package com.netflix.spinnaker.clouddriver.config;

import com.fasterxml.jackson.annotation.JsonTypeName;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.deser.std.StringDeserializer;
import com.netflix.spinnaker.clouddriver.jackson.AccountDefinitionModule;
import com.netflix.spinnaker.clouddriver.security.AccountCredentialsProvider;
import com.netflix.spinnaker.clouddriver.security.AccountDefinitionAuthorizer;
import com.netflix.spinnaker.clouddriver.security.AccountDefinitionMapper;
import com.netflix.spinnaker.clouddriver.security.AccountDefinitionRepository;
import com.netflix.spinnaker.clouddriver.security.AccountDefinitionSecretManager;
import com.netflix.spinnaker.clouddriver.security.AccountDefinitionService;
import com.netflix.spinnaker.credentials.definition.CredentialsDefinition;
import com.netflix.spinnaker.fiat.shared.FiatPermissionEvaluator;
import com.netflix.spinnaker.kork.secrets.EncryptedSecret;
import com.netflix.spinnaker.kork.secrets.SecretManager;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
import lombok.Generated;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ResourceLoader;
import org.springframework.core.type.filter.AssignableTypeFilter;
import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
import org.springframework.util.ClassUtils;

@EnableConfigurationProperties({Properties.class})
@Configuration
/* loaded from: input_file:com/netflix/spinnaker/clouddriver/config/AccountDefinitionConfiguration.class */
public class AccountDefinitionConfiguration {

    @Generated
    private static final Logger log = LogManager.getLogger(AccountDefinitionConfiguration.class);

    @ConfigurationProperties("account.storage")
    @ConditionalOnProperty({"account.storage.enabled"})
    /* loaded from: input_file:com/netflix/spinnaker/clouddriver/config/AccountDefinitionConfiguration$Properties.class */
    public static class Properties {
        private boolean enabled;
        private List<String> additionalScanPackages = List.of();

        @Generated
        public Properties() {
        }

        @Generated
        public boolean isEnabled() {
            return this.enabled;
        }

        @Generated
        public List<String> getAdditionalScanPackages() {
            return this.additionalScanPackages;
        }

        @Generated
        public Properties setEnabled(boolean z) {
            this.enabled = z;
            return this;
        }

        @Generated
        public Properties setAdditionalScanPackages(List<String> list) {
            this.additionalScanPackages = list;
            return this;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof Properties)) {
                return false;
            }
            Properties properties = (Properties) obj;
            if (!properties.canEqual(this) || isEnabled() != properties.isEnabled()) {
                return false;
            }
            List<String> additionalScanPackages = getAdditionalScanPackages();
            List<String> additionalScanPackages2 = properties.getAdditionalScanPackages();
            return additionalScanPackages == null ? additionalScanPackages2 == null : additionalScanPackages.equals(additionalScanPackages2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof Properties;
        }

        @Generated
        public int hashCode() {
            int i = (1 * 59) + (isEnabled() ? 79 : 97);
            List<String> additionalScanPackages = getAdditionalScanPackages();
            return (i * 59) + (additionalScanPackages == null ? 43 : additionalScanPackages.hashCode());
        }

        @Generated
        public String toString() {
            return "AccountDefinitionConfiguration.Properties(enabled=" + isEnabled() + ", additionalScanPackages=" + getAdditionalScanPackages() + ")";
        }
    }

    @ConditionalOnMissingBean
    @Bean
    public AccountDefinitionAuthorizer accountDefinitionAuthorizer(Optional<FiatPermissionEvaluator> optional, @Value("${services.fiat.enabled:false}") boolean z) {
        return new AccountDefinitionAuthorizer(optional.filter(fiatPermissionEvaluator -> {
            return z;
        }).orElse(null));
    }

    @Bean
    public AccountDefinitionSecretManager accountDefinitionSecretManager(SecretManager secretManager, AccountDefinitionAuthorizer accountDefinitionAuthorizer) {
        return new AccountDefinitionSecretManager(secretManager, accountDefinitionAuthorizer);
    }

    @Bean
    public AccountDefinitionMapper accountDefinitionMapper(Jackson2ObjectMapperBuilder jackson2ObjectMapperBuilder, AccountDefinitionSecretManager accountDefinitionSecretManager) {
        jackson2ObjectMapperBuilder.deserializers(new JsonDeserializer[]{createSecretDecryptingDeserializer(accountDefinitionSecretManager)});
        return new AccountDefinitionMapper(jackson2ObjectMapperBuilder.build());
    }

    @ConditionalOnBean({AccountDefinitionRepository.class})
    @Bean
    public AccountDefinitionService accountDefinitionService(AccountDefinitionRepository accountDefinitionRepository, AccountDefinitionAuthorizer accountDefinitionAuthorizer, AccountCredentialsProvider accountCredentialsProvider, ObjectMapper objectMapper) {
        return new AccountDefinitionService(accountDefinitionRepository, accountDefinitionAuthorizer, accountCredentialsProvider, objectMapper);
    }

    @Bean
    public AccountDefinitionModule accountDefinitionModule(ResourceLoader resourceLoader, Properties properties) {
        return new AccountDefinitionModule(findAccountDefinitionTypes(resourceLoader, properties));
    }

    private static StringDeserializer createSecretDecryptingDeserializer(final AccountDefinitionSecretManager accountDefinitionSecretManager) {
        return new StringDeserializer() { // from class: com.netflix.spinnaker.clouddriver.config.AccountDefinitionConfiguration.1
            /* renamed from: deserialize, reason: merged with bridge method [inline-methods] */
            public String m4deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException {
                String deserialize = super.deserialize(jsonParser, deserializationContext);
                return EncryptedSecret.isEncryptedSecret(deserialize) ? AccountDefinitionSecretManager.this.getEncryptedSecret(deserialize) : deserialize;
            }
        };
    }

    private static Class<? extends CredentialsDefinition>[] findAccountDefinitionTypes(ResourceLoader resourceLoader, Properties properties) {
        ClassPathScanningCandidateComponentProvider classPathScanningCandidateComponentProvider = new ClassPathScanningCandidateComponentProvider(false);
        classPathScanningCandidateComponentProvider.setResourceLoader(resourceLoader);
        classPathScanningCandidateComponentProvider.addIncludeFilter(new AssignableTypeFilter(CredentialsDefinition.class));
        ArrayList arrayList = new ArrayList(properties.additionalScanPackages);
        arrayList.add(0, "com.netflix.spinnaker.clouddriver");
        return (Class[]) arrayList.stream().flatMap(str -> {
            return classPathScanningCandidateComponentProvider.findCandidateComponents(str).stream();
        }).map((v0) -> {
            return v0.getBeanClassName();
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).map(AccountDefinitionConfiguration::loadCredentialsDefinitionType).filter((v0) -> {
            return Objects.nonNull(v0);
        }).filter(cls -> {
            return cls.isAnnotationPresent(JsonTypeName.class);
        }).peek(cls2 -> {
            log.info("Discovered CredentialsDefinition class '{}' with type discriminator '{}'.", cls2.getName(), cls2.getAnnotation(JsonTypeName.class).value());
        }).toArray(i -> {
            return new Class[i];
        });
    }

    @Nullable
    private static Class<? extends CredentialsDefinition> loadCredentialsDefinitionType(String str) {
        try {
            return ClassUtils.forName(str, (ClassLoader) null).asSubclass(CredentialsDefinition.class);
        } catch (ClassNotFoundException e) {
            log.warn("Unable to load CredentialsDefinition class '{}'. Credentials with this type will not be loaded.", str, e);
            return null;
        }
    }
}
