package com.redhat.cloud.common.clowder.configsource;

import com.redhat.cloud.common.clowder.configsource.handlers.ClowderPropertyHandler;
import com.redhat.cloud.common.clowder.configsource.utils.CertUtils;
import com.redhat.cloud.common.clowder.configsource.utils.ComputedPropertiesUtils;
import io.smallrye.config.ConfigValue;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.eclipse.microprofile.config.spi.ConfigSource;
import org.jboss.logging.Logger;

/* loaded from: input_file:com/redhat/cloud/common/clowder/configsource/ClowderConfigSource.class */
public class ClowderConfigSource implements ConfigSource {
    public static final String CLOWDER_CONFIG_SOURCE = "ClowderConfigSource";
    private static final String CLOWDER_CERTIFICATE_STORE_TYPE = "PKCS12";
    private static final int DEFAULT_PASSWORD_LENGTH = 33;
    private static final String PROPERTY_DEFAULT = ":";
    private static final Logger LOG = Logger.getLogger(ClowderConfigSource.class.getName());
    private final ClowderConfig root;
    private final Map<String, ConfigValue> existingValues;
    private final List<ClowderPropertyHandler> handlers;
    private String trustStorePath;
    private String trustStorePassword;

    public ClowderConfigSource(ClowderConfig clowderConfig, Map<String, ConfigValue> map, List<ClowderPropertyHandler> list) {
        this.root = clowderConfig;
        this.existingValues = map;
        this.handlers = list;
        Iterator<ClowderPropertyHandler> it = list.iterator();
        while (it.hasNext()) {
            for (String str : it.next().provides()) {
                try {
                    String value = getValue(str);
                    if (value != null && !value.isBlank()) {
                        this.existingValues.putIfAbsent(str, null);
                    }
                } catch (IllegalStateException e) {
                    LOG.debug(e.getMessage());
                }
            }
        }
    }

    public Map<String, String> getProperties() {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, ConfigValue> entry : this.existingValues.entrySet()) {
            String value = getValue(entry.getKey());
            if (value == null) {
                value = entry.getValue().getValue();
            }
            hashMap.put(entry.getKey(), value);
        }
        return hashMap;
    }

    public Set<String> getPropertyNames() {
        return this.existingValues.keySet();
    }

    public int getOrdinal() {
        return 270;
    }

    public String getValue(String str) {
        for (ClowderPropertyHandler clowderPropertyHandler : this.handlers) {
            if (clowderPropertyHandler.handles(str)) {
                return clowderPropertyHandler.handle(str, this);
            }
        }
        return getExistingValue(str);
    }

    public String getName() {
        return CLOWDER_CONFIG_SOURCE;
    }

    public Logger getLogger() {
        return LOG;
    }

    public String getExistingValue(String str) {
        return (String) Optional.ofNullable(this.existingValues.get(str)).map(configValue -> {
            return resolveValue(configValue.getValue());
        }).orElse(null);
    }

    public String getTrustStorePassword() {
        if (this.trustStorePassword == null) {
            initializeTrustStoreCertificate();
        }
        return this.trustStorePassword;
    }

    public String getTrustStorePath() {
        if (this.trustStorePath == null) {
            initializeTrustStoreCertificate();
        }
        return this.trustStorePath;
    }

    public String getTrustStoreType() {
        return CLOWDER_CERTIFICATE_STORE_TYPE;
    }

    private void initializeTrustStoreCertificate() {
        ensureTlsCertPathIsPresent();
        try {
            List<String> readCerts = readCerts(Files.readString(new File(this.root.tlsCAPath).toPath(), StandardCharsets.UTF_8));
            List list = (List) parsePemCert(readCerts).stream().map(this::buildX509Cert).collect(Collectors.toList());
            if (list.size() < 1) {
                throw new IllegalStateException("Could not parse any certificate in the file");
            }
            KeyStore keyStore = KeyStore.getInstance(CLOWDER_CERTIFICATE_STORE_TYPE);
            keyStore.load(null);
            for (int i = 0; i < list.size(); i++) {
                keyStore.setCertificateEntry("cert-" + i, (Certificate) list.get(i));
            }
            char[] buildPassword = buildPassword(readCerts.get(0));
            this.trustStorePath = writeTruststore(keyStore, buildPassword);
            this.trustStorePassword = new String(buildPassword);
        } catch (IOException e) {
            throw new IllegalStateException("Couldn't load the certificate, but we were requested a truststore", e);
        } catch (KeyStoreException e2) {
            throw new IllegalStateException("Couldn't load the keystore format PKCS12", e2);
        } catch (NoSuchAlgorithmException | CertificateException e3) {
            throw new IllegalStateException("Couldn't configure the keystore", e3);
        }
    }

    private void ensureTlsCertPathIsPresent() {
        if (this.root.tlsCAPath == null || this.root.tlsCAPath.isBlank()) {
            throw new IllegalStateException("Requested tls port for endpoint but did not provide tlsCAPath");
        }
    }

    static List<String> readCerts(String str) {
        return (List) Arrays.stream(str.split("-----BEGIN CERTIFICATE-----")).filter(str2 -> {
            return !str2.isEmpty();
        }).map(str3 -> {
            return (String) Arrays.stream(str3.split("-----END CERTIFICATE-----")).filter(str3 -> {
                return !str3.isEmpty();
            }).findFirst().orElseThrow(() -> {
                return new IllegalStateException("Invalid certificate found");
            });
        }).map((v0) -> {
            return v0.trim();
        }).map(str4 -> {
            return str4.replaceAll("\n", "");
        }).collect(Collectors.toList());
    }

    private List<byte[]> parsePemCert(List<String> list) {
        return (List) list.stream().map(str -> {
            return Base64.getDecoder().decode(str.getBytes(StandardCharsets.UTF_8));
        }).collect(Collectors.toList());
    }

    private X509Certificate buildX509Cert(byte[] bArr) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (CertificateException e) {
            throw new IllegalStateException("Couldn't load the x509 certificate factory", e);
        }
    }

    private String writeTruststore(KeyStore keyStore, char[] cArr) {
        try {
            File createTempFile = CertUtils.createTempFile("truststore", ".trust");
            keyStore.store(new FileOutputStream(createTempFile), cArr);
            return createTempFile.getAbsolutePath();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new RuntimeException("Truststore creation failed", e);
        }
    }

    private char[] buildPassword(String str) {
        int min = Math.min(DEFAULT_PASSWORD_LENGTH, str.length());
        char[] cArr = new char[min];
        str.getChars(0, min, cArr, 0);
        return cArr;
    }

    private String resolveValue(String str) {
        if (str == null || str.isEmpty() || !ComputedPropertiesUtils.hasComputedProperties(str)) {
            return str;
        }
        for (String str2 : ComputedPropertiesUtils.getComputedProperties(str)) {
            String str3 = null;
            String str4 = str2;
            if (str4.contains(PROPERTY_DEFAULT)) {
                int indexOf = str4.indexOf(PROPERTY_DEFAULT);
                str3 = str4.substring(indexOf + PROPERTY_DEFAULT.length());
                str4 = str4.substring(0, indexOf);
                if (ComputedPropertiesUtils.hasComputedProperties(str3)) {
                    str3 = resolveValue(str3);
                }
            }
            ConfigValue configValue = this.existingValues.get(str4);
            String value = configValue != null ? configValue.getValue() : ComputedPropertiesUtils.getPropertyFromSystem(str4, str3);
            if (value != null) {
                str = str.replace("${" + str2 + "}", value);
            }
        }
        return str;
    }
}
