package kafka.tier.store;

import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.FileReader;
import java.io.IOException;
import java.util.Optional;
import kafka.server.KafkaConfig;
import scala.compat.java8.OptionConverters;

/* loaded from: input_file:kafka/tier/store/AzureBlockBlobTierObjectStoreConfig.class */
public class AzureBlockBlobTierObjectStoreConfig extends TierObjectStoreConfig {
    public Optional<AzureCredentialsConfig> azureCredentialsConfig;
    public Optional<String> endpoint;
    public String container;
    public String azureBlobPrefix;
    public int drainThreshold;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:kafka/tier/store/AzureBlockBlobTierObjectStoreConfig$AzureCredentialsConfig.class */
    public static class AzureCredentialsConfig {
        private final String connectionString;
        private final String azureClientId;
        private final String azureTenantId;
        private final String azureClientSecret;

        @JsonCreator
        public AzureCredentialsConfig(@JsonProperty("connectionString") String str, @JsonProperty("azureClientId") String str2, @JsonProperty("azureTenantId") String str3, @JsonProperty("azureClientSecret") String str4) {
            this.connectionString = str;
            this.azureClientId = str2;
            this.azureTenantId = str3;
            this.azureClientSecret = str4;
        }

        @JsonProperty
        public String connectionString() {
            return this.connectionString;
        }

        @JsonProperty
        public String azureClientId() {
            return this.azureClientId;
        }

        @JsonProperty
        public String azureTenantId() {
            return this.azureTenantId;
        }

        @JsonProperty
        public String azureClientSecret() {
            return this.azureClientSecret;
        }

        public Boolean connectionStringAuthMethod() {
            return Boolean.valueOf(this.connectionString != null);
        }

        public Boolean servicePrincipalWithSecretAuthMethod() {
            return Boolean.valueOf((this.azureClientId == null || this.azureTenantId == null || this.azureClientSecret == null) ? false : true);
        }
    }

    public AzureBlockBlobTierObjectStoreConfig(Optional<String> optional, KafkaConfig kafkaConfig) {
        super(optional, kafkaConfig);
        validateConfig(kafkaConfig);
        Optional<String> java = OptionConverters.toJava(kafkaConfig.confluentConfig().tierAzureBlockBlobCredFilePath());
        this.endpoint = OptionConverters.toJava(kafkaConfig.confluentConfig().tierAzureBlockBlobEndpoint());
        this.azureCredentialsConfig = readAzureCredentials(java, this.endpoint.isPresent());
        this.container = kafkaConfig.confluentConfig().tierAzureBlockBlobContainer();
        this.azureBlobPrefix = kafkaConfig.confluentConfig().tierAzureBlockBlobPrefix();
        this.drainThreshold = kafkaConfig.confluentConfig().tierAzureBlockBlobConnectionDrainSize().intValue();
    }

    protected AzureBlockBlobTierObjectStoreConfig(Optional<String> optional, Optional<Integer> optional2, Optional<String> optional3, Optional<String> optional4, String str, String str2, int i) {
        super(optional, optional2);
        this.endpoint = optional4;
        this.azureCredentialsConfig = readAzureCredentials(optional3, optional4.isPresent());
        this.container = str;
        this.azureBlobPrefix = str2;
        this.drainThreshold = i;
    }

    public static AzureBlockBlobTierObjectStoreConfig createWithEmptyClusterIdBrokerId(Optional<String> optional, Optional<String> optional2, String str, String str2, int i) {
        return new AzureBlockBlobTierObjectStoreConfig(Optional.empty(), Optional.empty(), optional, optional2, str, str2, i);
    }

    private void validateConfig(KafkaConfig kafkaConfig) {
        if (kafkaConfig.confluentConfig().tierAzureBlockBlobCredFilePath().isEmpty() && kafkaConfig.confluentConfig().tierAzureBlockBlobEndpoint().isEmpty()) {
            throw new IllegalArgumentException("At least one of " + KafkaConfig.TierAzureBlockBlobCredFilePathProp() + " or " + KafkaConfig.TierAzureBlockBlobEndpointProp() + " must be set if " + KafkaConfig.TierBackendProp() + " property is set to Azure.");
        }
        if (kafkaConfig.confluentConfig().tierAzureBlockBlobContainer() == null) {
            throw new IllegalArgumentException(KafkaConfig.TierAzureBlockBlobContainerProp() + " must be set if " + KafkaConfig.TierBackendProp() + " property is set to Azure.");
        }
    }

    private Optional<AzureCredentialsConfig> readAzureCredentials(Optional<String> optional, boolean z) {
        if (!optional.isPresent()) {
            return Optional.empty();
        }
        AzureCredentialsConfig readCredFilePath = readCredFilePath(optional.get());
        if (!readCredFilePath.connectionStringAuthMethod().booleanValue() && !readCredFilePath.servicePrincipalWithSecretAuthMethod().booleanValue()) {
            throw new IllegalArgumentException("No credentials found in file: " + optional.get() + ". One of connectionString or (azureClientId + azureTenantId + azureClientSecret) must be supplied");
        }
        if (readCredFilePath.connectionString() != null && (readCredFilePath.azureClientId() != null || readCredFilePath.azureTenantId() != null || readCredFilePath.azureClientSecret() != null)) {
            throw new IllegalArgumentException("Only one of connectionString or (azureClientId + azureTenantId + azureClientSecret) can be set in file " + optional.get());
        }
        if (readCredFilePath.servicePrincipalWithSecretAuthMethod().booleanValue() && !z) {
            throw new IllegalArgumentException(KafkaConfig.TierAzureBlockBlobEndpointProp() + " must be specified when authenticating using a service principal with secret in file: " + optional.get());
        }
        if (readCredFilePath.connectionStringAuthMethod().booleanValue() && z) {
            throw new IllegalArgumentException(KafkaConfig.TierAzureBlockBlobEndpointProp() + " should not be set when using a connection string in file: " + optional.get());
        }
        return Optional.of(readCredFilePath);
    }

    private static AzureCredentialsConfig readCredFilePath(String str) {
        try {
            return (AzureCredentialsConfig) new ObjectMapper().readValue(new FileReader(str), AzureCredentialsConfig.class);
        } catch (IOException e) {
            throw new IllegalArgumentException("Failed to get credential from file: " + str, e);
        }
    }
}
