package com.evolveum.midpoint.common.secrets;

import com.evolveum.midpoint.prism.crypto.SecretsProvider;
import com.evolveum.midpoint.prism.crypto.SecretsResolver;
import com.evolveum.midpoint.util.DependencyGraph;
import com.evolveum.midpoint.util.exception.SystemException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CustomSecretsProviderType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.DisplayType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.DockerSecretsProviderType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.EnvironmentVariablesSecretsProviderType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FileSecretsProviderType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.PropertiesSecretsProviderType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecretsProviderType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecretsProvidersType;
import com.evolveum.prism.xml.ns._public.types_3.PolyStringType;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/lib/common-4.10-M4.jar:com/evolveum/midpoint/common/secrets/SecretsProviderManager.class */
public class SecretsProviderManager {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) SecretsProviderManager.class);
    private static final Map<Class<? extends SecretsProviderType>, Class<? extends SecretsProvider<? extends SecretsProviderType>>> PROVIDER_TYPES = Map.ofEntries(Map.entry(DockerSecretsProviderType.class, DockerSecretsProvider.class), Map.entry(PropertiesSecretsProviderType.class, PropertiesSecretsProvider.class), Map.entry(EnvironmentVariablesSecretsProviderType.class, EnvironmentVariablesSecretsProvider.class), Map.entry(FileSecretsProviderType.class, FileSecretsProvider.class));

    public synchronized void configure(SecretsResolver secretsResolver, SecretsProvidersType secretsProvidersType) {
        if (secretsProvidersType == null) {
            secretsProvidersType = new SecretsProvidersType();
        }
        Map map = (Map) secretsResolver.getSecretsProviders().stream().collect(Collectors.toMap((v0) -> {
            return v0.getIdentifier();
        }, secretsProvider -> {
            return secretsProvider;
        }));
        LOGGER.debug("Existing providers: {}", map.keySet());
        ArrayList arrayList = new ArrayList();
        arrayList.add(secretsProvidersType.getDocker());
        arrayList.addAll(secretsProvidersType.getEnvironmentVariables());
        arrayList.addAll(secretsProvidersType.getFile());
        arrayList.addAll(secretsProvidersType.getProperties());
        arrayList.addAll(secretsProvidersType.getCustom());
        Map map2 = (Map) arrayList.stream().map(secretsProviderType -> {
            return createProvider(secretsProviderType);
        }).filter(secretsProvider2 -> {
            return secretsProvider2 != null;
        }).collect(Collectors.toMap((v0) -> {
            return v0.getIdentifier();
        }, secretsProvider3 -> {
            return secretsProvider3;
        }));
        LOGGER.debug("Preparing new providers: {}", map2.keySet());
        List<String> sortedItems = DependencyGraph.ofMap((Map) map2.values().stream().collect(Collectors.toMap(secretsProvider4 -> {
            return secretsProvider4.getIdentifier();
        }, secretsProvider5 -> {
            return Arrays.asList(secretsProvider5.getDependencies());
        }))).getSortedItems();
        LOGGER.debug("Sorted providers by dependencies: {}", sortedItems);
        for (String str : sortedItems) {
            LOGGER.trace("Initializing secrets provider: {}", str);
            SecretsProvider<?> secretsProvider6 = (SecretsProvider) map2.get(str);
            secretsProvider6.initialize();
            LOGGER.trace("Adding secrets provider: {} to resolver", str);
            secretsResolver.addSecretsProvider(secretsProvider6);
            map.remove(secretsProvider6.getIdentifier());
        }
        LOGGER.debug("Removing remaining old providers: {}", map.keySet());
        map.values().forEach(secretsProvider7 -> {
            destroyProvider(secretsResolver, secretsProvider7);
        });
    }

    public Map<String, DisplayType> getSecretsProviderDescriptions(SecretsResolver secretsResolver) {
        return (Map) secretsResolver.getSecretsProviders().stream().collect(Collectors.toMap((v0) -> {
            return v0.getIdentifier();
        }, secretsProvider -> {
            DisplayType displayType = null;
            Object configuration = secretsProvider.getConfiguration();
            if (configuration instanceof SecretsProviderType) {
                displayType = ((SecretsProviderType) configuration).getDisplay();
            }
            if (displayType == null) {
                displayType = new DisplayType();
                displayType.setLabel(new PolyStringType(secretsProvider.getIdentifier()));
            }
            return displayType;
        }));
    }

    private void destroyProvider(SecretsResolver secretsResolver, SecretsProvider<?> secretsProvider) {
        try {
            LOGGER.trace("Removing secrets provider: {} from resolver", secretsProvider.getIdentifier());
            secretsResolver.removeSecretsProvider(secretsProvider);
            LOGGER.trace("Destroying secrets provider: {}", secretsProvider.getIdentifier());
            secretsProvider.destroy();
        } catch (Exception e) {
            throw new SystemException("Couldn't destroy secrets provider: " + secretsProvider.getIdentifier(), e);
        }
    }

    private <C extends SecretsProviderType> SecretsProvider<?> createProvider(C c) {
        if (c == null) {
            return null;
        }
        return new CacheableSecretsProviderDelegate(createProviderImpl(c), c.getCache());
    }

    /* JADX WARN: Multi-variable type inference failed */
    private <C extends SecretsProviderType> SecretsProvider<?> createProviderImpl(C c) {
        Class cls;
        if (c == null) {
            return null;
        }
        if (c instanceof CustomSecretsProviderType) {
            String className = ((CustomSecretsProviderType) c).getClassName();
            if (className == null) {
                throw new SystemException("No class name specified for custom secrets provider");
            }
            try {
                cls = Class.forName(className);
            } catch (Exception e) {
                throw new SystemException("Couldn't find custom secrets provider class: " + className, e);
            }
        } else {
            cls = PROVIDER_TYPES.get(c.getClass());
            if (cls == null) {
                throw new SystemException("Unknown secrets provider type for configuration of type: " + c.getClass());
            }
        }
        try {
            return cls.getConstructor(c.getClass()).newInstance(c);
        } catch (Exception e2) {
            throw new SystemException("Couldn't create secrets provider instance for configuration of type: " + c.getClass(), e2);
        }
    }
}
