package io.confluent.kafka.secretregistry.client.rest;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.confluent.kafka.secretregistry.client.rest.entities.ErrorMessage;
import io.confluent.kafka.secretregistry.client.rest.entities.Secret;
import io.confluent.kafka.secretregistry.client.rest.entities.requests.RegisterSecretRequest;
import io.confluent.kafka.secretregistry.client.rest.entities.requests.RegisterSecretResponse;
import io.confluent.kafka.secretregistry.client.rest.exceptions.RestClientException;
import io.confluent.kafka.secretregistry.client.rest.utils.UrlList;
import io.confluent.kafka.secretregistry.client.security.basicauth.BasicAuthCredentialProvider;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/confluent/kafka/secretregistry/client/rest/RestService.class */
public class RestService {
    private static final int HTTP_CONNECT_TIMEOUT_MS = 60000;
    private static final int HTTP_READ_TIMEOUT_MS = 60000;
    private static final int JSON_PARSE_ERROR_CODE = 50005;
    private UrlList baseUrls;
    private SSLSocketFactory sslSocketFactory;
    private BasicAuthCredentialProvider basicAuthCredentialProvider;
    private Map<String, String> httpHeaders;
    private static final Logger log = LoggerFactory.getLogger((Class<?>) RestService.class);
    private static final TypeReference<RegisterSecretResponse> REGISTER_RESPONSE_TYPE = new TypeReference<RegisterSecretResponse>() { // from class: io.confluent.kafka.secretregistry.client.rest.RestService.1
    };
    private static final TypeReference<JsonNode> GET_SECRET_ONLY_BY_VERSION_RESPONSE_TYPE = new TypeReference<JsonNode>() { // from class: io.confluent.kafka.secretregistry.client.rest.RestService.2
    };
    private static final TypeReference<Secret> GET_SECRET_BY_VERSION_RESPONSE_TYPE = new TypeReference<Secret>() { // from class: io.confluent.kafka.secretregistry.client.rest.RestService.3
    };
    private static final TypeReference<List<Secret>> ALL_SECRETS_RESPONSE_TYPE = new TypeReference<List<Secret>>() { // from class: io.confluent.kafka.secretregistry.client.rest.RestService.4
    };
    private static final TypeReference<List<Integer>> ALL_VERSIONS_RESPONSE_TYPE = new TypeReference<List<Integer>>() { // from class: io.confluent.kafka.secretregistry.client.rest.RestService.5
    };
    private static final TypeReference<List<String>> ALL_NAMES_RESPONSE_TYPE = new TypeReference<List<String>>() { // from class: io.confluent.kafka.secretregistry.client.rest.RestService.6
    };
    private static final TypeReference<Integer> DELETE_VERSION_RESPONSE_TYPE = new TypeReference<Integer>() { // from class: io.confluent.kafka.secretregistry.client.rest.RestService.7
    };
    private static final TypeReference<? extends List<Integer>> DELETE_KEY_RESPONSE_TYPE = new TypeReference<List<Integer>>() { // from class: io.confluent.kafka.secretregistry.client.rest.RestService.8
    };
    private static final TypeReference<? extends Set<String>> DELETE_PATH_RESPONSE_TYPE = new TypeReference<Set<String>>() { // from class: io.confluent.kafka.secretregistry.client.rest.RestService.9
    };
    private static ObjectMapper jsonDeserializer = new ObjectMapper();
    static final Map<String, String> DEFAULT_REQUEST_PROPERTIES = new HashMap();

    public RestService(UrlList urlList) {
        this.baseUrls = urlList;
    }

    public RestService(List<String> list) {
        this(new UrlList(list));
    }

    public RestService(String str) {
        this(parseBaseUrl(str));
    }

    public void setSslSocketFactory(SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
    }

    /* JADX WARN: Finally extract failed */
    private <T> T sendHttpRequest(String str, String str2, byte[] bArr, Map<String, String> map, TypeReference<T> typeReference) throws IOException, RestClientException {
        ErrorMessage errorMessage;
        log.debug(String.format("Sending %s with input %s to %s", str2, bArr == null ? "null" : new String(bArr, StandardCharsets.UTF_8), str));
        HttpURLConnection httpURLConnection = null;
        try {
            URL url = new URL(str);
            httpURLConnection = (HttpURLConnection) url.openConnection();
            httpURLConnection.setConnectTimeout(60000);
            httpURLConnection.setReadTimeout(60000);
            setupSsl(httpURLConnection);
            httpURLConnection.setRequestMethod(str2);
            setBasicAuthRequestHeader(httpURLConnection);
            setCustomHeaders(httpURLConnection);
            httpURLConnection.setDoInput(true);
            for (Map.Entry<String, String> entry : map.entrySet()) {
                httpURLConnection.setRequestProperty(entry.getKey(), entry.getValue());
            }
            httpURLConnection.setUseCaches(false);
            if (bArr != null) {
                httpURLConnection.setDoOutput(true);
                OutputStream outputStream = null;
                try {
                    try {
                        outputStream = httpURLConnection.getOutputStream();
                        outputStream.write(bArr);
                        outputStream.flush();
                        if (outputStream != null) {
                            outputStream.close();
                        }
                    } catch (IOException e) {
                        log.error("Failed to send HTTP request to endpoint: " + url, (Throwable) e);
                        throw e;
                    }
                } catch (Throwable th) {
                    if (outputStream != null) {
                        outputStream.close();
                    }
                    throw th;
                }
            }
            int responseCode = httpURLConnection.getResponseCode();
            if (responseCode == 200) {
                InputStream inputStream = httpURLConnection.getInputStream();
                T t = (T) jsonDeserializer.readValue(inputStream, typeReference);
                inputStream.close();
                if (httpURLConnection != null) {
                    httpURLConnection.disconnect();
                }
                return t;
            }
            if (responseCode == 204) {
                if (httpURLConnection != null) {
                    httpURLConnection.disconnect();
                }
                return null;
            }
            InputStream errorStream = httpURLConnection.getErrorStream();
            try {
                errorMessage = (ErrorMessage) jsonDeserializer.readValue(errorStream, ErrorMessage.class);
            } catch (JsonProcessingException e2) {
                errorMessage = new ErrorMessage(JSON_PARSE_ERROR_CODE, e2.getMessage());
            }
            errorStream.close();
            throw new RestClientException(errorMessage.getMessage(), responseCode, errorMessage.getErrorCode());
        } catch (Throwable th2) {
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
            throw th2;
        }
    }

    private void setupSsl(HttpURLConnection httpURLConnection) {
        if (!(httpURLConnection instanceof HttpsURLConnection) || this.sslSocketFactory == null) {
            return;
        }
        ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(this.sslSocketFactory);
    }

    private <T> T httpRequest(String str, String str2, byte[] bArr, Map<String, String> map, TypeReference<T> typeReference) throws IOException, RestClientException {
        int size = this.baseUrls.size();
        for (int i = 0; i < size; i++) {
            String current = this.baseUrls.current();
            try {
                return (T) sendHttpRequest(buildRequestUrl(current, str), str2, bArr, map, typeReference);
            } catch (IOException e) {
                this.baseUrls.fail(current);
                if (i == size - 1) {
                    throw e;
                }
            }
        }
        throw new IOException("Internal HTTP retry error");
    }

    static String buildRequestUrl(String str, String str2) {
        return str.replaceFirst("/$", "") + "/" + str2.replaceFirst("^/", "");
    }

    public int registerSecret(String str, String str2, String str3) throws IOException, RestClientException {
        RegisterSecretRequest registerSecretRequest = new RegisterSecretRequest();
        registerSecretRequest.setSecret(str);
        return registerSecret(registerSecretRequest, str2, str3);
    }

    public int registerSecret(RegisterSecretRequest registerSecretRequest, String str, String str2) throws IOException, RestClientException {
        return registerSecret(DEFAULT_REQUEST_PROPERTIES, registerSecretRequest, str, str2);
    }

    public int registerSecret(Map<String, String> map, RegisterSecretRequest registerSecretRequest, String str, String str2) throws IOException, RestClientException {
        return ((RegisterSecretResponse) httpRequest(String.format("/secret/paths/%s/keys/%s/versions", str, str2), "POST", registerSecretRequest.toJson().getBytes(StandardCharsets.UTF_8), map, REGISTER_RESPONSE_TYPE)).getVersion();
    }

    public Secret getVersion(String str, String str2, int i) throws IOException, RestClientException {
        return getVersion(DEFAULT_REQUEST_PROPERTIES, str, str2, i);
    }

    public Secret getVersion(Map<String, String> map, String str, String str2, int i) throws IOException, RestClientException {
        return (Secret) httpRequest(String.format("/secret/paths/%s/keys/%s/versions/%d", str, str2, Integer.valueOf(i)), "GET", null, map, GET_SECRET_BY_VERSION_RESPONSE_TYPE);
    }

    public Secret getLatestVersion(String str, String str2) throws IOException, RestClientException {
        return getLatestVersion(DEFAULT_REQUEST_PROPERTIES, str, str2);
    }

    public Secret getLatestVersion(Map<String, String> map, String str, String str2) throws IOException, RestClientException {
        return (Secret) httpRequest(String.format("/secret/paths/%s/keys/%s/versions/latest", str, str2), "GET", null, map, GET_SECRET_BY_VERSION_RESPONSE_TYPE);
    }

    public String getVersionSecretOnly(String str, String str2, int i) throws IOException, RestClientException {
        return ((JsonNode) httpRequest(String.format("/secret/paths/%s/keys/%s/versions/%d/secret", str, str2, Integer.valueOf(i)), "GET", null, DEFAULT_REQUEST_PROPERTIES, GET_SECRET_ONLY_BY_VERSION_RESPONSE_TYPE)).toString();
    }

    public String getLatestVersionSecretOnly(String str, String str2) throws IOException, RestClientException {
        return ((JsonNode) httpRequest(String.format("/secret/paths/%s/keys/%s/versions/latest/secret", str, str2), "GET", null, DEFAULT_REQUEST_PROPERTIES, GET_SECRET_ONLY_BY_VERSION_RESPONSE_TYPE)).toString();
    }

    public List<Secret> getAllVersions(String str, String str2) throws IOException, RestClientException {
        return getAllVersions(DEFAULT_REQUEST_PROPERTIES, str, str2);
    }

    public List<Secret> getAllVersions(Map<String, String> map, String str, String str2) throws IOException, RestClientException {
        return (List) httpRequest(String.format("/secret/paths/%s/keys/%s", str, str2), "GET", null, map, ALL_SECRETS_RESPONSE_TYPE);
    }

    public List<Secret> getAllLatest(String str) throws IOException, RestClientException {
        return getAllLatest(DEFAULT_REQUEST_PROPERTIES, str);
    }

    public List<Secret> getAllLatest(Map<String, String> map, String str) throws IOException, RestClientException {
        return (List) httpRequest(String.format("/secret/paths/%s", str), "GET", null, map, ALL_SECRETS_RESPONSE_TYPE);
    }

    public List<Integer> listAllVersions(String str, String str2) throws IOException, RestClientException {
        return listAllVersions(DEFAULT_REQUEST_PROPERTIES, str, str2);
    }

    public List<Integer> listAllVersions(Map<String, String> map, String str, String str2) throws IOException, RestClientException {
        return (List) httpRequest(String.format("/secret/paths/%s/keys/%s/versions", str, str2), "GET", null, map, ALL_VERSIONS_RESPONSE_TYPE);
    }

    public List<String> listAllKeys(String str) throws IOException, RestClientException {
        return listAllKeys(DEFAULT_REQUEST_PROPERTIES, str);
    }

    public List<String> listAllKeys(Map<String, String> map, String str) throws IOException, RestClientException {
        return (List) httpRequest(String.format("/secret/paths/%s", str), "GET", null, map, ALL_NAMES_RESPONSE_TYPE);
    }

    public List<String> listAllPaths() throws IOException, RestClientException {
        return listAllPaths(DEFAULT_REQUEST_PROPERTIES);
    }

    public List<String> listAllPaths(Map<String, String> map) throws IOException, RestClientException {
        return (List) httpRequest("/secret/paths", "GET", null, map, ALL_NAMES_RESPONSE_TYPE);
    }

    public int deleteVersion(Map<String, String> map, String str, String str2, String str3) throws IOException, RestClientException {
        return ((Integer) httpRequest(String.format("/secret/paths/%s/keys/%s/versions/%s", str, str2, str3), "DELETE", null, map, DELETE_VERSION_RESPONSE_TYPE)).intValue();
    }

    public List<Integer> deleteKey(Map<String, String> map, String str, String str2) throws IOException, RestClientException {
        return (List) httpRequest(String.format("/secret/paths/%s/keys/%s", str, str2), "DELETE", null, map, DELETE_KEY_RESPONSE_TYPE);
    }

    public Set<String> deletePath(Map<String, String> map, String str) throws IOException, RestClientException {
        return (Set) httpRequest(String.format("/secret/paths/%s", str), "DELETE", null, map, DELETE_PATH_RESPONSE_TYPE);
    }

    private static List<String> parseBaseUrl(String str) {
        List<String> asList = Arrays.asList(str.split("\\s*,\\s*"));
        if (asList.isEmpty()) {
            throw new IllegalArgumentException("Missing required secret registry url list");
        }
        return asList;
    }

    public UrlList getBaseUrls() {
        return this.baseUrls;
    }

    private void setBasicAuthRequestHeader(HttpURLConnection httpURLConnection) {
        String userInfo;
        if (this.basicAuthCredentialProvider == null || (userInfo = this.basicAuthCredentialProvider.getUserInfo(httpURLConnection.getURL())) == null) {
            return;
        }
        httpURLConnection.setRequestProperty("Authorization", "Basic " + Base64.getEncoder().encodeToString(userInfo.getBytes(StandardCharsets.UTF_8)));
    }

    private void setCustomHeaders(HttpURLConnection httpURLConnection) {
        if (this.httpHeaders != null) {
            this.httpHeaders.forEach((str, str2) -> {
                httpURLConnection.setRequestProperty(str, str2);
            });
        }
    }

    public void setBasicAuthCredentialProvider(BasicAuthCredentialProvider basicAuthCredentialProvider) {
        this.basicAuthCredentialProvider = basicAuthCredentialProvider;
    }

    public void setHttpHeaders(Map<String, String> map) {
        this.httpHeaders = map;
    }

    static {
        DEFAULT_REQUEST_PROPERTIES.put("Content-Type", "application/vnd.secretregistry.v1+json");
    }
}
