package com.amazonaws.athena.connector.lambda.security;

import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.arrow.util.VisibleForTesting;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;

/* loaded from: input_file:com/amazonaws/athena/connector/lambda/security/CachableSecretsManager.class */
public class CachableSecretsManager {
    private static final long MAX_CACHE_AGE_MS = 60000;
    protected static final int MAX_CACHE_SIZE = 10;
    private final LinkedHashMap<String, CacheEntry> cache = new LinkedHashMap<>();
    private final SecretsManagerClient secretsManager;
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) CachableSecretsManager.class);
    private static final String SECRET_PATTERN = "(\\$\\{[a-zA-Z0-9-\\/_\\-\\.\\+=@]+\\})";
    private static final Pattern PATTERN = Pattern.compile(SECRET_PATTERN);
    private static final String SECRET_NAME_PATTERN = "\\$\\{([a-zA-Z0-9-\\/_\\-\\.\\+=@]+)\\}";
    private static final Pattern NAME_PATTERN = Pattern.compile(SECRET_NAME_PATTERN);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/amazonaws/athena/connector/lambda/security/CachableSecretsManager$CacheEntry.class */
    public class CacheEntry {
        private final String name;
        private final String value;
        private final long createTime;

        public CacheEntry(String str, String str2) {
            this.value = str2;
            this.name = str;
            this.createTime = System.currentTimeMillis();
        }

        public CacheEntry(String str, String str2, long j) {
            this.value = str2;
            this.name = str;
            this.createTime = j;
        }

        public String getValue() {
            return this.value;
        }

        public long getAge() {
            return System.currentTimeMillis() - this.createTime;
        }
    }

    public CachableSecretsManager(SecretsManagerClient secretsManagerClient) {
        this.secretsManager = secretsManagerClient;
    }

    public String resolveSecrets(String str) {
        if (str == null) {
            return str;
        }
        Matcher matcher = PATTERN.matcher(str);
        String str2 = str;
        while (true) {
            String str3 = str2;
            if (!matcher.find()) {
                return str3;
            }
            String group = matcher.group(1);
            Matcher matcher2 = NAME_PATTERN.matcher(group);
            matcher2.find();
            str2 = str3.replace(group, getSecret(matcher2.group(1)));
        }
    }

    public String getSecret(String str) {
        CacheEntry cacheEntry = this.cache.get(str);
        if (cacheEntry == null || cacheEntry.getAge() > 60000) {
            logger.info("getSecret: Resolving secret[{}].", str);
            cacheEntry = new CacheEntry(str, this.secretsManager.getSecretValue((GetSecretValueRequest) GetSecretValueRequest.builder().secretId(str).mo3572build()).secretString());
            evictCache(this.cache.size() >= 10);
            this.cache.put(str, cacheEntry);
        }
        return cacheEntry.getValue();
    }

    private void evictCache(boolean z) {
        Iterator<Map.Entry<String, CacheEntry>> it = this.cache.entrySet().iterator();
        int i = 0;
        while (it.hasNext()) {
            if (it.next().getValue().getAge() > 60000) {
                it.remove();
                i++;
            }
        }
        if (i == 0 && z) {
            Iterator<Map.Entry<String, CacheEntry>> it2 = this.cache.entrySet().iterator();
            if (it2.hasNext()) {
                it2.next();
                it2.remove();
            }
        }
    }

    @VisibleForTesting
    protected void addCacheEntry(String str, String str2, long j) {
        this.cache.put(str, new CacheEntry(str, str2, j));
    }
}
