package app.ztash.secretsmanager;

import app.ztash.secretsmanager.core.SecretsManagerConnection;
import app.ztash.secretsmanager.core.SecretsManagerContext;
import app.ztash.secretsmanager.core.SecretsManagerInitializer;
import app.ztash.secretsmanager.domain.CreateSecretRequest;
import app.ztash.secretsmanager.domain.CreateSecretResponse;
import app.ztash.secretsmanager.domain.DeleteSecretRequest;
import app.ztash.secretsmanager.domain.DeleteSecretResponse;
import app.ztash.secretsmanager.domain.DescribeSecretRequest;
import app.ztash.secretsmanager.domain.DescribeSecretResponse;
import app.ztash.secretsmanager.domain.GetSecretValueRequest;
import app.ztash.secretsmanager.domain.GetSecretValueResponse;
import app.ztash.secretsmanager.domain.ListSecretsResponse;
import app.ztash.secretsmanager.domain.ModifySecretRequest;
import app.ztash.secretsmanager.domain.ModifySecretResponse;
import app.ztash.secretsmanager.domain.Secret;
import app.ztash.secretsmanager.domain.UpdateSecretRequest;
import app.ztash.secretsmanager.domain.UpdateSecretResponse;
import app.ztash.secretsmanager.utils.SecretManagerCipherUtil;
import app.ztash.secretsmanager.utils.SecretsManagerException;
import app.ztash.secretsmanager.utils.SecretsManagerUtil;
import jakarta.validation.Validation;
import jakarta.validation.Validator;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;
import java.util.stream.Collectors;
import lombok.Generated;
import org.ldaptive.AddRequest;
import org.ldaptive.AttributeModification;
import org.ldaptive.DeleteRequest;
import org.ldaptive.LdapAttribute;
import org.ldaptive.ModifyRequest;
import org.ldaptive.SearchRequest;
import org.ldaptive.SearchResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:app/ztash/secretsmanager/SecretsManagerClient.class */
public class SecretsManagerClient {
    private static SecretsManagerContext secretsManagerContext;
    private final String CIPHER_PHRASE;

    @Generated
    private static final Logger log = LoggerFactory.getLogger(SecretsManagerClient.class);
    private static SecretsManagerClient secretsManagerClient = null;
    private static final Validator validator = Validation.buildDefaultValidatorFactory().getValidator();

    private SecretsManagerClient(String str, String str2, String str3, boolean z) throws SecretsManagerException {
        this.CIPHER_PHRASE = str3;
        if (z) {
            secretsManagerContext = new SecretsManagerInitializer(str, str2, str3, true).getContext();
        } else {
            secretsManagerContext = new SecretsManagerInitializer(str, str, str3).getContext();
        }
    }

    public static synchronized SecretsManagerClient init(String str, String str2, String str3) throws SecretsManagerException {
        if (secretsManagerClient == null) {
            secretsManagerClient = new SecretsManagerClient(str, str2, str3, false);
        }
        return secretsManagerClient;
    }

    public static synchronized SecretsManagerClient boot(String str, String str2, String str3) throws SecretsManagerException {
        if (secretsManagerClient == null) {
            secretsManagerClient = new SecretsManagerClient(str, str2, str3, true);
        }
        return secretsManagerClient;
    }

    public CreateSecretResponse createSecret(CreateSecretRequest createSecretRequest) throws SecretsManagerException {
        if (createSecretRequest == null) {
            throw new SecretsManagerException("Unable to create secrets for the current request");
        }
        String str = (String) validator.validate(createSecretRequest, new Class[0]).stream().map((v0) -> {
            return v0.getMessage();
        }).findAny().orElse(null);
        if (str != null) {
            throw new SecretsManagerException(String.format("Unable to create secret : %s", str));
        }
        SecretsManagerConnection secretsManagerConnection = SecretsManagerConnection.getInstance(secretsManagerContext);
        try {
            try {
                String encrypt = SecretManagerCipherUtil.encrypt(createSecretRequest.getSecret(), this.CIPHER_PHRASE);
                secretsManagerConnection.open();
                String str2 = "zsn:" + UUID.randomUUID();
                if (encrypt == null) {
                    throw new SecretsManagerException("Unable to create secret : secret encryption failed");
                }
                if (secretsManagerConnection.addSecret((AddRequest) AddRequest.builder().dn(new SecretsManagerUtil.ZecretId(str2, secretsManagerContext.getSecretRepositoryCredentials()).id()).attributes(new LdapAttribute[]{new SecretsManagerUtil.ZecretType(), new SecretsManagerUtil.ZecretName(createSecretRequest.getName()), new SecretsManagerUtil.ZecretDescription(createSecretRequest.getDescription()), new SecretsManagerUtil.ZecretValue(encrypt)}).build()).isSuccess()) {
                    return CreateSecretResponse.builder().zsn(str2).build();
                }
                throw new SecretsManagerException(String.format("Unable to create secrets for request : %s", createSecretRequest));
            } catch (Exception e) {
                throw new SecretsManagerException(String.format("Unable to create secret %s", e.getMessage()));
            }
        } finally {
            secretsManagerConnection.close();
        }
    }

    public GetSecretValueResponse getSecretValue(GetSecretValueRequest getSecretValueRequest) throws SecretsManagerException {
        if (getSecretValueRequest == null) {
            throw new SecretsManagerException("Unable to get secrets for the current request");
        }
        String str = (String) validator.validate(getSecretValueRequest, new Class[0]).stream().map((v0) -> {
            return v0.getMessage();
        }).findAny().orElse(null);
        if (str != null) {
            throw new SecretsManagerException(String.format("Unable to get secret : %s", str));
        }
        SecretsManagerConnection secretsManagerConnection = SecretsManagerConnection.getInstance(secretsManagerContext);
        try {
            try {
                secretsManagerConnection.open();
                SearchRequest searchRequest = new SearchRequest();
                searchRequest.setBaseDn(new SecretsManagerUtil.ZecretId(getSecretValueRequest.getZsn(), secretsManagerContext.getSecretRepositoryCredentials()).id());
                searchRequest.setFilter(SecretsManagerUtil.ZecretType.filter());
                searchRequest.setReturnAttributes(new String[]{SecretsManagerUtil.ZecretId.type(), SecretsManagerUtil.ZecretValue.type()});
                SearchResponse searchSecret = secretsManagerConnection.searchSecret(searchRequest);
                if (!searchSecret.isSuccess()) {
                    throw new SecretsManagerException("Unable to get secret value");
                }
                Secret findOne = new SecretsManagerUtil.ZecretParser(searchSecret).findOne();
                if (findOne == null) {
                    throw new SecretsManagerException(String.format("Secret not found for zsn %s", getSecretValueRequest.getZsn()));
                }
                String decrypt = SecretManagerCipherUtil.decrypt(findOne.getValue(), this.CIPHER_PHRASE);
                secretsManagerConnection.close();
                return GetSecretValueResponse.builder().zsn(findOne.getZsn()).secret(decrypt).build();
            } catch (Exception e) {
                throw new SecretsManagerException(String.format("Unable to get secret : %s", e.getMessage()));
            }
        } catch (Throwable th) {
            secretsManagerConnection.close();
            throw th;
        }
    }

    public ListSecretsResponse listSecrets() throws SecretsManagerException {
        SecretsManagerConnection secretsManagerConnection = SecretsManagerConnection.getInstance(secretsManagerContext);
        try {
            secretsManagerConnection.open();
            SearchRequest searchRequest = new SearchRequest();
            searchRequest.setBaseDn(SecretsManagerUtil.secretRepoDn(secretsManagerContext.getSecretRepositoryCredentials()));
            searchRequest.setFilter(SecretsManagerUtil.ZecretType.filter());
            searchRequest.setReturnAttributes(new String[]{SecretsManagerUtil.ZecretId.type(), SecretsManagerUtil.ZecretName.type()});
            SearchResponse searchSecret = secretsManagerConnection.searchSecret(searchRequest);
            if (!searchSecret.isSuccess()) {
                throw new SecretsManagerException("Unable to list secrets");
            }
            if (!searchSecret.isSuccess()) {
                throw new SecretsManagerException("Unable to list secrets, secrets not found for this application");
            }
            List<ListSecretsResponse.ListSecretEntry> list = (List) new SecretsManagerUtil.ZecretParser(searchSecret).find().stream().map(secret -> {
                return ListSecretsResponse.ListSecretEntry.builder().zsn(secret.getZsn()).name(secret.getName()).build();
            }).collect(Collectors.toList());
            secretsManagerConnection.close();
            return ListSecretsResponse.builder().zsns(list).build();
        } catch (Throwable th) {
            secretsManagerConnection.close();
            throw th;
        }
    }

    public DescribeSecretResponse describeSecret(DescribeSecretRequest describeSecretRequest) throws SecretsManagerException {
        if (describeSecretRequest == null) {
            throw new SecretsManagerException("Unable to describe secret for the current request");
        }
        String str = (String) validator.validate(describeSecretRequest, new Class[0]).stream().map((v0) -> {
            return v0.getMessage();
        }).findAny().orElse(null);
        if (str != null) {
            throw new SecretsManagerException(String.format("Unable to describe secret : %s", str));
        }
        SecretsManagerConnection secretsManagerConnection = SecretsManagerConnection.getInstance(secretsManagerContext);
        try {
            secretsManagerConnection.open();
            SearchRequest searchRequest = new SearchRequest();
            searchRequest.setBaseDn(new SecretsManagerUtil.ZecretId(describeSecretRequest.getZsn(), secretsManagerContext.getSecretRepositoryCredentials()).id());
            searchRequest.setFilter(SecretsManagerUtil.ZecretType.filter());
            searchRequest.setReturnAttributes(new String[]{SecretsManagerUtil.ZecretId.type(), SecretsManagerUtil.ZecretName.type(), SecretsManagerUtil.ZecretDescription.type(), SecretsManagerUtil.ZecretValue.type()});
            SearchResponse searchSecret = secretsManagerConnection.searchSecret(searchRequest);
            if (!searchSecret.isSuccess()) {
                throw new SecretsManagerException(String.format("Unable to describe secret, secret with zsn %s not found or invalid", describeSecretRequest.getZsn()));
            }
            Secret findOne = new SecretsManagerUtil.ZecretParser(searchSecret).findOne();
            if (findOne == null) {
                throw new SecretsManagerException(String.format("Secret not found with zsn %s", describeSecretRequest.getZsn()));
            }
            return DescribeSecretResponse.builder().zsn(findOne.getZsn()).name(findOne.getName()).secret(findOne.getValue()).description(findOne.getDescription()).build();
        } finally {
            secretsManagerConnection.close();
        }
    }

    public ModifySecretResponse modifySecret(ModifySecretRequest modifySecretRequest) throws SecretsManagerException {
        if (modifySecretRequest == null) {
            throw new SecretsManagerException("Unable to modify secret for the current request");
        }
        String str = (String) validator.validate(modifySecretRequest, new Class[0]).stream().map((v0) -> {
            return v0.getMessage();
        }).findAny().orElse(null);
        if (str != null) {
            throw new SecretsManagerException(String.format("Unable to modify secret : %s", str));
        }
        SecretsManagerConnection secretsManagerConnection = SecretsManagerConnection.getInstance(secretsManagerContext);
        try {
            secretsManagerConnection.open();
            ModifyRequest.Builder dn = ModifyRequest.builder().dn(new SecretsManagerUtil.ZecretId(modifySecretRequest.getZsn(), secretsManagerContext.getSecretRepositoryCredentials()).id());
            ArrayList arrayList = new ArrayList();
            if (modifySecretRequest.getDescription() != null) {
                arrayList.add(new AttributeModification(AttributeModification.Type.REPLACE, new SecretsManagerUtil.ZecretDescription(modifySecretRequest.getDescription())));
            }
            if (modifySecretRequest.getName() != null) {
                arrayList.add(new AttributeModification(AttributeModification.Type.REPLACE, new SecretsManagerUtil.ZecretName(modifySecretRequest.getName())));
            }
            if (arrayList.isEmpty()) {
                throw new SecretsManagerException("Nothing to modify");
            }
            dn.modificiations(arrayList);
            if (!secretsManagerConnection.updateSecret((ModifyRequest) dn.build()).isSuccess()) {
                throw new SecretsManagerException(String.format("Unable to modify secret, secret with zsn %s not found or invalid", modifySecretRequest.getZsn()));
            }
            log.info("Secret with zsn {} successfully modified", modifySecretRequest.getZsn());
            return ModifySecretResponse.builder().zsn(modifySecretRequest.getZsn()).build();
        } finally {
            secretsManagerConnection.close();
        }
    }

    public UpdateSecretResponse updateSecret(UpdateSecretRequest updateSecretRequest) throws SecretsManagerException {
        if (updateSecretRequest == null) {
            throw new SecretsManagerException("Unable to update secret for the current request");
        }
        String str = (String) validator.validate(updateSecretRequest, new Class[0]).stream().map((v0) -> {
            return v0.getMessage();
        }).findAny().orElse(null);
        if (str != null) {
            throw new SecretsManagerException(String.format("Unable to update secret : %s", str));
        }
        SecretsManagerConnection secretsManagerConnection = SecretsManagerConnection.getInstance(secretsManagerContext);
        try {
            try {
                String encrypt = SecretManagerCipherUtil.encrypt(updateSecretRequest.getSecret(), this.CIPHER_PHRASE);
                secretsManagerConnection.open();
                ModifyRequest.Builder dn = ModifyRequest.builder().dn(new SecretsManagerUtil.ZecretId(updateSecretRequest.getZsn(), secretsManagerContext.getSecretRepositoryCredentials()).id());
                ArrayList arrayList = new ArrayList();
                if (updateSecretRequest.getSecret() != null) {
                    arrayList.add(new AttributeModification(AttributeModification.Type.REPLACE, new SecretsManagerUtil.ZecretValue(encrypt)));
                }
                if (arrayList.isEmpty()) {
                    throw new SecretsManagerException("Nothing to update");
                }
                dn.modificiations(arrayList);
                if (!secretsManagerConnection.updateSecret((ModifyRequest) dn.build()).isSuccess()) {
                    throw new SecretsManagerException(String.format("Unable to update secret, secret with zsn %s not found or invalid", updateSecretRequest.getZsn()));
                }
                log.info("Secret with zsn {} successfully updated", updateSecretRequest.getZsn());
                return UpdateSecretResponse.builder().zsn(updateSecretRequest.getZsn()).build();
            } catch (Exception e) {
                throw new SecretsManagerException(String.format("Unable to update secret : %s", e.getMessage()));
            }
        } finally {
            secretsManagerConnection.close();
        }
    }

    public DeleteSecretResponse deleteSecret(DeleteSecretRequest deleteSecretRequest) throws SecretsManagerException {
        if (deleteSecretRequest == null) {
            throw new SecretsManagerException("Unable to delete secret for the current request");
        }
        String str = (String) validator.validate(deleteSecretRequest, new Class[0]).stream().map((v0) -> {
            return v0.getMessage();
        }).findAny().orElse(null);
        if (str != null) {
            throw new SecretsManagerException(String.format("Unable to delete secret : %s", str));
        }
        SecretsManagerConnection secretsManagerConnection = SecretsManagerConnection.getInstance(secretsManagerContext);
        try {
            secretsManagerConnection.open();
            if (!secretsManagerConnection.deleteSecret((DeleteRequest) DeleteRequest.builder().dn(new SecretsManagerUtil.ZecretId(deleteSecretRequest.getZsn(), secretsManagerContext.getSecretRepositoryCredentials()).id()).build()).isSuccess()) {
                throw new SecretsManagerException(String.format("Unable to delete  value, secret with zsn %s not found or invalid", deleteSecretRequest.getZsn()));
            }
            log.info("Secret with zsn {} successfully deleted", deleteSecretRequest.getZsn());
            secretsManagerConnection.close();
            return DeleteSecretResponse.builder().zsn(deleteSecretRequest.getZsn()).build();
        } catch (Throwable th) {
            secretsManagerConnection.close();
            throw th;
        }
    }
}
