package org.apache.knox.gateway.cloud.idbroker.s3a;

import java.io.DataInput;
import java.io.DataOutput;
import java.io.IOException;
import java.net.URI;
import java.time.OffsetDateTime;
import java.util.Optional;
import org.apache.hadoop.fs.s3a.auth.MarshalledCredentials;
import org.apache.hadoop.fs.s3a.auth.delegation.AbstractS3ATokenIdentifier;
import org.apache.hadoop.fs.s3a.auth.delegation.EncryptionSecrets;
import org.apache.hadoop.io.Text;
import org.apache.knox.gateway.cloud.idbroker.IDBConstants;
import org.apache.knox.gateway.cloud.idbroker.common.IDBTokenPayload;
import org.apache.knox.gateway.cloud.idbroker.common.Preconditions;

/* loaded from: input_file:org/apache/knox/gateway/cloud/idbroker/s3a/IDBS3ATokenIdentifier.class */
public class IDBS3ATokenIdentifier extends AbstractS3ATokenIdentifier {
    private IDBTokenPayload payload;
    private MarshalledCredentials marshalledCredentials;
    private String rolePolicy;

    public IDBS3ATokenIdentifier() {
        super(IDBS3AConstants.IDB_TOKEN_KIND);
        this.payload = new IDBTokenPayload();
        this.marshalledCredentials = new MarshalledCredentials();
        this.rolePolicy = "";
    }

    public IDBS3ATokenIdentifier(Text text, Text text2, Text text3, URI uri, String str, long j, MarshalledCredentials marshalledCredentials, EncryptionSecrets encryptionSecrets, String str2, String str3, long j2, String str4, String str5, String str6, boolean z) {
        super(text, uri, text2, text3, str3, encryptionSecrets);
        this.payload = new IDBTokenPayload();
        this.marshalledCredentials = new MarshalledCredentials();
        this.rolePolicy = "";
        this.marshalledCredentials = (MarshalledCredentials) Preconditions.checkNotNull(marshalledCredentials);
        this.payload = new IDBTokenPayload(str, str5, j, j2, str4, str6, z);
        this.rolePolicy = (String) Preconditions.checkNotNull(str2);
    }

    public void write(DataOutput dataOutput) throws IOException {
        super.write(dataOutput);
        this.payload.write(dataOutput);
        this.marshalledCredentials.write(dataOutput);
        Text.writeString(dataOutput, this.rolePolicy);
    }

    public void readFields(DataInput dataInput) throws IOException {
        super.readFields(dataInput);
        this.payload.readFields(dataInput);
        this.marshalledCredentials.readFields(dataInput);
        this.rolePolicy = Text.readString(dataInput, IDBConstants.MAX_TEXT_LENGTH);
    }

    public String toString() {
        return "IDBroker S3ATokenIdentifier{" + super.toString() + " " + this.payload + ", AWS Credentials=" + this.marshalledCredentials + '}';
    }

    public long getExpiryTime() {
        return this.payload.getExpiryTime();
    }

    public MarshalledCredentials getMarshalledCredentials() {
        return this.marshalledCredentials;
    }

    public boolean hasMarshalledCredentials() {
        return !this.marshalledCredentials.isEmpty();
    }

    public Optional<MarshalledCredentials> credentials() {
        return hasMarshalledCredentials() ? Optional.of(this.marshalledCredentials) : Optional.empty();
    }

    public Optional<OffsetDateTime> getExpirationDateTime() {
        return this.marshalledCredentials.getExpirationDateTime();
    }

    public String getAccessToken() {
        return this.payload.getAccessToken();
    }

    public String getRolePolicy() {
        return this.rolePolicy;
    }

    public String getCertificate() {
        return this.payload.getCertificate();
    }

    public String getEndpoint() {
        return this.payload.getEndpoint();
    }

    public boolean isManaged() {
        return this.payload.isManaged();
    }

    public void validate() throws IOException {
        super.validate();
        this.payload.validate();
        this.marshalledCredentials.validate("Credentials in delegation token", MarshalledCredentials.CredentialTypeRequired.AnyIncludingEmpty);
        Preconditions.checkNotNull(this.rolePolicy, "null rolePolicy");
    }

    public String errorMessageString() {
        return this.payload.errorMessageString("Knox S3A Delegation Token") + " " + getOrigin();
    }
}
