package com.google.cloud.alloydb;

import com.google.cloud.alloydb.v1alpha.AlloyDBAdminClient;
import com.google.cloud.alloydb.v1alpha.ClusterName;
import com.google.cloud.alloydb.v1alpha.GenerateClientCertificateRequest;
import com.google.cloud.alloydb.v1alpha.GenerateClientCertificateResponse;
import com.google.cloud.alloydb.v1alpha.InstanceName;
import com.google.common.io.BaseEncoding;
import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.ListeningScheduledExecutorService;
import com.google.protobuf.ByteString;
import com.google.protobuf.Duration;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.security.KeyPair;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:com/google/cloud/alloydb/DefaultConnectionInfoRepository.class */
class DefaultConnectionInfoRepository implements ConnectionInfoRepository, Closeable {
    private static final String OPENSSL_PUBLIC_KEY_BEGIN = "-----BEGIN RSA PUBLIC KEY-----";
    private static final String OPENSSL_PUBLIC_KEY_END = "-----END RSA PUBLIC KEY-----";
    private static final String X_509 = "X.509";
    private static final int PEM_LINE_LENGTH = 64;
    private final ListeningScheduledExecutorService executor;
    private final AlloyDBAdminClient alloyDBAdminClient;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DefaultConnectionInfoRepository(ListeningScheduledExecutorService listeningScheduledExecutorService, AlloyDBAdminClient alloyDBAdminClient) {
        this.executor = listeningScheduledExecutorService;
        this.alloyDBAdminClient = alloyDBAdminClient;
    }

    @Override // com.google.cloud.alloydb.ConnectionInfoRepository
    public ListenableFuture<ConnectionInfo> getConnectionInfo(InstanceName instanceName, KeyPair keyPair) {
        ListenableFuture submit = this.executor.submit(() -> {
            return getConnectionInfo(instanceName);
        });
        ListenableFuture submit2 = this.executor.submit(() -> {
            return getGenerateClientCertificateResponse(instanceName, keyPair);
        });
        return Futures.whenAllComplete(new ListenableFuture[]{submit, submit2}).call(() -> {
            com.google.cloud.alloydb.v1alpha.ConnectionInfo connectionInfo = (com.google.cloud.alloydb.v1alpha.ConnectionInfo) Futures.getDone(submit);
            GenerateClientCertificateResponse generateClientCertificateResponse = (GenerateClientCertificateResponse) Futures.getDone(submit2);
            List asByteStringList = generateClientCertificateResponse.getPemCertificateChainList().asByteStringList();
            ArrayList arrayList = new ArrayList();
            Iterator it = asByteStringList.iterator();
            while (it.hasNext()) {
                arrayList.add(parseCertificate((ByteString) it.next()));
            }
            return new ConnectionInfo(connectionInfo.getIpAddress(), connectionInfo.getPublicIpAddress(), connectionInfo.getInstanceUid(), (X509Certificate) arrayList.get(0), arrayList, parseCertificate(generateClientCertificateResponse.getCaCertBytes()));
        }, this.executor);
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() {
        this.alloyDBAdminClient.close();
    }

    private com.google.cloud.alloydb.v1alpha.ConnectionInfo getConnectionInfo(InstanceName instanceName) {
        return this.alloyDBAdminClient.getConnectionInfo(instanceName);
    }

    private GenerateClientCertificateResponse getGenerateClientCertificateResponse(InstanceName instanceName, KeyPair keyPair) {
        return this.alloyDBAdminClient.generateClientCertificate(GenerateClientCertificateRequest.newBuilder().setParent(getParent(instanceName)).setCertDuration(Duration.newBuilder().setSeconds(3600L)).setPublicKey(generatePublicKeyCert(keyPair)).setUseMetadataExchange(true).build());
    }

    private String getParent(InstanceName instanceName) {
        return ClusterName.of(instanceName.getProject(), instanceName.getLocation(), instanceName.getCluster()).toString();
    }

    private String generatePublicKeyCert(KeyPair keyPair) {
        StringBuilder sb = new StringBuilder();
        sb.append(OPENSSL_PUBLIC_KEY_BEGIN).append("\n");
        sb.append(BaseEncoding.base64().withSeparator("\n", PEM_LINE_LENGTH).encode(keyPair.getPublic().getEncoded())).append("\n");
        sb.append(OPENSSL_PUBLIC_KEY_END).append("\n");
        return sb.toString();
    }

    private X509Certificate parseCertificate(ByteString byteString) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance(X_509).generateCertificate(new ByteArrayInputStream(byteString.toByteArray()));
    }
}
