package co.com.bancolombia.secretsmanager.connector;

import co.com.bancolombia.secretsmanager.api.GenericManagerAsync;
import co.com.bancolombia.secretsmanager.api.exceptions.SecretException;
import co.com.bancolombia.secretsmanager.config.AWSParameterStoreConfig;
import com.github.benmanes.caffeine.cache.AsyncCache;
import com.github.benmanes.caffeine.cache.Caffeine;
import java.net.URI;
import java.util.concurrent.TimeUnit;
import java.util.logging.Logger;
import reactor.core.publisher.Mono;
import software.amazon.awssdk.auth.credentials.AwsCredentialsProviderChain;
import software.amazon.awssdk.auth.credentials.ContainerCredentialsProvider;
import software.amazon.awssdk.auth.credentials.EnvironmentVariableCredentialsProvider;
import software.amazon.awssdk.auth.credentials.InstanceProfileCredentialsProvider;
import software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider;
import software.amazon.awssdk.auth.credentials.SystemPropertyCredentialsProvider;
import software.amazon.awssdk.auth.credentials.WebIdentityTokenFileCredentialsProvider;
import software.amazon.awssdk.services.ssm.SsmAsyncClient;
import software.amazon.awssdk.services.ssm.SsmAsyncClientBuilder;
import software.amazon.awssdk.services.ssm.model.GetParameterRequest;

/* loaded from: input_file:co/com/bancolombia/secretsmanager/connector/AWSParameterStoreConnectorAsync.class */
public class AWSParameterStoreConnectorAsync implements GenericManagerAsync {
    private final AWSParameterStoreConfig config;
    private final SsmAsyncClient client;
    private final AsyncCache<String, String> cache;
    private final Logger logger;

    public AWSParameterStoreConnectorAsync(AWSParameterStoreConfig aWSParameterStoreConfig) {
        this.logger = Logger.getLogger("connector.AWSSecretManagerConnector");
        this.config = aWSParameterStoreConfig;
        this.client = buildClient(SsmAsyncClient.builder());
        this.cache = initCache();
    }

    public AWSParameterStoreConnectorAsync(AWSParameterStoreConfig aWSParameterStoreConfig, SsmAsyncClientBuilder ssmAsyncClientBuilder) {
        this.logger = Logger.getLogger("connector.AWSSecretManagerConnector");
        this.config = aWSParameterStoreConfig;
        this.client = buildClient(ssmAsyncClientBuilder);
        this.cache = initCache();
    }

    public Mono<String> getSecret(String str) {
        return Mono.fromFuture(this.cache.get(str, (str2, executor) -> {
            return getSecretValue(str).toFuture().toCompletableFuture();
        }));
    }

    public <T> Mono<T> getSecret(String str, Class<T> cls) {
        return Mono.error(new UnsupportedOperationException("Serialization doesn't apply for parameter store connector"));
    }

    private Mono<String> getSecretValue(String str) {
        return Mono.fromFuture(this.client.getParameter((GetParameterRequest) GetParameterRequest.builder().name(str).build())).switchIfEmpty(Mono.defer(() -> {
            return Mono.error(new SecretException("Secret value is null"));
        })).flatMap(getParameterResponse -> {
            return getParameterResponse.parameter().value() != null ? Mono.just(getParameterResponse.parameter().value()) : Mono.error(new SecretException("Secret value is not a String"));
        }).doOnError(th -> {
            this.logger.warning("Error retrieving the secret: " + th.getMessage());
        });
    }

    private SsmAsyncClient buildClient(SsmAsyncClientBuilder ssmAsyncClientBuilder) {
        ssmAsyncClientBuilder.credentialsProvider(getProviderChain());
        ssmAsyncClientBuilder.region(this.config.getRegion());
        if (!"".equals(this.config.getEndpoint())) {
            ssmAsyncClientBuilder.endpointOverride(URI.create(this.config.getEndpoint()));
        }
        return (SsmAsyncClient) ssmAsyncClientBuilder.build();
    }

    private AsyncCache<String, String> initCache() {
        return Caffeine.newBuilder().maximumSize(this.config.getCacheSize()).expireAfterWrite(this.config.getCacheSeconds(), TimeUnit.SECONDS).buildAsync();
    }

    private AwsCredentialsProviderChain getProviderChain() {
        return AwsCredentialsProviderChain.builder().addCredentialsProvider(EnvironmentVariableCredentialsProvider.create()).addCredentialsProvider(SystemPropertyCredentialsProvider.create()).addCredentialsProvider(WebIdentityTokenFileCredentialsProvider.create()).addCredentialsProvider(ProfileCredentialsProvider.create()).addCredentialsProvider(ContainerCredentialsProvider.builder().build()).addCredentialsProvider(InstanceProfileCredentialsProvider.create()).build();
    }
}
