package com.github.tsc4j.credstash;

import com.github.tsc4j.aws.common.AwsCliCommand;
import com.github.tsc4j.core.Tsc4jImplUtils;
import com.jessecoyle.CredentialVersion;
import com.jessecoyle.JCredStash;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.TreeMap;
import java.util.concurrent.Callable;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import lombok.Generated;
import lombok.NonNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import picocli.CommandLine;

@CommandLine.Command(description = {"Credstash test command."}, sortOptions = false)
/* loaded from: input_file:com/github/tsc4j/credstash/CredstashCommand.class */
public final class CredstashCommand extends AwsCliCommand {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(CredstashCommand.class);
    private static final String KEY_FMT = "%-50.50s";
    private static final String VERSION_FMT = "%-9.9s";
    private static final String LIST_FMT = "%-50.50s %-9.9s\n";
    private static final String DISPLAY_FMT = "%-50.50s %s\n";

    @CommandLine.Option(names = {"-t", "--table"}, description = {"credstash dynamodb table name (default: ${DEFAULT-VALUE})"})
    private String tableName = "credential-store";

    @CommandLine.Option(names = {"-L", "--list"}, description = {"Lists credstash credentials"})
    private boolean listCredentials = false;

    @CommandLine.Option(names = {"-A", "--all"}, description = {"Fetch all credstash secrets"})
    private boolean fetchAll = false;

    @CommandLine.Parameters(description = {"fetch specified credentials"})
    private List<String> credentials = new ArrayList();

    protected int doCall() {
        Supplier<JCredStash> createCredstashSupplier = CredstashConfigValueProvider.createCredstashSupplier(this.tableName, getAwsConfig());
        if (this.listCredentials) {
            return listSecrets(createCredstashSupplier.get());
        }
        if (this.fetchAll || !this.credentials.isEmpty()) {
            return fetchSecrets(createCredstashSupplier.get(), this.credentials);
        }
        throw new CommandLine.PicocliException("No credential names to fetch were specified. Run with --help for instructions.");
    }

    public String getName() {
        return "credstash";
    }

    private int fetchSecrets(@NonNull JCredStash jCredStash, @NonNull Collection<String> collection) {
        Objects.requireNonNull(jCredStash, "credstash is marked non-null but is null");
        Objects.requireNonNull(collection, "credentials is marked non-null but is null");
        Collection<String> collection2 = this.fetchAll ? (Collection) getSecrets(jCredStash, true).stream().map(credentialVersion -> {
            return credentialVersion.getName();
        }).collect(Collectors.toList()) : collection;
        log.debug("fetching {} credstash credentials: {}", Integer.valueOf(collection2.size()), collection2);
        Map emptyMap = Collections.emptyMap();
        TreeMap treeMap = new TreeMap();
        log.debug("parallelCall() returned {} results.", Integer.valueOf(runTasks((List) Tsc4jImplUtils.toUniqueList(collection2).stream().map(str -> {
            return createFetchCredentialCallable(jCredStash, str, emptyMap, treeMap);
        }).collect(Collectors.toList()), true).size()));
        if (treeMap.isEmpty()) {
            return 0;
        }
        getStderr().printf(DISPLAY_FMT, "credential", "secret");
        treeMap.forEach((str2, str3) -> {
            getStdout().printf(DISPLAY_FMT, str2, str3);
        });
        return 0;
    }

    private Callable<String> createFetchCredentialCallable(@NonNull JCredStash jCredStash, @NonNull String str, @NonNull Map<String, String> map, @NonNull Map<String, String> map2) {
        Objects.requireNonNull(jCredStash, "credstash is marked non-null but is null");
        Objects.requireNonNull(str, "credentialName is marked non-null but is null");
        Objects.requireNonNull(map, "kmsCtx is marked non-null but is null");
        Objects.requireNonNull(map2, "credentialMap is marked non-null but is null");
        return () -> {
            String fetchCredential = fetchCredential(jCredStash, str, map);
            map2.put(str, fetchCredential);
            return fetchCredential;
        };
    }

    private String fetchCredential(@NonNull JCredStash jCredStash, @NonNull String str, @NonNull Map<String, String> map) {
        Objects.requireNonNull(jCredStash, "credstash is marked non-null but is null");
        Objects.requireNonNull(str, "credentialName is marked non-null but is null");
        Objects.requireNonNull(map, "kmsCtx is marked non-null but is null");
        long currentTimeMillis = System.currentTimeMillis();
        String secret = jCredStash.getSecret(str, map);
        log.debug("fetched credstash secret {} in {} msec.", str, Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        return secret.trim();
    }

    private int listSecrets(@NonNull JCredStash jCredStash) {
        Objects.requireNonNull(jCredStash, "credstash is marked non-null but is null");
        log.debug("listing credstash credentials.");
        long currentTimeMillis = System.currentTimeMillis();
        List<CredentialVersion> secrets = getSecrets(jCredStash, true);
        log.debug("retrieved {} credstash credentials in {} msec.", Integer.valueOf(secrets.size()), Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        getStderr().printf(LIST_FMT, "credential", "version");
        secrets.forEach(credentialVersion -> {
            getStdout().printf(LIST_FMT, credentialVersion.getName(), cleanupVersion(credentialVersion.getVersion()));
        });
        return 0;
    }

    private static String cleanupVersion(@NonNull String str) {
        Objects.requireNonNull(str, "version is marked non-null but is null");
        return str.replaceAll("^0*", "");
    }

    private List<CredentialVersion> getSecrets(@NonNull JCredStash jCredStash, boolean z) {
        Objects.requireNonNull(jCredStash, "credstash is marked non-null but is null");
        List<CredentialVersion> listSecrets = jCredStash.listSecrets();
        return z ? latestSecretVersions(listSecrets) : listSecrets;
    }

    private List<CredentialVersion> latestSecretVersions(@NonNull Collection<CredentialVersion> collection) {
        Objects.requireNonNull(collection, "creds is marked non-null but is null");
        HashMap hashMap = new HashMap();
        collection.forEach(credentialVersion -> {
            String name = credentialVersion.getName();
            CredentialVersion credentialVersion = (CredentialVersion) hashMap.get(name);
            if (credentialVersion == null) {
                hashMap.put(name, credentialVersion);
            } else if (Long.parseLong(cleanupVersion(credentialVersion.getVersion())) > Long.parseLong(cleanupVersion(credentialVersion.getVersion()))) {
                hashMap.put(name, credentialVersion);
            }
        });
        return (List) hashMap.entrySet().stream().sorted(Comparator.comparing((v0) -> {
            return v0.getKey();
        })).map((v0) -> {
            return v0.getValue();
        }).collect(Collectors.toList());
    }

    public String getGroup() {
        return "misc";
    }

    @Generated
    public String toString() {
        return "CredstashCommand(tableName=" + this.tableName + ", listCredentials=" + this.listCredentials + ", fetchAll=" + this.fetchAll + ", credentials=" + this.credentials + ")";
    }
}
