package com.amazon.redshift.plugin;

import com.amazon.redshift.client.PGConstants;
import com.amazon.redshift.core.PGJDBCPropertyKey;
import com.amazonaws.SdkClientException;
import com.amazonaws.regions.ServiceAbbreviations;
import com.amazonaws.util.IOUtils;
import com.amazonaws.util.StringUtils;
import java.io.IOException;
import java.net.URI;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:RedshiftJDBCImplementation41.jar:com/amazon/redshift/plugin/PingCredentialsProvider.class */
public class PingCredentialsProvider extends SamlCredentialsProvider {
    private static final Pattern SAML_PATTERN = Pattern.compile("SAMLResponse\\W+value=\"([^\"]+)\"");

    @Override // com.amazon.redshift.plugin.SamlCredentialsProvider
    protected String getSamlAssertion() throws IOException {
        checkRequiredParameters();
        URI create = URI.create("https://" + this.m_idpHost + ':' + this.m_idpPort + "/idp/startSSO.ping?PartnerSpId=urn%3Aamazon%3Awebservices");
        ArrayList arrayList = new ArrayList(5);
        try {
            try {
                CloseableHttpClient httpClient = getHttpClient();
                CloseableHttpResponse execute = httpClient.execute((HttpUriRequest) new HttpGet(create));
                if (execute.getStatusLine().getStatusCode() != 200) {
                    throw new IOException("Failed send request: " + execute.getStatusLine().getReasonPhrase());
                }
                for (String str : getInputTagsfromHTML(EntityUtils.toString(execute.getEntity()))) {
                    String valueByKey = getValueByKey(str, PGConstants.NAME_NAME);
                    String valueByKey2 = getValueByKey(str, "value");
                    if (valueByKey.contains(PGJDBCPropertyKey.USERNAME_ALT) || valueByKey.contains(ServiceAbbreviations.Email)) {
                        arrayList.add(new BasicNameValuePair(valueByKey, this.m_userName));
                    } else if (valueByKey.contains("pass")) {
                        arrayList.add(new BasicNameValuePair(valueByKey, this.m_password));
                    } else if (!StringUtils.isNullOrEmpty(valueByKey)) {
                        arrayList.add(new BasicNameValuePair(valueByKey, valueByKey2));
                    }
                }
                HttpPost httpPost = new HttpPost(create);
                httpPost.setEntity(new UrlEncodedFormEntity((List<? extends NameValuePair>) arrayList));
                CloseableHttpResponse execute2 = httpClient.execute((HttpUriRequest) httpPost);
                if (execute2.getStatusLine().getStatusCode() != 200) {
                    throw new IOException("Failed send request: " + execute2.getStatusLine().getReasonPhrase());
                }
                Matcher matcher = SAML_PATTERN.matcher(EntityUtils.toString(execute2.getEntity()));
                if (!matcher.find()) {
                    throw new IOException("Failed to retrieve SAMLAssertion.");
                }
                String group = matcher.group(1);
                IOUtils.closeQuietly(httpClient, null);
                return group;
            } catch (GeneralSecurityException e) {
                throw new SdkClientException("Failed create SSLContext.", e);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(null, null);
            throw th;
        }
    }
}
