequestExecutor.this.parser, str, str2, asyncHandle) : new AuthzRefreshingHttpResponseHandler(AuthzRefreshingRequestExecutor.this.parser, str, str2, asyncHandle, httpRequest, retrieveSecurityContext));
                }
            });
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void authorizeAndExecute(HttpRequest httpRequest, ExecutionContext.SecurityContext securityContext, HttpRequest.HttpResponseHandler httpResponseHandler) {
            AuthzRefreshingRequestExecutorFactory.this.authorizer.authorize(httpRequest, securityContext);
            this.transport.execute(httpRequest, httpResponseHandler, new ExecutionContext());
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void forceRefreshContext(ExecutionContext.SecurityContext securityContext, RefreshAuthzAccessHandler refreshAuthzAccessHandler) {
            refreshContext(securityContext, false, refreshAuthzAccessHandler);
        }

        private void refreshContextIfNeeded(ExecutionContext.SecurityContext securityContext, RefreshAuthzAccessHandler refreshAuthzAccessHandler) {
            refreshContext(securityContext, true, refreshAuthzAccessHandler);
        }

        private void refreshContext(ExecutionContext.SecurityContext securityContext, boolean z, final RefreshAuthzAccessHandler refreshAuthzAccessHandler) {
            if (!(securityContext instanceof CspSecurityContext)) {
                AuthzRefreshingRequestExecutorFactory.LOGGER.warn("Access token cannot be refreshed - CspSecurityContext is not set");
                refreshAuthzAccessHandler.onComplete(false);
                return;
            }
            final CspSecurityContext cspSecurityContext = (CspSecurityContext) securityContext;
            if (z && !cspSecurityContext.needsRefresh()) {
                AuthzRefreshingRequestExecutorFactory.LOGGER.trace("Access token is still valid. No need for refresh");
                refreshAuthzAccessHandler.onComplete(false);
            } else {
                AuthzRefreshingRequestExecutorFactory.LOGGER.trace("Access token to be refreshed...");
                AuthzRefreshingRequestExecutorFactory.this.accessRequestor.requestAccess(this.transport, securityContext, new AuthorizationResponseHandler() { // from class: com.vmware.vapi.vmc.client.authz.AuthzRefreshingRequestExecutorFactory.AuthzRefreshingRequestExecutor.2
                    @Override // com.vmware.vapi.vmc.client.authz.AuthorizationResponseHandler
                    public void onResult(AccessAuthorization accessAuthorization) {
                        AuthzRefreshingRequestExecutorFactory.LOGGER.debug("Access token was refreshed. The new one expires in {} seconds", Integer.valueOf(accessAuthorization.getExpiration()));
                        cspSecurityContext.setAccessToken(accessAuthorization.getAccessToken());
                        refreshAuthzAccessHandler.onComplete(true);
                    }

                    @Override // com.vmware.vapi.vmc.client.authz.AuthorizationResponseHandler
                    public void onError(Exception exc) {
                        AuthzRefreshingRequestExecutorFactory.LOGGER.warn("Unable to refresh access token", exc);
                        refreshAuthzAccessHandler.onComplete(false);
                    }
                });
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/vmware/vapi/vmc/client/authz/AuthzRefreshingRequestExecutorFactory$RefreshAuthzAccessHandler.class */
    public interface RefreshAuthzAccessHandler {
        void onComplete(boolean z);
    }

    public AuthzRefreshingRequestExecutorFactory(HttpRequestAuthorizer httpRequestAuthorizer, AccessRequestor accessRequestor) {
        this.authorizer = httpRequestAuthorizer;
        this.accessRequestor = accessRequestor;
    }

    public RequestExecutor createRequestExecutor(RestTransport restTransport, ResponseParser responseParser) {
        return new AuthzRefreshingRequestExecutor(restTransport, responseParser);
    }
}
