package io.quarkus.vault.runtime.client;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.quarkus.vault.VaultException;
import io.quarkus.vault.runtime.client.dto.auth.VaultAppRoleAuth;
import io.quarkus.vault.runtime.client.dto.auth.VaultAppRoleAuthBody;
import io.quarkus.vault.runtime.client.dto.auth.VaultKubernetesAuth;
import io.quarkus.vault.runtime.client.dto.auth.VaultKubernetesAuthBody;
import io.quarkus.vault.runtime.client.dto.auth.VaultLookupSelf;
import io.quarkus.vault.runtime.client.dto.auth.VaultRenewSelf;
import io.quarkus.vault.runtime.client.dto.auth.VaultRenewSelfBody;
import io.quarkus.vault.runtime.client.dto.auth.VaultUserPassAuth;
import io.quarkus.vault.runtime.client.dto.auth.VaultUserPassAuthBody;
import io.quarkus.vault.runtime.client.dto.database.VaultDatabaseCredentials;
import io.quarkus.vault.runtime.client.dto.kv.VaultKvSecretV1;
import io.quarkus.vault.runtime.client.dto.kv.VaultKvSecretV2;
import io.quarkus.vault.runtime.client.dto.kv.VaultKvSecretV2Write;
import io.quarkus.vault.runtime.client.dto.kv.VaultKvSecretV2WriteBody;
import io.quarkus.vault.runtime.client.dto.sys.VaultLeasesBody;
import io.quarkus.vault.runtime.client.dto.sys.VaultLeasesLookup;
import io.quarkus.vault.runtime.client.dto.sys.VaultRenewLease;
import io.quarkus.vault.runtime.client.dto.transit.VaultTransitDecrypt;
import io.quarkus.vault.runtime.client.dto.transit.VaultTransitDecryptBody;
import io.quarkus.vault.runtime.client.dto.transit.VaultTransitEncrypt;
import io.quarkus.vault.runtime.client.dto.transit.VaultTransitEncryptBody;
import io.quarkus.vault.runtime.client.dto.transit.VaultTransitRewrapBody;
import io.quarkus.vault.runtime.client.dto.transit.VaultTransitSign;
import io.quarkus.vault.runtime.client.dto.transit.VaultTransitSignBody;
import io.quarkus.vault.runtime.client.dto.transit.VaultTransitVerify;
import io.quarkus.vault.runtime.client.dto.transit.VaultTransitVerifyBody;
import io.quarkus.vault.runtime.config.VaultRuntimeConfig;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Map;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.jboss.logging.Logger;

/* loaded from: input_file:io/quarkus/vault/runtime/client/OkHttpVaultClient.class */
public class OkHttpVaultClient implements VaultClient {
    private static final Logger log = Logger.getLogger(OkHttpVaultClient.class);
    public static final MediaType JSON = MediaType.get("application/json; charset=utf-8");
    private OkHttpClient client;
    private URL url;
    private ObjectMapper mapper = new ObjectMapper();

    public OkHttpVaultClient(VaultRuntimeConfig vaultRuntimeConfig) {
        this.client = OkHttpClientFactory.createHttpClient(vaultRuntimeConfig);
        this.url = vaultRuntimeConfig.url.get();
        this.mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultUserPassAuth loginUserPass(String str, String str2) {
        return (VaultUserPassAuth) post("auth/userpass/login/" + str, null, new VaultUserPassAuthBody(str2), VaultUserPassAuth.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultKubernetesAuth loginKubernetes(String str, String str2) {
        return (VaultKubernetesAuth) post("auth/kubernetes/login", null, new VaultKubernetesAuthBody(str, str2), VaultKubernetesAuth.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultAppRoleAuth loginAppRole(String str, String str2) {
        return (VaultAppRoleAuth) post("auth/approle/login", null, new VaultAppRoleAuthBody(str, str2), VaultAppRoleAuth.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultKvSecretV1 getSecretV1(String str, String str2, String str3) {
        return (VaultKvSecretV1) get(str2 + "/" + str3, str, VaultKvSecretV1.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultKvSecretV2 getSecretV2(String str, String str2, String str3) {
        return (VaultKvSecretV2) get(str2 + "/data/" + str3, str, VaultKvSecretV2.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public void writeSecretV1(String str, String str2, String str3, Map<String, String> map) {
        post(str2 + "/" + str3, str, map, null, 204);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public void writeSecretV2(String str, String str2, String str3, VaultKvSecretV2WriteBody vaultKvSecretV2WriteBody) {
        post(str2 + "/data/" + str3, str, vaultKvSecretV2WriteBody, VaultKvSecretV2Write.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public void deleteSecretV1(String str, String str2, String str3) {
        delete(str2 + "/" + str3, str, null, null, 204);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public void deleteSecretV2(String str, String str2, String str3) {
        delete(str2 + "/data/" + str3, str, null, null, 204);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultRenewSelf renewSelf(String str, String str2) {
        return (VaultRenewSelf) post("auth/token/renew-self", str, new VaultRenewSelfBody(str2), VaultRenewSelf.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultLookupSelf lookupSelf(String str) {
        return (VaultLookupSelf) get("auth/token/lookup-self", str, VaultLookupSelf.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultLeasesLookup lookupLease(String str, String str2) {
        return (VaultLeasesLookup) put("sys/leases/lookup", str, new VaultLeasesBody(str2), VaultLeasesLookup.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultRenewLease renewLease(String str, String str2) {
        return (VaultRenewLease) put("sys/leases/renew", str, new VaultLeasesBody(str2), VaultRenewLease.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultDatabaseCredentials generateDatabaseCredentials(String str, String str2) {
        return (VaultDatabaseCredentials) get("database/creds/" + str2, str, VaultDatabaseCredentials.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultTransitEncrypt encrypt(String str, String str2, VaultTransitEncryptBody vaultTransitEncryptBody) {
        return (VaultTransitEncrypt) post("transit/encrypt/" + str2, str, vaultTransitEncryptBody, VaultTransitEncrypt.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultTransitDecrypt decrypt(String str, String str2, VaultTransitDecryptBody vaultTransitDecryptBody) {
        return (VaultTransitDecrypt) post("transit/decrypt/" + str2, str, vaultTransitDecryptBody, VaultTransitDecrypt.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultTransitSign sign(String str, String str2, String str3, VaultTransitSignBody vaultTransitSignBody) {
        return (VaultTransitSign) post("transit/sign/" + str2 + (str3 == null ? "" : "/" + str3), str, vaultTransitSignBody, VaultTransitSign.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultTransitVerify verify(String str, String str2, String str3, VaultTransitVerifyBody vaultTransitVerifyBody) {
        return (VaultTransitVerify) post("transit/verify/" + str2 + (str3 == null ? "" : "/" + str3), str, vaultTransitVerifyBody, VaultTransitVerify.class);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public VaultTransitEncrypt rewrap(String str, String str2, VaultTransitRewrapBody vaultTransitRewrapBody) {
        return (VaultTransitEncrypt) post("transit/rewrap/" + str2, str, vaultTransitRewrapBody, VaultTransitEncrypt.class);
    }

    protected <T> T delete(String str, String str2, Object obj, Class<T> cls, int i) {
        return (T) exec(builder(str, str2).delete(requestBody(obj)).build(), cls, i);
    }

    protected <T> T post(String str, String str2, Object obj, Class<T> cls, int i) {
        return (T) exec(builder(str, str2).post(requestBody(obj)).build(), cls, i);
    }

    protected <T> T post(String str, String str2, Object obj, Class<T> cls) {
        return (T) exec(builder(str, str2).post(requestBody(obj)).build(), cls);
    }

    protected <T> T put(String str, String str2, Object obj, Class<T> cls) {
        return (T) exec(builder(str, str2).put(requestBody(obj)).build(), cls);
    }

    protected <T> T get(String str, String str2, Class<T> cls) {
        return (T) exec(builder(str, str2).get().build(), cls);
    }

    private <T> T exec(Request request, Class<T> cls) {
        return (T) exec(request, cls, 200);
    }

    private <T> T exec(Request request, Class<T> cls, int i) {
        try {
            Response execute = this.client.newCall(request).execute();
            Throwable th = null;
            try {
                try {
                    if (execute.code() != i) {
                        throwVaultException(execute);
                    }
                    T t = (T) (cls == null ? null : this.mapper.readValue(execute.body().string(), cls));
                    if (execute != null) {
                        if (0 != 0) {
                            try {
                                execute.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    return t;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            throw new VaultException(e);
        }
    }

    private void throwVaultException(Response response) {
        String str = null;
        try {
            str = response.body().string();
        } catch (Exception e) {
        }
        throw new VaultClientException(response.code(), str);
    }

    private Request.Builder builder(String str, String str2) {
        Request.Builder url = new Request.Builder().url(getUrl(str));
        if (str2 != null) {
            url.header(VaultClient.X_VAULT_TOKEN, str2);
        }
        return url;
    }

    private RequestBody requestBody(Object obj) {
        try {
            return RequestBody.create(JSON, this.mapper.writeValueAsString(obj));
        } catch (JsonProcessingException e) {
            throw new VaultException((Throwable) e);
        }
    }

    private URL getUrl(String str) {
        try {
            return new URL(this.url, "v1/" + str);
        } catch (MalformedURLException e) {
            throw new VaultException(e);
        }
    }
}
