package com.databricks.client.jdbc.oauth;

import com.databricks.client.hivecommon.HiveJDBCSettings;
import com.databricks.client.hivecommon.core.HiveJDBCCommonDriver;
import com.databricks.client.hivecommon.exceptions.HiveJDBCMessageKey;
import com.databricks.client.jdbc.common.CommonUtils;
import com.databricks.client.jdbc.common.OAuthFlow;
import com.databricks.client.jdbc.common.OAuthSettings;
import com.databricks.client.jdbc.common.ProxySettings;
import com.databricks.client.jdbc.common.SSLSettings;
import com.databricks.client.jdbc.core.DSDriver;
import com.databricks.client.jdbc.exceptions.CommonJDBCMessageKey;
import com.databricks.client.jdbc42.internal.apache.commons.codec.binary.Base64;
import com.databricks.client.jdbc42.internal.apache.http.Header;
import com.databricks.client.jdbc42.internal.apache.http.HttpHost;
import com.databricks.client.jdbc42.internal.apache.http.HttpResponse;
import com.databricks.client.jdbc42.internal.apache.http.HttpStatus;
import com.databricks.client.jdbc42.internal.apache.http.HttpVersion;
import com.databricks.client.jdbc42.internal.apache.http.auth.AuthScope;
import com.databricks.client.jdbc42.internal.apache.http.auth.UsernamePasswordCredentials;
import com.databricks.client.jdbc42.internal.apache.http.client.config.CookieSpecs;
import com.databricks.client.jdbc42.internal.apache.http.client.config.RequestConfig;
import com.databricks.client.jdbc42.internal.apache.http.client.entity.UrlEncodedFormEntity;
import com.databricks.client.jdbc42.internal.apache.http.client.methods.HttpGet;
import com.databricks.client.jdbc42.internal.apache.http.client.methods.HttpPost;
import com.databricks.client.jdbc42.internal.apache.http.client.methods.HttpRequestBase;
import com.databricks.client.jdbc42.internal.apache.http.client.methods.HttpUriRequest;
import com.databricks.client.jdbc42.internal.apache.http.conn.ssl.SSLConnectionSocketFactory;
import com.databricks.client.jdbc42.internal.apache.http.impl.DefaultHttpResponseFactory;
import com.databricks.client.jdbc42.internal.apache.http.impl.client.BasicCredentialsProvider;
import com.databricks.client.jdbc42.internal.apache.http.impl.client.CloseableHttpClient;
import com.databricks.client.jdbc42.internal.apache.http.impl.client.HttpClientBuilder;
import com.databricks.client.jdbc42.internal.apache.http.message.BasicNameValuePair;
import com.databricks.client.jdbc42.internal.apache.http.message.BasicStatusLine;
import com.databricks.client.jdbc42.internal.apache.http.util.EntityUtils;
import com.databricks.client.jdbc42.internal.apache.thrift.TException;
import com.databricks.client.jdbc42.internal.fasterxml.jackson.databind.JsonNode;
import com.databricks.client.jdbc42.internal.fasterxml.jackson.databind.ObjectMapper;
import com.databricks.client.jdbc42.internal.nimbusjwt.JWTClaimNames;
import com.databricks.client.support.ILogger;
import com.databricks.client.support.LogUtilities;
import com.databricks.client.support.exceptions.ErrorException;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.time.Duration;
import java.time.Instant;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:com/databricks/client/jdbc/oauth/OauthProvider.class */
public abstract class OauthProvider {
    protected OAuthSettings m_oAuthSettings;
    protected ILogger m_logger;
    protected HiveJDBCSettings m_settings;
    protected HashMap<String, String> m_customOAuthHeaders;
    protected long m_accessTokenExpireVal = 0;
    private final int m_retryAfterTimeSeconds = 30;

    public OauthProvider(HiveJDBCSettings hiveJDBCSettings, ILogger iLogger) throws ErrorException {
        LogUtilities.logFunctionEntrance(iLogger, new Object[0]);
        this.m_settings = hiveJDBCSettings;
        this.m_oAuthSettings = this.m_settings.m_oAuthSettings;
        this.m_logger = iLogger;
        this.m_customOAuthHeaders = new HashMap<>();
        if (this.m_oAuthSettings.m_EnableOIDCDiscovery && this.m_oAuthSettings.m_OIDCDiscoveryEndpoint != null && !this.m_oAuthSettings.m_OIDCDiscoveryEndpoint.isEmpty()) {
            OIDCDiscoveryEndpoint();
        }
        if (this.m_oAuthSettings.m_Oauth2ConfigValueTest) {
            throw HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.OAUTH2_CONFIG_VALUE_TEST, new String[]{this.m_oAuthSettings.m_Oauth2AuthorizeEndpoint, this.m_oAuthSettings.m_Oauth2TokenEndpoint, this.m_oAuthSettings.m_authScope, this.m_oAuthSettings.m_authClientID});
        }
    }

    public static OauthProvider createOAuthProvider(HiveJDBCSettings hiveJDBCSettings, ILogger iLogger) throws ErrorException {
        LogUtilities.logFunctionEntrance(iLogger, new Object[0]);
        switch (hiveJDBCSettings.m_oAuthSettings.m_authFlow) {
            case TOKEN_PASSTHROUGH:
                return new TokenPassThroughOAuthProvider(hiveJDBCSettings, iLogger);
            case CLIENT_CREDENTIALS:
                return new ClientCredentialOAuthProvider(hiveJDBCSettings, iLogger);
            case BROWSER:
                return new AuthorizationCodeOAuthProvider(hiveJDBCSettings, iLogger);
            default:
                throw new ErrorException(OAuthSettings.OAUTH_TOKEN_EXP_SQLSTATE, 105, CommonJDBCMessageKey.UNSUPPORTED_OPERATION_ERR.name(), new String[]{String.format("Auth_Flow %d is not valid,", hiveJDBCSettings.m_oAuthSettings.m_authFlow)});
        }
    }

    public String getAccessToken() {
        return this.m_oAuthSettings.m_accessToken;
    }

    public abstract void obtainAccessToken() throws TException;

    public HashMap<String, String> getCustomOAuthHeaders() {
        return this.m_customOAuthHeaders;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addCustomOAuthHeader(String str, String str2) {
        this.m_customOAuthHeaders.put(str, str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getDetailedErrorExceptionMessage(ErrorException errorException) {
        StringBuilder sb = new StringBuilder();
        if (errorException.hasMessageParams() && errorException.getMessageParams().length > 0) {
            for (String str : errorException.getMessageParams()) {
                sb.append(str + " ");
            }
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean hasValidDatabricksToken() {
        return this.m_oAuthSettings.m_accessToken != null && System.currentTimeMillis() <= this.m_oAuthSettings.m_expiryTime;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void decodeAndExchangeAccessToken(boolean z) {
        LogUtilities.logFunctionEntrance(this.m_logger, new Object[0]);
        if (this.m_settings.m_oAuthSettings.m_accessToken == null) {
            return;
        }
        ObjectMapper objectMapper = new ObjectMapper();
        try {
            String[] split = this.m_settings.m_oAuthSettings.m_accessToken.split("\\.");
            if (split.length < 2) {
                throw new TException("access token is not a well-formed JWT.");
            }
            JsonNode readTree = objectMapper.readTree(new String(new Base64(true).decode(split[1])));
            this.m_accessTokenExpireVal = readTree.get("exp").asLong();
            boolean startsWith = readTree.get(JWTClaimNames.ISSUER).asText().replaceFirst(OAuthAPIConstants.HTTPS_PREFIX, "").trim().startsWith(this.m_settings.m_host.trim());
            if (!z || startsWith) {
                return;
            }
            LogUtilities.logDebug("Access token issuer is not same as the host. exchanging access token.", this.m_logger);
            exchangeIDPFederationToken();
            String[] split2 = this.m_settings.m_oAuthSettings.m_accessToken.split("\\.");
            if (split2.length < 2) {
                throw new TException("exchanged access token is not a well-formed JWT.");
            }
            this.m_accessTokenExpireVal = objectMapper.readTree(new String(new Base64(true).decode(split2[1]))).get("exp").asLong();
        } catch (Exception e) {
            LogUtilities.logError("Error in exchanging access token to dbr in-house access token.", this.m_logger);
            LogUtilities.logError(e, this.m_logger);
            LogUtilities.logError("This Error will be ignored and driver use the original access token.", this.m_logger);
        }
    }

    private void exchangeIDPFederationToken() throws ErrorException {
        LogUtilities.logFunctionEntrance(this.m_logger, new Object[0]);
        URI serverURI = OAuthUtil.getServerURI(OAuthAPIConstants.HTTPS_PREFIX + this.m_settings.m_host + OAuthAPIConstants.DEFAULT_OAUTH2_TOKEN_ENDPOINT, this.m_oAuthSettings.m_OAuth2EnableAuthURLIPRange);
        HttpPost httpPost = new HttpPost(serverURI);
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(new BasicNameValuePair(OAuthAPIConstants.GRANT_TYPE_KEY, "urn:ietf:params:oauth:grant-type:jwt-bearer"));
        arrayList.add(new BasicNameValuePair(OAuthAPIConstants.ASSERTION_KEY, this.m_oAuthSettings.m_accessToken));
        arrayList.add(new BasicNameValuePair("scope", OAuthAPIConstants.DEFAULT_OAUTH2_AUTH_SCOPE_AWS_M2M));
        if (this.m_oAuthSettings.m_IdentityFederationClientId == null || this.m_oAuthSettings.m_IdentityFederationClientId.isEmpty()) {
            arrayList.add(new BasicNameValuePair("return_original_token_if_authenticated", "true"));
        } else {
            arrayList.add(new BasicNameValuePair(OAuthAPIConstants.OAUTH2_IDP_FEDERATION_CLIENT_ID, this.m_oAuthSettings.m_IdentityFederationClientId));
        }
        try {
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
            if (this.m_oAuthSettings.m_authFlow == OAuthFlow.AZURE_Managed_Identity && this.m_oAuthSettings.m_azureResourceId != null && !this.m_oAuthSettings.m_azureResourceId.isEmpty() && this.m_customOAuthHeaders != null) {
                for (Map.Entry<String, String> entry : this.m_customOAuthHeaders.entrySet()) {
                    if (entry.getKey() == OAuthAPIConstants.AZURE_MI_RESOURCE_ID || entry.getKey() == OAuthAPIConstants.AZURE_MI_MANAGMENT_TOKEN) {
                        httpPost.setHeader(entry.getKey(), entry.getValue());
                    }
                }
            }
            httpPost.setConfig(RequestConfig.custom().setRedirectsEnabled(false).build());
            if (!httpPost.getURI().getScheme().equals(OAuthAPIConstants.HTTPS_STRING)) {
                throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.AUTHORIZATIONN_URL_ERROR.name(), OAuthAPIConstants.HTTPS_ERROR_DESC);
            }
            String executeRequestWithRetry = executeRequestWithRetry(serverURI, httpPost);
            if (executeRequestWithRetry == null || executeRequestWithRetry.isEmpty()) {
                throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.ERROR_PARSING_JSON_RESPONSE.name(), "No token response.");
            }
            parseTokenResponse(executeRequestWithRetry);
        } catch (Exception e) {
            throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.FAILURE_OAUTH_REQUEST.name(), new String[]{e.getMessage(), e.getCause().toString()});
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean hasValidAccessTokenJwtExpiry() {
        if (this.m_settings.m_oAuthSettings.m_accessToken == null || this.m_accessTokenExpireVal == 0) {
            return false;
        }
        return this.m_accessTokenExpireVal > (System.currentTimeMillis() / 1000) - ((long) this.m_settings.m_oAuthSettings.m_tokenExpiryBuffer);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String executeRequestWithRetry(URI uri, HttpRequestBase httpRequestBase) throws ErrorException {
        HttpResponse execute;
        LogUtilities.logFunctionEntrance(this.m_logger, uri, httpRequestBase);
        SSLSettings sSLSettings = this.m_oAuthSettings.m_tokenEndpointSSLSettings;
        String str = null;
        int i = 30;
        Instant now = Instant.now();
        SSLConnectionSocketFactory sSLConnectionSocketFactory = CommonUtils.getSSLConnectionSocketFactory(uri.getHost(), sSLSettings);
        int i2 = this.m_settings.m_oAuthHTTPRetryTimeout * 60 * 1000;
        LogUtilities.logDebug("Timeout for OAuth HTTP request is " + this.m_settings.m_oAuthHTTPRetryTimeout + " minutes.", this.m_logger);
        RequestConfig.Builder cookieSpec = RequestConfig.custom().setConnectTimeout(i2).setConnectionRequestTimeout(i2).setSocketTimeout(i2).setCookieSpec(CookieSpecs.STANDARD);
        HttpClientBuilder sSLSocketFactory = HttpClientBuilder.create().setSSLSocketFactory(sSLConnectionSocketFactory);
        if (this.m_settings.m_proxySettings.m_useProxy && !this.m_settings.m_proxySettings.m_disableProxyForCloudFetch.booleanValue() && !CommonUtils.isHostInProxyBypassList(this.m_settings.m_proxySettings, httpRequestBase)) {
            LogUtilities.logDebug("Proxy is enabled for OAuth HTTP request.", this.m_logger);
            ProxySettings proxySettings = this.m_settings.m_proxySettings;
            HttpHost httpHost = new HttpHost(proxySettings.m_proxyHost, proxySettings.m_proxyPort);
            if (proxySettings.m_proxyAuth == ProxySettings.ProxyAuthentication.BASIC) {
                BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
                basicCredentialsProvider.setCredentials(new AuthScope(proxySettings.m_proxyHost, proxySettings.m_proxyPort), new UsernamePasswordCredentials(proxySettings.m_proxyUid, proxySettings.m_proxyPwd));
                sSLSocketFactory.setDefaultCredentialsProvider(basicCredentialsProvider);
            }
            cookieSpec.setProxy(httpHost);
        }
        RequestConfig build = cookieSpec.build();
        CloseableHttpClient build2 = sSLSocketFactory.setDefaultRequestConfig(build).build();
        while (true) {
            try {
                if (this.m_settings.m_enableOAuthHTTPErrorTesting) {
                    LogUtilities.logWarning("EnableOAuthHTTPErrorTesting is enabled. Dummy HTTP response for testing purposes.", this.m_logger);
                    execute = new DefaultHttpResponseFactory().newHttpResponse(new BasicStatusLine(HttpVersion.HTTP_1_1, HttpStatus.SC_BAD_GATEWAY, "Dummy HTTP response for testing purposes"), null);
                } else {
                    httpRequestBase.setConfig(build);
                    execute = build2.execute((HttpUriRequest) httpRequestBase);
                    str = EntityUtils.toString(execute.getEntity());
                }
                if (execute != null) {
                    int statusCode = execute.getStatusLine().getStatusCode();
                    LogUtilities.logWarning("Got response code " + statusCode, this.m_logger);
                    if (statusCode == 200 || statusCode == 201 || statusCode == 202 || statusCode == 204) {
                        break;
                    }
                    if (this.m_settings.m_oAuthRetriableHttpCode.contains(String.valueOf(statusCode))) {
                        LogUtilities.logWarning("OAuth HTTP request for token was unsuccessful. Received HTTP status code " + statusCode + " Retrying HTTP request.", this.m_logger);
                        Header firstHeader = execute.getFirstHeader("Retry-After");
                        if (firstHeader == null) {
                            try {
                                LogUtilities.logWarning("Got Http Retry-After header null when executing OAuth HTTP request for token . ", this.m_logger);
                                LogUtilities.logWarning("Retrying HTTP request after " + i + " seconds for OAuth token  ", this.m_logger);
                                Thread.sleep(i * 1000);
                                i *= 2;
                            } catch (InterruptedException e) {
                                LogUtilities.logWarning("Thread interrupted while waiting for http retry: " + e.getMessage(), this.m_logger);
                            }
                        } else {
                            LogUtilities.logWarning("Received succesfully Http Retry-After header  when executing OAuth HTTP request for token . ", this.m_logger);
                            LogUtilities.logWarning("Retrying HTTP request after " + Integer.valueOf(firstHeader.getValue()).intValue() + " seconds for OAuth HTTP request for token  ", this.m_logger);
                            Thread.sleep(r0 * 1000);
                        }
                    } else {
                        LogUtilities.logWarning("OAuth HTTP request for token was unsuccessful. Received HTTP status code " + statusCode, this.m_logger);
                        LogUtilities.logWarning("This HTTP status code is not listed in triable HTTP code setting. This request will not be retried", this.m_logger);
                        if (this.m_settings.m_enableOAuthHTTPErrorTesting) {
                            throw HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(CommonJDBCMessageKey.FAILURE_OAUTH_REQUEST.name(), "This HTTP status code is not listed in triable HTTP code setting. This request will not be retried");
                        }
                    }
                }
                if (0 != this.m_settings.m_oAuthHTTPRetryTimeout && timeLapsed(now) > this.m_settings.m_oAuthHTTPRetryTimeout) {
                    break;
                }
            } catch (Exception e2) {
                throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.FAILURE_OAUTH_REQUEST.name(), new String[]{e2.getMessage(), e2.getCause() == null ? "" : e2.getCause().toString()});
            }
        }
        checkResponse(execute, str);
        return str;
    }

    private void checkResponse(HttpResponse httpResponse, String str) throws ErrorException {
        LogUtilities.logFunctionEntrance(this.m_logger, new Object[0]);
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        if (statusCode != 200) {
            if (statusCode != 400) {
                throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.FAILURE_OAUTH_REQUEST.name(), new String[]{Integer.toString(statusCode), httpResponse.getStatusLine().getReasonPhrase()});
            }
            String parseJsonResponse = OAuthUtil.parseJsonResponse(str, OAuthAPIConstants.JSON_ERROR_KEY);
            String parseJsonResponse2 = OAuthUtil.parseJsonResponse(str, OAuthAPIConstants.JSON_ERROR_DESCRIPTION_KEY);
            LogUtilities.logDebug("Got response code 400. Error: " + parseJsonResponse + " Error Description: " + parseJsonResponse2, this.m_logger);
            if (!parseJsonResponse2.equalsIgnoreCase(OAuthAPIConstants.REFRESH_TOKEN_ERROR_DESC)) {
                throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.FAILURE_OAUTH_REQUEST.name(), new String[]{parseJsonResponse, parseJsonResponse2});
            }
            throw new RefreshTokenExpiredException(CommonJDBCMessageKey.FAILURE_OAUTH_REQUEST.name(), 0, new String[]{parseJsonResponse, parseJsonResponse2});
        }
    }

    private int timeLapsed(Instant instant) {
        int minutes = (int) Duration.between(instant, Instant.now()).toMinutes();
        LogUtilities.logWarning("Time lapsed for this http request is " + minutes + " minutes.", this.m_logger);
        return minutes;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void getAccessTokenFromRefresh() throws ErrorException {
        LogUtilities.logFunctionEntrance(this.m_logger, new Object[0]);
        URI serverURI = OAuthUtil.getServerURI(this.m_oAuthSettings.m_Oauth2TokenEndpoint, this.m_oAuthSettings.m_OAuth2EnableAuthURLIPRange);
        HttpPost tokenRequestParams = setTokenRequestParams(new HttpPost(serverURI));
        tokenRequestParams.setConfig(RequestConfig.custom().setRedirectsEnabled(false).build());
        if (!tokenRequestParams.getURI().getScheme().equals(OAuthAPIConstants.HTTPS_STRING)) {
            throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.AUTHORIZATIONN_URL_ERROR.name(), OAuthAPIConstants.HTTPS_ERROR_DESC);
        }
        String executeRequestWithRetry = executeRequestWithRetry(serverURI, tokenRequestParams);
        if (executeRequestWithRetry == null || executeRequestWithRetry.isEmpty()) {
            throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.ERROR_PARSING_JSON_RESPONSE.name(), "No token response.");
        }
        parseTokenResponse(executeRequestWithRetry);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void parseTokenResponse(String str) throws ErrorException {
        try {
            JsonNode readTree = new ObjectMapper().readTree(str);
            JsonNode jsonNode = readTree.get(OAuthAPIConstants.ACCESS_TOKEN_KEY);
            if (jsonNode == null) {
                throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.ERROR_PARSING_JSON_RESPONSE.name(), "No access token found in response.");
            }
            this.m_oAuthSettings.m_accessToken = jsonNode.asText();
            JsonNode jsonNode2 = readTree.get(OAuthAPIConstants.REFRESH_TOKEN_KEY);
            if (jsonNode2 != null) {
                this.m_oAuthSettings.m_refreshToken = jsonNode2.asText();
            }
            JsonNode jsonNode3 = readTree.get(OAuthAPIConstants.EXPIRY_TIME_KEY);
            if (jsonNode3 != null) {
                int asInt = jsonNode3.asInt();
                int i = this.m_oAuthSettings.m_tokenExpiryBuffer < asInt ? asInt - this.m_oAuthSettings.m_tokenExpiryBuffer : 0;
                if (i == 0) {
                    LogUtilities.logWarning("Token expiry buffer " + String.valueOf(this.m_oAuthSettings.m_tokenExpiryBuffer) + " is greater than the token expiry time " + i + ". A new token will be requested. ", this.m_logger);
                }
                this.m_oAuthSettings.m_expiryTime = System.currentTimeMillis() + (i * 1000);
            }
        } catch (IOException e) {
            ErrorException createGeneralException = DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.ERROR_PARSING_JSON_RESPONSE.name(), e.getMessage());
            createGeneralException.initCause(e);
            throw createGeneralException;
        }
    }

    private HttpPost setTokenRequestParams(HttpPost httpPost) throws ErrorException {
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(new BasicNameValuePair(OAuthAPIConstants.GRANT_TYPE_KEY, OAuthAPIConstants.REFRESH_TOKEN_KEY));
        arrayList.add(new BasicNameValuePair(OAuthAPIConstants.REFRESH_TOKEN_KEY, this.m_oAuthSettings.m_refreshToken));
        arrayList.add(new BasicNameValuePair(OAuthAPIConstants.CLIENT_ID_KEY, this.m_oAuthSettings.m_authClientID));
        if (this.m_oAuthSettings.m_authClientSecret != null) {
            arrayList.add(new BasicNameValuePair(OAuthAPIConstants.CLIENT_SECRET_KEY, this.m_oAuthSettings.m_authClientSecret));
        }
        try {
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
            return httpPost;
        } catch (Exception e) {
            throw DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.FAILURE_OAUTH_REQUEST.name(), new String[]{e.getMessage(), e.getCause().toString()});
        }
    }

    private void OIDCDiscoveryEndpoint() {
        LogUtilities.logFunctionEntrance(this.m_logger, new Object[0]);
        String str = OAuthAPIConstants.HTTPS_PREFIX + this.m_settings.m_host + OAuthAPIConstants.DEFAULT_OAUTH2_TOKEN_ENDPOINT;
        boolean equals = this.m_oAuthSettings.m_Oauth2AuthorizeEndpoint.equals(OAuthAPIConstants.HTTPS_PREFIX + this.m_settings.m_host + OAuthAPIConstants.DEFAULT_OAUTH2_AUTHORIZE_ENDPOINT);
        boolean equals2 = this.m_oAuthSettings.m_Oauth2TokenEndpoint.equals(str);
        if (!equals && !equals2) {
            LogUtilities.logWarning("OIDC discovery was not used since there are setting for token and authorize end points in connection string.", this.m_logger);
            return;
        }
        try {
            URI uri = new URL(this.m_oAuthSettings.m_OIDCDiscoveryEndpoint).toURI();
            HttpGet httpGet = new HttpGet(uri);
            httpGet.setConfig(RequestConfig.custom().setRedirectsEnabled(false).build());
            try {
                String executeRequestWithRetry = executeRequestWithRetry(uri, httpGet);
                String parseJsonResponse = OAuthUtil.parseJsonResponse(executeRequestWithRetry.toString(), OAuthAPIConstants.JSON_AUTH_ENDPOINT_KEY);
                String parseJsonResponse2 = OAuthUtil.parseJsonResponse(executeRequestWithRetry.toString(), OAuthAPIConstants.JSON_TOKEN_ENDPOINT_KEY);
                String parseJsonResponse3 = OAuthUtil.parseJsonResponse(executeRequestWithRetry.toString(), OAuthAPIConstants.JSON_RESPONSE_TYPE_KEY);
                if (null != parseJsonResponse && equals) {
                    this.m_oAuthSettings.m_Oauth2AuthorizeEndpoint = parseJsonResponse;
                }
                if (null != parseJsonResponse2 && equals2) {
                    this.m_oAuthSettings.m_Oauth2TokenEndpoint = parseJsonResponse2;
                }
                if (null != parseJsonResponse3 || parseJsonResponse3 != OAuthAPIConstants.SUPPORTED_RESPONSE_TYPE) {
                    LogUtilities.logWarning("code is not a supported response type, the authentication may fail. The driver will still try it", this.m_logger);
                }
            } catch (Exception e) {
                LogUtilities.logWarning(DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.FAILURE_OAUTH_REQUEST.name(), new String[]{e.getMessage()}).getMessage(), this.m_logger);
            }
        } catch (MalformedURLException | URISyntaxException e2) {
            LogUtilities.logWarning(DSDriver.s_CommonMessages.createGeneralException(CommonJDBCMessageKey.AUTHORIZATIONN_URL_ERROR.name(), OAuthAPIConstants.HTTPS_ERROR_DESC).getMessage(), this.m_logger);
        }
    }
}
