package com.amazonaws.auth;

import com.amazonaws.AmazonServiceException;
import com.amazonaws.AmazonWebServiceRequest;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.SDKGlobalConfiguration;
import com.amazonaws.logging.Log;
import com.amazonaws.logging.LogFactory;
import com.amazonaws.mobile.config.AWSConfiguration;
import com.amazonaws.regions.Region;
import com.amazonaws.regions.RegionMetadataParser;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.cognitoidentity.AmazonCognitoIdentity;
import com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient;
import com.amazonaws.services.cognitoidentity.model.Credentials;
import com.amazonaws.services.cognitoidentity.model.GetCredentialsForIdentityRequest;
import com.amazonaws.services.cognitoidentity.model.GetCredentialsForIdentityResult;
import com.amazonaws.services.cognitoidentity.model.ResourceNotFoundException;
import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
import com.amazonaws.services.securitytoken.model.AssumeRoleWithWebIdentityRequest;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.locks.ReentrantReadWriteLock;

/* loaded from: classes.dex */
public class CognitoCredentialsProvider implements AWSCredentialsProvider {
    public static final Log log = LogFactory.a(AWSCredentialsProviderChain.class);
    public int a;

    /* renamed from: a, reason: collision with other field name */
    public AWSSessionCredentials f668a;

    /* renamed from: a, reason: collision with other field name */
    public AWSSecurityTokenService f669a;

    /* renamed from: a, reason: collision with other field name */
    public String f670a;

    /* renamed from: a, reason: collision with other field name */
    public Date f671a;

    /* renamed from: a, reason: collision with other field name */
    public ReentrantReadWriteLock f672a;

    /* renamed from: a, reason: collision with other field name */
    public boolean f673a;
    public int b;

    /* renamed from: b, reason: collision with other field name */
    public String f674b;
    public String c;
    public AmazonCognitoIdentity cib;
    public String d;
    public final AWSCognitoIdentityProvider identityProvider;
    public final String region;

    public CognitoCredentialsProvider(AWSCognitoIdentityProvider aWSCognitoIdentityProvider, Regions regions) {
        this(aWSCognitoIdentityProvider, regions, new ClientConfiguration());
    }

    public CognitoCredentialsProvider(AWSCognitoIdentityProvider aWSCognitoIdentityProvider, Regions regions, ClientConfiguration clientConfiguration) {
        this(aWSCognitoIdentityProvider, createIdentityClient(clientConfiguration, regions));
    }

    public CognitoCredentialsProvider(AWSCognitoIdentityProvider aWSCognitoIdentityProvider, AmazonCognitoIdentityClient amazonCognitoIdentityClient) {
        this.cib = amazonCognitoIdentityClient;
        this.region = amazonCognitoIdentityClient.m831a().getName();
        this.identityProvider = aWSCognitoIdentityProvider;
        this.f674b = null;
        this.c = null;
        this.f669a = null;
        this.a = 3600;
        this.b = 500;
        this.f673a = true;
        this.f672a = new ReentrantReadWriteLock(true);
    }

    private void appendUserAgent(AmazonWebServiceRequest amazonWebServiceRequest, String str) {
        amazonWebServiceRequest.m835a().a(str);
    }

    public static AmazonCognitoIdentityClient createIdentityClient(ClientConfiguration clientConfiguration, Regions regions) {
        AmazonCognitoIdentityClient amazonCognitoIdentityClient = new AmazonCognitoIdentityClient(new AnonymousAWSCredentials(), clientConfiguration);
        amazonCognitoIdentityClient.a(Region.a(regions));
        return amazonCognitoIdentityClient;
    }

    public static ClientConfiguration getClientConfiguration(AWSConfiguration aWSConfiguration) {
        ClientConfiguration clientConfiguration = new ClientConfiguration();
        clientConfiguration.m846a(aWSConfiguration.b());
        return clientConfiguration;
    }

    public static String getIdentityPoolId(AWSConfiguration aWSConfiguration) {
        try {
            return aWSConfiguration.a("CredentialsProvider").optJSONObject("CognitoIdentity").getJSONObject(aWSConfiguration.a()).getString("PoolId");
        } catch (Exception e) {
            throw new IllegalArgumentException("Failed to read CognitoIdentity please check your setup or awsconfiguration.json file", e);
        }
    }

    public static Regions getRegions(AWSConfiguration aWSConfiguration) {
        try {
            return Regions.fromName(aWSConfiguration.a("CredentialsProvider").optJSONObject("CognitoIdentity").getJSONObject(aWSConfiguration.a()).getString(RegionMetadataParser.REGION_TAG));
        } catch (Exception e) {
            throw new IllegalArgumentException("Failed to read CognitoIdentity please check your setup or awsconfiguration.json file", e);
        }
    }

    private void populateCredentialsWithCognito(String str) {
        Map<String, String> m873a;
        GetCredentialsForIdentityResult retryGetCredentialsForIdentity;
        if (str == null || str.isEmpty()) {
            m873a = m873a();
        } else {
            m873a = new HashMap<>();
            m873a.put(c(), str);
        }
        GetCredentialsForIdentityRequest getCredentialsForIdentityRequest = new GetCredentialsForIdentityRequest();
        getCredentialsForIdentityRequest.b(mo871a());
        getCredentialsForIdentityRequest.a(m873a);
        getCredentialsForIdentityRequest.a(this.d);
        try {
            retryGetCredentialsForIdentity = this.cib.a(getCredentialsForIdentityRequest);
        } catch (ResourceNotFoundException unused) {
            retryGetCredentialsForIdentity = retryGetCredentialsForIdentity();
        } catch (AmazonServiceException e) {
            if (!e.mo829a().equals("ValidationException")) {
                throw e;
            }
            retryGetCredentialsForIdentity = retryGetCredentialsForIdentity();
        }
        Credentials a = retryGetCredentialsForIdentity.a();
        this.f668a = new BasicSessionCredentials(a.a(), a.b(), a.c());
        a(a.m1054a());
        if (retryGetCredentialsForIdentity.m1056a().equals(mo871a())) {
            return;
        }
        b(retryGetCredentialsForIdentity.m1056a());
    }

    private void populateCredentialsWithSts(String str) {
        String str2 = this.identityProvider.mo864a() ? this.c : this.f674b;
        AssumeRoleWithWebIdentityRequest assumeRoleWithWebIdentityRequest = new AssumeRoleWithWebIdentityRequest();
        assumeRoleWithWebIdentityRequest.c(str);
        assumeRoleWithWebIdentityRequest.a(str2);
        assumeRoleWithWebIdentityRequest.b("ProviderSession");
        assumeRoleWithWebIdentityRequest.a(Integer.valueOf(this.a));
        appendUserAgent(assumeRoleWithWebIdentityRequest, d());
        com.amazonaws.services.securitytoken.model.Credentials m1215a = this.f669a.a(assumeRoleWithWebIdentityRequest).m1215a();
        this.f668a = new BasicSessionCredentials(m1215a.a(), m1215a.b(), m1215a.c());
        a(m1215a.m1218a());
    }

    private GetCredentialsForIdentityResult retryGetCredentialsForIdentity() {
        Map<String, String> m873a;
        String retryRefresh = retryRefresh();
        this.f670a = retryRefresh;
        if (retryRefresh == null || retryRefresh.isEmpty()) {
            m873a = m873a();
        } else {
            m873a = new HashMap<>();
            m873a.put(c(), this.f670a);
        }
        GetCredentialsForIdentityRequest getCredentialsForIdentityRequest = new GetCredentialsForIdentityRequest();
        getCredentialsForIdentityRequest.b(mo871a());
        getCredentialsForIdentityRequest.a(m873a);
        getCredentialsForIdentityRequest.a(this.d);
        return this.cib.a(getCredentialsForIdentityRequest);
    }

    private String retryRefresh() {
        b(null);
        String c = this.identityProvider.c();
        this.f670a = c;
        return c;
    }

    public AWSCredentialsProvider a(Map<String, String> map) {
        mo874a(map);
        return this;
    }

    @Override // com.amazonaws.auth.AWSCredentialsProvider
    /* renamed from: a */
    public AWSSessionCredentials mo954a() {
        this.f672a.writeLock().lock();
        try {
            if (m875a()) {
                m878d();
            }
            return this.f668a;
        } finally {
            this.f672a.writeLock().unlock();
        }
    }

    /* renamed from: a */
    public String mo871a() {
        return this.identityProvider.a();
    }

    /* renamed from: a, reason: collision with other method in class */
    public Map<String, String> m873a() {
        return this.identityProvider.mo863a();
    }

    /* renamed from: a */
    public void mo872a() {
        this.f672a.writeLock().lock();
        try {
            mo876b();
            b(null);
            this.identityProvider.a(new HashMap());
        } finally {
            this.f672a.writeLock().unlock();
        }
    }

    public void a(IdentityChangedListener identityChangedListener) {
        this.identityProvider.a(identityChangedListener);
    }

    public void a(String str) {
        this.d = str;
    }

    public void a(Date date) {
        this.f672a.writeLock().lock();
        try {
            this.f671a = date;
        } finally {
            this.f672a.writeLock().unlock();
        }
    }

    /* renamed from: a, reason: collision with other method in class */
    public void mo874a(Map<String, String> map) {
        this.f672a.writeLock().lock();
        try {
            this.identityProvider.a(map);
            mo876b();
        } finally {
            this.f672a.writeLock().unlock();
        }
    }

    /* renamed from: a, reason: collision with other method in class */
    public boolean m875a() {
        if (this.f668a == null) {
            return true;
        }
        return this.f671a.getTime() - (System.currentTimeMillis() - ((long) (SDKGlobalConfiguration.a() * 1000))) < ((long) (this.b * 1000));
    }

    public String b() {
        return this.identityProvider.b();
    }

    /* renamed from: b, reason: collision with other method in class */
    public void mo876b() {
        this.f672a.writeLock().lock();
        try {
            this.f668a = null;
            this.f671a = null;
        } finally {
            this.f672a.writeLock().unlock();
        }
    }

    public void b(String str) {
        this.identityProvider.a(str);
    }

    public String c() {
        return Regions.CN_NORTH_1.getName().equals(this.region) ? "cognito-identity.cn-north-1.amazonaws.com.cn" : "cognito-identity.amazonaws.com";
    }

    /* renamed from: c, reason: collision with other method in class */
    public void mo877c() {
        this.f672a.writeLock().lock();
        try {
            m878d();
        } finally {
            this.f672a.writeLock().unlock();
        }
    }

    public String d() {
        return "";
    }

    /* renamed from: d, reason: collision with other method in class */
    public void m878d() {
        try {
            this.f670a = this.identityProvider.c();
        } catch (ResourceNotFoundException unused) {
            this.f670a = retryRefresh();
        } catch (AmazonServiceException e) {
            if (!e.mo829a().equals("ValidationException")) {
                throw e;
            }
            this.f670a = retryRefresh();
        }
        if (this.f673a) {
            populateCredentialsWithCognito(this.f670a);
        } else {
            populateCredentialsWithSts(this.f670a);
        }
    }
}
