package org.apache.hadoop.fs.s3a;

import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.AWSCredentialsProviderChain;
import com.amazonaws.auth.AWSSessionCredentials;
import com.amazonaws.auth.AWSSessionCredentialsProvider;
import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
import com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider;
import java.io.IOException;
import java.net.URI;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.ProviderUtils;

/* loaded from: input_file:org/apache/hadoop/fs/s3a/HadoopSTSAssumeRoleSessionCredentialsProvider.class */
public class HadoopSTSAssumeRoleSessionCredentialsProvider implements AWSSessionCredentialsProvider {
    public static final String ASSUME_ROLE_ACCESS_KEY = "talend.fs.s3a.access.key";
    public static final String ASSUME_ROLE_SECRET_KEY = "talend.fs.s3a.secret.key";
    public static final String ASSUME_ROLE_ARN = "talend.fs.s3a.assume.role.arn";
    public static final String ASSUME_ROLE_SESSION_NAME = "talend.fs.s3a.assume.role.session.name";
    public static final String ASSUME_ROLE_SESSION_DURATION = "talend.fs.s3a.assume.role.session.duration";
    public static final String ASSUME_ROLE_EXTERNAL_ID = "talend.fs.s3a.assume.role.external.id";
    public static final String STS_ENDPOINT = "talend.fs.s3a.sts.endpoint";
    private String accessKey;
    private String secretKey;
    private String arn;
    private String sessionName;
    private int sessionDuration;
    private String externalID;
    private String stsEndpoint;
    private STSAssumeRoleSessionCredentialsProvider credentialsProvider;
    private IOException lookupIOE;

    public HadoopSTSAssumeRoleSessionCredentialsProvider(URI uri, Configuration configuration) {
        this(configuration);
    }

    public HadoopSTSAssumeRoleSessionCredentialsProvider(Configuration configuration) {
        try {
            Configuration excludeIncompatibleCredentialProviders = ProviderUtils.excludeIncompatibleCredentialProviders(configuration, S3AFileSystem.class);
            this.accessKey = excludeIncompatibleCredentialProviders.get(ASSUME_ROLE_ACCESS_KEY);
            this.secretKey = excludeIncompatibleCredentialProviders.get(ASSUME_ROLE_SECRET_KEY);
            this.arn = excludeIncompatibleCredentialProviders.get(ASSUME_ROLE_ARN);
            this.sessionName = excludeIncompatibleCredentialProviders.get(ASSUME_ROLE_SESSION_NAME);
            this.sessionDuration = excludeIncompatibleCredentialProviders.getInt(ASSUME_ROLE_SESSION_DURATION, 900);
            this.externalID = excludeIncompatibleCredentialProviders.get(ASSUME_ROLE_EXTERNAL_ID);
            this.stsEndpoint = excludeIncompatibleCredentialProviders.get(STS_ENDPOINT);
        } catch (IOException e) {
            this.lookupIOE = e;
        }
    }

    /* renamed from: getCredentials, reason: merged with bridge method [inline-methods] */
    public AWSSessionCredentials m0getCredentials() {
        if (this.lookupIOE != null) {
            throw new CredentialInitializationException(this.lookupIOE.toString(), this.lookupIOE);
        }
        STSAssumeRoleSessionCredentialsProvider.Builder withRoleSessionDurationSeconds = new STSAssumeRoleSessionCredentialsProvider.Builder(this.arn, this.sessionName).withLongLivedCredentialsProvider((StringUtils.isEmpty(this.accessKey) || StringUtils.isEmpty(this.secretKey)) ? new AWSCredentialsProviderChain(new AWSCredentialsProvider[]{new DefaultAWSCredentialsProviderChain(), new AnonymousAWSCredentialsProvider()}) : new AWSCredentialsProviderChain(new AWSCredentialsProvider[]{new BasicAWSCredentialsProvider(this.accessKey, this.secretKey), new DefaultAWSCredentialsProviderChain(), new AnonymousAWSCredentialsProvider()})).withRoleSessionDurationSeconds(this.sessionDuration);
        if (!StringUtils.isEmpty(this.externalID)) {
            withRoleSessionDurationSeconds.withExternalId(this.externalID);
        }
        if (!StringUtils.isEmpty(this.stsEndpoint)) {
            withRoleSessionDurationSeconds.withServiceEndpoint(this.stsEndpoint);
        }
        this.credentialsProvider = withRoleSessionDurationSeconds.build();
        return this.credentialsProvider.getCredentials();
    }

    public void refresh() {
        this.credentialsProvider.refresh();
    }
}
