package com.amazon.athena.jdbc.authentication;

import com.amazon.athena.jdbc.configuration.ConnectionParameter;
import com.amazon.athena.jdbc.configuration.ConnectionParameters;
import com.amazon.athena.jdbc.support.AuthenticationException;
import com.amazon.athena.logging.AthenaLogger;
import io.netty.handler.codec.http.multipart.DiskFileUpload;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
import java.nio.file.attribute.FileAttribute;
import java.util.ArrayList;
import java.util.Map;
import java.util.Optional;
import java.util.function.Supplier;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import software.amazon.awssdk.auth.credentials.AwsCredentials;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.lakeformation.LakeFormationClientBuilder;
import software.amazon.awssdk.services.lakeformation.model.AssumeDecoratedRoleWithSamlRequest;
import software.amazon.awssdk.services.sts.StsClientBuilder;
import software.amazon.awssdk.services.sts.model.AssumeRoleWithSamlRequest;
import software.amazon.awssdk.utils.IoUtils;

/* loaded from: input_file:com/amazon/athena/jdbc/authentication/AdfsCredentialsProvider.class */
public class AdfsCredentialsProvider extends SamlCredentialsProvider {
    private static final String URI_TEMPLATE = "https://%s:%s//adfs/ls/IdpInitiatedSignOn.aspx?loginToRp=%s";
    private static final String FORM_ACTION_URI_TEMPLATE = "https://%s:%s%s";
    private final String username;
    private final String password;
    private final String hostName;
    private final Integer portNumber;
    private final String relyingParty;
    private final Boolean wiaEnabled;
    private final String osName;
    private final ProcessBuilder processBuilder;
    private final ClassLoader classLoader;
    private final IoExceptionThrowingConsumer<Path> filesDeleter;
    private final Optional<Boolean> useProxyForIdp;
    private final Optional<String> proxyHost;
    private final Optional<Integer> proxyPort;
    private final Optional<String> proxyUsername;
    private final Optional<String> proxyPassword;
    private final Supplier<CloseableHttpClient> httpClientFactory;
    private static final AthenaLogger logger = AthenaLogger.of(AdfsCredentialsProvider.class);
    private static final Pattern FORM_ACTION_PATTERN = Pattern.compile("<form.*?action=\"([^\"]+)\"");
    private static final Pattern SAML_ASSERTION_PATTERN = Pattern.compile("SAMLResponse\\W+value=\"([^\"]+)\"");

    /* loaded from: input_file:com/amazon/athena/jdbc/authentication/AdfsCredentialsProvider$Builder.class */
    public static class Builder {
        private String username;
        private String password;
        private String hostName;
        private String relyingParty;
        private boolean wiaEnabled;
        private String osName;
        private ProcessBuilder processBuilder;
        private ClassLoader classLoader;
        private IoExceptionThrowingConsumer<Path> filesDeleter;
        private Integer portNumber;
        private String preferredRole;
        private Integer roleSessionDuration;
        private Region region;
        private boolean lakeFormationEnabled;
        private Supplier<CloseableHttpClient> httpClientFactory;
        private AssumeRoleWithSamlRequest.Builder assumeRoleWithSamlRequestFactory;
        private AssumeDecoratedRoleWithSamlRequest.Builder assumeDecoratedRoleWithSamlRequestFactory;
        private StsClientBuilder stsClientFactory;
        private LakeFormationClientBuilder lakeFormationClientFactory;
        private Map<ConnectionParameter<?>, String> parameters;

        public Builder username(String str) {
            this.username = str;
            return this;
        }

        public Builder password(String str) {
            this.password = str;
            return this;
        }

        public Builder hostName(String str) {
            this.hostName = str;
            return this;
        }

        public Builder relyingParty(String str) {
            this.relyingParty = str;
            return this;
        }

        public Builder wiaEnabled(boolean z) {
            this.wiaEnabled = z;
            return this;
        }

        public Builder osName(String str) {
            this.osName = str;
            return this;
        }

        Builder processBuilder(ProcessBuilder processBuilder) {
            this.processBuilder = processBuilder;
            return this;
        }

        Builder classLoader(ClassLoader classLoader) {
            this.classLoader = classLoader;
            return this;
        }

        Builder filesDeleter(IoExceptionThrowingConsumer<Path> ioExceptionThrowingConsumer) {
            this.filesDeleter = ioExceptionThrowingConsumer;
            return this;
        }

        public Builder portNumber(Integer num) {
            this.portNumber = num;
            return this;
        }

        public Builder preferredRole(String str) {
            this.preferredRole = str;
            return this;
        }

        public Builder roleSessionDuration(Integer num) {
            this.roleSessionDuration = num;
            return this;
        }

        public Builder region(Region region) {
            this.region = region;
            return this;
        }

        public Builder lakeFormationEnabled(boolean z) {
            this.lakeFormationEnabled = z;
            return this;
        }

        Builder httpClientFactory(Supplier<CloseableHttpClient> supplier) {
            this.httpClientFactory = supplier;
            return this;
        }

        Builder assumeRoleWithSamlRequestFactory(AssumeRoleWithSamlRequest.Builder builder) {
            this.assumeRoleWithSamlRequestFactory = builder;
            return this;
        }

        Builder assumeDecoratedRoleWithSamlRequestFactory(AssumeDecoratedRoleWithSamlRequest.Builder builder) {
            this.assumeDecoratedRoleWithSamlRequestFactory = builder;
            return this;
        }

        Builder stsClientBuilder(StsClientBuilder stsClientBuilder) {
            this.stsClientFactory = stsClientBuilder;
            return this;
        }

        Builder lakeFormationClientBuilder(LakeFormationClientBuilder lakeFormationClientBuilder) {
            this.lakeFormationClientFactory = lakeFormationClientBuilder;
            return this;
        }

        public Builder connectionParameters(Map<ConnectionParameter<?>, String> map) {
            this.parameters = map;
            return this;
        }

        public AdfsCredentialsProvider build() {
            return new AdfsCredentialsProvider(this.username, this.password, this.hostName, this.portNumber, this.relyingParty, this.wiaEnabled, this.osName, this.processBuilder, this.classLoader, this.filesDeleter, this.preferredRole, this.roleSessionDuration, this.region, this.httpClientFactory, this.assumeRoleWithSamlRequestFactory, this.stsClientFactory, this.assumeDecoratedRoleWithSamlRequestFactory, this.lakeFormationClientFactory, this.lakeFormationEnabled, this.parameters);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @FunctionalInterface
    /* loaded from: input_file:com/amazon/athena/jdbc/authentication/AdfsCredentialsProvider$IoExceptionThrowingConsumer.class */
    public interface IoExceptionThrowingConsumer<T> {
        void accept(T t) throws IOException;
    }

    /* loaded from: input_file:com/amazon/athena/jdbc/authentication/AdfsCredentialsProvider$WindowsIntegratedAuthenticationController.class */
    static class WindowsIntegratedAuthenticationController {
        private final String hostName;
        private final Integer portNumber;
        private final Optional<String> proxyHost;
        private final Optional<Integer> proxyPort;
        private final Optional<String> proxyUsername;
        private final Optional<String> proxyPassword;
        private final Optional<Boolean> useProxyForIdp;
        private final ProcessBuilder processBuilder;
        private final ClassLoader classLoader;
        private final IoExceptionThrowingConsumer<Path> filesDeleter;

        public WindowsIntegratedAuthenticationController(String str, Integer num, Optional<String> optional, Optional<Integer> optional2, Optional<String> optional3, Optional<String> optional4, Optional<Boolean> optional5, String str2, ProcessBuilder processBuilder, ClassLoader classLoader, IoExceptionThrowingConsumer<Path> ioExceptionThrowingConsumer) {
            this.hostName = str;
            this.portNumber = num;
            this.proxyHost = optional;
            this.proxyPort = optional2;
            this.proxyUsername = optional3;
            this.proxyPassword = optional4;
            this.useProxyForIdp = optional5;
            this.processBuilder = processBuilder;
            this.classLoader = classLoader;
            this.filesDeleter = ioExceptionThrowingConsumer;
            if (!str2.toLowerCase().contains("windows")) {
                throw new AuthenticationException("Windows integrated AD FS authentication is only supported on Windows platforms.");
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String authenticate() {
            Path extractAuthenticationExecutable = extractAuthenticationExecutable(this.classLoader, "adfs.exe");
            try {
                try {
                    String[] strArr = (this.useProxyForIdp.isPresent() && this.useProxyForIdp.get().booleanValue() && this.proxyHost.isPresent() && this.proxyPort.isPresent()) ? new String[]{extractAuthenticationExecutable.toString(), this.hostName, String.valueOf(this.portNumber), this.proxyUsername.orElse(""), this.proxyPassword.orElse("")} : new String[]{extractAuthenticationExecutable.toString(), this.hostName, String.valueOf(this.portNumber)};
                    this.processBuilder.command(strArr);
                    this.processBuilder.redirectErrorStream(true);
                    AdfsCredentialsProvider.logger.info("Start the AD FS executable with the parameters {}", sanitizeCommand(strArr));
                    Process start = this.processBuilder.start();
                    String utf8String = IoUtils.toUtf8String(start.getInputStream());
                    int waitFor = start.waitFor();
                    if (waitFor != 0) {
                        throw new AuthenticationException("AD FS process returned incorrect code: " + waitFor);
                    }
                    try {
                        this.filesDeleter.accept(extractAuthenticationExecutable);
                        AdfsCredentialsProvider.logger.info("Deleted the temporary file \"{}\"", extractAuthenticationExecutable.toString());
                        return utf8String;
                    } catch (IOException e) {
                        throw new AuthenticationException("Failed to delete AD FS authentication executable.", e);
                    }
                } catch (IOException | InterruptedException e2) {
                    Thread.currentThread().interrupt();
                    throw new AuthenticationException("Failed to execute AD FS command.", e2);
                }
            } catch (Throwable th) {
                try {
                    this.filesDeleter.accept(extractAuthenticationExecutable);
                    AdfsCredentialsProvider.logger.info("Deleted the temporary file \"{}\"", extractAuthenticationExecutable.toString());
                    throw th;
                } catch (IOException e3) {
                    throw new AuthenticationException("Failed to delete AD FS authentication executable.", e3);
                }
            }
        }

        private String sanitizeCommand(String[] strArr) {
            return strArr.length == 3 ? String.join(" ", strArr) : String.join(" ", strArr[0], strArr[1], strArr[2], strArr[3], "<sanitized-password>");
        }

        private Path extractAuthenticationExecutable(ClassLoader classLoader, String str) {
            try {
                InputStream resourceAsStream = classLoader.getResourceAsStream(str);
                Path createTempFile = Files.createTempFile("adfs", DiskFileUpload.postfix, new FileAttribute[0]);
                Files.copy(resourceAsStream, createTempFile, StandardCopyOption.REPLACE_EXISTING);
                return Paths.get(createTempFile.toString(), new String[0]);
            } catch (IOException e) {
                AdfsCredentialsProvider.logger.warn("Failed to extract AD FS authentication executable \"{}\"", str);
                throw new AuthenticationException("Failed to extract AD FS authentication executable.", e);
            }
        }
    }

    private AdfsCredentialsProvider(String str, String str2, String str3, Integer num, String str4, boolean z, String str5, ProcessBuilder processBuilder, ClassLoader classLoader, IoExceptionThrowingConsumer<Path> ioExceptionThrowingConsumer, String str6, Integer num2, Region region, Supplier<CloseableHttpClient> supplier, AssumeRoleWithSamlRequest.Builder builder, StsClientBuilder stsClientBuilder, AssumeDecoratedRoleWithSamlRequest.Builder builder2, LakeFormationClientBuilder lakeFormationClientBuilder, boolean z2, Map<ConnectionParameter<?>, String> map) {
        super(builder, builder2, stsClientBuilder, lakeFormationClientBuilder, null, null, str6, num2, region, z2, map);
        this.username = str;
        this.password = str2;
        this.hostName = str3;
        this.portNumber = num;
        this.relyingParty = str4;
        this.wiaEnabled = Boolean.valueOf(z);
        this.osName = str5 == null ? System.getProperty("os.name") : str5;
        this.processBuilder = processBuilder == null ? new ProcessBuilder(new String[0]) : processBuilder;
        this.classLoader = classLoader == null ? AdfsCredentialsProvider.class.getClassLoader() : classLoader;
        this.filesDeleter = ioExceptionThrowingConsumer == null ? Files::delete : ioExceptionThrowingConsumer;
        this.useProxyForIdp = ConnectionParameters.PROXY_ENABLED_FOR_IDP_PARAMETER.findValue(map);
        this.proxyHost = ConnectionParameters.PROXY_HOST_PARAMETER.findValue(map);
        this.proxyPort = ConnectionParameters.PROXY_PORT_PARAMETER.findValue(map);
        this.proxyUsername = ConnectionParameters.PROXY_USERNAME_PARAMETER.findValue(map);
        this.proxyPassword = ConnectionParameters.PROXY_PASSWORD_PARAMETER.findValue(map);
        this.httpClientFactory = supplier == null ? () -> {
            return IdpCredentialsProvider.createHttpClient(map);
        } : supplier;
    }

    public static Builder builder() {
        return new Builder();
    }

    @Override // com.amazon.athena.jdbc.authentication.SamlCredentialsProvider
    protected String getSamlAssertion() {
        if (this.wiaEnabled.booleanValue()) {
            logger.info("Using Windows integrated AD FS authentication as it is enabled.", new Object[0]);
            return new WindowsIntegratedAuthenticationController(this.hostName, this.portNumber, this.proxyHost, this.proxyPort, this.proxyUsername, this.proxyPassword, this.useProxyForIdp, this.osName, this.processBuilder, this.classLoader, this.filesDeleter).authenticate();
        }
        logger.info("Using form-based AD FS authentication as Windows integrated authentication is not enabled.", new Object[0]);
        return formBasedAuthentication();
    }

    private String formBasedAuthentication() {
        if (this.username == null || this.password == null) {
            throw new AuthenticationException("Both username and password must be provided to use AD FS form based authentication");
        }
        URI constructAdfsEndpoint = constructAdfsEndpoint();
        logger.info("Making a request to get the form action from the AD FS URI: {}", constructAdfsEndpoint);
        String formAction = getFormAction(getHttpResponse(new HttpGet(constructAdfsEndpoint)));
        if (formAction != null && formAction.startsWith("/")) {
            constructAdfsEndpoint = constructFormActionEndpoint(formAction);
        }
        logger.info("Making a request to get SAML assertion from the form action URI: {}", constructAdfsEndpoint);
        return fetchSamlAssertion(createSamlRequest(constructAdfsEndpoint));
    }

    private URI constructAdfsEndpoint() {
        try {
            return new URI(String.format(URI_TEMPLATE, this.hostName, this.portNumber, this.relyingParty));
        } catch (URISyntaxException e) {
            throw new IllegalArgumentException(String.format("Could not construct a valid AD FS endpoint URL from the provided host (\"%s\"), port (\"%s\"), and relying party (\"%s\")", this.hostName, this.portNumber, this.relyingParty), e);
        }
    }

    private URI constructFormActionEndpoint(String str) {
        try {
            return new URI(String.format(FORM_ACTION_URI_TEMPLATE, this.hostName, this.portNumber, str));
        } catch (URISyntaxException e) {
            throw new IllegalArgumentException(String.format("Could not construct a valid AD FS form action endpoint URL from the provided host (\"%s\"), port (\"%s\"), and form action (\"%s\")", this.hostName, this.portNumber, str), e);
        }
    }

    /* JADX WARN: Failed to calculate best type for var: r7v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r8v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 7, insn: 0x00ae: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r7 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:54:0x00ae */
    /* JADX WARN: Not initialized variable reg: 8, insn: 0x00b2: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r8 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:56:0x00b2 */
    /* JADX WARN: Type inference failed for: r7v0, types: [org.apache.http.impl.client.CloseableHttpClient] */
    /* JADX WARN: Type inference failed for: r8v0, types: [java.lang.Throwable] */
    private String getHttpResponse(HttpGet httpGet) {
        try {
            try {
                CloseableHttpClient closeableHttpClient = this.httpClientFactory.get();
                Throwable th = null;
                CloseableHttpResponse execute = closeableHttpClient.execute((HttpUriRequest) httpGet);
                Throwable th2 = null;
                try {
                    try {
                        validateHttpResponse(execute);
                        String extractResponseBody = extractResponseBody(execute);
                        if (execute != null) {
                            if (0 != 0) {
                                try {
                                    execute.close();
                                } catch (Throwable th3) {
                                    th2.addSuppressed(th3);
                                }
                            } else {
                                execute.close();
                            }
                        }
                        if (closeableHttpClient != null) {
                            if (0 != 0) {
                                try {
                                    closeableHttpClient.close();
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                }
                            } else {
                                closeableHttpClient.close();
                            }
                        }
                        return extractResponseBody;
                    } finally {
                    }
                } catch (Throwable th5) {
                    if (execute != null) {
                        if (th2 != null) {
                            try {
                                execute.close();
                            } catch (Throwable th6) {
                                th2.addSuppressed(th6);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    throw th5;
                }
            } finally {
            }
        } catch (IOException e) {
            throw new AuthenticationException("Unable to obtain the form action from AD FS", e);
        }
    }

    private HttpPost createSamlRequest(URI uri) {
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(new BasicNameValuePair("username", this.username));
        arrayList.add(new BasicNameValuePair("password", this.password));
        HttpPost httpPost = new HttpPost(uri);
        httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded");
        httpPost.setEntity(new UrlEncodedFormEntity(arrayList, StandardCharsets.UTF_8));
        return httpPost;
    }

    /* JADX WARN: Failed to calculate best type for var: r7v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r8v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 7, insn: 0x00b6: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r7 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:53:0x00b6 */
    /* JADX WARN: Not initialized variable reg: 8, insn: 0x00ba: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r8 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:55:0x00ba */
    /* JADX WARN: Type inference failed for: r7v0, types: [org.apache.http.impl.client.CloseableHttpClient] */
    /* JADX WARN: Type inference failed for: r8v0, types: [java.lang.Throwable] */
    private String fetchSamlAssertion(HttpPost httpPost) {
        try {
            try {
                CloseableHttpClient closeableHttpClient = this.httpClientFactory.get();
                Throwable th = null;
                CloseableHttpResponse execute = closeableHttpClient.execute((HttpUriRequest) httpPost);
                Throwable th2 = null;
                try {
                    validateHttpResponse(execute);
                    String extractSamlAssertion = extractSamlAssertion(extractResponseBody(execute));
                    if (execute != null) {
                        if (0 != 0) {
                            try {
                                execute.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    if (closeableHttpClient != null) {
                        if (0 != 0) {
                            try {
                                closeableHttpClient.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            closeableHttpClient.close();
                        }
                    }
                    return extractSamlAssertion;
                } catch (Throwable th5) {
                    if (execute != null) {
                        if (0 != 0) {
                            try {
                                execute.close();
                            } catch (Throwable th6) {
                                th2.addSuppressed(th6);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    throw th5;
                }
            } finally {
            }
        } catch (IOException e) {
            throw new AuthenticationException("Unable to obtain the SAML Assertion from AD FS", e);
        }
    }

    private void validateHttpResponse(CloseableHttpResponse closeableHttpResponse) {
        if (closeableHttpResponse.getStatusLine().getStatusCode() != 200) {
            throw new AuthenticationException(String.format("Unexpected error from AD FS (HTTP response status code %s)", Integer.valueOf(closeableHttpResponse.getStatusLine().getStatusCode())));
        }
    }

    private String extractResponseBody(CloseableHttpResponse closeableHttpResponse) {
        try {
            return EntityUtils.toString(closeableHttpResponse.getEntity());
        } catch (IOException e) {
            throw new AuthenticationException("An error occurred while processing the response from AD FS", e);
        }
    }

    private String extractSamlAssertion(String str) {
        Matcher matcher = SAML_ASSERTION_PATTERN.matcher(str);
        if (matcher.find()) {
            return matcher.group(1);
        }
        throw new AuthenticationException("Unable to extract the SAMLResponse field from the response body");
    }

    private String getFormAction(String str) {
        Matcher matcher = FORM_ACTION_PATTERN.matcher(str);
        if (matcher.find()) {
            return decodeHtmlCharacterReferences(matcher.group(1));
        }
        return null;
    }

    @Override // com.amazon.athena.jdbc.authentication.SamlCredentialsProvider, software.amazon.awssdk.auth.credentials.AwsCredentialsProvider
    public /* bridge */ /* synthetic */ AwsCredentials resolveCredentials() {
        return super.resolveCredentials();
    }
}
