package io.magj.iamjdbcdriver;

import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.profile.internal.securitytoken.RoleInfo;
import com.amazonaws.auth.profile.internal.securitytoken.STSProfileCredentialsServiceProvider;
import com.amazonaws.regions.AwsProfileRegionProvider;
import com.amazonaws.regions.DefaultAwsRegionProviderChain;
import com.amazonaws.services.rds.auth.GetIamAuthTokenRequest;
import com.amazonaws.services.rds.auth.RdsIamAuthTokenGenerator;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
import java.net.URI;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.sql.Connection;
import java.sql.Driver;
import java.sql.DriverManager;
import java.sql.DriverPropertyInfo;
import java.sql.SQLException;
import java.sql.SQLFeatureNotSupportedException;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Properties;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;

/* loaded from: input_file:io/magj/iamjdbcdriver/IamAuthJdbcDriverWrapper.class */
public class IamAuthJdbcDriverWrapper implements Driver {
    private static final Logger LOGGER = Logger.getLogger(IamAuthJdbcDriverWrapper.class.getName());
    public static final String DELEGATE_DRIVER_CLASS_PROPERTY = "delegateJdbcDriverClass";
    public static final String DELEGATE_DRIVER_SCHEME_NAME_PROPERTY = "delegateJdbcDriverSchemeName";
    public static final String AWS_REGION_PROPERTY = "awsRegion";
    public static final String AWS_PROFILE_PROPERTY = "awsProfile";
    public static final String AWS_STS_CREDENTIAL_ROLE_ARN_PROPERTY = "awsStsCredentialProviderRoleArn";
    public static final String AWS_STS_CREDENTIAL_SESSION_NAME_PROPERTY = "awsStsCredentialProviderSessionName";
    public static final String AWS_STS_CREDENTIAL_EXTERNAL_ID_PROPERTY = "awsStsCredentialProviderExternalId";
    public static final String AWS_ACCESS_KEY_ID_PROPERTY = "awsAccessKeyId";
    public static final String AWS_SECRET_ACCESS_KEY_PROPERTY = "awsSecretAccessKey";
    public static final String DEFAULT_PASSWORD_PROPERTY = "password";
    public static final String DEFAULT_USER_PROPERTY = "user";
    private static final String JDBC_URL_PREFIX = "jdbc:";
    private final DefaultAwsRegionProviderChain defaultAwsRegionProviderChain;
    private final DefaultAWSCredentialsProviderChain defaultAWSCredentialsProviderChain;
    private final String wrapperSchemeName;
    private final String passwordProperty;
    private final String userProperty;
    private final Integer defaultPort;
    private final String driverClassName;
    private final boolean acceptDelegateUrls;
    private Driver delegate;
    private String delegateSchemeName;

    public IamAuthJdbcDriverWrapper() {
        this(null, null, null, null, true);
    }

    public IamAuthJdbcDriverWrapper(String str, String str2, Integer num, String str3, boolean z) {
        this(str, str2, DEFAULT_PASSWORD_PROPERTY, DEFAULT_USER_PROPERTY, num, str3, z);
    }

    public IamAuthJdbcDriverWrapper(String str, String str2, String str3, String str4, Integer num, String str5, boolean z) {
        this.defaultAwsRegionProviderChain = new DefaultAwsRegionProviderChain();
        this.defaultAWSCredentialsProviderChain = DefaultAWSCredentialsProviderChain.getInstance();
        this.wrapperSchemeName = str;
        this.delegateSchemeName = str2;
        this.passwordProperty = str3;
        this.userProperty = str4;
        this.defaultPort = num;
        this.driverClassName = str5;
        this.acceptDelegateUrls = z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void initialiseDriverRegistration(IamAuthJdbcDriverWrapper iamAuthJdbcDriverWrapper) {
        try {
            LOGGER.fine(() -> {
                return "Registering IAM driver wrapper with properties:  wrapperSchemeName=" + iamAuthJdbcDriverWrapper.wrapperSchemeName + ", delegateSchemeName=" + iamAuthJdbcDriverWrapper.delegateSchemeName + ", defaultPort=" + iamAuthJdbcDriverWrapper.defaultPort + ", driverClassName=" + iamAuthJdbcDriverWrapper.driverClassName;
            });
            DriverManager.registerDriver(iamAuthJdbcDriverWrapper);
        } catch (SQLException e) {
            LOGGER.log(Level.SEVERE, "Error registering IAM driver wrapper", (Throwable) e);
            throw new ExceptionInInitializerError(e);
        }
    }

    private static Map<String, String> mergeProperties(Properties properties, Map<String, String> map) {
        HashMap hashMap = new HashMap();
        properties.stringPropertyNames().forEach(str -> {
        });
        hashMap.putAll(map);
        return hashMap;
    }

    public static Map<String, String> parseQueryString(URI uri) {
        if (uri == null || uri.getQuery() == null) {
            return Collections.emptyMap();
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (String str : uri.getQuery().split("&")) {
            int indexOf = str.indexOf("=");
            if (indexOf >= 0) {
                linkedHashMap.put(urlDecode(str.substring(0, indexOf)), urlDecode(str.substring(indexOf + 1)));
            }
        }
        return linkedHashMap;
    }

    private static String urlDecode(String str) {
        try {
            return URLDecoder.decode(str.replace("+", "%2B"), StandardCharsets.UTF_8.name());
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private static Driver resolveDriver(String str) throws ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException, InstantiationException {
        return (Driver) Class.forName(str).getDeclaredConstructor(new Class[0]).newInstance(new Object[0]);
    }

    @Override // java.sql.Driver
    public boolean acceptsURL(String str) throws SQLException {
        assertUrlNotNull(str);
        URI parseJdbcUrl = parseJdbcUrl(str);
        attemptResolveDelegateDriverDetails(parseJdbcUrl);
        if (isWrapperScheme(parseJdbcUrl)) {
            return true;
        }
        if (this.delegate == null || !this.acceptDelegateUrls) {
            return false;
        }
        return this.delegate.acceptsURL(str);
    }

    private void attemptResolveDelegateDriverDetails(URI uri) {
        if (uri != null) {
            Map<String, String> parseQueryString = parseQueryString(uri);
            attemptDelegateDriverResolve(parseQueryString);
            resolveDelegateSchemeName(parseQueryString);
        }
    }

    private boolean isWrapperScheme(URI uri) {
        return (this.wrapperSchemeName == null || uri == null || !this.wrapperSchemeName.equals(uri.getScheme())) ? false : true;
    }

    private String replaceScheme(String str) {
        return str.replaceFirst(Pattern.quote(this.wrapperSchemeName), this.delegateSchemeName);
    }

    private void assertUrlNotNull(String str) throws SQLException {
        if (str == null) {
            throw new SQLException(new NullPointerException());
        }
    }

    private URI parseJdbcUrl(String str) {
        if (str == null || !str.startsWith(JDBC_URL_PREFIX)) {
            return null;
        }
        return URI.create(str.substring(JDBC_URL_PREFIX.length()));
    }

    @Override // java.sql.Driver
    public Connection connect(String str, Properties properties) throws SQLException {
        if (!acceptsURL(str)) {
            return null;
        }
        URI parseJdbcUrl = parseJdbcUrl(str);
        Map<String, String> mergeProperties = mergeProperties(properties, parseQueryString(parseJdbcUrl));
        resolveDelegateDriver(mergeProperties);
        resolveDelegateSchemeName(mergeProperties);
        try {
            properties.setProperty(this.passwordProperty, generateRdsIamAuthToken(host(parseJdbcUrl), port(parseJdbcUrl), mergeProperties));
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "RDS IAM auth token generation failed, attempting to call delegate driver without IAM token", (Throwable) e);
        }
        return this.delegate.connect(isWrapperScheme(parseJdbcUrl) ? replaceScheme(str) : str, properties);
    }

    private void resolveDelegateSchemeName(Map<String, String> map) {
        if (this.delegateSchemeName != null) {
            return;
        }
        this.delegateSchemeName = map.get(DELEGATE_DRIVER_SCHEME_NAME_PROPERTY);
    }

    private void attemptDelegateDriverResolve(Map<String, String> map) {
        try {
            resolveDelegateDriver(map);
        } catch (SQLException e) {
            LOGGER.log(Level.FINE, "Attempt to resolve delegate driver failed", (Throwable) e);
        }
    }

    private void resolveDelegateDriver(Map<String, String> map) throws SQLException {
        if (this.delegate != null) {
            return;
        }
        String orDefault = map.getOrDefault(DELEGATE_DRIVER_CLASS_PROPERTY, this.driverClassName);
        if (orDefault == null) {
            throw new SQLException("No delegate JDBC driver configured");
        }
        try {
            this.delegate = resolveDriver(orDefault);
        } catch (Exception e) {
            throw new SQLException("Unable to load delegate JDBC driver", e);
        }
    }

    private String host(URI uri) throws SQLException {
        if (uri.getHost() != null) {
            return uri.getHost();
        }
        throw new SQLException("No database host specified. IAM Auth requires that a host be specified in the JDBC URL.");
    }

    private int port(URI uri) throws SQLException {
        if (uri.getPort() != -1) {
            return uri.getPort();
        }
        if (this.defaultPort != null) {
            return this.defaultPort.intValue();
        }
        throw new SQLException("No database port specified. IAM Auth requires that either a default port be pre-configured or a port is specified in the JDBC URL.");
    }

    public String generateRdsIamAuthToken(String str, int i, Map<String, String> map) {
        String str2 = map.get(this.userProperty);
        RdsIamAuthTokenGenerator build = RdsIamAuthTokenGenerator.builder().credentials(resolveCredentialProvider(map)).region(resolveRegion(map.get(AWS_REGION_PROPERTY), map.get(AWS_PROFILE_PROPERTY))).build();
        LOGGER.fine("Generating RDS IAM auth token for: Host=" + str + ", Port=" + i + ", Username=" + str2);
        return build.getAuthToken(new GetIamAuthTokenRequest(str, i, str2));
    }

    private String resolveRegion(String str, String str2) {
        if (str != null) {
            return str;
        }
        if (str2 != null) {
            AwsProfileRegionProvider awsProfileRegionProvider = new AwsProfileRegionProvider(str2);
            if (awsProfileRegionProvider.getRegion() != null) {
                return awsProfileRegionProvider.getRegion();
            }
        }
        return this.defaultAwsRegionProviderChain.getRegion();
    }

    private AWSCredentialsProvider resolveCredentialProvider(Map<String, String> map) {
        String str = map.get(AWS_PROFILE_PROPERTY);
        String str2 = map.get(AWS_ACCESS_KEY_ID_PROPERTY);
        String str3 = map.get(AWS_SECRET_ACCESS_KEY_PROPERTY);
        AWSStaticCredentialsProvider profileCredentialsProvider = (str2 == null || str3 == null) ? str != null ? new ProfileCredentialsProvider(str) : this.defaultAWSCredentialsProviderChain : new AWSStaticCredentialsProvider(new BasicAWSCredentials(str2, str3));
        String str4 = map.get(AWS_STS_CREDENTIAL_ROLE_ARN_PROPERTY);
        String str5 = map.get(AWS_STS_CREDENTIAL_EXTERNAL_ID_PROPERTY);
        String str6 = map.get(AWS_STS_CREDENTIAL_SESSION_NAME_PROPERTY);
        if (str4 == null) {
            return profileCredentialsProvider;
        }
        String str7 = str6 == null ? "IAM_RDS_JDBC_DRIVER_WRAPPER" + UUID.randomUUID().toString() : str6;
        RoleInfo withRoleSessionName = new RoleInfo().withRoleArn(str4).withLongLivedCredentialsProvider(profileCredentialsProvider).withExternalId(str5).withRoleSessionName(str7);
        LOGGER.fine(() -> {
            return "Assuming role with ARN: " + str4 + ", and Session Name: " + str7;
        });
        return new STSProfileCredentialsServiceProvider(withRoleSessionName);
    }

    @Override // java.sql.Driver
    public int getMajorVersion() {
        if (this.delegate != null) {
            return this.delegate.getMajorVersion();
        }
        logDelegateNotInitialised("getMajorValue");
        return -1;
    }

    @Override // java.sql.Driver
    public int getMinorVersion() {
        if (this.delegate != null) {
            return this.delegate.getMinorVersion();
        }
        logDelegateNotInitialised("getMinorVersion");
        return -1;
    }

    public Logger getParentLogger() throws SQLFeatureNotSupportedException {
        if (this.delegate != null) {
            return this.delegate.getParentLogger();
        }
        logDelegateNotInitialised("getParentLogger");
        throw new SQLFeatureNotSupportedException("Delegate driver not initialised");
    }

    @Override // java.sql.Driver
    public DriverPropertyInfo[] getPropertyInfo(String str, Properties properties) throws SQLException {
        assertUrlNotNull(str);
        attemptResolveDelegateDriverDetails(parseJdbcUrl(str));
        return this.delegate.getPropertyInfo(str, properties);
    }

    @Override // java.sql.Driver
    public boolean jdbcCompliant() {
        if (this.delegate != null) {
            return this.delegate.jdbcCompliant();
        }
        logDelegateNotInitialised("jdbcCompliant");
        return false;
    }

    private void logDelegateNotInitialised(String str) {
        LOGGER.warning("Method " + str + " called, but delegate driver not initialised, returning bogus value");
    }

    static {
        initialiseDriverRegistration(new IamAuthJdbcDriverWrapper());
    }
}
