package org.datatransferproject.cloud.google;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.auth.oauth2.GoogleCredentials;
import com.google.cloud.datastore.Datastore;
import com.google.cloud.datastore.DatastoreOptions;
import com.google.cloud.storage.Bucket;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageOptions;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.inject.BindingAnnotation;
import com.google.inject.Provides;
import com.google.inject.Singleton;
import java.io.IOException;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import org.datatransferproject.api.launcher.Constants;
import org.datatransferproject.api.launcher.Monitor;
import org.datatransferproject.spi.cloud.extension.CloudExtensionModule;
import org.datatransferproject.spi.cloud.storage.AppCredentialStore;
import org.datatransferproject.spi.cloud.storage.JobStore;

/* loaded from: input_file:org/datatransferproject/cloud/google/GoogleCloudExtensionModule.class */
final class GoogleCloudExtensionModule extends CloudExtensionModule {
    private static final String GOOGLE_CLOUD_NAME = "GOOGLE";
    private static final String GCP_CREDENTIALS_PATH_ENV_VAR = "GOOGLE_APPLICATION_CREDENTIALS";
    private static final String KUBERNETES_SECRETS_PATH_ROOT = "/var/secrets/";
    private final HttpTransport httpTransport;
    private final JsonFactory jsonFactory;
    private final ObjectMapper objectMapper;
    private final Monitor monitor;
    private final String cloud;
    private final Constants.Environment environment;

    @Target({ElementType.FIELD, ElementType.PARAMETER, ElementType.METHOD})
    @BindingAnnotation
    @Retention(RetentionPolicy.RUNTIME)
    /* loaded from: input_file:org/datatransferproject/cloud/google/GoogleCloudExtensionModule$ProjectId.class */
    public @interface ProjectId {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public GoogleCloudExtensionModule(HttpTransport httpTransport, JsonFactory jsonFactory, ObjectMapper objectMapper, String str, Constants.Environment environment, Monitor monitor) {
        this.httpTransport = httpTransport;
        this.jsonFactory = jsonFactory;
        this.objectMapper = objectMapper;
        this.cloud = str;
        this.environment = environment;
        this.monitor = monitor;
    }

    @VisibleForTesting
    static Constants.Environment getProjectEnvironment(String str) {
        String[] split = str.split("-");
        Preconditions.checkArgument(split.length > 1, "Invalid project ID - does not end in '-' followed by a lower-case environment, e.g. acme-qa");
        return Constants.Environment.valueOf(split[split.length - 1].toUpperCase());
    }

    protected void configure() {
        super.configure();
        bind(JobStore.class).to(GoogleJobStore.class);
        bind(AppCredentialStore.class).to(GoogleAppCredentialStore.class);
    }

    @Singleton
    @Provides
    Datastore getDatastore(@ProjectId String str, GoogleCredentials googleCredentials) {
        return DatastoreOptions.newBuilder().setProjectId(str).setCredentials(googleCredentials).build().getService();
    }

    @Singleton
    @Provides
    Bucket getBucket(@ProjectId String str) {
        return StorageOptions.getDefaultInstance().getService().get("user-data-" + str, new Storage.BucketGetOption[0]);
    }

    @Provides
    GoogleCredentials getCredentials(@ProjectId String str) throws GoogleCredentialException {
        validateUsingGoogle(this.cloud);
        if (this.environment == Constants.Environment.LOCAL) {
            Constants.Environment projectEnvironment = getProjectEnvironment(str);
            Preconditions.checkArgument(projectEnvironment == Constants.Environment.LOCAL || projectEnvironment == Constants.Environment.TEST || projectEnvironment == Constants.Environment.QA, "Invalid project to connect to with env=LOCAL. " + str + " doesn't appear to be a local/test project since it doesn't end in -local, -test, or -qa.");
        } else {
            String str2 = System.getenv(GCP_CREDENTIALS_PATH_ENV_VAR);
            if (!str2.startsWith(KUBERNETES_SECRETS_PATH_ROOT)) {
                throw new GoogleCredentialException(String.format("You are attempting to obtain credentials from somewhere other than Kubernetes secrets in prod. You may have accidentally copied creds into your image, which we provide as a local debugging mechanism only. See GCP build script (distributions/demo-google-deployment/bin/build_docker_image.sh) for more info. Creds location was: %s", str2));
            }
        }
        try {
            return GoogleCredentials.getApplicationDefault();
        } catch (IOException e) {
            throw new GoogleCredentialException("Problem obtaining credentials via GoogleCredentials.getApplicationDefault()", e);
        }
    }

    @Singleton
    @Provides
    @ProjectId
    String provideProjectId() {
        validateUsingGoogle(this.cloud);
        try {
            String projectId = GoogleCloudUtils.getProjectId();
            Preconditions.checkArgument(!Strings.isNullOrEmpty(projectId), "Need to specify a project ID when using Google Cloud. This should be exposed as an environment variable by Kubernetes, see k8s/api-deployment.yaml");
            return projectId;
        } catch (NullPointerException e) {
            throw new IllegalArgumentException("Need to specify a project ID when using Google Cloud. This should be exposed as an environment variable by Kubernetes, see k8s/api-deployment.yaml");
        }
    }

    @Singleton
    @Provides
    HttpTransport getHttpTransport() {
        return this.httpTransport;
    }

    @Singleton
    @Provides
    JsonFactory getJsonFactory() {
        return this.jsonFactory;
    }

    @Singleton
    @Provides
    ObjectMapper getObjectMapper() {
        return this.objectMapper;
    }

    @Singleton
    @Provides
    Monitor getMonitor() {
        return this.monitor;
    }

    private void validateUsingGoogle(String str) {
        if (!str.equals(GOOGLE_CLOUD_NAME)) {
            throw new IllegalStateException("Injecting Google objects when cloud != Google! (cloud was " + str);
        }
    }
}
