package io.unitycatalog.server.service.iceberg;

import com.google.auth.oauth2.AccessToken;
import io.unitycatalog.server.persist.utils.ServerPropertiesUtils;
import io.unitycatalog.server.service.credential.CredentialContext;
import io.unitycatalog.server.service.credential.CredentialOperations;
import io.unitycatalog.server.service.credential.aws.S3StorageConfig;
import io.unitycatalog.server.service.credential.azure.ADLSLocationUtils;
import io.unitycatalog.server.utils.Constants;
import java.net.URI;
import java.util.Map;
import java.util.Set;
import org.apache.iceberg.TableMetadata;
import software.amazon.awssdk.services.sts.model.Credentials;

/* loaded from: input_file:io/unitycatalog/server/service/iceberg/TableConfigService.class */
public class TableConfigService {
    private final CredentialOperations credentialOperations;
    private final Map<String, S3StorageConfig> s3Configurations = ServerPropertiesUtils.getInstance().getS3Configurations();

    public TableConfigService(CredentialOperations credentialOperations) {
        this.credentialOperations = credentialOperations;
    }

    public Map<String, String> getTableConfig(TableMetadata tableMetadata) {
        URI create = URI.create(tableMetadata.location());
        String scheme = create.getScheme();
        CredentialContext create2 = CredentialContext.create(create, Set.of(CredentialContext.Privilege.SELECT));
        boolean z = -1;
        switch (scheme.hashCode()) {
            case 3308:
                if (scheme.equals(Constants.URI_SCHEME_GS)) {
                    z = 2;
                    break;
                }
                break;
            case 3616:
                if (scheme.equals(Constants.URI_SCHEME_S3)) {
                    z = 3;
                    break;
                }
                break;
            case 2987182:
                if (scheme.equals(Constants.URI_SCHEME_ABFS)) {
                    z = false;
                    break;
                }
                break;
            case 92602757:
                if (scheme.equals(Constants.URI_SCHEME_ABFSS)) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
                return getADLSConfig(create2);
            case true:
                return getGCSConfig(create2);
            case true:
                return getS3Config(create2);
            default:
                return Map.of();
        }
    }

    private Map<String, String> getADLSConfig(CredentialContext credentialContext) {
        return Map.of("adls.sas-token." + ADLSLocationUtils.parseLocation(credentialContext.getStorageBase()).account(), this.credentialOperations.vendAzureCredential(credentialContext).getSasToken());
    }

    private Map<String, String> getGCSConfig(CredentialContext credentialContext) {
        AccessToken vendGcpToken = this.credentialOperations.vendGcpToken(credentialContext);
        return Map.of("gcs.oauth2.token", vendGcpToken.getTokenValue(), "gcs.oauth2.token-expires-at", Long.toString(vendGcpToken.getExpirationTime().getTime()));
    }

    private Map<String, String> getS3Config(CredentialContext credentialContext) {
        S3StorageConfig s3StorageConfig = this.s3Configurations.get(credentialContext.getStorageBase());
        Credentials vendAwsCredential = this.credentialOperations.vendAwsCredential(credentialContext);
        return Map.of("s3.access-key-id", vendAwsCredential.accessKeyId(), "s3.secret-access-key", vendAwsCredential.secretAccessKey(), "s3.session-token", vendAwsCredential.sessionToken(), "client.region", s3StorageConfig.getRegion());
    }
}
