package io.quarkus.vault.runtime.client;

import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import io.quarkus.runtime.TlsConfig;
import io.quarkus.vault.VaultException;
import io.quarkus.vault.runtime.VaultConfigHolder;
import io.quarkus.vault.runtime.config.VaultBootstrapConfig;
import io.quarkus.vault.sys.VaultHealth;
import io.vertx.core.http.HttpMethod;
import io.vertx.mutiny.core.Vertx;
import io.vertx.mutiny.core.buffer.Buffer;
import io.vertx.mutiny.ext.web.client.HttpRequest;
import io.vertx.mutiny.ext.web.client.HttpResponse;
import io.vertx.mutiny.ext.web.client.WebClient;
import java.net.MalformedURLException;
import java.net.URL;
import java.time.Duration;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Supplier;
import java.util.stream.Stream;
import javax.annotation.PreDestroy;
import javax.inject.Singleton;

@Singleton
/* loaded from: input_file:io/quarkus/vault/runtime/client/VertxVaultClient.class */
public class VertxVaultClient implements VaultClient {
    private static final HttpMethod LIST = HttpMethod.valueOf("LIST");
    private static final List<String> ROOT_NAMESPACE_API = Arrays.asList("sys/init", "sys/license", "sys/leader", "sys/health", "sys/metrics", "sys/config/state", "sys/host-info", "sys/key-status", "sys/storage", "sys/storage/raft");
    private final Vertx vertx;
    private URL baseUrl;
    private final TlsConfig tlsConfig;
    private final VaultConfigHolder vaultConfigHolder;
    private WebClient webClient;
    ObjectMapper mapper = new ObjectMapper().registerModule(new JavaTimeModule());

    public VertxVaultClient(VaultConfigHolder vaultConfigHolder, TlsConfig tlsConfig) {
        this.vaultConfigHolder = vaultConfigHolder;
        this.tlsConfig = tlsConfig;
        this.mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
        this.mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
        this.vertx = Vertx.vertx();
    }

    public void init() {
        VaultBootstrapConfig vaultBootstrapConfig = this.vaultConfigHolder.getVaultBootstrapConfig();
        this.webClient = MutinyVertxClientFactory.createHttpClient(this.vertx, vaultBootstrapConfig, this.tlsConfig);
        this.baseUrl = vaultBootstrapConfig.url.orElseThrow(new Supplier<VaultException>() { // from class: io.quarkus.vault.runtime.client.VertxVaultClient.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.function.Supplier
            public VaultException get() {
                return new VaultException("no vault url provided");
            }
        });
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    @PreDestroy
    public void close() {
        try {
            if (this.webClient != null) {
                this.webClient.close();
            }
        } finally {
            this.vertx.close();
        }
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T put(String str, String str2, Object obj, int i) {
        return (T) exec(builder(str, str2).method(HttpMethod.PUT), obj, null, i);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T list(String str, String str2, Class<T> cls) {
        return (T) exec(builder(str, str2).method(LIST), cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T delete(String str, String str2, int i) {
        return (T) exec(builder(str, str2).method(HttpMethod.DELETE), i);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T post(String str, String str2, Object obj, Class<T> cls, int i) {
        return (T) exec(builder(str, str2).method(HttpMethod.POST), obj, cls, i);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T post(String str, String str2, Object obj, Class<T> cls) {
        return (T) post(str, str2, Collections.emptyMap(), obj, cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T post(String str, String str2, Map<String, String> map, Object obj, Class<T> cls) {
        HttpRequest<Buffer> method = builder(str, str2).method(HttpMethod.POST);
        Objects.requireNonNull(method);
        map.forEach(method::putHeader);
        return (T) exec(method, obj, cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T post(String str, String str2, Object obj, int i) {
        return (T) exec(builder(str, str2).method(HttpMethod.POST), obj, null, i);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T put(String str, String str2, Object obj, Class<T> cls) {
        return (T) exec(builder(str, str2).method(HttpMethod.PUT), obj, cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T put(String str, Object obj, Class<T> cls) {
        return (T) exec(builder(str).method(HttpMethod.PUT), obj, cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T get(String str, String str2, Class<T> cls) {
        return (T) exec(builder(str, str2).method(HttpMethod.GET), cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> T get(String str, Map<String, String> map, Class<T> cls) {
        return (T) exec(builder(str, map).method(HttpMethod.GET), cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public int head(String str) {
        return exec(builder(str).method(HttpMethod.HEAD));
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public int head(String str, Map<String, String> map) {
        return exec(builder(str, map).method(HttpMethod.HEAD));
    }

    private <T> T exec(HttpRequest<Buffer> httpRequest, Class<T> cls) {
        return (T) exec(httpRequest, null, cls, VaultHealth.DEFAULT_INIT_UNSEAL_ACTIVE_STATUS_CODE);
    }

    private <T> T exec(HttpRequest<Buffer> httpRequest, int i) {
        return (T) exec(httpRequest, null, null, i);
    }

    private <T> T exec(HttpRequest<Buffer> httpRequest, Object obj, Class<T> cls) {
        return (T) exec(httpRequest, obj, cls, VaultHealth.DEFAULT_INIT_UNSEAL_ACTIVE_STATUS_CODE);
    }

    private <T> T exec(HttpRequest<Buffer> httpRequest, Object obj, Class<T> cls, int i) {
        try {
            HttpResponse<Buffer> httpResponse = (HttpResponse) (obj == null ? httpRequest.send() : httpRequest.sendBuffer(Buffer.buffer(requestBody(obj)))).await().atMost(getRequestTimeout());
            if (httpResponse.statusCode() != i) {
                throwVaultException(httpResponse);
            }
            Buffer buffer = (Buffer) httpResponse.body();
            if (buffer != null && cls != null) {
                return (T) this.mapper.readValue(buffer.toString(), cls);
            }
            return null;
        } catch (JsonProcessingException e) {
            throw new VaultException((Throwable) e);
        }
    }

    private Duration getRequestTimeout() {
        return this.vaultConfigHolder.getVaultBootstrapConfig().readTimeout;
    }

    private int exec(HttpRequest<Buffer> httpRequest) {
        return ((HttpResponse) httpRequest.send().await().atMost(getRequestTimeout())).statusCode();
    }

    private void throwVaultException(HttpResponse<Buffer> httpResponse) {
        String str = null;
        try {
            str = ((Buffer) httpResponse.body()).toString();
        } catch (Exception e) {
        }
        throw new VaultClientException(httpResponse.statusCode(), str);
    }

    private HttpRequest<Buffer> builder(String str, String str2) {
        HttpRequest<Buffer> builder = builder(str);
        if (str2 != null) {
            builder.putHeader(VaultClient.X_VAULT_TOKEN, str2);
        }
        Optional<String> optional = this.vaultConfigHolder.getVaultBootstrapConfig().enterprise.namespace;
        if (optional.isPresent() && !isRootNamespaceAPI(str)) {
            builder.putHeader(VaultClient.X_VAULT_NAMESPACE, optional.get());
        }
        return builder;
    }

    private boolean isRootNamespaceAPI(String str) {
        Stream<String> stream = ROOT_NAMESPACE_API.stream();
        Objects.requireNonNull(str);
        return stream.anyMatch(str::startsWith);
    }

    private HttpRequest<Buffer> builder(String str) {
        return this.webClient.getAbs(getUrl(str).toString());
    }

    private HttpRequest<Buffer> builder(String str, Map<String, String> map) {
        HttpRequest<Buffer> builder = builder(str);
        if (map != null) {
            Objects.requireNonNull(builder);
            map.forEach(builder::addQueryParam);
        }
        return builder;
    }

    private String requestBody(Object obj) {
        try {
            return this.mapper.writeValueAsString(obj);
        } catch (JsonProcessingException e) {
            throw new VaultException((Throwable) e);
        }
    }

    private URL getUrl(String str) {
        try {
            return new URL(this.baseUrl, "v1/" + str);
        } catch (MalformedURLException e) {
            throw new VaultException(e);
        }
    }
}
