package dev.galasa.framework.api.resources.processors;

import com.google.gson.JsonObject;
import dev.galasa.ICredentials;
import dev.galasa.framework.api.beans.generated.GalasaSecret;
import dev.galasa.framework.api.beans.generated.GalasaSecretdata;
import dev.galasa.framework.api.beans.generated.GalasaSecretmetadata;
import dev.galasa.framework.api.common.InternalServletException;
import dev.galasa.framework.api.common.RBACValidator;
import dev.galasa.framework.api.common.ServletError;
import dev.galasa.framework.api.common.ServletErrorMessage;
import dev.galasa.framework.api.common.resources.GalasaSecretType;
import dev.galasa.framework.api.common.resources.ResourceAction;
import dev.galasa.framework.api.common.resources.Secret;
import dev.galasa.framework.api.resources.validators.GalasaSecretValidator;
import dev.galasa.framework.spi.creds.CredentialsToken;
import dev.galasa.framework.spi.creds.CredentialsUsername;
import dev.galasa.framework.spi.creds.CredentialsUsernamePassword;
import dev.galasa.framework.spi.creds.CredentialsUsernameToken;
import dev.galasa.framework.spi.creds.ICredentialsService;
import dev.galasa.framework.spi.rbac.BuiltInAction;
import dev.galasa.framework.spi.utils.ITimeService;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:dev/galasa/framework/api/resources/processors/GalasaSecretProcessor.class */
public class GalasaSecretProcessor extends AbstractGalasaResourceProcessor implements IGalasaResourceProcessor {
    private final Log logger;
    private ICredentialsService credentialsService;
    private ITimeService timeService;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: dev.galasa.framework.api.resources.processors.GalasaSecretProcessor$1, reason: invalid class name */
    /* loaded from: input_file:dev/galasa/framework/api/resources/processors/GalasaSecretProcessor$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$dev$galasa$framework$api$common$resources$GalasaSecretType = new int[GalasaSecretType.values().length];

        static {
            try {
                $SwitchMap$dev$galasa$framework$api$common$resources$GalasaSecretType[GalasaSecretType.USERNAME.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$dev$galasa$framework$api$common$resources$GalasaSecretType[GalasaSecretType.TOKEN.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$dev$galasa$framework$api$common$resources$GalasaSecretType[GalasaSecretType.USERNAME_PASSWORD.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$dev$galasa$framework$api$common$resources$GalasaSecretType[GalasaSecretType.USERNAME_TOKEN.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public GalasaSecretProcessor(ICredentialsService iCredentialsService, ITimeService iTimeService, RBACValidator rBACValidator) {
        super(rBACValidator);
        this.logger = LogFactory.getLog(getClass());
        this.credentialsService = iCredentialsService;
        this.timeService = iTimeService;
    }

    @Override // dev.galasa.framework.api.resources.processors.IGalasaResourceProcessor
    public List<String> processResource(JsonObject jsonObject, ResourceAction resourceAction, String str) throws InternalServletException {
        this.logger.info("Processing GalasaSecret resource");
        List<String> checkGalasaSecretJsonStructure = checkGalasaSecretJsonStructure(jsonObject, resourceAction);
        if (checkGalasaSecretJsonStructure.isEmpty()) {
            this.logger.info("GalasaSecret validated successfully");
            GalasaSecret galasaSecret = (GalasaSecret) gson.fromJson(jsonObject, GalasaSecret.class);
            Secret secret = new Secret(this.credentialsService, galasaSecret.getmetadata().getname(), this.timeService);
            if (resourceAction == ResourceAction.DELETE) {
                this.logger.info("Deleting secret from credentials store");
                secret.deleteSecretFromCredentialsStore();
                this.logger.info("Deleted secret from credentials store OK");
            } else {
                secret.loadValueFromCredentialsStore();
                boolean existsInCredentialsStore = secret.existsInCredentialsStore();
                if (resourceAction == ResourceAction.CREATE && existsInCredentialsStore) {
                    throw new InternalServletException(new ServletError(ServletErrorMessage.GAL5075_ERROR_SECRET_ALREADY_EXISTS, new String[0]), 409);
                }
                if (resourceAction == ResourceAction.UPDATE && !existsInCredentialsStore) {
                    throw new InternalServletException(new ServletError(ServletErrorMessage.GAL5076_ERROR_SECRET_DOES_NOT_EXIST, new String[0]), 404);
                }
                GalasaSecretmetadata galasaSecretmetadata = galasaSecret.getmetadata();
                ICredentials credentialsFromSecret = getCredentialsFromSecret(GalasaSecretType.getFromString(galasaSecretmetadata.gettype().toString()), decodeSecretData(galasaSecret), galasaSecretmetadata);
                this.logger.info("Setting secret in credentials store");
                secret.setSecretToCredentialsStore(credentialsFromSecret, str);
                this.logger.info("Secret set in credentials store OK");
            }
            this.logger.info("Processed GalasaSecret resource OK");
        }
        return checkGalasaSecretJsonStructure;
    }

    private GalasaSecretdata decodeSecretData(GalasaSecret galasaSecret) throws InternalServletException {
        String str = galasaSecret.getmetadata().getencoding();
        GalasaSecretdata galasaSecretdata = galasaSecret.getdata();
        GalasaSecretdata galasaSecretdata2 = new GalasaSecretdata();
        if (str == null) {
            galasaSecretdata2 = galasaSecretdata;
        } else {
            if (!str.equalsIgnoreCase("base64")) {
                throw new InternalServletException(new ServletError(ServletErrorMessage.GAL5073_UNSUPPORTED_GALASA_SECRET_ENCODING, new String[]{String.join(", ", GalasaSecretValidator.SUPPORTED_ENCODING_SCHEMES)}), 400);
            }
            this.logger.info("Base64-decoding the provided GalasaSecret resource data");
            Base64.Decoder decoder = Base64.getDecoder();
            String str2 = galasaSecretdata.getusername();
            String str3 = galasaSecretdata.getpassword();
            String str4 = galasaSecretdata.gettoken();
            if (str2 != null) {
                galasaSecretdata2.setusername(new String(decoder.decode(str2), StandardCharsets.UTF_8));
            }
            if (str3 != null) {
                galasaSecretdata2.setpassword(new String(decoder.decode(str3), StandardCharsets.UTF_8));
            }
            if (str4 != null) {
                galasaSecretdata2.settoken(new String(decoder.decode(str4), StandardCharsets.UTF_8));
            }
            this.logger.info("Decoded the provided GalasaSecret resource data OK");
        }
        return galasaSecretdata2;
    }

    private List<String> checkGalasaSecretJsonStructure(JsonObject jsonObject, ResourceAction resourceAction) throws InternalServletException {
        return checkGalasaResourceJsonStructure(new GalasaSecretValidator(resourceAction), jsonObject);
    }

    private ICredentials getCredentialsFromSecret(GalasaSecretType galasaSecretType, GalasaSecretdata galasaSecretdata, GalasaSecretmetadata galasaSecretmetadata) {
        CredentialsUsername credentialsUsername = null;
        switch (AnonymousClass1.$SwitchMap$dev$galasa$framework$api$common$resources$GalasaSecretType[galasaSecretType.ordinal()]) {
            case 1:
                credentialsUsername = new CredentialsUsername(galasaSecretdata.getusername());
                break;
            case 2:
                credentialsUsername = new CredentialsToken(galasaSecretdata.gettoken());
                break;
            case 3:
                credentialsUsername = new CredentialsUsernamePassword(galasaSecretdata.getusername(), galasaSecretdata.getpassword());
                break;
            case 4:
                credentialsUsername = new CredentialsUsernameToken(galasaSecretdata.getusername(), galasaSecretdata.gettoken());
                break;
        }
        if (credentialsUsername != null) {
            credentialsUsername.setDescription(galasaSecretmetadata.getdescription());
        }
        return credentialsUsername;
    }

    @Override // dev.galasa.framework.api.resources.processors.IGalasaResourceProcessor
    public void validateActionPermissions(ResourceAction resourceAction, String str) throws InternalServletException {
        this.rbacValidator.validateActionPermitted(getResourceActionAsBuiltInAction(resourceAction, BuiltInAction.SECRETS_SET, BuiltInAction.SECRETS_DELETE), str);
    }
}
