package dev.galasa.framework.api.secrets.internal.routes;

import dev.galasa.ICredentials;
import dev.galasa.ICredentialsToken;
import dev.galasa.ICredentialsUsername;
import dev.galasa.ICredentialsUsernamePassword;
import dev.galasa.ICredentialsUsernameToken;
import dev.galasa.framework.api.beans.generated.GalasaSecret;
import dev.galasa.framework.api.beans.generated.GalasaSecretdata;
import dev.galasa.framework.api.beans.generated.GalasaSecretmetadata;
import dev.galasa.framework.api.beans.generated.SecretRequest;
import dev.galasa.framework.api.beans.generated.SecretRequestpassword;
import dev.galasa.framework.api.beans.generated.SecretRequesttoken;
import dev.galasa.framework.api.beans.generated.SecretRequestusername;
import dev.galasa.framework.api.common.BaseRoute;
import dev.galasa.framework.api.common.Environment;
import dev.galasa.framework.api.common.InternalServletException;
import dev.galasa.framework.api.common.JwtWrapper;
import dev.galasa.framework.api.common.ResponseBuilder;
import dev.galasa.framework.api.common.ServletError;
import dev.galasa.framework.api.common.ServletErrorMessage;
import dev.galasa.framework.api.common.resources.GalasaSecretType;
import dev.galasa.framework.spi.creds.CredentialsToken;
import dev.galasa.framework.spi.creds.CredentialsUsername;
import dev.galasa.framework.spi.creds.CredentialsUsernamePassword;
import dev.galasa.framework.spi.creds.CredentialsUsernameToken;
import dev.galasa.framework.spi.utils.ITimeService;
import java.time.Instant;
import java.util.Base64;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:dev/galasa/framework/api/secrets/internal/routes/AbstractSecretsRoute.class */
public abstract class AbstractSecretsRoute extends BaseRoute {
    private static final String DEFAULT_RESPONSE_ENCODING = "base64";
    private Environment env;
    protected ITimeService timeService;
    private static final Map<Class<? extends ICredentials>, GalasaSecretType> credentialsToSecretTypes = Map.of(CredentialsUsername.class, GalasaSecretType.USERNAME, CredentialsToken.class, GalasaSecretType.TOKEN, CredentialsUsernamePassword.class, GalasaSecretType.USERNAME_PASSWORD, CredentialsUsernameToken.class, GalasaSecretType.USERNAME_TOKEN);

    public AbstractSecretsRoute(ResponseBuilder responseBuilder, String str, Environment environment, ITimeService iTimeService) {
        super(responseBuilder, str);
        this.env = environment;
        this.timeService = iTimeService;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public GalasaSecret createGalasaSecretFromCredentials(String str, ICredentials iCredentials) throws InternalServletException {
        GalasaSecretmetadata galasaSecretmetadata = new GalasaSecretmetadata((dev.galasa.framework.api.beans.generated.GalasaSecretType) null);
        GalasaSecretdata galasaSecretdata = new GalasaSecretdata();
        galasaSecretmetadata.setname(str);
        galasaSecretmetadata.setencoding(DEFAULT_RESPONSE_ENCODING);
        setSecretTypeValuesFromCredentials(galasaSecretmetadata, galasaSecretdata, iCredentials);
        setSecretMetadata(galasaSecretmetadata, iCredentials.getDescription(), iCredentials.getLastUpdatedByUser(), iCredentials.getLastUpdatedTime());
        GalasaSecret galasaSecret = new GalasaSecret();
        galasaSecret.setApiVersion("galasa-dev/v1alpha1");
        galasaSecret.setdata(galasaSecretdata);
        galasaSecret.setmetadata(galasaSecretmetadata);
        return galasaSecret;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ICredentials buildDecodedCredentialsToSet(SecretRequest secretRequest, String str) throws InternalServletException {
        ICredentials decodeCredentialsFromSecretPayload = decodeCredentialsFromSecretPayload(secretRequest);
        setSecretMetadataProperties(decodeCredentialsFromSecretPayload, secretRequest.getdescription(), str);
        return decodeCredentialsFromSecretPayload;
    }

    private ICredentials decodeCredentialsFromSecretPayload(SecretRequest secretRequest) throws InternalServletException {
        CredentialsUsernamePassword credentialsUsernamePassword = null;
        SecretRequestusername secretRequestusername = secretRequest.getusername();
        SecretRequestpassword secretRequestpassword = secretRequest.getpassword();
        SecretRequesttoken secretRequesttoken = secretRequest.gettoken();
        if (secretRequestusername != null) {
            String decodeSecretValue = decodeSecretValue(secretRequestusername.getvalue(), secretRequestusername.getencoding());
            credentialsUsernamePassword = secretRequestpassword != null ? new CredentialsUsernamePassword(decodeSecretValue, decodeSecretValue(secretRequestpassword.getvalue(), secretRequestpassword.getencoding())) : secretRequesttoken != null ? new CredentialsUsernameToken(decodeSecretValue, decodeSecretValue(secretRequesttoken.getvalue(), secretRequesttoken.getencoding())) : new CredentialsUsername(decodeSecretValue);
        } else if (secretRequesttoken != null) {
            credentialsUsernamePassword = new CredentialsToken(decodeSecretValue(secretRequesttoken.getvalue(), secretRequesttoken.getencoding()));
        }
        return credentialsUsernamePassword;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String decodeSecretValue(String str, String str2) throws InternalServletException {
        String str3 = str;
        if (str2 != null && str != null) {
            try {
                if (str2.equalsIgnoreCase(DEFAULT_RESPONSE_ENCODING)) {
                    str3 = new String(Base64.getDecoder().decode(str));
                }
            } catch (IllegalArgumentException e) {
                throw new InternalServletException(new ServletError(ServletErrorMessage.GAL5097_FAILED_TO_DECODE_SECRET_VALUE, new String[]{DEFAULT_RESPONSE_ENCODING}), 400);
            }
        }
        return str3;
    }

    private void setSecretTypeValuesFromCredentials(GalasaSecretmetadata galasaSecretmetadata, GalasaSecretdata galasaSecretdata, ICredentials iCredentials) throws InternalServletException {
        GalasaSecretType secretType = getSecretType(iCredentials);
        if (secretType == GalasaSecretType.USERNAME) {
            galasaSecretdata.setusername(encodeValue(((ICredentialsUsername) iCredentials).getUsername()));
            galasaSecretmetadata.settype(dev.galasa.framework.api.beans.generated.GalasaSecretType.Username);
            return;
        }
        if (secretType == GalasaSecretType.USERNAME_PASSWORD) {
            ICredentialsUsernamePassword iCredentialsUsernamePassword = (ICredentialsUsernamePassword) iCredentials;
            galasaSecretdata.setusername(encodeValue(iCredentialsUsernamePassword.getUsername()));
            galasaSecretdata.setpassword(encodeValue(iCredentialsUsernamePassword.getPassword()));
            galasaSecretmetadata.settype(dev.galasa.framework.api.beans.generated.GalasaSecretType.USERNAME_PASSWORD);
            return;
        }
        if (secretType == GalasaSecretType.USERNAME_TOKEN) {
            ICredentialsUsernameToken iCredentialsUsernameToken = (ICredentialsUsernameToken) iCredentials;
            galasaSecretdata.setusername(encodeValue(iCredentialsUsernameToken.getUsername()));
            galasaSecretdata.settoken(encodeValue(new String(iCredentialsUsernameToken.getToken())));
            galasaSecretmetadata.settype(dev.galasa.framework.api.beans.generated.GalasaSecretType.USERNAME_TOKEN);
            return;
        }
        if (secretType != GalasaSecretType.TOKEN) {
            throw new InternalServletException(new ServletError(ServletErrorMessage.GAL5101_ERROR_UNEXPECTED_SECRET_TYPE_DETECTED, new String[0]), 500);
        }
        galasaSecretdata.settoken(encodeValue(new String(((ICredentialsToken) iCredentials).getToken())));
        galasaSecretmetadata.settype(dev.galasa.framework.api.beans.generated.GalasaSecretType.Token);
    }

    private void setSecretMetadata(GalasaSecretmetadata galasaSecretmetadata, String str, String str2, Instant instant) {
        galasaSecretmetadata.setdescription(str);
        galasaSecretmetadata.setLastUpdatedBy(str2);
        if (instant != null) {
            galasaSecretmetadata.setLastUpdatedTime(instant.toString());
        }
    }

    private String encodeValue(String str) {
        String str2 = str;
        if (DEFAULT_RESPONSE_ENCODING.equals(DEFAULT_RESPONSE_ENCODING)) {
            str2 = Base64.getEncoder().encodeToString(str.getBytes());
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public GalasaSecretType getSecretType(ICredentials iCredentials) {
        GalasaSecretType galasaSecretType = null;
        if (iCredentials != null) {
            galasaSecretType = credentialsToSecretTypes.get(iCredentials.getClass());
        }
        return galasaSecretType;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getUsernameFromRequestJwt(HttpServletRequest httpServletRequest) throws InternalServletException {
        return new JwtWrapper(httpServletRequest, this.env).getUsername();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSecretMetadataProperties(ICredentials iCredentials, String str, String str2) {
        if (str != null && !str.isBlank()) {
            iCredentials.setDescription(str);
        }
        iCredentials.setLastUpdatedByUser(str2);
        iCredentials.setLastUpdatedTime(this.timeService.now());
    }
}
