package com.google.cloud.hadoop.util;

import com.google.api.client.auth.oauth2.Credential;
import com.google.api.client.http.HttpTransport;
import com.google.cloud.hadoop.util.HttpTransportFactory;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Optional;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/google/cloud/hadoop/util/CredentialConfiguration.class */
public class CredentialConfiguration {
    protected static final Logger LOG = LoggerFactory.getLogger(CredentialConfiguration.class);
    private Optional<Boolean> isServiceAccountEnabled = Optional.absent();
    private String serviceAccountEmail = null;
    private String serviceAccountKeyFile = null;
    private String serviceAccountJsonKeyFile = null;
    private String clientId = null;
    private String clientSecret = null;
    private String oAuthCredentialFile = null;
    private boolean nullCredentialEnabled = false;
    private CredentialFactory credentialFactory = new CredentialFactory();
    private HttpTransportFactory.HttpTransportType transportType = HttpTransportFactory.HttpTransportType.JAVA_NET;
    private String proxyAddress = null;
    private HttpTransport transport;

    public Credential getCredential(List<String> list) throws IOException, GeneralSecurityException {
        if (!isServiceAccountEnabled()) {
            if (this.oAuthCredentialFile != null && this.clientId != null && this.clientSecret != null) {
                LOG.debug("Using installed app credentials in file {}", this.oAuthCredentialFile);
                return this.credentialFactory.getCredentialFromFileCredentialStoreForInstalledApp(this.clientId, this.clientSecret, this.oAuthCredentialFile, list, getTransport());
            }
            if (this.nullCredentialEnabled) {
                LOG.warn("Allowing null credentials for unit testing. This should not be used in production");
                return null;
            }
            LOG.error("Credential configuration is not valid. Configuration: {}", this);
            throw new IllegalStateException("No valid credential configuration discovered.");
        }
        LOG.debug("Using service account credentials");
        if (shouldUseMetadataService()) {
            LOG.debug("Getting service account credentials from meta data service.");
            return this.credentialFactory.getCredentialFromMetadataServiceAccount();
        }
        if (Strings.isNullOrEmpty(this.serviceAccountJsonKeyFile)) {
            Preconditions.checkState(!Strings.isNullOrEmpty(this.serviceAccountEmail), "Email must be set if using service account auth and a key file is specified.");
            LOG.debug("Using service account email {} and private key file {}", this.serviceAccountEmail, this.serviceAccountKeyFile);
            return this.credentialFactory.getCredentialFromPrivateKeyServiceAccount(this.serviceAccountEmail, this.serviceAccountKeyFile, list, getTransport());
        }
        LOG.debug("Using JSON keyfile {}", this.serviceAccountJsonKeyFile);
        Preconditions.checkArgument(Strings.isNullOrEmpty(this.serviceAccountKeyFile), "A P12 key file may not be specified at the same time as a JSON key file.");
        Preconditions.checkArgument(Strings.isNullOrEmpty(this.serviceAccountEmail), "Service account email may not be specified at the same time as a JSON key file.");
        return this.credentialFactory.getCredentialFromJsonKeyFile(this.serviceAccountJsonKeyFile, list, getTransport());
    }

    public boolean shouldUseMetadataService() {
        return Strings.isNullOrEmpty(this.serviceAccountKeyFile) && Strings.isNullOrEmpty(this.serviceAccountJsonKeyFile);
    }

    public String getOAuthCredentialFile() {
        return this.oAuthCredentialFile;
    }

    public void setOAuthCredentialFile(String str) {
        this.oAuthCredentialFile = str;
    }

    public boolean isNullCredentialEnabled() {
        return this.nullCredentialEnabled;
    }

    public void setNullCredentialEnabled(boolean z) {
        this.nullCredentialEnabled = z;
    }

    public boolean isServiceAccountEnabled() {
        return !this.isServiceAccountEnabled.isPresent() || ((Boolean) this.isServiceAccountEnabled.get()).booleanValue();
    }

    public void setEnableServiceAccounts(boolean z) {
        this.isServiceAccountEnabled = Optional.of(Boolean.valueOf(z));
    }

    public String getServiceAccountEmail() {
        return this.serviceAccountEmail;
    }

    public void setServiceAccountEmail(String str) {
        this.serviceAccountEmail = str;
    }

    public String getServiceAccountKeyFile() {
        return this.serviceAccountKeyFile;
    }

    public void setServiceAccountKeyFile(String str) {
        this.serviceAccountKeyFile = str;
    }

    public String getServiceAccountJsonKeyFile() {
        return this.serviceAccountJsonKeyFile;
    }

    public void setServiceAccountJsonKeyFile(String str) {
        this.serviceAccountJsonKeyFile = str;
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public String getClientSecret() {
        return this.clientSecret;
    }

    public void setClientSecret(String str) {
        this.clientSecret = str;
    }

    public HttpTransportFactory.HttpTransportType getTransportType() {
        return this.transportType;
    }

    public void setTransportType(HttpTransportFactory.HttpTransportType httpTransportType) {
        this.transportType = httpTransportType;
    }

    public String getProxyAddress() {
        return this.proxyAddress;
    }

    public void setProxyAddress(String str) {
        this.proxyAddress = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    public void setCredentialFactory(CredentialFactory credentialFactory) {
        this.credentialFactory = credentialFactory;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("isServiceAccountEnabled: ").append(isServiceAccountEnabled()).append('\n');
        sb.append("serviceAccountEmail: ").append(getServiceAccountEmail()).append('\n');
        sb.append("serviceAccountKeyfile: ").append(getServiceAccountKeyFile()).append('\n');
        sb.append("clientId: ").append(getClientId()).append('\n');
        if (Strings.isNullOrEmpty(getClientSecret())) {
            sb.append("clientSecret: Not provided");
        } else {
            sb.append("clientSecret: Provided, but not displayed");
        }
        sb.append('\n');
        sb.append("oAuthCredentialFile: ").append(getOAuthCredentialFile()).append('\n');
        sb.append("isNullCredentialEnabled: ").append(isNullCredentialEnabled()).append('\n');
        sb.append("transportType: ").append(getTransportType()).append('\n');
        sb.append("proxyAddress: ").append(getProxyAddress());
        return sb.toString();
    }

    private HttpTransport getTransport() throws IOException {
        if (this.transport == null) {
            this.transport = HttpTransportFactory.createHttpTransport(getTransportType(), getProxyAddress());
        }
        return this.transport;
    }

    @VisibleForTesting
    void setTransport(HttpTransport httpTransport) {
        this.transport = httpTransport;
    }
}
