package de.stklcode.jvault.connector;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import de.stklcode.jvault.connector.exception.AuthorizationRequiredException;
import de.stklcode.jvault.connector.exception.InvalidRequestException;
import de.stklcode.jvault.connector.exception.InvalidResponseException;
import de.stklcode.jvault.connector.exception.PermissionDeniedException;
import de.stklcode.jvault.connector.exception.VaultConnectorException;
import de.stklcode.jvault.connector.model.AuthBackend;
import de.stklcode.jvault.connector.model.response.AuthMethodsResponse;
import de.stklcode.jvault.connector.model.response.AuthResponse;
import de.stklcode.jvault.connector.model.response.ErrorResponse;
import de.stklcode.jvault.connector.model.response.SealResponse;
import de.stklcode.jvault.connector.model.response.SecretListResponse;
import de.stklcode.jvault.connector.model.response.SecretResponse;
import de.stklcode.jvault.connector.model.response.TokenResponse;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.BasicHttpParams;

/* loaded from: input_file:de/stklcode/jvault/connector/HTTPVaultConnector.class */
public class HTTPVaultConnector implements VaultConnector {
    private static final String PATH_PREFIX = "/v1/";
    private static final String PATH_SEAL_STATUS = "sys/seal-status";
    private static final String PATH_SEAL = "sys/seal";
    private static final String PATH_UNSEAL = "sys/unseal";
    private static final String PATH_INIT = "sys/init";
    private static final String PATH_AUTH = "sys/auth";
    private static final String PATH_TOKEN_LOOKUP = "auth/token/lookup";
    private static final String PATH_AUTH_USERPASS = "auth/userpass/login/";
    private static final String PATH_AUTH_APPID = "auth/app-id/";
    private static final String PATH_SECRET = "secret";
    private final ObjectMapper jsonMapper;
    private final HttpClient httpClient;
    private final String baseURL;
    private boolean authorized;
    private String token;

    public HTTPVaultConnector(String str, boolean z) {
        this(str, z, null);
    }

    public HTTPVaultConnector(String str, boolean z, Integer num) {
        this(str, z, num, "/v1/");
    }

    public HTTPVaultConnector(String str, boolean z, Integer num, String str2) {
        this((z ? "https" : "http") + "://" + str + (num != null ? ":" + num : "") + str2);
    }

    public HTTPVaultConnector(String str) {
        this.authorized = false;
        this.baseURL = str;
        this.httpClient = new DefaultHttpClient();
        this.jsonMapper = new ObjectMapper();
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public void resetAuth() {
        this.token = null;
        this.authorized = false;
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public SealResponse sealStatus() {
        try {
            return (SealResponse) this.jsonMapper.readValue(requestGet(PATH_SEAL_STATUS, new HashMap()), SealResponse.class);
        } catch (VaultConnectorException | IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public boolean seal() {
        try {
            requestPut(PATH_SEAL, new HashMap());
            return true;
        } catch (VaultConnectorException e) {
            e.printStackTrace();
            return false;
        }
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public SealResponse unseal(String str, Boolean bool) {
        HashMap hashMap = new HashMap();
        hashMap.put("key", str);
        if (bool != null) {
            hashMap.put("reset", bool);
        }
        try {
            return (SealResponse) this.jsonMapper.readValue(requestPut(PATH_UNSEAL, hashMap), SealResponse.class);
        } catch (VaultConnectorException | IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public boolean isAuthorized() {
        return this.authorized;
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public boolean init() {
        return true;
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public List<AuthBackend> getAuthBackends() throws VaultConnectorException {
        try {
            return (List) ((AuthMethodsResponse) this.jsonMapper.readValue(requestGet(PATH_AUTH, new HashMap()), AuthMethodsResponse.class)).getSupportedMethods().stream().map((v0) -> {
                return v0.getType();
            }).collect(Collectors.toList());
        } catch (IOException e) {
            throw new InvalidResponseException("Unable to parse response", e);
        }
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public TokenResponse authToken(String str) throws VaultConnectorException {
        this.token = str;
        try {
            TokenResponse tokenResponse = (TokenResponse) this.jsonMapper.readValue(requestPost(PATH_TOKEN_LOOKUP, new HashMap()), TokenResponse.class);
            this.authorized = true;
            return tokenResponse;
        } catch (IOException e) {
            throw new InvalidResponseException("Unable to parse response", e);
        }
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public AuthResponse authUserPass(String str, String str2) throws VaultConnectorException {
        HashMap hashMap = new HashMap();
        hashMap.put("password", str2);
        try {
            AuthResponse authResponse = (AuthResponse) this.jsonMapper.readValue(requestPost(PATH_AUTH_USERPASS + str, hashMap), AuthResponse.class);
            this.token = authResponse.getAuth().getClientToken();
            this.authorized = true;
            return authResponse;
        } catch (IOException e) {
            throw new InvalidResponseException("Unable to parse response", e);
        }
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public AuthResponse authAppId(String str, String str2) throws VaultConnectorException {
        HashMap hashMap = new HashMap();
        hashMap.put("app_id", str);
        hashMap.put("user_id", str2);
        try {
            AuthResponse authResponse = (AuthResponse) this.jsonMapper.readValue(requestPost("auth/app-id/login", hashMap), AuthResponse.class);
            this.token = authResponse.getAuth().getClientToken();
            this.authorized = true;
            return authResponse;
        } catch (IOException e) {
            throw new InvalidResponseException("Unable to parse response", e);
        }
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public boolean registerAppId(String str, String str2, String str3) throws VaultConnectorException {
        if (!isAuthorized()) {
            throw new AuthorizationRequiredException();
        }
        HashMap hashMap = new HashMap();
        hashMap.put("value", str2);
        hashMap.put("display_name", str3);
        if (requestPost("auth/app-id/map/app-id/" + str, hashMap).equals("")) {
            return true;
        }
        throw new InvalidResponseException("Received response where non was expected.");
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public boolean registerUserId(String str, String str2) throws VaultConnectorException {
        if (!isAuthorized()) {
            throw new AuthorizationRequiredException();
        }
        HashMap hashMap = new HashMap();
        hashMap.put("value", str);
        if (requestPost("auth/app-id/map/user-id/" + str2, hashMap).equals("")) {
            return true;
        }
        throw new InvalidResponseException("Received response where non was expected.");
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public SecretResponse readSecret(String str) throws VaultConnectorException {
        if (!isAuthorized()) {
            throw new AuthorizationRequiredException();
        }
        try {
            return (SecretResponse) this.jsonMapper.readValue(requestGet("secret/" + str, new HashMap()), SecretResponse.class);
        } catch (IOException e) {
            throw new InvalidResponseException("Unable to parse response", e);
        }
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public List<String> listSecrets(String str) throws VaultConnectorException {
        if (!isAuthorized()) {
            throw new AuthorizationRequiredException();
        }
        try {
            return ((SecretListResponse) this.jsonMapper.readValue(requestGet("secret/" + str + "/?list=true", new HashMap()), SecretListResponse.class)).getKeys();
        } catch (IOException e) {
            throw new InvalidResponseException("Unable to parse response", e);
        }
    }

    @Override // de.stklcode.jvault.connector.VaultConnector
    public boolean writeSecret(String str, String str2) throws VaultConnectorException {
        if (str == null || str.isEmpty()) {
            throw new InvalidRequestException("Secret path must not be empty.");
        }
        HashMap hashMap = new HashMap();
        hashMap.put("value", str2);
        return requestPost("secret/" + str, hashMap).equals("");
    }

    private String requestPost(String str, Map map) throws VaultConnectorException {
        HttpPost httpPost = new HttpPost(this.baseURL + str);
        try {
            StringEntity stringEntity = new StringEntity(this.jsonMapper.writeValueAsString(map), "UTF-8");
            stringEntity.setContentEncoding("UTF-8");
            stringEntity.setContentType("application/json");
            httpPost.setEntity(stringEntity);
            if (this.token != null) {
                httpPost.addHeader("X-Vault-Token", this.token);
            }
            return request(httpPost);
        } catch (UnsupportedEncodingException | JsonProcessingException e) {
            throw new InvalidRequestException("Unable to parse response", e);
        }
    }

    private String requestPut(String str, Map<String, Object> map) throws VaultConnectorException {
        HttpPut httpPut = new HttpPut(this.baseURL + str);
        StringEntity stringEntity = null;
        try {
            stringEntity = new StringEntity(this.jsonMapper.writeValueAsString(map));
        } catch (UnsupportedEncodingException | JsonProcessingException e) {
            e.printStackTrace();
        }
        httpPut.setEntity(stringEntity);
        if (this.token != null) {
            httpPut.addHeader("X-Vault-Token", this.token);
        }
        return request(httpPut);
    }

    private String requestGet(String str, Map<String, Object> map) throws VaultConnectorException {
        HttpGet httpGet = new HttpGet(this.baseURL + str);
        BasicHttpParams basicHttpParams = new BasicHttpParams();
        basicHttpParams.getClass();
        map.forEach(basicHttpParams::setParameter);
        httpGet.setParams(basicHttpParams);
        if (this.token != null) {
            httpGet.addHeader("X-Vault-Token", this.token);
        }
        return request(httpGet);
    }

    private String request(HttpRequestBase httpRequestBase) throws VaultConnectorException {
        httpRequestBase.addHeader("accept", "application/json");
        HttpResponse httpResponse = null;
        try {
            try {
                HttpResponse execute = this.httpClient.execute(httpRequestBase);
                if (execute == null) {
                    throw new InvalidResponseException("Response unavailable");
                }
                switch (execute.getStatusLine().getStatusCode()) {
                    case 200:
                        String iOUtils = IOUtils.toString(execute.getEntity().getContent());
                        if (execute != null && execute.getEntity() != null) {
                            try {
                                execute.getEntity().consumeContent();
                            } catch (IOException e) {
                            }
                        }
                        return iOUtils;
                    case 204:
                        if (execute != null && execute.getEntity() != null) {
                            try {
                                execute.getEntity().consumeContent();
                            } catch (IOException e2) {
                            }
                        }
                        return "";
                    case 403:
                        throw new PermissionDeniedException();
                    default:
                        InvalidResponseException withStatusCode = new InvalidResponseException("Invalid response code").withStatusCode(Integer.valueOf(execute.getStatusLine().getStatusCode()));
                        try {
                            ErrorResponse errorResponse = (ErrorResponse) this.jsonMapper.readValue(IOUtils.toString(execute.getEntity().getContent()), ErrorResponse.class);
                            if (errorResponse.getErrors().size() <= 0 || !errorResponse.getErrors().get(0).equals("permission denied")) {
                                throw withStatusCode.withResponse(errorResponse.toString());
                            }
                            throw new PermissionDeniedException();
                        } catch (IOException e3) {
                            throw withStatusCode;
                        }
                }
            } catch (IOException e4) {
                throw new InvalidResponseException("Unable to read response", e4);
            }
        } catch (Throwable th) {
            if (0 != 0 && httpResponse.getEntity() != null) {
                try {
                    httpResponse.getEntity().consumeContent();
                } catch (IOException e5) {
                }
            }
            throw th;
        }
    }
}
