package de.adorsys.sts.keyrotation;

import de.adorsys.lockpersistence.client.LockClient;
import de.adorsys.sts.keymanagement.model.StsKeyStore;
import de.adorsys.sts.keymanagement.persistence.KeyStoreRepository;
import de.adorsys.sts.keymanagement.service.KeyManagementProperties;
import de.adorsys.sts.keymanagement.service.KeyRotationService;
import java.time.Clock;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.util.List;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/lib/sts-spring-0.29.0.jar:de/adorsys/sts/keyrotation/KeyRotationSchedule.class */
public class KeyRotationSchedule {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) KeyRotationSchedule.class);
    private final KeyRotationService keyRotationService;
    private final KeyStoreRepository keyStoreRepository;
    private final LockClient lockClient;
    private final String rotationLockName;
    private final Clock clock;

    @Autowired
    public KeyRotationSchedule(KeyRotationService keyRotationService, @Qualifier("cached") KeyStoreRepository keyStoreRepository, LockClient lockClient, KeyManagementProperties keyManagementProperties, Clock clock) {
        this.keyRotationService = keyRotationService;
        this.keyStoreRepository = keyStoreRepository;
        this.lockClient = lockClient;
        this.clock = clock;
        this.rotationLockName = "key-rotation -- " + keyManagementProperties.getKeystore().getName();
    }

    @Scheduled(initialDelayString = "${sts.keymanagement.rotation.check-interval:60000}", fixedDelayString = "${sts.keymanagement.rotation.check-interval:60000}")
    public void scheduledRotation() {
        this.lockClient.executeIfOwned(this.rotationLockName, () -> {
            if (!this.keyStoreRepository.exists()) {
                LOG.debug("No key rotation needed. Keystore repository is (still) empty.");
                return;
            }
            LOG.debug("Perform key rotation...");
            performKeyRotation();
            LOG.debug("Key rotation finished.");
        });
    }

    private void performKeyRotation() {
        StsKeyStore load = this.keyStoreRepository.load();
        KeyRotationService.KeyRotationResult rotate = this.keyRotationService.rotate(load);
        List<String> removedKeys = rotate.getRemovedKeys();
        List<String> futureKeys = rotate.getFutureKeys();
        List<String> generatedKeys = rotate.getGeneratedKeys();
        if (LOG.isDebugEnabled()) {
            LOG.debug(removedKeys.size() + " keys removed: [" + ((String) removedKeys.stream().collect(Collectors.joining(","))) + "]");
            LOG.debug(futureKeys.size() + " future keys generated: [" + ((String) futureKeys.stream().collect(Collectors.joining(","))) + "]");
            LOG.debug(generatedKeys.size() + " keys generated: [" + ((String) generatedKeys.stream().collect(Collectors.joining(","))) + "]");
        }
        if (removedKeys.size() + futureKeys.size() + generatedKeys.size() > 0) {
            load.setLastUpdate(now());
            this.keyStoreRepository.save(load);
        }
    }

    private ZonedDateTime now() {
        return this.clock.instant().atZone(ZoneOffset.UTC);
    }
}
