package com.avioconsulting.mule.vault.provider.api;

import com.avioconsulting.mule.vault.provider.internal.error.exception.SecretNotFoundException;
import com.avioconsulting.mule.vault.provider.internal.error.exception.UnsetVariableException;
import com.avioconsulting.mule.vault.provider.internal.error.exception.VaultAccessException;
import com.avioconsulting.mule.vault.provider.internal.extension.VaultPropertyPath;
import com.bettercloud.vault.Vault;
import com.bettercloud.vault.VaultException;
import java.io.FileInputStream;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.mule.runtime.api.exception.DefaultMuleException;
import org.mule.runtime.config.api.dsl.model.properties.ConfigurationPropertiesProvider;
import org.mule.runtime.config.api.dsl.model.properties.ConfigurationProperty;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/avioconsulting/mule/vault/provider/api/VaultConfigurationPropertiesProvider.class */
public class VaultConfigurationPropertiesProvider implements ConfigurationPropertiesProvider {
    private static final String VAULT_PROPERTIES_PREFIX = "vault::";
    private final Vault vault;
    private final boolean isLocalMode;
    Map<String, Map<String, String>> cachedData = new HashMap();
    private static final Logger logger = LoggerFactory.getLogger(VaultConfigurationPropertiesProvider.class);
    private static final Pattern VAULT_PATTERN = Pattern.compile("vault::([^\\.]*)\\.([^}]*)");
    private static final Pattern ENV_PATTERN = Pattern.compile("\\$\\[([^\\]]*)\\]");

    public VaultConfigurationPropertiesProvider(Vault vault, Boolean bool, String str) {
        this.vault = vault;
        this.isLocalMode = bool.booleanValue();
        if (bool.booleanValue()) {
            evaluateLocalProperitesConfig(str);
        }
    }

    private String getProperty(String str, String str2) throws SecretNotFoundException, VaultAccessException, DefaultMuleException {
        Map<String, String> data;
        try {
            if (this.cachedData.containsKey(str)) {
                logger.trace("Getting data from cache");
                data = this.cachedData.get(str);
            } else {
                if (this.isLocalMode) {
                    throw new SecretNotFoundException(String.format("No property found for %s.%s in the local properties file", str, str2));
                }
                logger.trace("Getting data from Vault");
                data = this.vault.logical().read(str).getData();
                this.cachedData.put(str, data);
            }
            if (data == null || !data.containsKey(str2)) {
                throw new SecretNotFoundException(String.format("No value found for %s.%s", str, str2));
            }
            return data.get(str2);
        } catch (VaultException e) {
            if (e.getHttpStatusCode() == 404) {
                throw new SecretNotFoundException("Error getting data from Vault, secret not found", e);
            }
            if (e.getHttpStatusCode() == 403) {
                throw new VaultAccessException(String.format("Access to the secret at \"%s\" is denied", str), e);
            }
            logger.error("Error getting data from Vault", e);
            throw new DefaultMuleException("Unknown Vault exception", e);
        }
    }

    public Optional<ConfigurationProperty> getConfigurationProperty(String str) {
        final VaultPropertyPath parsePropertyPath;
        Optional<ConfigurationProperty> empty = Optional.empty();
        if (str.startsWith(VAULT_PROPERTIES_PREFIX) && (parsePropertyPath = parsePropertyPath(str)) != null) {
            try {
                final String property = getProperty(parsePropertyPath.getSecretPath(), parsePropertyPath.getKey());
                if (property != null) {
                    return Optional.of(new ConfigurationProperty() { // from class: com.avioconsulting.mule.vault.provider.api.VaultConfigurationPropertiesProvider.1
                        public Object getSource() {
                            return "Vault provider source";
                        }

                        public Object getRawValue() {
                            return property;
                        }

                        public String getKey() {
                            return String.format("%s.%s", parsePropertyPath.getSecretPath(), parsePropertyPath.getKey());
                        }
                    });
                }
            } catch (Exception e) {
                logger.error("Property was not found", e);
            }
        }
        return empty;
    }

    public String getDescription() {
        return "Vault properties provider";
    }

    private VaultPropertyPath parsePropertyPath(String str) {
        Matcher matcher = VAULT_PATTERN.matcher(str);
        if (!matcher.find()) {
            return null;
        }
        return new VaultPropertyPath(expandedValue(matcher.group(1)), expandedValue(matcher.group(2)));
    }

    private String expandedValue(String str) {
        String str2 = str;
        Matcher matcher = ENV_PATTERN.matcher(str);
        while (matcher.find()) {
            String group = matcher.group(1);
            String str3 = System.getenv(group);
            if (str3 == null) {
                str3 = System.getProperty(group);
                logger.debug("Retrieved environment value from property rather than environment");
            }
            if (str3 == null) {
                throw new UnsetVariableException(String.format("Environment variable [%s] is not set", group));
            }
            str2 = str2.replaceAll("\\$\\[" + group + "\\]", str3);
        }
        return str2;
    }

    private void evaluateLocalProperitesConfig(String str) {
        if (str == null || str.isEmpty()) {
            return;
        }
        try {
            URL resource = getClass().getClassLoader().getResource(str);
            if (resource == null) {
                return;
            }
            Properties properties = new Properties();
            properties.load(new FileInputStream(resource.getPath()));
            loadCacheFromProperties(properties);
        } catch (Exception e) {
            logger.error(String.format("Error occurred while loading the local properties file from %s", str), e);
        }
    }

    private void loadCacheFromProperties(Properties properties) {
        if (properties == null || properties.isEmpty()) {
            return;
        }
        properties.entrySet().forEach(entry -> {
            String obj = entry.getKey().toString();
            final String[] split = obj.split("\\.");
            if (split.length != 2) {
                logger.warn(String.format("Invalid property secret path in local properties file (%s). Property must be in this format: path/to/secret/engine.key", obj));
            } else if (this.cachedData.containsKey(split[0])) {
                this.cachedData.get(split[0]).put(split[1], entry.getValue().toString());
            } else {
                this.cachedData.put(split[0], new HashMap<String, String>() { // from class: com.avioconsulting.mule.vault.provider.api.VaultConfigurationPropertiesProvider.2
                    {
                        put(split[1], entry.getValue().toString());
                    }
                });
            }
        });
    }
}
