package de.adorsys.datasafe.directory.impl.profile.keys;

import de.adorsys.datasafe.directory.api.config.DFSConfig;
import de.adorsys.datasafe.directory.api.profile.dfs.BucketAccessService;
import de.adorsys.datasafe.directory.api.profile.keys.DocumentKeyStoreOperations;
import de.adorsys.datasafe.directory.api.profile.operations.ProfileRetrievalService;
import de.adorsys.datasafe.encrypiton.api.keystore.KeyStoreService;
import de.adorsys.datasafe.encrypiton.api.types.UserID;
import de.adorsys.datasafe.encrypiton.api.types.UserIDAuth;
import de.adorsys.datasafe.encrypiton.api.types.encryption.KeyCreationConfig;
import de.adorsys.datasafe.encrypiton.api.types.keystore.KeyStoreAccess;
import de.adorsys.datasafe.encrypiton.api.types.keystore.KeyStoreAuth;
import de.adorsys.datasafe.encrypiton.api.types.keystore.PublicKeyIDWithPublicKey;
import de.adorsys.datasafe.storage.api.actions.StorageWriteService;
import de.adorsys.datasafe.types.api.context.annotations.RuntimeDelegate;
import de.adorsys.datasafe.types.api.resource.AbsoluteLocation;
import de.adorsys.datasafe.types.api.resource.PrivateResource;
import de.adorsys.datasafe.types.api.resource.ResourceLocation;
import de.adorsys.datasafe.types.api.resource.WithCallback;
import de.adorsys.datasafe.types.api.types.ReadKeyPassword;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.util.List;
import java.util.Set;
import javax.inject.Inject;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@RuntimeDelegate
/* loaded from: input_file:de/adorsys/datasafe/directory/impl/profile/keys/DocumentKeyStoreOperationsImpl.class */
public class DocumentKeyStoreOperationsImpl implements DocumentKeyStoreOperations {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(DocumentKeyStoreOperationsImpl.class);
    private final KeyCreationConfig config;
    private final GenericKeystoreOperations genericOper;
    private final DFSConfig dfsConfig;
    private final BucketAccessService access;
    private final ProfileRetrievalService profile;
    private final StorageWriteService writeService;
    private final KeyStoreCache keystoreCache;
    private final KeyStoreService keyStoreService;

    @Inject
    public DocumentKeyStoreOperationsImpl(KeyCreationConfig keyCreationConfig, GenericKeystoreOperations genericKeystoreOperations, DFSConfig dFSConfig, BucketAccessService bucketAccessService, ProfileRetrievalService profileRetrievalService, StorageWriteService storageWriteService, KeyStoreCache keyStoreCache, KeyStoreService keyStoreService) {
        this.config = keyCreationConfig;
        this.genericOper = genericKeystoreOperations;
        this.dfsConfig = dFSConfig;
        this.access = bucketAccessService;
        this.profile = profileRetrievalService;
        this.writeService = storageWriteService;
        this.keystoreCache = keyStoreCache;
        this.keyStoreService = keyStoreService;
    }

    public Key getKey(UserIDAuth userIDAuth, String str) {
        return this.genericOper.getKey(() -> {
            return keyStore(userIDAuth);
        }, userIDAuth, str);
    }

    public Set<String> readAliases(UserIDAuth userIDAuth) {
        return this.genericOper.readAliases(keyStore(userIDAuth));
    }

    public List<PublicKeyIDWithPublicKey> createAndWriteKeyStore(UserIDAuth userIDAuth) {
        KeyStoreAuth keystoreAuth = keystoreAuth(userIDAuth, userIDAuth.getReadKeyPassword());
        KeyStore createKeyStore = this.keyStoreService.createKeyStore(keystoreAuth, this.config);
        writeKeystore(userIDAuth.getUserID(), keystoreAuth, keystoreLocationWithAccess(userIDAuth), createKeyStore);
        return this.keyStoreService.getPublicKeys(new KeyStoreAccess(createKeyStore, keystoreAuth));
    }

    public void updateReadKeyPassword(UserIDAuth userIDAuth, ReadKeyPassword readKeyPassword) {
        log.debug("Updating users' '{}' document keystore ReadKeyPassword", userIDAuth.getUserID());
        this.genericOper.updateReadKeyPassword(keyStore(userIDAuth), keystoreLocationWithAccess(userIDAuth), userIDAuth, readKeyPassword);
    }

    private AbsoluteLocation<PrivateResource> keystoreLocationWithAccess(UserIDAuth userIDAuth) {
        return this.access.privateAccessFor(userIDAuth, this.profile.privateProfile(userIDAuth).getKeystore().getResource());
    }

    private KeyStoreAuth keystoreAuth(UserIDAuth userIDAuth, ReadKeyPassword readKeyPassword) {
        return new KeyStoreAuth(this.dfsConfig.privateKeyStoreAuth(userIDAuth).getReadStorePassword(), readKeyPassword);
    }

    private <T extends ResourceLocation<T>> void writeKeystore(UserID userID, KeyStoreAuth keyStoreAuth, AbsoluteLocation<T> absoluteLocation, KeyStore keyStore) {
        OutputStream write = this.writeService.write(WithCallback.noCallback(this.access.withSystemAccess(absoluteLocation)));
        try {
            write.write(this.keyStoreService.serialize(keyStore, keyStoreAuth.getReadStorePassword()));
            if (write != null) {
                write.close();
            }
            log.debug("Keystore created for user {} in path {}", userID, absoluteLocation);
        } finally {
        }
    }

    private KeyStore keyStore(UserIDAuth userIDAuth) {
        return this.keystoreCache.getKeystore().computeIfAbsent(userIDAuth, userID -> {
            return this.genericOper.readKeyStore(userIDAuth, keystoreLocationWithAccess(userIDAuth));
        });
    }
}
