package net.snowflake.client.core;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import net.snowflake.client.core.Constants;
import net.snowflake.client.core.Event;
import net.snowflake.client.jdbc.ErrorCode;
import net.snowflake.client.jdbc.SnowflakeDriver;
import net.snowflake.client.jdbc.SnowflakeReauthenticationRequest;
import net.snowflake.client.jdbc.SnowflakeSQLException;
import net.snowflake.client.jdbc.SnowflakeSQLLoggedException;
import net.snowflake.client.jdbc.SnowflakeType;
import net.snowflake.client.jdbc.SnowflakeUtil;
import net.snowflake.client.jdbc.internal.amazonaws.util.JavaVersionParser;
import net.snowflake.client.jdbc.internal.apache.http.client.config.RequestConfig;
import net.snowflake.client.jdbc.internal.apache.http.client.methods.HttpGet;
import net.snowflake.client.jdbc.internal.apache.http.client.methods.HttpPost;
import net.snowflake.client.jdbc.internal.apache.http.client.methods.HttpRequestBase;
import net.snowflake.client.jdbc.internal.apache.http.client.utils.URIBuilder;
import net.snowflake.client.jdbc.internal.apache.http.entity.StringEntity;
import net.snowflake.client.jdbc.internal.apache.http.message.BasicHeader;
import net.snowflake.client.jdbc.internal.apache.http.message.HeaderGroup;
import net.snowflake.client.jdbc.internal.apache.tika.utils.StringUtils;
import net.snowflake.client.jdbc.internal.fasterxml.jackson.databind.JsonNode;
import net.snowflake.client.jdbc.internal.fasterxml.jackson.databind.ObjectMapper;
import net.snowflake.client.jdbc.internal.google.common.base.Strings;
import net.snowflake.client.jdbc.internal.microsoft.azure.storage.table.TableConstants;
import net.snowflake.client.jdbc.internal.org.jsoup.Jsoup;
import net.snowflake.client.jdbc.internal.snowflake.common.core.ClientAuthnDTO;
import net.snowflake.client.jdbc.internal.snowflake.common.core.ClientAuthnParameter;
import net.snowflake.client.jdbc.internal.snowflake.common.core.SqlState;
import net.snowflake.client.jdbc.internal.software.amazon.ion.SystemSymbols;
import net.snowflake.client.jdbc.telemetryOOB.TelemetryService;
import net.snowflake.client.log.SFLogger;
import net.snowflake.client.log.SFLoggerFactory;
import net.snowflake.client.util.SecretDetector;

/* loaded from: input_file:net/snowflake/client/core/SessionUtil.class */
public class SessionUtil {
    private static final String SF_QUERY_DATABASE = "databaseName";
    private static final String SF_QUERY_SCHEMA = "schemaName";
    private static final String SF_QUERY_WAREHOUSE = "warehouse";
    private static final String SF_QUERY_ROLE = "roleName";
    private static final String SF_PATH_LOGIN_REQUEST = "/session/v1/login-request";
    private static final String SF_PATH_TOKEN_REQUEST = "/session/token-request";
    public static final String SF_PATH_AUTHENTICATOR_REQUEST = "/session/authenticator-request";
    public static final String SF_PATH_CONSOLE_LOGIN_REQUEST = "/console/login";
    public static final String SF_QUERY_SESSION_DELETE = "delete";
    public static final String SF_HEADER_AUTHORIZATION = "Authorization";
    private static final String SF_HEADER_BASIC_AUTHTYPE = "Basic";
    private static final String SF_HEADER_SNOWFLAKE_AUTHTYPE = "Snowflake";
    private static final String SF_HEADER_TOKEN_TAG = "Token";
    public static final String JDBC_CHUNK_DOWNLOADER_MAX_RETRY = "JDBC_CHUNK_DOWNLOADER_MAX_RETRY";
    public static final String QUERY_CONTEXT_CACHE_SIZE = "QUERY_CONTEXT_CACHE_SIZE";
    public static final String JDBC_ENABLE_PUT_GET = "JDBC_ENABLE_PUT_GET";
    public static final String CLIENT_CONSERVATIVE_MEMORY_ADJUST_STEP = "CLIENT_CONSERVATIVE_MEMORY_ADJUST_STEP";
    public static final String CLIENT_SFSQL = "CLIENT_SFSQL";
    static final String SF_HEADER_SERVICE_NAME = "X-Snowflake-Service";
    public static final String SF_HEADER_CLIENT_APP_ID = "CLIENT_APP_ID";
    public static final String SF_HEADER_CLIENT_APP_VERSION = "CLIENT_APP_VERSION";
    private static final String ID_TOKEN_AUTHENTICATOR = "ID_TOKEN";
    private static final String NO_QUERY_ID = "";
    private static final String SF_PATH_SESSION = "/session";
    private static final SFLogger logger = SFLoggerFactory.getLogger((Class<?>) SessionUtil.class);
    public static long DEFAULT_CLIENT_MEMORY_LIMIT = 1536;
    public static int DEFAULT_CLIENT_PREFETCH_THREADS = 4;
    public static int MIN_CLIENT_CHUNK_SIZE = 48;
    public static int MAX_CLIENT_CHUNK_SIZE = 160;
    private static final String CLIENT_RESULT_CHUNK_SIZE_JVM = "net.snowflake.jdbc.clientResultChunkSize";
    public static final String CLIENT_RESULT_CHUNK_SIZE = "CLIENT_RESULT_CHUNK_SIZE";
    public static final String CLIENT_MEMORY_LIMIT_JVM = "net.snowflake.jdbc.clientMemoryLimit";
    public static final String CLIENT_MEMORY_LIMIT = "CLIENT_MEMORY_LIMIT";
    public static final String CLIENT_PREFETCH_THREADS_JVM = "net.snowflake.jdbc.clientPrefetchThreads";
    public static final String CLIENT_PREFETCH_THREADS = "CLIENT_PREFETCH_THREADS";
    public static final String OCSP_FAIL_OPEN_JVM = "net.snowflake.jdbc.ocspFailOpen";
    private static final String OCSP_FAIL_OPEN = "ocspFailOpen";
    public static final String CLIENT_ENABLE_CONSERVATIVE_MEMORY_USAGE_JVM = "net.snowflake.jdbc.clientEnableConservativeMemoryUsage";
    public static final String CLIENT_ENABLE_CONSERVATIVE_MEMORY_USAGE = "CLIENT_ENABLE_CONSERVATIVE_MEMORY_USAGE";
    public static Map<String, String> JVM_PARAMS_TO_PARAMS = (Map) Stream.of((Object[]) new String[]{new String[]{CLIENT_RESULT_CHUNK_SIZE_JVM, CLIENT_RESULT_CHUNK_SIZE}, new String[]{CLIENT_MEMORY_LIMIT_JVM, CLIENT_MEMORY_LIMIT}, new String[]{CLIENT_PREFETCH_THREADS_JVM, CLIENT_PREFETCH_THREADS}, new String[]{OCSP_FAIL_OPEN_JVM, OCSP_FAIL_OPEN}, new String[]{CLIENT_ENABLE_CONSERVATIVE_MEMORY_USAGE_JVM, CLIENT_ENABLE_CONSERVATIVE_MEMORY_USAGE}}).collect(Collectors.toMap(strArr -> {
        return strArr[0];
    }, strArr2 -> {
        return strArr2[1];
    }));
    private static ObjectMapper mapper = ObjectMapperFactory.getObjectMapper();
    private static int DEFAULT_HEALTH_CHECK_INTERVAL = 45;
    private static final String SERVICE_NAME = "SERVICE_NAME";
    private static Set<String> STRING_PARAMS = new HashSet(Arrays.asList("TIMEZONE", "TIMESTAMP_OUTPUT_FORMAT", "TIMESTAMP_NTZ_OUTPUT_FORMAT", "TIMESTAMP_LTZ_OUTPUT_FORMAT", "TIMESTAMP_TZ_OUTPUT_FORMAT", "DATE_OUTPUT_FORMAT", "TIME_OUTPUT_FORMAT", "BINARY_OUTPUT_FORMAT", "CLIENT_TIMESTAMP_TYPE_MAPPING", SERVICE_NAME, "GEOGRAPHY_OUTPUT_FORMAT"));
    public static final String CLIENT_SESSION_KEEP_ALIVE_HEARTBEAT_FREQUENCY = "CLIENT_SESSION_KEEP_ALIVE_HEARTBEAT_FREQUENCY";
    private static final Set<String> INT_PARAMS = new HashSet(Arrays.asList(CLIENT_PREFETCH_THREADS, CLIENT_MEMORY_LIMIT, CLIENT_RESULT_CHUNK_SIZE, "CLIENT_STAGE_ARRAY_BINDING_THRESHOLD", CLIENT_SESSION_KEEP_ALIVE_HEARTBEAT_FREQUENCY));
    public static final String CLIENT_ENABLE_LOG_INFO_STATEMENT_PARAMETERS = "CLIENT_ENABLE_LOG_INFO_STATEMENT_PARAMETERS";
    private static final String CLIENT_IN_BAND_TELEMETRY_ENABLED = "CLIENT_TELEMETRY_ENABLED";
    private static final String CLIENT_OUT_OF_BAND_TELEMETRY_ENABLED = "CLIENT_OUT_OF_BAND_TELEMETRY_ENABLED";
    private static final String CLIENT_STORE_TEMPORARY_CREDENTIAL = "CLIENT_STORE_TEMPORARY_CREDENTIAL";
    private static final String CLIENT_REQUEST_MFA_TOKEN = "CLIENT_REQUEST_MFA_TOKEN";
    private static final String JDBC_RS_COLUMN_CASE_INSENSITIVE = "JDBC_RS_COLUMN_CASE_INSENSITIVE";
    private static final String JDBC_TREAT_TIMESTAMP_NTZ_AS_UTC = "JDBC_TREAT_TIMESTAMP_NTZ_AS_UTC";
    private static final String JDBC_FORMAT_DATE_WITH_TIMEZONE = "JDBC_FORMAT_DATE_WITH_TIMEZONE";
    private static final String JDBC_USE_SESSION_TIMEZONE = "JDBC_USE_SESSION_TIMEZONE";
    private static final String CLIENT_RESULT_COLUMN_CASE_INSENSITIVE = "CLIENT_RESULT_COLUMN_CASE_INSENSITIVE";
    public static final String CLIENT_METADATA_REQUEST_USE_CONNECTION_CTX = "CLIENT_METADATA_REQUEST_USE_CONNECTION_CTX";
    public static final String CLIENT_METADATA_USE_SESSION_DATABASE = "CLIENT_METADATA_USE_SESSION_DATABASE";
    public static final String CLIENT_VALIDATE_DEFAULT_PARAMETERS = "CLIENT_VALIDATE_DEFAULT_PARAMETERS";
    public static final String ENABLE_STAGE_S3_PRIVATELINK_FOR_US_EAST_1 = "ENABLE_STAGE_S3_PRIVATELINK_FOR_US_EAST_1";
    private static final Set<String> BOOLEAN_PARAMS = new HashSet(Arrays.asList(CLIENT_SESSION_KEEP_ALIVE_HEARTBEAT_FREQUENCY, "CLIENT_HONOR_CLIENT_TZ_FOR_TIMESTAMP_NTZ", "CLIENT_DISABLE_INCIDENTS", "CLIENT_SESSION_KEEP_ALIVE", CLIENT_ENABLE_LOG_INFO_STATEMENT_PARAMETERS, CLIENT_IN_BAND_TELEMETRY_ENABLED, CLIENT_OUT_OF_BAND_TELEMETRY_ENABLED, CLIENT_STORE_TEMPORARY_CREDENTIAL, CLIENT_REQUEST_MFA_TOKEN, "JDBC_USE_JSON_PARSER", "AUTOCOMMIT", "JDBC_EFFICIENT_CHUNK_STORAGE", JDBC_RS_COLUMN_CASE_INSENSITIVE, JDBC_TREAT_TIMESTAMP_NTZ_AS_UTC, JDBC_FORMAT_DATE_WITH_TIMEZONE, JDBC_USE_SESSION_TIMEZONE, CLIENT_RESULT_COLUMN_CASE_INSENSITIVE, CLIENT_METADATA_REQUEST_USE_CONNECTION_CTX, CLIENT_METADATA_USE_SESSION_DATABASE, "JDBC_TREAT_DECIMAL_AS_INT", "JDBC_ENABLE_COMBINED_DESCRIBE", CLIENT_ENABLE_CONSERVATIVE_MEMORY_USAGE, CLIENT_VALIDATE_DEFAULT_PARAMETERS, ENABLE_STAGE_S3_PRIVATELINK_FOR_US_EAST_1, "SNOWPARK_LAZY_ANALYSIS"));

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:net/snowflake/client/core/SessionUtil$TokenRequestType.class */
    public enum TokenRequestType {
        RENEW("RENEW"),
        CLONE("CLONE"),
        ISSUE("ISSUE");

        private String value;

        TokenRequestType(String str) {
            this.value = str;
        }
    }

    private static ClientAuthnDTO.AuthenticatorType getAuthenticator(SFLoginInput sFLoginInput) {
        if (sFLoginInput.getAuthenticator() != null) {
            if (sFLoginInput.getAuthenticator().equalsIgnoreCase(ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER.name())) {
                return ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER;
            }
            if (sFLoginInput.getAuthenticator().equalsIgnoreCase(ClientAuthnDTO.AuthenticatorType.OAUTH.name())) {
                return ClientAuthnDTO.AuthenticatorType.OAUTH;
            }
            if (sFLoginInput.getAuthenticator().equalsIgnoreCase(ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT.name())) {
                return ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT;
            }
            if (sFLoginInput.getAuthenticator().equalsIgnoreCase(ClientAuthnDTO.AuthenticatorType.USERNAME_PASSWORD_MFA.name())) {
                return ClientAuthnDTO.AuthenticatorType.USERNAME_PASSWORD_MFA;
            }
            if (!sFLoginInput.getAuthenticator().equalsIgnoreCase(ClientAuthnDTO.AuthenticatorType.SNOWFLAKE.name())) {
                return ClientAuthnDTO.AuthenticatorType.OKTA;
            }
        }
        return (sFLoginInput.getPrivateKey() == null && sFLoginInput.getPrivateKeyFile() == null) ? ClientAuthnDTO.AuthenticatorType.SNOWFLAKE : ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SFLoginOutput openSession(SFLoginInput sFLoginInput, Map<SFSessionProperty, Object> map, String str) throws SFException, SnowflakeSQLException {
        AssertUtil.assertTrue(sFLoginInput.getServerUrl() != null, "missing server URL for opening session");
        AssertUtil.assertTrue(sFLoginInput.getAppId() != null, "missing app id for opening session");
        AssertUtil.assertTrue(sFLoginInput.getLoginTimeout() >= 0, "negative login timeout for opening session");
        ClientAuthnDTO.AuthenticatorType authenticator = getAuthenticator(sFLoginInput);
        if (authenticator.equals(ClientAuthnDTO.AuthenticatorType.OAUTH)) {
            AssertUtil.assertTrue((sFLoginInput.getToken() == null && sFLoginInput.getPassword() == null) ? false : true, "missing token or password for opening session");
        } else {
            AssertUtil.assertTrue(sFLoginInput.getUserName() != null, "missing user name for opening session");
        }
        if (!authenticator.equals(ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER)) {
            Object obj = sFLoginInput.getSessionParameters().get(CLIENT_STORE_TEMPORARY_CREDENTIAL);
            if (obj != null) {
                sFLoginInput.getSessionParameters().put(CLIENT_STORE_TEMPORARY_CREDENTIAL, Boolean.valueOf(asBoolean(obj)));
            }
        } else if (Constants.getOS() == Constants.OS.MAC || Constants.getOS() == Constants.OS.WINDOWS) {
            sFLoginInput.getSessionParameters().put(CLIENT_STORE_TEMPORARY_CREDENTIAL, true);
        } else if (!sFLoginInput.getSessionParameters().containsKey(CLIENT_STORE_TEMPORARY_CREDENTIAL)) {
            sFLoginInput.getSessionParameters().put(CLIENT_STORE_TEMPORARY_CREDENTIAL, false);
        }
        if (authenticator.equals(ClientAuthnDTO.AuthenticatorType.USERNAME_PASSWORD_MFA) && (Constants.getOS() == Constants.OS.MAC || Constants.getOS() == Constants.OS.WINDOWS)) {
            sFLoginInput.getSessionParameters().put(CLIENT_REQUEST_MFA_TOKEN, true);
        }
        preNewSession(sFLoginInput);
        try {
            return newSession(sFLoginInput, map, str);
        } catch (SnowflakeReauthenticationRequest e) {
            logger.debug("ID Token being used has expired. Reauthenticating with ID Token cleared...", new Object[0]);
            return newSession(sFLoginInput, map, str);
        }
    }

    private static void preNewSession(SFLoginInput sFLoginInput) throws SFException {
        if (asBoolean(sFLoginInput.getSessionParameters().get(CLIENT_STORE_TEMPORARY_CREDENTIAL))) {
            CredentialManager.getInstance().fillCachedIdToken(sFLoginInput);
        }
        if (asBoolean(sFLoginInput.getSessionParameters().get(CLIENT_REQUEST_MFA_TOKEN))) {
            CredentialManager.getInstance().fillCachedMfaToken(sFLoginInput);
        }
    }

    private static boolean asBoolean(Object obj) {
        if (obj == null) {
            return false;
        }
        String name = obj.getClass().getName();
        boolean z = -1;
        switch (name.hashCode()) {
            case 344809556:
                if (name.equals("java.lang.Boolean")) {
                    z = false;
                    break;
                }
                break;
            case 1195259493:
                if (name.equals("java.lang.String")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return ((Boolean) obj).booleanValue();
            case true:
                return Boolean.valueOf((String) obj).booleanValue();
            default:
                return false;
        }
    }

    private static SFLoginOutput newSession(SFLoginInput sFLoginInput, Map<SFSessionProperty, Object> map, String str) throws SFException, SnowflakeSQLException {
        String str2 = null;
        String str3 = null;
        boolean z = true;
        String str4 = null;
        int i = 0;
        int i2 = 0;
        int i3 = DEFAULT_HEALTH_CHECK_INTERVAL;
        int socketTimeoutInMillis = sFLoginInput.getSocketTimeoutInMillis();
        ClientAuthnDTO.AuthenticatorType authenticator = getAuthenticator(sFLoginInput);
        try {
            URIBuilder uRIBuilder = new URIBuilder(sFLoginInput.getServerUrl());
            if (sFLoginInput.getDatabaseName() != null) {
                uRIBuilder.addParameter(SF_QUERY_DATABASE, sFLoginInput.getDatabaseName());
            }
            if (sFLoginInput.getSchemaName() != null) {
                uRIBuilder.addParameter(SF_QUERY_SCHEMA, sFLoginInput.getSchemaName());
            }
            if (sFLoginInput.getWarehouse() != null) {
                uRIBuilder.addParameter(SF_QUERY_WAREHOUSE, sFLoginInput.getWarehouse());
            }
            if (sFLoginInput.getRole() != null) {
                uRIBuilder.addParameter(SF_QUERY_ROLE, sFLoginInput.getRole());
            }
            if (authenticator == ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER) {
                if (sFLoginInput.getIdToken() == null) {
                    SessionUtilExternalBrowser createInstance = SessionUtilExternalBrowser.createInstance(sFLoginInput);
                    createInstance.authenticate();
                    str2 = createInstance.getToken();
                    str3 = createInstance.getProofKey();
                    z = createInstance.isConsentCacheIdToken();
                }
            } else if (authenticator == ClientAuthnDTO.AuthenticatorType.OKTA) {
                str2 = getSamlResponseUsingOkta(sFLoginInput);
            } else if (authenticator == ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT) {
                sFLoginInput.setToken(new SessionUtilKeyPair(sFLoginInput.getPrivateKey(), sFLoginInput.getPrivateKeyFile(), sFLoginInput.getPrivateKeyFilePwd(), sFLoginInput.getAccountName(), sFLoginInput.getUserName()).issueJwtToken());
                sFLoginInput.setAuthTimeout(SessionUtilKeyPair.getTimeout());
            }
            uRIBuilder.addParameter(SFSession.SF_QUERY_REQUEST_ID, UUIDUtils.getUUID().toString());
            uRIBuilder.setPath(SF_PATH_LOGIN_REQUEST);
            URI build = uRIBuilder.build();
            try {
                resetOCSPUrlIfNecessary(sFLoginInput.getServerUrl());
                try {
                    ClientAuthnDTO clientAuthnDTO = new ClientAuthnDTO();
                    clientAuthnDTO.setInFlightCtx(sFLoginInput.getInFlightCtx());
                    HashMap hashMap = new HashMap();
                    hashMap.put(ClientAuthnParameter.CLIENT_APP_ID.name(), sFLoginInput.getAppId());
                    hashMap.put(ClientAuthnParameter.LOGIN_NAME.name(), sFLoginInput.getUserName());
                    if (authenticator == ClientAuthnDTO.AuthenticatorType.SNOWFLAKE) {
                        hashMap.put(ClientAuthnParameter.PASSWORD.name(), sFLoginInput.getPassword());
                    } else if (authenticator == ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER) {
                        if (sFLoginInput.getIdToken() != null) {
                            hashMap.put(ClientAuthnParameter.AUTHENTICATOR.name(), ID_TOKEN_AUTHENTICATOR);
                            hashMap.put(ClientAuthnParameter.TOKEN.name(), sFLoginInput.getIdToken());
                        } else {
                            hashMap.put(ClientAuthnParameter.AUTHENTICATOR.name(), ClientAuthnDTO.AuthenticatorType.EXTERNALBROWSER.name());
                            hashMap.put(ClientAuthnParameter.PROOF_KEY.name(), str3);
                            hashMap.put(ClientAuthnParameter.TOKEN.name(), str2);
                        }
                    } else if (authenticator == ClientAuthnDTO.AuthenticatorType.OKTA) {
                        hashMap.put(ClientAuthnParameter.RAW_SAML_RESPONSE.name(), str2);
                    } else if (authenticator == ClientAuthnDTO.AuthenticatorType.OAUTH) {
                        hashMap.put(ClientAuthnParameter.AUTHENTICATOR.name(), authenticator.name());
                        if (sFLoginInput.getToken() != null) {
                            hashMap.put(ClientAuthnParameter.TOKEN.name(), sFLoginInput.getToken());
                        } else {
                            hashMap.put(ClientAuthnParameter.TOKEN.name(), sFLoginInput.getPassword());
                        }
                    } else if (authenticator == ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT) {
                        hashMap.put(ClientAuthnParameter.AUTHENTICATOR.name(), authenticator.name());
                        hashMap.put(ClientAuthnParameter.TOKEN.name(), sFLoginInput.getToken());
                    } else if (authenticator == ClientAuthnDTO.AuthenticatorType.USERNAME_PASSWORD_MFA) {
                        hashMap.put(ClientAuthnParameter.PASSWORD.name(), sFLoginInput.getPassword());
                        if (sFLoginInput.getMfaToken() != null) {
                            hashMap.put(ClientAuthnParameter.TOKEN.name(), sFLoginInput.getMfaToken());
                        }
                    }
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("OS", SnowflakeUtil.systemGetProperty("os.name"));
                    hashMap2.put("OS_VERSION", SnowflakeUtil.systemGetProperty("os.version"));
                    hashMap2.put("JAVA_VERSION", SnowflakeUtil.systemGetProperty(JavaVersionParser.JAVA_VERSION_PROPERTY));
                    hashMap2.put("JAVA_RUNTIME", SnowflakeUtil.systemGetProperty("java.runtime.name"));
                    hashMap2.put("JAVA_VM", SnowflakeUtil.systemGetProperty("java.vm.name"));
                    hashMap2.put("OCSP_MODE", sFLoginInput.getOCSPMode().name());
                    if (sFLoginInput.getApplication() != null) {
                        hashMap2.put("APPLICATION", sFLoginInput.getApplication());
                    } else {
                        String systemGetProperty = SnowflakeUtil.systemGetProperty("sun.java.command");
                        if (systemGetProperty != null) {
                            if (systemGetProperty.indexOf(StringUtils.SPACE) > 0) {
                                systemGetProperty = systemGetProperty.substring(0, systemGetProperty.indexOf(StringUtils.SPACE));
                            }
                            hashMap2.put("APPLICATION", systemGetProperty);
                        }
                    }
                    String systemGetProperty2 = map.containsKey(SFSessionProperty.CLIENT_INFO) ? (String) map.get(SFSessionProperty.CLIENT_INFO) : SnowflakeUtil.systemGetProperty("snowflake.client.info");
                    if (systemGetProperty2 != null) {
                        JsonNode jsonNode = null;
                        try {
                            jsonNode = mapper.readTree(systemGetProperty2);
                        } catch (Throwable th) {
                            logger.debug("failed to process snowflake.client.info property as JSON: {}", systemGetProperty2, th);
                        }
                        if (jsonNode != null) {
                            Iterator<Map.Entry<String, JsonNode>> fields = jsonNode.fields();
                            while (fields.hasNext()) {
                                Map.Entry<String, JsonNode> next = fields.next();
                                hashMap2.put(next.getKey(), next.getValue().asText());
                            }
                        }
                    }
                    for (Map.Entry<SFSessionProperty, Object> entry : map.entrySet()) {
                        if (!entry.getKey().equals(SFSessionProperty.APP_ID) && !entry.getKey().equals(SFSessionProperty.APP_VERSION)) {
                            String propertyKey = entry.getKey().getPropertyKey();
                            hashMap2.put(propertyKey, SecretDetector.maskParameterValue(propertyKey, entry.getValue().toString()));
                        }
                    }
                    if (!map.containsKey(SFSessionProperty.TRACING)) {
                        hashMap2.put(SFSessionProperty.TRACING.getPropertyKey(), str);
                    }
                    hashMap2.put("JDBC_JAR_NAME", SnowflakeDriver.getJdbcJarname());
                    hashMap.put(ClientAuthnParameter.CLIENT_ENVIRONMENT.name(), hashMap2);
                    Map<String, Object> sessionParameters = sFLoginInput.getSessionParameters();
                    if (sFLoginInput.isValidateDefaultParameters()) {
                        sessionParameters.put(CLIENT_VALIDATE_DEFAULT_PARAMETERS, true);
                    }
                    if (sessionParameters != null) {
                        hashMap.put(ClientAuthnParameter.SESSION_PARAMETERS.name(), sFLoginInput.getSessionParameters());
                    }
                    if (sFLoginInput.getAccountName() != null) {
                        hashMap.put(ClientAuthnParameter.ACCOUNT_NAME.name(), sFLoginInput.getAccountName());
                    }
                    if (sFLoginInput.isPasscodeInPassword()) {
                        hashMap.put(ClientAuthnParameter.EXT_AUTHN_DUO_METHOD.name(), "passcode");
                    } else if (sFLoginInput.getPasscode() != null) {
                        hashMap.put(ClientAuthnParameter.EXT_AUTHN_DUO_METHOD.name(), "passcode");
                        hashMap.put(ClientAuthnParameter.PASSCODE.name(), sFLoginInput.getPasscode());
                    } else {
                        hashMap.put(ClientAuthnParameter.EXT_AUTHN_DUO_METHOD.name(), "push");
                    }
                    hashMap.put(ClientAuthnParameter.CLIENT_APP_VERSION.name(), sFLoginInput.getAppVersion());
                    clientAuthnDTO.setData(hashMap);
                    String writeValueAsString = mapper.writeValueAsString(clientAuthnDTO);
                    HttpPost httpPost = new HttpPost(build);
                    HttpUtil.applyAdditionalHeadersForSnowsight(httpPost, sFLoginInput.getAdditionalHttpHeadersForSnowsight());
                    httpPost.addHeader(SF_HEADER_CLIENT_APP_ID, sFLoginInput.getAppId());
                    httpPost.addHeader(SF_HEADER_CLIENT_APP_VERSION, sFLoginInput.getAppVersion());
                    StringEntity stringEntity = new StringEntity(writeValueAsString, StandardCharsets.UTF_8);
                    stringEntity.setContentType("application/json");
                    httpPost.setEntity(stringEntity);
                    httpPost.addHeader("accept", "application/json");
                    httpPost.addHeader("Accept-Encoding", "");
                    httpPost.setHeader("Authorization", "Basic");
                    setServiceNameHeader(sFLoginInput, httpPost);
                    String str5 = null;
                    int loginTimeout = sFLoginInput.getLoginTimeout();
                    int socketTimeoutInMillis2 = sFLoginInput.getSocketTimeoutInMillis();
                    int i4 = 0;
                    while (true) {
                        try {
                            str5 = HttpUtil.executeGeneralRequest(httpPost, loginTimeout, sFLoginInput.getAuthTimeout(), socketTimeoutInMillis2, i4, sFLoginInput.getHttpClientSettingsKey());
                            break;
                        } catch (SnowflakeSQLException e) {
                            if (e.getErrorCode() != ErrorCode.AUTHENTICATOR_REQUEST_TIMEOUT.getMessageCode().intValue()) {
                                throw e;
                            }
                            if (authenticator != ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT && authenticator != ClientAuthnDTO.AuthenticatorType.OKTA) {
                                break;
                            }
                            if (authenticator == ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT) {
                                hashMap.put(ClientAuthnParameter.TOKEN.name(), new SessionUtilKeyPair(sFLoginInput.getPrivateKey(), sFLoginInput.getPrivateKeyFile(), sFLoginInput.getPrivateKeyFilePwd(), sFLoginInput.getAccountName(), sFLoginInput.getUserName()).issueJwtToken());
                            } else if (authenticator == ClientAuthnDTO.AuthenticatorType.OKTA) {
                                logger.debug("Retrieve new token for Okta authentication.", new Object[0]);
                                hashMap.put(ClientAuthnParameter.RAW_SAML_RESPONSE.name(), getSamlResponseUsingOkta(sFLoginInput));
                                clientAuthnDTO.setData(hashMap);
                                StringEntity stringEntity2 = new StringEntity(mapper.writeValueAsString(clientAuthnDTO), StandardCharsets.UTF_8);
                                stringEntity2.setContentType("application/json");
                                httpPost.setEntity(stringEntity2);
                            }
                            long elapsedSeconds = e.getElapsedSeconds();
                            if (sFLoginInput.getLoginTimeout() > 0) {
                                loginTimeout = ((long) loginTimeout) > elapsedSeconds ? (int) (loginTimeout - elapsedSeconds) : 1;
                            }
                            if (sFLoginInput.getSocketTimeoutInMillis() > 0) {
                                socketTimeoutInMillis2 = e.issocketTimeoutNoBackoff() ? ((long) socketTimeoutInMillis2) > elapsedSeconds ? (int) (socketTimeoutInMillis2 - elapsedSeconds) : 1 : sFLoginInput.getSocketTimeoutInMillis();
                            }
                            i4 = e.getRetryCount();
                        }
                    }
                    JsonNode readTree = mapper.readTree(str5);
                    if (!readTree.path("success").asBoolean()) {
                        logger.debug("response = {}", str5);
                        int asInt = readTree.path(TableConstants.ErrorConstants.ERROR_CODE).asInt();
                        if (asInt == 390195) {
                            sFLoginInput.setIdToken(null);
                            deleteIdTokenCache(sFLoginInput.getHostFromServerUrl(), sFLoginInput.getUserName());
                            logger.debug("ID Token Expired / Not Applicable. Reauthenticating without ID Token...: {}", Integer.valueOf(asInt));
                            SnowflakeUtil.checkErrorAndThrowExceptionIncludingReauth(readTree);
                        }
                        if (authenticator == ClientAuthnDTO.AuthenticatorType.USERNAME_PASSWORD_MFA) {
                            deleteMfaTokenCache(sFLoginInput.getHostFromServerUrl(), sFLoginInput.getUserName());
                        }
                        throw new SnowflakeSQLException("", readTree.path(TableConstants.ErrorConstants.ERROR_MESSAGE).asText(), SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, asInt);
                    }
                    String asText = readTree.path("data").path("token").asText();
                    String asText2 = readTree.path("data").path("masterToken").asText();
                    String nullStringAsEmptyString = nullStringAsEmptyString(readTree.path("data").path("idToken").asText());
                    String nullStringAsEmptyString2 = nullStringAsEmptyString(readTree.path("data").path("mfaToken").asText());
                    long asLong = readTree.path("data").path("masterValidityInSeconds").asLong();
                    String asText3 = readTree.path("data").path("serverVersion").asText();
                    String asText4 = readTree.path("data").path("sessionId").asText();
                    JsonNode path = readTree.path("data").path("sessionInfo").path(SF_QUERY_DATABASE);
                    String asText5 = path.isNull() ? null : path.asText();
                    JsonNode path2 = readTree.path("data").path("sessionInfo").path(SF_QUERY_SCHEMA);
                    String asText6 = path2.isNull() ? null : path2.asText();
                    JsonNode path3 = readTree.path("data").path("sessionInfo").path(SF_QUERY_ROLE);
                    String asText7 = path3.isNull() ? null : path3.asText();
                    JsonNode path4 = readTree.path("data").path("sessionInfo").path("warehouseName");
                    String asText8 = path4.isNull() ? null : path4.asText();
                    Map<String, Object> commonParams = getCommonParams(readTree.path("data").path("parameters"));
                    if (asText3 != null) {
                        logger.debug("server version = {}", asText3);
                        str4 = asText3.indexOf(StringUtils.SPACE) > 0 ? asText3.substring(0, asText3.indexOf(StringUtils.SPACE)) : asText3;
                    } else {
                        logger.debug("server version is null", false);
                    }
                    if (str4 != null) {
                        String[] split = str4.split("\\.");
                        if (split.length >= 2) {
                            try {
                                i = Integer.parseInt(split[0]);
                                i2 = Integer.parseInt(split[1]);
                            } catch (Exception e2) {
                                logger.error("Exception encountered when parsing server version: {} Exception: {}", str4, e2.getMessage());
                            }
                        }
                    } else {
                        logger.debug("database version is null", false);
                    }
                    if (!readTree.path("data").path("newClientForUpgrade").isNull()) {
                        logger.debug("new client: {}", readTree.path("data").path("newClientForUpgrade").asText());
                    }
                    int asInt2 = readTree.path("data").path("healthCheckInterval").asInt();
                    logger.debug("health check interval = {}", Integer.valueOf(asInt2));
                    if (asInt2 > 0 && asInt2 != i3) {
                        socketTimeoutInMillis = sFLoginInput.getSocketTimeoutInMillis() + (asInt2 * 1000);
                        HttpUtil.setRequestConfig(RequestConfig.copy(HttpUtil.getRequestConfigWithoutCookies()).setConnectTimeout((int) sFLoginInput.getConnectionTimeout().toMillis()).setSocketTimeout(socketTimeoutInMillis).build());
                        logger.debug("adjusted connection timeout to = {}", sFLoginInput.getConnectionTimeout());
                        logger.debug("adjusted socket timeout to = {}", Integer.valueOf(socketTimeoutInMillis));
                    }
                    SFLoginOutput sFLoginOutput = new SFLoginOutput(asText, asText2, asLong, nullStringAsEmptyString, nullStringAsEmptyString2, str4, i, i2, socketTimeoutInMillis, asText5, asText6, asText7, asText8, asText4, commonParams);
                    if (z && asBoolean(sFLoginInput.getSessionParameters().get(CLIENT_STORE_TEMPORARY_CREDENTIAL))) {
                        CredentialManager.getInstance().writeIdToken(sFLoginInput, sFLoginOutput);
                    }
                    if (asBoolean(sFLoginInput.getSessionParameters().get(CLIENT_REQUEST_MFA_TOKEN))) {
                        CredentialManager.getInstance().writeMfaToken(sFLoginInput, sFLoginOutput);
                    }
                    return sFLoginOutput;
                } catch (IOException e3) {
                    logger.error("IOException when creating session: " + ((Object) null), e3);
                    throw new SnowflakeSQLException(e3, SqlState.IO_ERROR, ErrorCode.NETWORK_ERROR.getMessageCode().intValue(), "Exception encountered when opening connection: " + e3.getMessage());
                } catch (SnowflakeSQLException e4) {
                    throw e4;
                } catch (Throwable th2) {
                    logger.error("Exception when creating session: " + ((Object) null), th2);
                    throw new SnowflakeSQLException(th2, SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, ErrorCode.CONNECTION_ERROR.getMessageCode().intValue(), ErrorCode.CONNECTION_ERROR.getMessageCode(), th2.getMessage());
                }
            } catch (IOException e5) {
                throw new SFException(e5, ErrorCode.IO_ERROR, "unexpected URL syntax exception");
            }
        } catch (URISyntaxException e6) {
            logger.error("Exception when building URL", e6);
            throw new SFException(e6, ErrorCode.INTERNAL_ERROR, "unexpected URI syntax exception:1");
        }
    }

    private static void setServiceNameHeader(SFLoginInput sFLoginInput, HttpPost httpPost) {
        if (Strings.isNullOrEmpty(sFLoginInput.getServiceName())) {
            return;
        }
        httpPost.setHeader(SF_HEADER_SERVICE_NAME, sFLoginInput.getServiceName());
    }

    private static String nullStringAsEmptyString(String str) {
        return (Strings.isNullOrEmpty(str) || net.snowflake.client.jdbc.internal.amazonaws.services.s3.internal.Constants.NULL_VERSION_ID.equals(str)) ? "" : str;
    }

    public static void deleteIdTokenCache(String str, String str2) {
        CredentialManager.getInstance().deleteIdTokenCache(str, str2);
    }

    public static void deleteMfaTokenCache(String str, String str2) {
        CredentialManager.getInstance().deleteMfaTokenCache(str, str2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SFLoginOutput renewSession(SFLoginInput sFLoginInput) throws SFException, SnowflakeSQLException {
        return tokenRequest(sFLoginInput, TokenRequestType.RENEW);
    }

    private static SFLoginOutput tokenRequest(SFLoginInput sFLoginInput, TokenRequestType tokenRequestType) throws SFException, SnowflakeSQLException {
        AssertUtil.assertTrue(sFLoginInput.getServerUrl() != null, "missing server URL for tokenRequest");
        AssertUtil.assertTrue(sFLoginInput.getMasterToken() != null, "missing master token for tokenRequest");
        AssertUtil.assertTrue(sFLoginInput.getSessionToken() != null, "missing session token for tokenRequest");
        AssertUtil.assertTrue(sFLoginInput.getLoginTimeout() >= 0, "negative login timeout for tokenRequest");
        try {
            URIBuilder uRIBuilder = new URIBuilder(sFLoginInput.getServerUrl());
            uRIBuilder.setPath(SF_PATH_TOKEN_REQUEST);
            uRIBuilder.addParameter(SFSession.SF_QUERY_REQUEST_ID, UUIDUtils.getUUID().toString());
            HttpPost httpPost = new HttpPost(uRIBuilder.build());
            httpPost.addHeader(SF_HEADER_CLIENT_APP_ID, sFLoginInput.getAppId());
            httpPost.addHeader(SF_HEADER_CLIENT_APP_VERSION, sFLoginInput.getAppVersion());
            HttpUtil.applyAdditionalHeadersForSnowsight(httpPost, sFLoginInput.getAdditionalHttpHeadersForSnowsight());
            try {
                HashMap hashMap = new HashMap();
                String masterToken = sFLoginInput.getMasterToken();
                hashMap.put("oldSessionToken", sFLoginInput.getSessionToken());
                hashMap.put("requestType", tokenRequestType.value);
                StringEntity stringEntity = new StringEntity(mapper.writeValueAsString(hashMap), StandardCharsets.UTF_8);
                stringEntity.setContentType("application/json");
                httpPost.setEntity(stringEntity);
                httpPost.addHeader("accept", "application/json");
                httpPost.setHeader("Authorization", "Snowflake Token=\"" + masterToken + "\"");
                setServiceNameHeader(sFLoginInput, httpPost);
                logger.debug("request type: {}, old session token: {}, master token: {}", tokenRequestType.value, () -> {
                    if (sFLoginInput.getSessionToken() != null) {
                        return "******";
                    }
                    return null;
                }, () -> {
                    if (sFLoginInput.getMasterToken() != null) {
                        return "******";
                    }
                    return null;
                });
                String executeGeneralRequest = HttpUtil.executeGeneralRequest(httpPost, sFLoginInput.getLoginTimeout(), sFLoginInput.getAuthTimeout(), sFLoginInput.getSocketTimeoutInMillis(), 0, sFLoginInput.getHttpClientSettingsKey());
                JsonNode readTree = mapper.readTree(executeGeneralRequest);
                if (!readTree.path("success").asBoolean()) {
                    logger.debug("response = {}", executeGeneralRequest);
                    EventUtil.triggerBasicEvent(Event.EventType.NETWORK_ERROR, "SessionUtil:renewSession failure, error code=" + readTree.path(TableConstants.ErrorConstants.ERROR_CODE).asText() + ", message=" + readTree.path(TableConstants.ErrorConstants.ERROR_MESSAGE).asText(), true);
                    SnowflakeUtil.checkErrorAndThrowExceptionIncludingReauth(readTree);
                }
                String asText = readTree.path("data").path("sessionToken").asText();
                String asText2 = readTree.path("data").path("masterToken").asText();
                SFLoginOutput sFLoginOutput = new SFLoginOutput();
                sFLoginOutput.setSessionToken(asText).setMasterToken(asText2);
                return sFLoginOutput;
            } catch (IOException e) {
                logger.error("IOException when renewing session: " + httpPost, e);
                throw new SFException(e, ErrorCode.NETWORK_ERROR, e.getMessage());
            }
        } catch (URISyntaxException e2) {
            logger.error("Exception when creating http request", e2);
            throw new SFException(e2, ErrorCode.INTERNAL_ERROR, "unexpected URI syntax exception:3");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void closeSession(SFLoginInput sFLoginInput) throws SFException, SnowflakeSQLException {
        logger.debug(" public void close() throws SFException", new Object[0]);
        AssertUtil.assertTrue(sFLoginInput.getServerUrl() != null, "missing server URL for closing session");
        AssertUtil.assertTrue(sFLoginInput.getSessionToken() != null, "missing session token for closing session");
        AssertUtil.assertTrue(sFLoginInput.getLoginTimeout() >= 0, "missing login timeout for closing session");
        HttpPost httpPost = null;
        try {
            URIBuilder uRIBuilder = new URIBuilder(sFLoginInput.getServerUrl());
            uRIBuilder.addParameter(SF_QUERY_SESSION_DELETE, Boolean.TRUE.toString());
            uRIBuilder.addParameter(SFSession.SF_QUERY_REQUEST_ID, UUIDUtils.getUUID().toString());
            uRIBuilder.setPath(SF_PATH_SESSION);
            httpPost = new HttpPost(uRIBuilder.build());
            HttpUtil.applyAdditionalHeadersForSnowsight(httpPost, sFLoginInput.getAdditionalHttpHeadersForSnowsight());
            httpPost.setHeader("Authorization", "Snowflake Token=\"" + sFLoginInput.getSessionToken() + "\"");
            setServiceNameHeader(sFLoginInput, httpPost);
            String executeGeneralRequest = HttpUtil.executeGeneralRequest(httpPost, sFLoginInput.getLoginTimeout(), sFLoginInput.getAuthTimeout(), sFLoginInput.getSocketTimeoutInMillis(), 0, sFLoginInput.getHttpClientSettingsKey());
            logger.debug("connection close response: {}", executeGeneralRequest);
            SnowflakeUtil.checkErrorAndThrowException(mapper.readTree(executeGeneralRequest));
        } catch (IOException e) {
            logger.error("unexpected IO exception for: " + httpPost, e);
        } catch (URISyntaxException e2) {
            throw new RuntimeException("unexpected URI syntax exception", e2);
        } catch (SnowflakeSQLException e3) {
            if (e3.getErrorCode() != 390112 && e3.getErrorCode() != 390111) {
                throw e3;
            }
        }
    }

    private static String federatedFlowStep4(SFLoginInput sFLoginInput, String str, String str2) throws SnowflakeSQLException {
        String str3 = "";
        try {
            URL url = new URL(str);
            HttpGet httpGet = new HttpGet(new URIBuilder().setScheme(url.getProtocol()).setHost(url.getHost()).setPath(url.getPath()).setParameter("RelayState", "%2Fsome%2Fdeep%2Flink").setParameter("onetimetoken", str2).build());
            HeaderGroup headerGroup = new HeaderGroup();
            headerGroup.addHeader(new BasicHeader("Accept", "*/*"));
            httpGet.setHeaders(headerGroup.getAllHeaders());
            str3 = HttpUtil.executeGeneralRequest(httpGet, sFLoginInput.getLoginTimeout(), sFLoginInput.getAuthTimeout(), sFLoginInput.getSocketTimeoutInMillis(), 0, sFLoginInput.getHttpClientSettingsKey());
            validateSAML(str3, sFLoginInput);
        } catch (IOException | URISyntaxException e) {
            handleFederatedFlowError(sFLoginInput, e);
        }
        return str3;
    }

    private static void validateSAML(String str, SFLoginInput sFLoginInput) throws SnowflakeSQLException, MalformedURLException {
        if (sFLoginInput.getDisableSamlURLCheck()) {
            return;
        }
        String postBackUrlFromHTML = getPostBackUrlFromHTML(str);
        if (isPrefixEqual(postBackUrlFromHTML, sFLoginInput.getServerUrl())) {
            return;
        }
        URL url = new URL(postBackUrlFromHTML);
        URL url2 = new URL(sFLoginInput.getServerUrl());
        String host = url.getHost();
        logger.error("The Snowflake hostname specified in the client connection {} does not match the destination hostname in the SAML response returned by the IdP: {}", url2.getHost(), host);
        throw new SnowflakeSQLLoggedException((SFBaseSession) null, ErrorCode.IDP_INCORRECT_DESTINATION.getMessageCode().intValue(), SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION);
    }

    private static String federatedFlowStep3(SFLoginInput sFLoginInput, String str) throws SnowflakeSQLException {
        String str2 = "";
        try {
            HttpPost httpPost = new HttpPost(new URL(str).toURI());
            httpPost.setEntity(new StringEntity("{\"username\":\"" + (Strings.isNullOrEmpty(sFLoginInput.getOKTAUserName()) ? sFLoginInput.getUserName() : sFLoginInput.getOKTAUserName()) + "\",\"password\":\"" + sFLoginInput.getPassword() + "\"}"));
            HeaderGroup headerGroup = new HeaderGroup();
            headerGroup.addHeader(new BasicHeader("Accept", "application/json"));
            headerGroup.addHeader(new BasicHeader("Content-Type", "application/json"));
            httpPost.setHeaders(headerGroup.getAllHeaders());
            String executeRequestWithoutCookies = HttpUtil.executeRequestWithoutCookies(httpPost, sFLoginInput.getLoginTimeout(), sFLoginInput.getAuthTimeout(), sFLoginInput.getSocketTimeoutInMillis(), 0, 0, null, sFLoginInput.getHttpClientSettingsKey());
            logger.debug("user is authenticated against {}.", sFLoginInput.getAuthenticator());
            JsonNode readTree = mapper.readTree(executeRequestWithoutCookies);
            str2 = readTree.get("sessionToken") != null ? readTree.get("sessionToken").asText() : readTree.get("cookieToken").asText();
        } catch (IOException | URISyntaxException e) {
            handleFederatedFlowError(sFLoginInput, e);
        }
        return str2;
    }

    private static void federatedFlowStep2(SFLoginInput sFLoginInput, String str, String str2) throws SnowflakeSQLException {
        try {
            if (isPrefixEqual(sFLoginInput.getAuthenticator(), str) && isPrefixEqual(sFLoginInput.getAuthenticator(), str2)) {
                return;
            }
            logger.debug("The specified authenticator {} is not supported.", sFLoginInput.getAuthenticator());
            throw new SnowflakeSQLLoggedException((SFBaseSession) null, ErrorCode.IDP_CONNECTION_ERROR.getMessageCode().intValue(), SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION);
        } catch (MalformedURLException e) {
            handleFederatedFlowError(sFLoginInput, e);
        }
    }

    private static JsonNode federatedFlowStep1(SFLoginInput sFLoginInput) throws SnowflakeSQLException {
        String executeGeneralRequest;
        JsonNode readTree;
        JsonNode jsonNode = null;
        try {
            URIBuilder uRIBuilder = new URIBuilder(sFLoginInput.getServerUrl());
            uRIBuilder.setPath(SF_PATH_AUTHENTICATOR_REQUEST);
            URI build = uRIBuilder.build();
            HashMap hashMap = new HashMap();
            hashMap.put(ClientAuthnParameter.ACCOUNT_NAME.name(), sFLoginInput.getAccountName());
            hashMap.put(ClientAuthnParameter.AUTHENTICATOR.name(), sFLoginInput.getAuthenticator());
            hashMap.put(ClientAuthnParameter.CLIENT_APP_ID.name(), sFLoginInput.getAppId());
            hashMap.put(ClientAuthnParameter.CLIENT_APP_VERSION.name(), sFLoginInput.getAppVersion());
            ClientAuthnDTO clientAuthnDTO = new ClientAuthnDTO();
            clientAuthnDTO.setData(hashMap);
            StringEntity stringEntity = new StringEntity(mapper.writeValueAsString(clientAuthnDTO), StandardCharsets.UTF_8);
            stringEntity.setContentType("application/json");
            HttpPost httpPost = new HttpPost(build);
            httpPost.setEntity(stringEntity);
            httpPost.addHeader("accept", "application/json");
            httpPost.addHeader(SF_HEADER_CLIENT_APP_ID, sFLoginInput.getAppId());
            httpPost.addHeader(SF_HEADER_CLIENT_APP_VERSION, sFLoginInput.getAppVersion());
            executeGeneralRequest = HttpUtil.executeGeneralRequest(httpPost, sFLoginInput.getLoginTimeout(), sFLoginInput.getAuthTimeout(), sFLoginInput.getSocketTimeoutInMillis(), 0, sFLoginInput.getHttpClientSettingsKey());
            logger.debug("authenticator-request response: {}", executeGeneralRequest);
            readTree = mapper.readTree(executeGeneralRequest);
        } catch (IOException | URISyntaxException e) {
            handleFederatedFlowError(sFLoginInput, e);
        }
        if (readTree.path("success").asBoolean()) {
            jsonNode = readTree.path("data");
            return jsonNode;
        }
        logger.debug("response = {}", executeGeneralRequest);
        throw new SnowflakeSQLException("", readTree.path(TableConstants.ErrorConstants.ERROR_MESSAGE).asText(), SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, readTree.path(TableConstants.ErrorConstants.ERROR_CODE).asInt());
    }

    private static void handleFederatedFlowError(SFLoginInput sFLoginInput, Exception exc) throws SnowflakeSQLException {
        if (exc instanceof IOException) {
            logger.error("IOException when authenticating with " + sFLoginInput.getAuthenticator(), exc);
            throw new SnowflakeSQLException(exc, SqlState.IO_ERROR, ErrorCode.NETWORK_ERROR.getMessageCode().intValue(), "Exception encountered when opening connection: " + exc.getMessage());
        }
        logger.error("Exception when authenticating with " + sFLoginInput.getAuthenticator(), exc);
        throw new SnowflakeSQLException(exc, SqlState.SQLCLIENT_UNABLE_TO_ESTABLISH_SQLCONNECTION, ErrorCode.CONNECTION_ERROR.getMessageCode().intValue(), ErrorCode.CONNECTION_ERROR.getMessageCode(), exc.getMessage());
    }

    private static String getSamlResponseUsingOkta(SFLoginInput sFLoginInput) throws SnowflakeSQLException {
        while (true) {
            try {
                JsonNode federatedFlowStep1 = federatedFlowStep1(sFLoginInput);
                String asText = federatedFlowStep1.path("tokenUrl").asText();
                String asText2 = federatedFlowStep1.path("ssoUrl").asText();
                federatedFlowStep2(sFLoginInput, asText, asText2);
                return federatedFlowStep4(sFLoginInput, asText2, federatedFlowStep3(sFLoginInput, asText));
            } catch (SnowflakeSQLException e) {
                if (e.getErrorCode() != ErrorCode.AUTHENTICATOR_REQUEST_TIMEOUT.getMessageCode().intValue()) {
                    throw e;
                }
                logger.debug("Failed to get Okta SAML response. Retrying without changing retry count.", new Object[0]);
            }
        }
    }

    static boolean isPrefixEqual(String str, String str2) throws MalformedURLException {
        URL url = new URL(str);
        URL url2 = new URL(str2);
        int port = url.getPort();
        int port2 = url2.getPort();
        if (port == -1 && net.snowflake.client.jdbc.internal.microsoft.azure.storage.Constants.HTTPS.equals(url.getProtocol())) {
            port = 443;
        }
        if (port2 == -1 && net.snowflake.client.jdbc.internal.microsoft.azure.storage.Constants.HTTPS.equals(url2.getProtocol())) {
            port2 = 443;
        }
        return url.getHost().equalsIgnoreCase(url2.getHost()) && url.getProtocol().equalsIgnoreCase(url2.getProtocol()) && port == port2;
    }

    private static String getPostBackUrlFromHTML(String str) {
        return Jsoup.parse(str).getElementsByTag("body").get(0).getElementsByTag("form").first().attr("action");
    }

    public static Map<String, Object> getCommonParams(JsonNode jsonNode) {
        HashMap hashMap = new HashMap();
        Iterator<JsonNode> it = jsonNode.iterator();
        while (it.hasNext()) {
            JsonNode next = it.next();
            if (next.hasNonNull(SystemSymbols.NAME)) {
                String asText = next.path(SystemSymbols.NAME).asText();
                if (next.hasNonNull("value")) {
                    if (STRING_PARAMS.contains(asText.toUpperCase())) {
                        hashMap.put(asText, next.path("value").asText());
                    } else if (INT_PARAMS.contains(asText.toUpperCase())) {
                        hashMap.put(asText, Integer.valueOf(next.path("value").asInt()));
                    } else if (BOOLEAN_PARAMS.contains(asText.toUpperCase())) {
                        hashMap.put(asText, Boolean.valueOf(next.path("value").asBoolean()));
                    } else {
                        try {
                            hashMap.put(asText, mapper.treeToValue(next.path("value"), Object.class));
                        } catch (Exception e) {
                            logger.debug("Unknown Common Parameter Failed to Parse: {} -> {}. Exception: {}", asText, next.path("value"), e.getMessage());
                        }
                        logger.debug("Unknown Common Parameter: {}", asText);
                    }
                    logger.debug("Parameter {}: {}", asText, next.path("value").asText());
                } else {
                    logger.debug("No value found for Common Parameter {}", next.path(SystemSymbols.NAME).asText());
                }
            } else {
                logger.error("Common Parameter JsonNode encountered with no parameter name!", false);
            }
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void updateSfDriverParamValues(Map<String, Object> map, SFBaseSession sFBaseSession) {
        if (map != null && !map.isEmpty()) {
            sFBaseSession.setCommonParameters(map);
        }
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            logger.debug("processing parameter {}", entry.getKey());
            if ("CLIENT_DISABLE_INCIDENTS".equalsIgnoreCase(entry.getKey())) {
                SnowflakeDriver.setDisableIncidents(((Boolean) entry.getValue()).booleanValue());
            } else if ("CLIENT_SESSION_KEEP_ALIVE".equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setEnableHeartbeat(((Boolean) entry.getValue()).booleanValue());
                }
            } else if (CLIENT_SESSION_KEEP_ALIVE_HEARTBEAT_FREQUENCY.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setHeartbeatFrequency(((Integer) entry.getValue()).intValue());
                }
            } else if (CLIENT_ENABLE_LOG_INFO_STATEMENT_PARAMETERS.equalsIgnoreCase(entry.getKey())) {
                boolean booleanValue = ((Boolean) entry.getValue()).booleanValue();
                if (sFBaseSession != null && sFBaseSession.getPreparedStatementLogging() != booleanValue) {
                    sFBaseSession.setPreparedStatementLogging(booleanValue);
                }
            } else if ("AUTOCOMMIT".equalsIgnoreCase(entry.getKey())) {
                boolean booleanValue2 = ((Boolean) entry.getValue()).booleanValue();
                if (sFBaseSession != null && sFBaseSession.getAutoCommit() != booleanValue2) {
                    sFBaseSession.setAutoCommit(booleanValue2);
                }
            } else if (JDBC_RS_COLUMN_CASE_INSENSITIVE.equalsIgnoreCase(entry.getKey()) || CLIENT_RESULT_COLUMN_CASE_INSENSITIVE.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null && !sFBaseSession.isResultColumnCaseInsensitive()) {
                    sFBaseSession.setResultColumnCaseInsensitive(((Boolean) entry.getValue()).booleanValue());
                }
            } else if (CLIENT_METADATA_REQUEST_USE_CONNECTION_CTX.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setMetadataRequestUseConnectionCtx(((Boolean) entry.getValue()).booleanValue());
                }
            } else if (CLIENT_METADATA_USE_SESSION_DATABASE.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setMetadataRequestUseSessionDatabase(((Boolean) entry.getValue()).booleanValue());
                }
            } else if (JDBC_TREAT_TIMESTAMP_NTZ_AS_UTC.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setTreatNTZAsUTC(((Boolean) entry.getValue()).booleanValue());
                }
            } else if (JDBC_FORMAT_DATE_WITH_TIMEZONE.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setFormatDateWithTimezone(((Boolean) entry.getValue()).booleanValue());
                }
            } else if (JDBC_USE_SESSION_TIMEZONE.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setUseSessionTimezone(((Boolean) entry.getValue()).booleanValue());
                }
            } else if ("CLIENT_TIMESTAMP_TYPE_MAPPING".equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setTimestampMappedType(SnowflakeType.valueOf(((String) entry.getValue()).toUpperCase()));
                }
            } else if ("JDBC_TREAT_DECIMAL_AS_INT".equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setJdbcTreatDecimalAsInt(((Boolean) entry.getValue()).booleanValue());
                }
            } else if ("JDBC_ENABLE_COMBINED_DESCRIBE".equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setEnableCombineDescribe(((Boolean) entry.getValue()).booleanValue());
                }
            } else if (CLIENT_IN_BAND_TELEMETRY_ENABLED.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setClientTelemetryEnabled(((Boolean) entry.getValue()).booleanValue());
                }
            } else if ("CLIENT_STAGE_ARRAY_BINDING_THRESHOLD".equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setArrayBindStageThreshold(((Integer) entry.getValue()).intValue());
                }
            } else if (CLIENT_STORE_TEMPORARY_CREDENTIAL.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setStoreTemporaryCredential(((Boolean) entry.getValue()).booleanValue());
                }
            } else if (SERVICE_NAME.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setServiceName((String) entry.getValue());
                }
            } else if (CLIENT_ENABLE_CONSERVATIVE_MEMORY_USAGE.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setEnableConservativeMemoryUsage(((Boolean) entry.getValue()).booleanValue());
                }
            } else if (CLIENT_CONSERVATIVE_MEMORY_ADJUST_STEP.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setConservativeMemoryAdjustStep(((Integer) entry.getValue()).intValue());
                }
            } else if (CLIENT_MEMORY_LIMIT.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setClientMemoryLimit(((Integer) entry.getValue()).intValue());
                }
            } else if (CLIENT_RESULT_CHUNK_SIZE.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setClientResultChunkSize(((Integer) entry.getValue()).intValue());
                }
            } else if (CLIENT_PREFETCH_THREADS.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setClientPrefetchThreads(((Integer) entry.getValue()).intValue());
                }
            } else if (CLIENT_OUT_OF_BAND_TELEMETRY_ENABLED.equalsIgnoreCase(entry.getKey())) {
                if (((Boolean) entry.getValue()).booleanValue()) {
                    TelemetryService.enable();
                } else {
                    TelemetryService.disable();
                }
            } else if (CLIENT_VALIDATE_DEFAULT_PARAMETERS.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setValidateDefaultParameters(SFLoginInput.getBooleanValue(entry.getValue()));
                }
            } else if (ENABLE_STAGE_S3_PRIVATELINK_FOR_US_EAST_1.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setUseRegionalS3EndpointsForPresignedURL(SFLoginInput.getBooleanValue(entry.getValue()));
                }
            } else if (QUERY_CONTEXT_CACHE_SIZE.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setQueryContextCacheSize(((Integer) entry.getValue()).intValue());
                }
            } else if (JDBC_ENABLE_PUT_GET.equalsIgnoreCase(entry.getKey())) {
                if (sFBaseSession != null) {
                    sFBaseSession.setJdbcEnablePutGet(SFLoginInput.getBooleanValue(entry.getValue()));
                }
            } else if (sFBaseSession != null) {
                sFBaseSession.setOtherParameter(entry.getKey(), entry.getValue());
            }
        }
    }

    public static void resetOCSPUrlIfNecessary(String str) throws IOException {
        if (str.indexOf(".privatelink.snowflakecomputing.com") > 0) {
            String host = new URL(str).getHost();
            logger.debug("HOST: {}", host);
            String format = String.format("http://ocsp.%s/%s", host, "ocsp_response_cache.json");
            logger.debug("OCSP Cache Server for Privatelink: {}", format);
            SFTrustManager.resetOCSPResponseCacherServerURL(format);
        }
    }

    public static String generateJWTToken(PrivateKey privateKey, String str, String str2, String str3, String str4) throws SFException {
        return new SessionUtilKeyPair(privateKey, str, str2, str3, str4).issueJwtToken();
    }

    public static boolean isNewRetryStrategyRequest(HttpRequestBase httpRequestBase) {
        String path = httpRequestBase.getURI().getPath();
        if (path != null) {
            return path.equals(SF_PATH_LOGIN_REQUEST) || path.equals(SF_PATH_AUTHENTICATOR_REQUEST) || path.equals(SF_PATH_TOKEN_REQUEST);
        }
        return false;
    }
}
