package io.mapsmessaging.security.storage;

import java.io.IOException;
import java.util.Base64;
import java.util.Map;
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClientBuilder;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
import software.amazon.awssdk.services.secretsmanager.model.PutSecretValueRequest;

/* loaded from: input_file:io/mapsmessaging/security/storage/AWSSecretsStore.class */
public class AWSSecretsStore implements Store {
    private final SecretsManagerClient secretsManagerClient;

    public AWSSecretsStore() {
        this.secretsManagerClient = null;
    }

    public AWSSecretsStore(SecretsManagerClient secretsManagerClient) {
        this.secretsManagerClient = secretsManagerClient;
    }

    @Override // io.mapsmessaging.security.storage.Store
    public String getName() {
        return "AwsSecrets";
    }

    @Override // io.mapsmessaging.security.storage.Store
    public boolean exists(String str) {
        return false;
    }

    @Override // io.mapsmessaging.security.storage.Store
    public byte[] load(String str) throws IOException {
        return Base64.getDecoder().decode(this.secretsManagerClient.getSecretValue((GetSecretValueRequest) GetSecretValueRequest.builder().secretId(str).build()).secretString());
    }

    @Override // io.mapsmessaging.security.storage.Store
    public void save(byte[] bArr, String str) throws IOException {
        this.secretsManagerClient.putSecretValue((PutSecretValueRequest) PutSecretValueRequest.builder().secretId(str).secretString(Base64.getEncoder().encodeToString(bArr)).build());
    }

    @Override // io.mapsmessaging.security.storage.Store
    public Store create(Map<String, Object> map) throws IOException {
        SecretsManagerClientBuilder region = SecretsManagerClient.builder().region(Region.of((String) map.getOrDefault("region", "us-east-1")));
        if (map.containsKey("accessKeyId") && map.containsKey("secretAccessKey")) {
            region.credentialsProvider(StaticCredentialsProvider.create(AwsBasicCredentials.create((String) map.get("accessKeyId"), (String) map.get("secretAccessKey"))));
        }
        return new AWSSecretsStore((SecretsManagerClient) region.build());
    }
}
