package com.avioconsulting.mule.vault.provider.internal.connection.provider;

import com.avioconsulting.mule.vault.provider.api.VaultConfigurationPropertiesProviderFactory;
import com.avioconsulting.mule.vault.provider.api.connection.parameters.EC2ConnectionProperties;
import com.avioconsulting.mule.vault.provider.api.connection.parameters.TlsContext;
import com.avioconsulting.mule.vault.provider.internal.connection.VaultConnection;
import com.avioconsulting.mule.vault.provider.internal.connection.impl.Ec2Connection;
import com.bettercloud.vault.rest.Rest;
import com.bettercloud.vault.rest.RestException;
import java.nio.charset.StandardCharsets;
import org.mule.runtime.api.connection.ConnectionException;
import org.mule.runtime.api.meta.ExpressionSupport;
import org.mule.runtime.config.api.dsl.model.ConfigurationParameters;
import org.mule.runtime.extension.api.annotation.Alias;
import org.mule.runtime.extension.api.annotation.Expression;
import org.mule.runtime.extension.api.annotation.dsl.xml.ParameterDsl;
import org.mule.runtime.extension.api.annotation.param.ExclusiveOptionals;
import org.mule.runtime.extension.api.annotation.param.Optional;
import org.mule.runtime.extension.api.annotation.param.Parameter;
import org.mule.runtime.extension.api.annotation.param.ParameterGroup;
import org.mule.runtime.extension.api.annotation.param.display.DisplayName;
import org.mule.runtime.extension.api.annotation.param.display.Placement;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ExclusiveOptionals(isOneRequired = true)
@DisplayName("EC2 Connection")
@Alias(VaultConfigurationPropertiesProviderFactory.EC2_PARAMETER_GROUP)
/* loaded from: input_file:com/avioconsulting/mule/vault/provider/internal/connection/provider/Ec2ConnectionProvider.class */
public class Ec2ConnectionProvider extends AbstractAWSConnectionProvider {
    private static final String INSTANCE_PKCS7_URI = "http://169.254.169.254/latest/dynamic/instance-identity/pkcs7";
    private static final Logger logger = LoggerFactory.getLogger(Ec2ConnectionProvider.class);

    @ParameterGroup(name = "EC2 Properties")
    EC2ConnectionProperties connectionProperties;

    @ParameterDsl(allowReferences = false)
    @Optional
    @Parameter
    @Placement(tab = "Security")
    @DisplayName("TLS Context")
    @Expression(ExpressionSupport.NOT_SUPPORTED)
    protected TlsContext tlsContext;
    private String pkcs7Uri;

    public Ec2ConnectionProvider() {
        setPkcs7Uri();
    }

    public Ec2ConnectionProvider(ConfigurationParameters configurationParameters) {
        super(configurationParameters);
        setPkcs7Uri();
        this.connectionProperties = new EC2ConnectionProperties(configurationParameters);
        this.tlsContext = new TlsContext(configurationParameters);
    }

    @Override // com.avioconsulting.mule.vault.provider.internal.connection.provider.AbstractConnectionProvider
    protected TlsContext getTlsContext() {
        return this.tlsContext;
    }

    private void setPkcs7Uri() {
        this.pkcs7Uri = System.getProperty("INSTANCE_PKCS7_URI");
        if (this.pkcs7Uri == null || this.pkcs7Uri.isEmpty()) {
            this.pkcs7Uri = INSTANCE_PKCS7_URI;
        }
    }

    /* renamed from: connect, reason: merged with bridge method [inline-methods] */
    public VaultConnection m18connect() throws ConnectionException {
        if (this.connectionProperties == null) {
            return null;
        }
        if (this.connectionProperties.isUseInstanceMetadata()) {
            this.connectionProperties.setPkcs7(lookupPkcs7());
        }
        boolean z = this.connectionProperties.getPkcs7() == null || this.connectionProperties.getPkcs7().isEmpty();
        boolean z2 = this.connectionProperties.getIdentityProperties().getIdentity() == null || this.connectionProperties.getIdentityProperties().getIdentity().isEmpty() || this.connectionProperties.getIdentityProperties().getSignature() == null || this.connectionProperties.getIdentityProperties().getSignature().isEmpty();
        if (!z || !z2) {
            return new Ec2Connection(this.vaultUrl, this.vaultRole, this.connectionProperties.getPkcs7(), null, this.connectionProperties.getIdentityProperties().getIdentity(), this.connectionProperties.getIdentityProperties().getSignature(), this.awsAuthMount, getTlsContext(), this.engineVersion, this.prefixPathDepth);
        }
        logger.error("PKCS7 Signature, Identity Document, and Identity Signature are all null or empty");
        throw new ConnectionException("PKCS7 Signature or the Identity Document and Signature are required");
    }

    private String lookupPkcs7() {
        String str = null;
        try {
            str = new String(new Rest().url(this.pkcs7Uri).get().getBody(), StandardCharsets.UTF_8).replaceAll("\n", "");
        } catch (RestException e) {
            logger.error("Error looking up PKCS7 from Metadata Service", e);
        }
        return str;
    }
}
