package io.trino.aws.proxy.server;

import com.fasterxml.jackson.annotation.JsonSetter;
import com.fasterxml.jackson.annotation.Nulls;
import com.fasterxml.jackson.databind.Module;
import com.fasterxml.jackson.databind.PropertyNamingStrategies;
import com.fasterxml.jackson.databind.module.SimpleModule;
import com.fasterxml.jackson.dataformat.xml.XmlMapper;
import com.google.common.annotations.VisibleForTesting;
import com.google.inject.Binder;
import com.google.inject.Provides;
import com.google.inject.Scopes;
import com.google.inject.TypeLiteral;
import com.google.inject.multibindings.MapBinder;
import com.google.inject.multibindings.Multibinder;
import com.google.inject.multibindings.OptionalBinder;
import io.airlift.configuration.AbstractConfigurationAwareModule;
import io.airlift.configuration.ConfigBinder;
import io.airlift.http.client.HttpClientBinder;
import io.airlift.http.server.HttpServerBinder;
import io.airlift.jaxrs.JaxrsBinder;
import io.airlift.log.Logger;
import io.trino.aws.proxy.server.credentials.CredentialsController;
import io.trino.aws.proxy.server.credentials.JsonIdentityProvider;
import io.trino.aws.proxy.server.credentials.file.FileBasedCredentialsModule;
import io.trino.aws.proxy.server.credentials.http.HttpCredentialsModule;
import io.trino.aws.proxy.server.remote.RemoteS3Module;
import io.trino.aws.proxy.server.rest.LimitStreamController;
import io.trino.aws.proxy.server.rest.RequestFilter;
import io.trino.aws.proxy.server.rest.RequestLoggerController;
import io.trino.aws.proxy.server.rest.S3PresignController;
import io.trino.aws.proxy.server.rest.TrinoLogsResource;
import io.trino.aws.proxy.server.rest.TrinoS3ProxyClient;
import io.trino.aws.proxy.server.rest.TrinoS3Resource;
import io.trino.aws.proxy.server.rest.TrinoStsResource;
import io.trino.aws.proxy.server.security.S3SecurityController;
import io.trino.aws.proxy.server.security.opa.OpaS3SecurityModule;
import io.trino.aws.proxy.server.signing.SigningControllerConfig;
import io.trino.aws.proxy.server.signing.SigningModule;
import io.trino.aws.proxy.spi.credentials.AssumedRoleProvider;
import io.trino.aws.proxy.spi.credentials.CredentialsProvider;
import io.trino.aws.proxy.spi.credentials.Identity;
import io.trino.aws.proxy.spi.credentials.StandardIdentity;
import io.trino.aws.proxy.spi.plugin.TrinoAwsProxyServerPlugin;
import io.trino.aws.proxy.spi.plugin.config.AssumedRoleProviderConfig;
import io.trino.aws.proxy.spi.plugin.config.CredentialsProviderConfig;
import io.trino.aws.proxy.spi.plugin.config.S3RequestRewriterConfig;
import io.trino.aws.proxy.spi.plugin.config.S3SecurityFacadeProviderConfig;
import io.trino.aws.proxy.spi.rest.S3RequestRewriter;
import io.trino.aws.proxy.spi.security.S3SecurityFacadeProvider;
import io.trino.aws.proxy.spi.signing.SigningServiceType;
import java.util.List;
import java.util.Map;
import java.util.ServiceLoader;
import java.util.Set;
import org.glassfish.jersey.server.model.Resource;

/* loaded from: input_file:io/trino/aws/proxy/server/TrinoAwsProxyServerModule.class */
public class TrinoAwsProxyServerModule extends AbstractConfigurationAwareModule {
    private static final Logger log = Logger.get(TrinoAwsProxyServerModule.class);

    protected void setup(Binder binder) {
        ConfigBinder.configBinder(binder).bindConfig(SigningControllerConfig.class);
        TrinoAwsProxyConfig trinoAwsProxyConfig = (TrinoAwsProxyConfig) buildConfigObject(TrinoAwsProxyConfig.class);
        JaxrsBinder jaxrsBinder = JaxrsBinder.jaxrsBinder(binder);
        MapBinder newMapBinder = MapBinder.newMapBinder(binder, new TypeLiteral<Class<?>>(this) { // from class: io.trino.aws.proxy.server.TrinoAwsProxyServerModule.1
        }, new TypeLiteral<SigningServiceType>(this) { // from class: io.trino.aws.proxy.server.TrinoAwsProxyServerModule.2
        });
        jaxrsBinder.bind(RequestFilter.class);
        bindResourceAtPath(jaxrsBinder, newMapBinder, SigningServiceType.S3, TrinoS3Resource.class, trinoAwsProxyConfig.getS3Path());
        bindResourceAtPath(jaxrsBinder, newMapBinder, SigningServiceType.STS, TrinoStsResource.class, trinoAwsProxyConfig.getStsPath());
        bindResourceAtPath(jaxrsBinder, newMapBinder, SigningServiceType.LOGS, TrinoLogsResource.class, trinoAwsProxyConfig.getLogsPath());
        binder.bind(CredentialsController.class).in(Scopes.SINGLETON);
        binder.bind(RequestLoggerController.class).in(Scopes.SINGLETON);
        binder.bind(LimitStreamController.class).in(Scopes.SINGLETON);
        HttpClientBinder.httpClientBinder(binder).bindHttpClient("ProxyClient", TrinoS3ProxyClient.ForProxyClient.class);
        binder.bind(TrinoS3ProxyClient.class).in(Scopes.SINGLETON);
        HttpServerBinder httpServerBinder = HttpServerBinder.httpServerBinder(binder);
        httpServerBinder.enableLegacyUriCompliance();
        httpServerBinder.enableCaseSensitiveHeaderCache();
        ConfigBinder.configBinder(binder).bindConfig(S3SecurityFacadeProviderConfig.class);
        OptionalBinder.newOptionalBinder(binder, S3SecurityFacadeProvider.class).setDefault().toProvider(() -> {
            log.info("Using default %s NOOP implementation", new Object[]{S3SecurityFacadeProvider.class.getSimpleName()});
            return S3SecurityFacadeProvider.NOOP;
        });
        ConfigBinder.configBinder(binder).bindConfig(CredentialsProviderConfig.class);
        OptionalBinder.newOptionalBinder(binder, CredentialsProvider.class).setDefault().toProvider(() -> {
            log.info("Using default %s NOOP implementation", new Object[]{CredentialsProvider.class.getSimpleName()});
            return CredentialsProvider.NOOP;
        });
        OptionalBinder.newOptionalBinder(binder, new TypeLiteral<Class<? extends Identity>>(this) { // from class: io.trino.aws.proxy.server.TrinoAwsProxyServerModule.3
        }).setDefault().toProvider(() -> {
            log.info("Using %s identity type", new Object[]{StandardIdentity.class.getSimpleName()});
            return StandardIdentity.class;
        });
        Multibinder.newSetBinder(binder, Module.class).addBinding().toProvider(JsonIdentityProvider.class).in(Scopes.SINGLETON);
        ConfigBinder.configBinder(binder).bindConfig(S3RequestRewriterConfig.class);
        OptionalBinder.newOptionalBinder(binder, S3RequestRewriter.class).setDefault().toProvider(() -> {
            log.info("Using default %s NOOP implementation", new Object[]{S3RequestRewriter.class.getSimpleName()});
            return S3RequestRewriter.NOOP;
        });
        install(new FileBasedCredentialsModule());
        install(new OpaS3SecurityModule());
        install(new HttpCredentialsModule());
        ConfigBinder.configBinder(binder).bindConfig(AssumedRoleProviderConfig.class);
        OptionalBinder.newOptionalBinder(binder, AssumedRoleProvider.class).setDefault().toProvider(() -> {
            log.info("Using default %s NOOP implementation", new Object[]{AssumedRoleProvider.class.getSimpleName()});
            return AssumedRoleProvider.NOOP;
        });
        installSigningController(binder);
        installRemoteS3Facade(binder);
        installS3SecurityController(binder);
        installPlugins();
        install(new TrinoAwsProxyPluginValidatorModule());
        addNullCollectionModule(binder);
    }

    @Provides
    public XmlMapper newXmlMapper() {
        XmlMapper xmlMapper = new XmlMapper();
        xmlMapper.setPropertyNamingStrategy(PropertyNamingStrategies.UPPER_CAMEL_CASE);
        return xmlMapper;
    }

    @VisibleForTesting
    protected void installRemoteS3Facade(Binder binder) {
        install(new RemoteS3Module());
    }

    @VisibleForTesting
    protected void installS3SecurityController(Binder binder) {
        binder.bind(S3PresignController.class).in(Scopes.SINGLETON);
        binder.bind(S3SecurityController.class).in(Scopes.SINGLETON);
    }

    @VisibleForTesting
    protected void installSigningController(Binder binder) {
        install(new SigningModule());
    }

    private void addNullCollectionModule(Binder binder) {
        Multibinder.newSetBinder(binder, Module.class).addBinding().toInstance(new SimpleModule() { // from class: io.trino.aws.proxy.server.TrinoAwsProxyServerModule.4
            public void setupModule(Module.SetupContext setupContext) {
                setupContext.configOverride(List.class).setSetterInfo(JsonSetter.Value.forValueNulls(Nulls.AS_EMPTY));
                setupContext.configOverride(Set.class).setSetterInfo(JsonSetter.Value.forValueNulls(Nulls.AS_EMPTY));
                setupContext.configOverride(Map.class).setSetterInfo(JsonSetter.Value.forValueNulls(Nulls.AS_EMPTY));
            }
        });
    }

    private void installPlugins() {
        ServiceLoader.load(TrinoAwsProxyServerPlugin.class).forEach(trinoAwsProxyServerPlugin -> {
            log.info("Loading plugin: %s", new Object[]{trinoAwsProxyServerPlugin.name()});
            install(trinoAwsProxyServerPlugin.module());
        });
    }

    private static void bindResourceAtPath(JaxrsBinder jaxrsBinder, MapBinder<Class<?>, SigningServiceType> mapBinder, SigningServiceType signingServiceType, Class<?> cls, String str) {
        Resource build = Resource.builder(cls).path(str).build();
        jaxrsBinder.bind(cls);
        jaxrsBinder.bindInstance(build);
        mapBinder.addBinding(cls).toInstance(signingServiceType);
    }
}
