package com.redhat.cloud.common.clowder.configsource.handlers;

import com.redhat.cloud.common.clowder.configsource.BrokerConfig;
import com.redhat.cloud.common.clowder.configsource.ClowderConfig;
import com.redhat.cloud.common.clowder.configsource.ClowderConfigSource;
import com.redhat.cloud.common.clowder.configsource.utils.CertUtils;
import java.util.List;
import java.util.Optional;

/* loaded from: input_file:com/redhat/cloud/common/clowder/configsource/handlers/KafkaSecurityClowderPropertyHandler.class */
public class KafkaSecurityClowderPropertyHandler extends ClowderPropertyHandler {
    public static final String KAFKA_SSL_TRUSTSTORE_TYPE_VALUE = "PEM";
    private final boolean expose;
    private final Optional<BrokerConfig> saslBroker;
    private final Optional<BrokerConfig> sslBroker;
    public static final String KAFKA_SASL_JAAS_CONFIG_KEY = "kafka.sasl.jaas.config";
    public static final String KAFKA_SASL_MECHANISM_KEY = "kafka.sasl.mechanism";
    public static final String KAFKA_SECURITY_PROTOCOL_KEY = "kafka.security.protocol";
    public static final String KAFKA_SSL_TRUSTSTORE_LOCATION_KEY = "kafka.ssl.truststore.location";
    public static final String KAFKA_SSL_TRUSTSTORE_TYPE_KEY = "kafka.ssl.truststore.type";
    public static final String CAMEL_KAFKA_SASL_JAAS_CONFIG_KEY = "camel.component.kafka.sasl-jaas-config";
    public static final String CAMEL_KAFKA_SASL_MECHANISM_KEY = "camel.component.kafka.sasl-mechanism";
    public static final String CAMEL_KAFKA_SECURITY_PROTOCOL_KEY = "camel.component.kafka.security-protocol";
    public static final String CAMEL_KAFKA_SSL_TRUSTSTORE_LOCATION_KEY = "camel.component.kafka.ssl-truststore-location";
    public static final String CAMEL_KAFKA_SSL_TRUSTSTORE_TYPE_KEY = "camel.component.kafka.ssl-truststore-type";
    private static final List<String> KAFKA_SASL_KEYS = List.of(KAFKA_SASL_JAAS_CONFIG_KEY, KAFKA_SASL_MECHANISM_KEY, KAFKA_SECURITY_PROTOCOL_KEY, KAFKA_SSL_TRUSTSTORE_LOCATION_KEY, KAFKA_SSL_TRUSTSTORE_TYPE_KEY, CAMEL_KAFKA_SASL_JAAS_CONFIG_KEY, CAMEL_KAFKA_SASL_MECHANISM_KEY, CAMEL_KAFKA_SECURITY_PROTOCOL_KEY, CAMEL_KAFKA_SSL_TRUSTSTORE_LOCATION_KEY, CAMEL_KAFKA_SSL_TRUSTSTORE_TYPE_KEY);
    private static final List<String> KAFKA_SSL_KEYS = List.of(KAFKA_SECURITY_PROTOCOL_KEY, KAFKA_SSL_TRUSTSTORE_LOCATION_KEY, KAFKA_SSL_TRUSTSTORE_TYPE_KEY, CAMEL_KAFKA_SECURITY_PROTOCOL_KEY, CAMEL_KAFKA_SSL_TRUSTSTORE_LOCATION_KEY, CAMEL_KAFKA_SSL_TRUSTSTORE_TYPE_KEY);

    public KafkaSecurityClowderPropertyHandler(ClowderConfig clowderConfig, boolean z) {
        super(clowderConfig);
        this.expose = z;
        if (clowderConfig.kafka == null || clowderConfig.kafka.brokers == null) {
            this.saslBroker = Optional.empty();
            this.sslBroker = Optional.empty();
        } else {
            this.saslBroker = clowderConfig.kafka.brokers.stream().filter(brokerConfig -> {
                return "sasl".equals(brokerConfig.authtype);
            }).findAny();
            this.sslBroker = clowderConfig.kafka.brokers.stream().filter(brokerConfig2 -> {
                return "SSL".equals(brokerConfig2.securityProtocol);
            }).findAny();
        }
    }

    @Override // com.redhat.cloud.common.clowder.configsource.handlers.ClowderPropertyHandler
    public List<String> provides() {
        if (this.expose) {
            if (this.sslBroker.isPresent()) {
                return KAFKA_SSL_KEYS;
            }
            if (this.saslBroker.isPresent()) {
                return KAFKA_SASL_KEYS;
            }
        }
        return List.of();
    }

    @Override // com.redhat.cloud.common.clowder.configsource.handlers.ClowderPropertyHandler
    public boolean handles(String str) {
        return KAFKA_SSL_KEYS.contains(str) || KAFKA_SASL_KEYS.contains(str);
    }

    @Override // com.redhat.cloud.common.clowder.configsource.handlers.ClowderPropertyHandler
    public String handle(String str, ClowderConfigSource clowderConfigSource) {
        if (this.clowderConfig.kafka == null) {
            throw new IllegalStateException("Kafka base object not present, can't set Kafka values");
        }
        return this.saslBroker.isPresent() ? handleKafkaSaslKey(str, clowderConfigSource) : this.sslBroker.isPresent() ? handleKafkaSslKey(str, clowderConfigSource) : clowderConfigSource.getExistingValue(str);
    }

    private String handleKafkaSaslKey(String str, ClowderConfigSource clowderConfigSource) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -2119375724:
                if (str.equals(CAMEL_KAFKA_SECURITY_PROTOCOL_KEY)) {
                    z = 5;
                    break;
                }
                break;
            case -1691593259:
                if (str.equals(KAFKA_SSL_TRUSTSTORE_TYPE_KEY)) {
                    z = 8;
                    break;
                }
                break;
            case -1362287846:
                if (str.equals(KAFKA_SASL_MECHANISM_KEY)) {
                    z = 2;
                    break;
                }
                break;
            case -733989295:
                if (str.equals(CAMEL_KAFKA_SASL_JAAS_CONFIG_KEY)) {
                    z = true;
                    break;
                }
                break;
            case -295967481:
                if (str.equals(CAMEL_KAFKA_SSL_TRUSTSTORE_LOCATION_KEY)) {
                    z = 7;
                    break;
                }
                break;
            case -71758658:
                if (str.equals(KAFKA_SECURITY_PROTOCOL_KEY)) {
                    z = 4;
                    break;
                }
                break;
            case 651054476:
                if (str.equals(CAMEL_KAFKA_SSL_TRUSTSTORE_TYPE_KEY)) {
                    z = 9;
                    break;
                }
                break;
            case 1376785576:
                if (str.equals(KAFKA_SASL_JAAS_CONFIG_KEY)) {
                    z = false;
                    break;
                }
                break;
            case 1925821060:
                if (str.equals(CAMEL_KAFKA_SASL_MECHANISM_KEY)) {
                    z = 3;
                    break;
                }
                break;
            case 2021302480:
                if (str.equals(KAFKA_SSL_TRUSTSTORE_LOCATION_KEY)) {
                    z = 6;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
                String str2 = this.saslBroker.get().sasl.username;
                String str3 = this.saslBroker.get().sasl.password;
                String str4 = this.saslBroker.get().sasl.saslMechanism;
                boolean z2 = -1;
                switch (str4.hashCode()) {
                    case -1875508938:
                        if (str4.equals("SCRAM-SHA-512")) {
                            z2 = true;
                            break;
                        }
                        break;
                    case 76210602:
                        if (str4.equals("PLAIN")) {
                            z2 = false;
                            break;
                        }
                        break;
                }
                switch (z2) {
                    case false:
                        return "org.apache.kafka.common.security.plain.PlainLoginModule required username=\"" + str2 + "\" password=\"" + str3 + "\";";
                    case true:
                        return "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"" + str2 + "\" password=\"" + str3 + "\";";
                }
            case true:
            case true:
                break;
            case true:
            case true:
                return this.saslBroker.get().sasl.securityProtocol;
            case true:
            case true:
                return createTempKafkaCertFile(this.saslBroker.get().cacert);
            case true:
            case true:
                return KAFKA_SSL_TRUSTSTORE_TYPE_VALUE;
            default:
                throw new IllegalStateException(String.format("Config key: '%s' shouldn't be present for a Kafka SASL configuration, please check your config file", str));
        }
        return this.saslBroker.get().sasl.saslMechanism;
    }

    private String handleKafkaSslKey(String str, ClowderConfigSource clowderConfigSource) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -2119375724:
                if (str.equals(CAMEL_KAFKA_SECURITY_PROTOCOL_KEY)) {
                    z = true;
                    break;
                }
                break;
            case -1691593259:
                if (str.equals(KAFKA_SSL_TRUSTSTORE_TYPE_KEY)) {
                    z = 4;
                    break;
                }
                break;
            case -295967481:
                if (str.equals(CAMEL_KAFKA_SSL_TRUSTSTORE_LOCATION_KEY)) {
                    z = 3;
                    break;
                }
                break;
            case -71758658:
                if (str.equals(KAFKA_SECURITY_PROTOCOL_KEY)) {
                    z = false;
                    break;
                }
                break;
            case 651054476:
                if (str.equals(CAMEL_KAFKA_SSL_TRUSTSTORE_TYPE_KEY)) {
                    z = 5;
                    break;
                }
                break;
            case 2021302480:
                if (str.equals(KAFKA_SSL_TRUSTSTORE_LOCATION_KEY)) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
                return this.sslBroker.get().securityProtocol;
            case true:
            case true:
                return createTempKafkaCertFile(this.sslBroker.get().cacert);
            case true:
            case true:
                if (clowderConfigSource.getValue(KAFKA_SSL_TRUSTSTORE_LOCATION_KEY) != null) {
                    return KAFKA_SSL_TRUSTSTORE_TYPE_VALUE;
                }
                break;
        }
        throw new IllegalStateException(String.format("Config key: '%s' shouldn't be present for a Kafka SSL configuration, please check your config file", str));
    }

    private String createTempKafkaCertFile(String str) {
        if (str != null) {
            return CertUtils.createTempCertFile("kafka-cacert", str);
        }
        return null;
    }
}
