package org.springframework.vault.core;

import java.util.Collections;
import java.util.List;
import org.springframework.beans.factory.DisposableBean;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpMethod;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.ClientHttpRequestInterceptor;
import org.springframework.http.client.SimpleClientHttpRequestFactory;
import org.springframework.lang.Nullable;
import org.springframework.util.Assert;
import org.springframework.vault.authentication.ClientAuthentication;
import org.springframework.vault.authentication.SessionManager;
import org.springframework.vault.authentication.SimpleSessionManager;
import org.springframework.vault.client.RestTemplateBuilder;
import org.springframework.vault.client.SimpleVaultEndpointProvider;
import org.springframework.vault.client.VaultEndpoint;
import org.springframework.vault.client.VaultEndpointProvider;
import org.springframework.vault.client.VaultHttpHeaders;
import org.springframework.vault.client.VaultResponses;
import org.springframework.vault.core.VaultKeyValueOperationsSupport;
import org.springframework.vault.support.VaultResponse;
import org.springframework.vault.support.VaultResponseSupport;
import org.springframework.vault.support.VaultToken;
import org.springframework.web.client.HttpStatusCodeException;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:org/springframework/vault/core/VaultTemplate.class */
public class VaultTemplate implements InitializingBean, VaultOperations, DisposableBean {
    private final RestTemplate statelessTemplate;
    private final RestTemplate sessionTemplate;

    @Nullable
    private SessionManager sessionManager;
    private final boolean dedicatedSessionManager;

    /* loaded from: input_file:org/springframework/vault/core/VaultTemplate$NoSessionManager.class */
    private enum NoSessionManager implements SessionManager {
        INSTANCE;

        @Override // org.springframework.vault.authentication.SessionManager
        public VaultToken getSessionToken() {
            throw new UnsupportedOperationException();
        }
    }

    public VaultTemplate(VaultEndpoint vaultEndpoint) {
        this(SimpleVaultEndpointProvider.of(vaultEndpoint), (ClientHttpRequestFactory) new SimpleClientHttpRequestFactory());
    }

    public VaultTemplate(VaultEndpoint vaultEndpoint, ClientAuthentication clientAuthentication) {
        Assert.notNull(vaultEndpoint, "VaultEndpoint must not be null");
        Assert.notNull(clientAuthentication, "ClientAuthentication must not be null");
        this.sessionManager = new SimpleSessionManager(clientAuthentication);
        this.dedicatedSessionManager = true;
        SimpleClientHttpRequestFactory simpleClientHttpRequestFactory = new SimpleClientHttpRequestFactory();
        VaultEndpointProvider of = SimpleVaultEndpointProvider.of(vaultEndpoint);
        this.statelessTemplate = doCreateRestTemplate(of, simpleClientHttpRequestFactory);
        this.sessionTemplate = doCreateSessionTemplate(of, simpleClientHttpRequestFactory);
    }

    public VaultTemplate(VaultEndpoint vaultEndpoint, ClientHttpRequestFactory clientHttpRequestFactory) {
        this(SimpleVaultEndpointProvider.of(vaultEndpoint), clientHttpRequestFactory);
    }

    public VaultTemplate(VaultEndpoint vaultEndpoint, ClientHttpRequestFactory clientHttpRequestFactory, SessionManager sessionManager) {
        this(SimpleVaultEndpointProvider.of(vaultEndpoint), clientHttpRequestFactory, sessionManager);
    }

    public VaultTemplate(VaultEndpointProvider vaultEndpointProvider, ClientHttpRequestFactory clientHttpRequestFactory) {
        Assert.notNull(vaultEndpointProvider, "VaultEndpointProvider must not be null");
        Assert.notNull(clientHttpRequestFactory, "ClientHttpRequestFactory must not be null");
        RestTemplate doCreateRestTemplate = doCreateRestTemplate(vaultEndpointProvider, clientHttpRequestFactory);
        this.sessionManager = NoSessionManager.INSTANCE;
        this.dedicatedSessionManager = false;
        this.statelessTemplate = doCreateRestTemplate;
        this.sessionTemplate = doCreateRestTemplate;
    }

    public VaultTemplate(VaultEndpointProvider vaultEndpointProvider, ClientHttpRequestFactory clientHttpRequestFactory, SessionManager sessionManager) {
        Assert.notNull(vaultEndpointProvider, "VaultEndpointProvider must not be null");
        Assert.notNull(clientHttpRequestFactory, "ClientHttpRequestFactory must not be null");
        Assert.notNull(sessionManager, "SessionManager must not be null");
        this.sessionManager = sessionManager;
        this.dedicatedSessionManager = false;
        this.statelessTemplate = doCreateRestTemplate(vaultEndpointProvider, clientHttpRequestFactory);
        this.sessionTemplate = doCreateSessionTemplate(vaultEndpointProvider, clientHttpRequestFactory);
    }

    public VaultTemplate(RestTemplateBuilder restTemplateBuilder) {
        Assert.notNull(restTemplateBuilder, "RestTemplateBuilder must not be null");
        RestTemplate build = restTemplateBuilder.build();
        this.sessionManager = NoSessionManager.INSTANCE;
        this.dedicatedSessionManager = false;
        this.statelessTemplate = build;
        this.sessionTemplate = build;
    }

    public VaultTemplate(RestTemplateBuilder restTemplateBuilder, SessionManager sessionManager) {
        Assert.notNull(restTemplateBuilder, "RestTemplateBuilder must not be null");
        Assert.notNull(sessionManager, "SessionManager must not be null");
        this.sessionManager = sessionManager;
        this.dedicatedSessionManager = false;
        this.statelessTemplate = restTemplateBuilder.build();
        this.sessionTemplate = restTemplateBuilder.build();
        this.sessionTemplate.getInterceptors().add(getSessionInterceptor());
    }

    protected RestTemplate doCreateRestTemplate(VaultEndpointProvider vaultEndpointProvider, ClientHttpRequestFactory clientHttpRequestFactory) {
        return RestTemplateBuilder.builder().endpointProvider(vaultEndpointProvider).requestFactory(clientHttpRequestFactory).build();
    }

    protected RestTemplate doCreateSessionTemplate(VaultEndpointProvider vaultEndpointProvider, ClientHttpRequestFactory clientHttpRequestFactory) {
        return RestTemplateBuilder.builder().endpointProvider(vaultEndpointProvider).requestFactory(clientHttpRequestFactory).customizers(restTemplate -> {
            restTemplate.getInterceptors().add(getSessionInterceptor());
        }).build();
    }

    private ClientHttpRequestInterceptor getSessionInterceptor() {
        return (httpRequest, bArr, clientHttpRequestExecution) -> {
            Assert.notNull(this.sessionManager, "SessionManager must not be null");
            httpRequest.getHeaders().add(VaultHttpHeaders.VAULT_TOKEN, this.sessionManager.getSessionToken().getToken());
            return clientHttpRequestExecution.execute(httpRequest, bArr);
        };
    }

    public void setSessionManager(SessionManager sessionManager) {
        Assert.notNull(sessionManager, "SessionManager must not be null");
        this.sessionManager = sessionManager;
    }

    public void afterPropertiesSet() {
        Assert.notNull(this.sessionManager, "SessionManager must not be null");
    }

    public void destroy() throws Exception {
        if (this.dedicatedSessionManager && (this.sessionManager instanceof DisposableBean)) {
            this.sessionManager.destroy();
        }
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultKeyValueOperations opsForKeyValue(String str, VaultKeyValueOperationsSupport.KeyValueBackend keyValueBackend) {
        switch (keyValueBackend) {
            case KV_1:
                return new VaultKeyValue1Template(this, str);
            case KV_2:
                return new VaultKeyValue2Template(this, str);
            default:
                throw new UnsupportedOperationException(String.format("Key/Value backend version %s not supported", keyValueBackend));
        }
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultVersionedKeyValueOperations opsForVersionedKeyValue(String str) {
        return new VaultVersionedKeyValueTemplate(this, str);
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultPkiOperations opsForPki() {
        return opsForPki("pki");
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultPkiOperations opsForPki(String str) {
        return new VaultPkiTemplate(this, str);
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultSysOperations opsForSys() {
        return new VaultSysTemplate(this);
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultTokenOperations opsForToken() {
        return new VaultTokenTemplate(this);
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultTransformOperations opsForTransform() {
        return opsForTransform("transform");
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultTransformOperations opsForTransform(String str) {
        return new VaultTransformTemplate(this, str);
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultTransitOperations opsForTransit() {
        return opsForTransit("transit");
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultTransitOperations opsForTransit(String str) {
        return new VaultTransitTemplate(this, str);
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultWrappingOperations opsForWrapping() {
        return new VaultWrappingTemplate(this);
    }

    @Override // org.springframework.vault.core.VaultOperations
    public VaultResponse read(String str) {
        Assert.hasText(str, "Path must not be empty");
        return (VaultResponse) doRead(str, VaultResponse.class);
    }

    @Override // org.springframework.vault.core.VaultOperations
    @Nullable
    public <T> VaultResponseSupport<T> read(String str, Class<T> cls) {
        ParameterizedTypeReference typeReference = VaultResponses.getTypeReference(cls);
        return (VaultResponseSupport) doWithSession(restOperations -> {
            try {
                return (VaultResponseSupport) restOperations.exchange(str, HttpMethod.GET, (HttpEntity) null, typeReference, new Object[0]).getBody();
            } catch (HttpStatusCodeException e) {
                if (HttpStatusUtil.isNotFound(e.getStatusCode())) {
                    return null;
                }
                throw VaultResponses.buildException(e, str);
            }
        });
    }

    @Override // org.springframework.vault.core.VaultOperations
    @Nullable
    public List<String> list(String str) {
        Assert.hasText(str, "Path must not be empty");
        Object[] objArr = new Object[1];
        objArr[0] = str.endsWith("/") ? str : str + "/";
        VaultListResponse vaultListResponse = (VaultListResponse) doRead(String.format("%s?list=true", objArr), VaultListResponse.class);
        return vaultListResponse == null ? Collections.emptyList() : (List) vaultListResponse.getRequiredData().get("keys");
    }

    @Override // org.springframework.vault.core.VaultOperations
    @Nullable
    public VaultResponse write(String str, @Nullable Object obj) {
        Assert.hasText(str, "Path must not be empty");
        return (VaultResponse) doWithSession(restOperations -> {
            return (VaultResponse) restOperations.postForObject(str, obj, VaultResponse.class, new Object[0]);
        });
    }

    @Override // org.springframework.vault.core.VaultOperations
    public void delete(String str) {
        Assert.hasText(str, "Path must not be empty");
        doWithSession(restOperations -> {
            try {
                restOperations.delete(str, new Object[0]);
                return null;
            } catch (HttpStatusCodeException e) {
                if (HttpStatusUtil.isNotFound(e.getStatusCode())) {
                    return null;
                }
                throw VaultResponses.buildException(e, str);
            }
        });
    }

    @Override // org.springframework.vault.core.VaultOperations
    public <T> T doWithVault(RestOperationsCallback<T> restOperationsCallback) {
        Assert.notNull(restOperationsCallback, "Client callback must not be null");
        try {
            return restOperationsCallback.doWithRestOperations(this.statelessTemplate);
        } catch (HttpStatusCodeException e) {
            throw VaultResponses.buildException(e);
        }
    }

    @Override // org.springframework.vault.core.VaultOperations
    public <T> T doWithSession(RestOperationsCallback<T> restOperationsCallback) {
        Assert.notNull(restOperationsCallback, "Session callback must not be null");
        try {
            return restOperationsCallback.doWithRestOperations(this.sessionTemplate);
        } catch (HttpStatusCodeException e) {
            throw VaultResponses.buildException(e);
        }
    }

    @Nullable
    private <T> T doRead(String str, Class<T> cls) {
        return (T) doWithSession(restOperations -> {
            try {
                return restOperations.getForObject(str, cls, new Object[0]);
            } catch (HttpStatusCodeException e) {
                if (HttpStatusUtil.isNotFound(e.getStatusCode())) {
                    return null;
                }
                throw VaultResponses.buildException(e, str);
            }
        });
    }
}
