package io.unitycatalog.server.service.credential;

import com.google.auth.oauth2.AccessToken;
import io.unitycatalog.server.exception.BaseException;
import io.unitycatalog.server.exception.ErrorCode;
import io.unitycatalog.server.model.AwsCredentials;
import io.unitycatalog.server.model.AzureUserDelegationSAS;
import io.unitycatalog.server.model.GcpOauthToken;
import io.unitycatalog.server.model.TemporaryCredentials;
import io.unitycatalog.server.service.credential.CredentialContext;
import io.unitycatalog.server.service.credential.aws.AwsCredentialVendor;
import io.unitycatalog.server.service.credential.azure.AzureCredential;
import io.unitycatalog.server.service.credential.azure.AzureCredentialVendor;
import io.unitycatalog.server.service.credential.gcp.GcpCredentialVendor;
import io.unitycatalog.server.utils.Constants;
import java.net.URI;
import java.util.Set;
import software.amazon.awssdk.services.sts.model.Credentials;

/* loaded from: input_file:io/unitycatalog/server/service/credential/CredentialOperations.class */
public class CredentialOperations {
    private final AwsCredentialVendor awsCredentialVendor = new AwsCredentialVendor();
    private final AzureCredentialVendor azureCredentialVendor = new AzureCredentialVendor();
    private final GcpCredentialVendor gcpCredentialVendor = new GcpCredentialVendor();

    public TemporaryCredentials vendCredential(String str, Set<CredentialContext.Privilege> set) {
        if (str == null || str.isEmpty()) {
            throw new BaseException(ErrorCode.FAILED_PRECONDITION, "Storage location is null or empty.");
        }
        return vendCredential(CredentialContext.create(URI.create(str), set));
    }

    public TemporaryCredentials vendCredential(CredentialContext credentialContext) {
        TemporaryCredentials temporaryCredentials = new TemporaryCredentials();
        String storageScheme = credentialContext.getStorageScheme();
        boolean z = -1;
        switch (storageScheme.hashCode()) {
            case 3308:
                if (storageScheme.equals(Constants.URI_SCHEME_GS)) {
                    z = 2;
                    break;
                }
                break;
            case 3616:
                if (storageScheme.equals(Constants.URI_SCHEME_S3)) {
                    z = 3;
                    break;
                }
                break;
            case 2987182:
                if (storageScheme.equals(Constants.URI_SCHEME_ABFS)) {
                    z = false;
                    break;
                }
                break;
            case 92602757:
                if (storageScheme.equals(Constants.URI_SCHEME_ABFSS)) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
                AzureCredential vendAzureCredential = vendAzureCredential(credentialContext);
                temporaryCredentials.azureUserDelegationSas(new AzureUserDelegationSAS().sasToken(vendAzureCredential.getSasToken())).expirationTime(Long.valueOf(vendAzureCredential.getExpirationTimeInEpochMillis()));
                break;
            case true:
                AccessToken vendGcpToken = vendGcpToken(credentialContext);
                temporaryCredentials.gcpOauthToken(new GcpOauthToken().oauthToken(vendGcpToken.getTokenValue())).expirationTime(Long.valueOf(vendGcpToken.getExpirationTime().getTime()));
                break;
            case true:
                Credentials vendAwsCredential = vendAwsCredential(credentialContext);
                temporaryCredentials.awsTempCredentials(new AwsCredentials().accessKeyId(vendAwsCredential.accessKeyId()).secretAccessKey(vendAwsCredential.secretAccessKey()).sessionToken(vendAwsCredential.sessionToken()));
                break;
        }
        return temporaryCredentials;
    }

    public Credentials vendAwsCredential(CredentialContext credentialContext) {
        return this.awsCredentialVendor.vendAwsCredentials(credentialContext);
    }

    public AzureCredential vendAzureCredential(CredentialContext credentialContext) {
        return this.azureCredentialVendor.vendAzureCredential(credentialContext);
    }

    public AccessToken vendGcpToken(CredentialContext credentialContext) {
        return this.gcpCredentialVendor.vendGcpToken(credentialContext);
    }
}
