package io.quarkus.vault.runtime.client;

import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import io.quarkus.vault.VaultException;
import io.quarkus.vault.runtime.VaultIOException;
import io.quarkus.vault.runtime.client.dto.AbstractVaultDTO;
import io.quarkus.vault.sys.VaultHealth;
import io.smallrye.mutiny.Uni;
import io.smallrye.mutiny.unchecked.Unchecked;
import io.vertx.core.VertxException;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.http.RequestOptions;
import io.vertx.mutiny.core.buffer.Buffer;
import io.vertx.mutiny.ext.web.client.HttpRequest;
import io.vertx.mutiny.ext.web.client.HttpResponse;
import io.vertx.mutiny.ext.web.client.WebClient;
import java.net.ConnectException;
import java.net.MalformedURLException;
import java.net.URL;
import java.time.Duration;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.CompletionException;
import java.util.concurrent.TimeoutException;
import java.util.stream.Stream;
import org.jboss.logging.Logger;

/* loaded from: input_file:io/quarkus/vault/runtime/client/VertxVaultClient.class */
public abstract class VertxVaultClient implements VaultClient {
    private static final Logger log = Logger.getLogger(VertxVaultClient.class.getName());
    private static final HttpMethod LIST = HttpMethod.valueOf("LIST");
    private static final List<String> ROOT_NAMESPACE_API = Arrays.asList("sys/init", "sys/license", "sys/leader", "sys/health", "sys/metrics", "sys/config/state", "sys/host-info", "sys/key-status", "sys/storage", "sys/storage/raft");
    private URL baseUrl;
    private Duration requestTimeout;
    private Optional<String> namespace;
    private ObjectMapper mapper = new ObjectMapper().registerModule(new JavaTimeModule());

    /* JADX INFO: Access modifiers changed from: protected */
    public VertxVaultClient(URL url, Optional<String> optional, Duration duration) {
        this.baseUrl = url;
        this.namespace = optional;
        this.requestTimeout = duration;
        this.mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
        this.mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
    }

    protected abstract WebClient getWebClient();

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> put(String str, String str2, String str3, Object obj, int i) {
        return exec(builder(str, HttpMethod.PUT, str2, str3), obj, null, i);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> list(String str, String str2, String str3, Class<T> cls) {
        return exec(builder(str, LIST, str2, str3), cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> delete(String str, String str2, String str3, int i) {
        return exec(builder(str, HttpMethod.DELETE, str2, str3), i);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> post(String str, String str2, String str3, Object obj, Class<T> cls, int i) {
        return exec(builder(str, HttpMethod.POST, str2, str3), obj, cls, i);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> post(String str, String str2, String str3, Object obj, Class<T> cls) {
        return post(str, str2, str3, Collections.emptyMap(), obj, cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> post(String str, String str2, String str3, Map<String, String> map, Object obj, Class<T> cls) {
        HttpRequest<Buffer> builder = builder(str, HttpMethod.POST, str2, str3);
        Objects.requireNonNull(builder);
        map.forEach(builder::putHeader);
        return exec(builder, obj, cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> post(String str, String str2, String str3, Object obj, int i) {
        return exec(builder(str, HttpMethod.POST, str2, str3), obj, null, i);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> put(String str, String str2, String str3, Object obj, Class<T> cls) {
        return exec(builder(str, HttpMethod.PUT, str2, str3), obj, cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> put(String str, String str2, Object obj, Class<T> cls) {
        return exec(builder(str, HttpMethod.PUT, str2), obj, cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> get(String str, String str2, String str3, Class<T> cls) {
        return exec(builder(str, HttpMethod.GET, str2, str3), cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public <T> Uni<T> get(String str, String str2, Map<String, String> map, Class<T> cls) {
        return exec(builder(str, HttpMethod.GET, str2, map), cls);
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public Uni<Buffer> get(String str, String str2, String str3) {
        HttpRequest<Buffer> builder = builder(str, HttpMethod.GET, str2, str3);
        return builder.send().ifNoItem().after(getRequestTimeout()).fail().map(httpResponse -> {
            if (httpResponse.statusCode() != 200 && httpResponse.statusCode() != 204) {
                throwVaultException(builder, httpResponse);
            }
            return (Buffer) httpResponse.body();
        });
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public Uni<Integer> head(String str, String str2) {
        return exec(builder(str, HttpMethod.HEAD, str2));
    }

    @Override // io.quarkus.vault.runtime.client.VaultClient
    public Uni<Integer> head(String str, String str2, Map<String, String> map) {
        return exec(builder(str, HttpMethod.HEAD, str2, map));
    }

    private <T> Uni<T> exec(HttpRequest<Buffer> httpRequest, Class<T> cls) {
        return exec(httpRequest, null, cls, VaultHealth.DEFAULT_INIT_UNSEAL_ACTIVE_STATUS_CODE);
    }

    private <T> Uni<T> exec(HttpRequest<Buffer> httpRequest, int i) {
        return exec(httpRequest, null, null, i);
    }

    private <T> Uni<T> exec(HttpRequest<Buffer> httpRequest, Object obj, Class<T> cls) {
        return exec(httpRequest, obj, cls, VaultHealth.DEFAULT_INIT_UNSEAL_ACTIVE_STATUS_CODE);
    }

    private <T> Uni<T> exec(HttpRequest<Buffer> httpRequest, Object obj, Class<T> cls, int i) {
        return (obj == null ? httpRequest.send() : httpRequest.sendBuffer(Buffer.buffer(requestBody(obj)))).ifNoItem().after(getRequestTimeout()).failWith(TimeoutException::new).map(Unchecked.function(httpResponse -> {
            if (httpResponse.statusCode() != i && !handleWarningResponse(httpResponse, i)) {
                throwVaultException(httpRequest, httpResponse);
            }
            Buffer buffer = (Buffer) httpResponse.body();
            if (buffer == null || cls == null) {
                return null;
            }
            Object readValue = this.mapper.readValue(buffer.toString(), cls);
            logResultWarnings(readValue);
            return readValue;
        })).onFailure(JsonProcessingException.class).transform(VaultException::new).onFailure(io.smallrye.mutiny.TimeoutException.class).transform(VaultIOException::new).onFailure(VertxException.class).transform(th -> {
            return "Connection was closed".equals(th.getMessage()) ? new VaultIOException(th) : th;
        }).onFailure(CompletionException.class).transform(th2 -> {
            if (!(th2.getCause() instanceof ConnectException) && !(th2.getCause() instanceof TimeoutException)) {
                return th2;
            }
            return new VaultIOException(th2);
        });
    }

    private boolean handleWarningResponse(HttpResponse<?> httpResponse, int i) {
        if (i != 204 || httpResponse.statusCode() != 200) {
            return false;
        }
        logResultWarnings((AbstractVaultDTO) httpResponse.bodyAsJson(AbstractVaultDTO.class));
        return true;
    }

    private void logResultWarnings(Object obj) {
        if (obj instanceof AbstractVaultDTO) {
            AbstractVaultDTO abstractVaultDTO = (AbstractVaultDTO) obj;
            if (abstractVaultDTO.warnings != null) {
                Iterator it = abstractVaultDTO.warnings.iterator();
                while (it.hasNext()) {
                    log.warn((String) it.next());
                }
            }
        }
    }

    private Duration getRequestTimeout() {
        return this.requestTimeout;
    }

    private Uni<Integer> exec(HttpRequest<Buffer> httpRequest) {
        return httpRequest.send().ifNoItem().after(getRequestTimeout()).failWith(TimeoutException::new).onItem().transform((v0) -> {
            return v0.statusCode();
        });
    }

    private void throwVaultException(HttpRequest<?> httpRequest, HttpResponse<Buffer> httpResponse) {
        String str = null;
        try {
            str = ((Buffer) httpResponse.body()).toString();
        } catch (Exception e) {
        }
        throw new VaultClientException(httpRequest.traceOperation(), httpRequest.uri(), httpResponse.statusCode(), str);
    }

    private HttpRequest<Buffer> builder(String str, HttpMethod httpMethod, String str2, String str3) {
        HttpRequest<Buffer> builder = builder(str, httpMethod, str2);
        if (str3 != null) {
            builder.putHeader(VaultClient.X_VAULT_TOKEN, str3);
        }
        if (this.namespace.isPresent() && !isRootNamespaceAPI(str2)) {
            builder.putHeader(VaultClient.X_VAULT_NAMESPACE, this.namespace.get());
        }
        return builder;
    }

    private boolean isRootNamespaceAPI(String str) {
        Stream<String> stream = ROOT_NAMESPACE_API.stream();
        Objects.requireNonNull(str);
        return stream.anyMatch(str::startsWith);
    }

    private HttpRequest<Buffer> builder(String str, HttpMethod httpMethod, String str2) {
        return getWebClient().request(httpMethod, new RequestOptions().setAbsoluteURI(getUrl(str2)).setTraceOperation(str));
    }

    private HttpRequest<Buffer> builder(String str, HttpMethod httpMethod, String str2, Map<String, String> map) {
        HttpRequest<Buffer> builder = builder(str, httpMethod, str2);
        if (map != null) {
            Objects.requireNonNull(builder);
            map.forEach(builder::addQueryParam);
        }
        return builder;
    }

    private String requestBody(Object obj) {
        try {
            return this.mapper.writeValueAsString(obj);
        } catch (JsonProcessingException e) {
            throw new VaultException((Throwable) e);
        }
    }

    private URL getUrl(String str) {
        try {
            return new URL(this.baseUrl, "v1/" + str);
        } catch (MalformedURLException e) {
            throw new VaultException(e);
        }
    }
}
