package io.quarkus.vault.runtime;

import io.quarkus.vault.VaultSystemBackendReactiveEngine;
import io.quarkus.vault.client.VaultClient;
import io.quarkus.vault.client.VaultClientException;
import io.quarkus.vault.client.api.sys.init.VaultSysInitParams;
import io.quarkus.vault.client.api.sys.mounts.VaultSysMountsEnableConfig;
import io.quarkus.vault.client.api.sys.mounts.VaultSysMountsListingVisibility;
import io.quarkus.vault.client.api.sys.mounts.VaultSysMountsTuneParams;
import io.quarkus.vault.client.api.sys.plugins.VaultSysPluginsRegisterParams;
import io.quarkus.vault.runtime.config.CredentialsProviderConfig;
import io.quarkus.vault.runtime.config.VaultBuildTimeConfig;
import io.quarkus.vault.runtime.config.VaultRuntimeConfig;
import io.quarkus.vault.sys.EnableEngineOptions;
import io.quarkus.vault.sys.EngineListingVisibility;
import io.quarkus.vault.sys.VaultHealth;
import io.quarkus.vault.sys.VaultHealthStatus;
import io.quarkus.vault.sys.VaultInit;
import io.quarkus.vault.sys.VaultPluginDetails;
import io.quarkus.vault.sys.VaultPlugins;
import io.quarkus.vault.sys.VaultSealStatus;
import io.quarkus.vault.sys.VaultSecretEngine;
import io.quarkus.vault.sys.VaultSecretEngineInfo;
import io.quarkus.vault.sys.VaultTuneInfo;
import io.smallrye.mutiny.Uni;
import jakarta.annotation.Nullable;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;

@ApplicationScoped
/* loaded from: input_file:io/quarkus/vault/runtime/VaultSystemBackendManager.class */
public class VaultSystemBackendManager implements VaultSystemBackendReactiveEngine {

    @Inject
    VaultClient vaultClient;

    @Inject
    VaultBuildTimeConfig buildTimeConfig;

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<VaultInit> init(int i, int i2) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().init().init(new VaultSysInitParams().setSecretShares(Integer.valueOf(i)).setSecretThreshold(Integer.valueOf(i2)))).map(vaultSysInitResult -> {
            return new VaultInit(vaultSysInitResult.getKeys(), vaultSysInitResult.getKeysBase64(), vaultSysInitResult.getRootToken());
        });
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<VaultHealth> health() {
        return health(this.buildTimeConfig.health().standByOk(), this.buildTimeConfig.health().performanceStandByOk());
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<VaultHealthStatus> healthStatus() {
        return healthStatus(this.buildTimeConfig.health().standByOk(), this.buildTimeConfig.health().performanceStandByOk());
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<VaultSealStatus> sealStatus() {
        return Uni.createFrom().completionStage(this.vaultClient.sys().seal().status()).map(vaultSysSealStatusResult -> {
            VaultSealStatus vaultSealStatus = new VaultSealStatus();
            vaultSealStatus.setClusterId(vaultSysSealStatusResult.getClusterId());
            vaultSealStatus.setClusterName(vaultSysSealStatusResult.getClusterName());
            vaultSealStatus.setInitialized(vaultSysSealStatusResult.isInitialized().booleanValue());
            vaultSealStatus.setMigration(vaultSysSealStatusResult.isMigration().booleanValue());
            vaultSealStatus.setN(vaultSysSealStatusResult.getN().intValue());
            vaultSealStatus.setNonce(vaultSysSealStatusResult.getNonce());
            vaultSealStatus.setProgress(vaultSysSealStatusResult.getProgress().intValue());
            vaultSealStatus.setRecoverySeal(vaultSysSealStatusResult.isRecoverySeal().booleanValue());
            vaultSealStatus.setSealed(vaultSysSealStatusResult.isSealed().booleanValue());
            vaultSealStatus.setT(vaultSysSealStatusResult.getT().intValue());
            vaultSealStatus.setType(vaultSysSealStatusResult.getType());
            vaultSealStatus.setVersion(vaultSysSealStatusResult.getVersion());
            return vaultSealStatus;
        });
    }

    private Uni<VaultHealthStatus> healthStatus(boolean z, boolean z2) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().health().info(Boolean.valueOf(z), Boolean.valueOf(z2))).map(vaultSysHealthInfoResult -> {
            VaultHealthStatus vaultHealthStatus = new VaultHealthStatus();
            vaultHealthStatus.setClusterId(vaultSysHealthInfoResult.getClusterId());
            vaultHealthStatus.setClusterName(vaultSysHealthInfoResult.getClusterName());
            vaultHealthStatus.setInitialized(vaultSysHealthInfoResult.isInitialized().booleanValue());
            vaultHealthStatus.setPerformanceStandby(vaultSysHealthInfoResult.isPerformanceStandby().booleanValue());
            vaultHealthStatus.setReplicationDrMode(vaultSysHealthInfoResult.getReplicationDrMode());
            vaultHealthStatus.setReplicationPerfMode(vaultSysHealthInfoResult.getReplicationPerformanceMode());
            vaultHealthStatus.setSealed(vaultSysHealthInfoResult.isSealed().booleanValue());
            vaultHealthStatus.setServerTimeUtc(vaultSysHealthInfoResult.getServerTimeUtc().longValue());
            vaultHealthStatus.setStandby(vaultSysHealthInfoResult.isStandby().booleanValue());
            vaultHealthStatus.setVersion(vaultSysHealthInfoResult.getVersion());
            return vaultHealthStatus;
        });
    }

    private Uni<VaultHealth> health(boolean z, boolean z2) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().health().statusCode(Boolean.valueOf(z), Boolean.valueOf(z2))).map((v1) -> {
            return new VaultHealth(v1);
        });
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<String> getPolicyRules(String str) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().policy().read(str)).map((v0) -> {
            return v0.getRules();
        });
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<Void> createUpdatePolicy(String str, String str2) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().policy().update(str, str2));
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<Void> deletePolicy(String str) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().policy().delete(str));
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<List<String>> getPolicies() {
        return Uni.createFrom().completionStage(this.vaultClient.sys().policy().list());
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<VaultSecretEngineInfo> getSecretEngineInfo(String str) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().mounts().read(str)).map(vaultSysMountsFullMountInfo -> {
            VaultSecretEngineInfo vaultSecretEngineInfo = new VaultSecretEngineInfo();
            vaultSecretEngineInfo.setDescription(vaultSysMountsFullMountInfo.getDescription());
            vaultSecretEngineInfo.setType(vaultSysMountsFullMountInfo.getType());
            vaultSecretEngineInfo.setLocal(vaultSysMountsFullMountInfo.isLocal());
            vaultSecretEngineInfo.setExternalEntropyAccess(vaultSysMountsFullMountInfo.isExternalEntropyAccess());
            vaultSecretEngineInfo.setSealWrap(vaultSysMountsFullMountInfo.isSealWrap());
            vaultSecretEngineInfo.setPluginVersion(vaultSysMountsFullMountInfo.getPluginVersion());
            vaultSecretEngineInfo.setRunningPluginVersion(vaultSysMountsFullMountInfo.getRunningPluginVersion());
            vaultSecretEngineInfo.setRunningSha256(vaultSysMountsFullMountInfo.getRunningSha256());
            vaultSecretEngineInfo.setDefaultLeaseTimeToLive(DurationHelper.toLongDurationSeconds(vaultSysMountsFullMountInfo.getConfig().getDefaultLeaseTtl()));
            vaultSecretEngineInfo.setMaxLeaseTimeToLive(DurationHelper.toLongDurationSeconds(vaultSysMountsFullMountInfo.getConfig().getMaxLeaseTtl()));
            vaultSecretEngineInfo.setForceNoCache(vaultSysMountsFullMountInfo.getConfig().isForceNoCache());
            vaultSecretEngineInfo.setOptions(vaultSysMountsFullMountInfo.getOptions());
            vaultSecretEngineInfo.setAuditNonHMACRequestKeys(vaultSysMountsFullMountInfo.getConfig().getAuditNonHmacRequestKeys());
            vaultSecretEngineInfo.setAuditNonHMACResponseKeys(vaultSysMountsFullMountInfo.getConfig().getAuditNonHmacResponseKeys());
            vaultSecretEngineInfo.setListingVisibility(vaultSysMountsFullMountInfo.getConfig().getListingVisibility() != null ? EngineListingVisibility.from(vaultSysMountsFullMountInfo.getConfig().getListingVisibility().getValue()) : null);
            vaultSecretEngineInfo.setPassthroughRequestHeaders(vaultSysMountsFullMountInfo.getConfig().getPassthroughRequestHeaders());
            vaultSecretEngineInfo.setAllowedResponseHeaders(vaultSysMountsFullMountInfo.getConfig().getAllowedResponseHeaders());
            vaultSecretEngineInfo.setAllowedManagedKeys(vaultSysMountsFullMountInfo.getConfig().getAllowedManagedKeys());
            return vaultSecretEngineInfo;
        });
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<VaultTuneInfo> getTuneInfo(String str) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().mounts().readTune(str)).map(vaultSysMountsReadTuneResultData -> {
            VaultTuneInfo vaultTuneInfo = new VaultTuneInfo();
            vaultTuneInfo.setDefaultLeaseTimeToLive(DurationHelper.toLongDurationSeconds(vaultSysMountsReadTuneResultData.getDefaultLeaseTtl()));
            vaultTuneInfo.setMaxLeaseTimeToLive(DurationHelper.toLongDurationSeconds(vaultSysMountsReadTuneResultData.getMaxLeaseTtl()));
            vaultTuneInfo.setDescription(vaultSysMountsReadTuneResultData.getDescription());
            vaultTuneInfo.setForceNoCache(vaultSysMountsReadTuneResultData.isForceNoCache());
            vaultTuneInfo.setOptions(vaultSysMountsReadTuneResultData.getOptions());
            vaultTuneInfo.setAuditNonHMACRequestKeys(vaultSysMountsReadTuneResultData.getAuditNonHmacRequestKeys());
            vaultTuneInfo.setAuditNonHMACResponseKeys(vaultSysMountsReadTuneResultData.getAuditNonHmacResponseKeys());
            vaultTuneInfo.setListingVisibility(vaultSysMountsReadTuneResultData.getListingVisibility() != null ? EngineListingVisibility.from(vaultSysMountsReadTuneResultData.getListingVisibility().getValue()) : null);
            vaultTuneInfo.setPassthroughRequestHeaders(vaultSysMountsReadTuneResultData.getPassthroughRequestHeaders());
            vaultTuneInfo.setAllowedResponseHeaders(vaultSysMountsReadTuneResultData.getAllowedResponseHeaders());
            vaultTuneInfo.setAllowedManagedKeys(vaultSysMountsReadTuneResultData.getAllowedManagedKeys());
            return vaultTuneInfo;
        });
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<Void> updateTuneInfo(String str, VaultTuneInfo vaultTuneInfo) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().mounts().tune(str, new VaultSysMountsTuneParams().setDescription(vaultTuneInfo.getDescription()).setDefaultLeaseTtl(DurationHelper.fromSeconds(vaultTuneInfo.getDefaultLeaseTimeToLive())).setMaxLeaseTtl(DurationHelper.fromSeconds(vaultTuneInfo.getMaxLeaseTimeToLive())).setAuditNonHmacRequestKeys(vaultTuneInfo.getAuditNonHMACRequestKeys()).setAuditNonHmacResponseKeys(vaultTuneInfo.getAuditNonHMACResponseKeys()).setListingVisibility(vaultTuneInfo.getListingVisibility() != null ? VaultSysMountsListingVisibility.from(vaultTuneInfo.getListingVisibility().getValue()) : null).setPassthroughRequestHeaders(vaultTuneInfo.getPassthroughRequestHeaders()).setAllowedResponseHeaders(vaultTuneInfo.getAllowedResponseHeaders()).setAllowedManagedKeys(vaultTuneInfo.getAllowedManagedKeys())));
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<Boolean> isEngineMounted(String str) {
        return getSecretEngineInfo(str).map(vaultSecretEngineInfo -> {
            return true;
        }).onFailure(VaultClientException.class).recoverWithUni(th -> {
            return ((VaultClientException) th).getStatus().intValue() == 405 ? getTuneInfo(str).map(vaultTuneInfo -> {
                return true;
            }) : Uni.createFrom().failure(th);
        }).onFailure(VaultClientException.class).recoverWithUni(th2 -> {
            return ((VaultClientException) th2).getStatus().intValue() == 400 ? Uni.createFrom().item(false) : Uni.createFrom().failure(th2);
        });
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<Void> enable(VaultSecretEngine vaultSecretEngine, String str, String str2, EnableEngineOptions enableEngineOptions) {
        return enable(vaultSecretEngine.getType(), str, str2, enableEngineOptions);
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<Void> enable(String str, String str2, String str3, EnableEngineOptions enableEngineOptions) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().mounts().enable(str2, str, str3, new VaultSysMountsEnableConfig().setDefaultLeaseTtl(DurationHelper.fromVaultDuration(enableEngineOptions.defaultLeaseTimeToLive)).setMaxLeaseTtl(DurationHelper.fromVaultDuration(enableEngineOptions.maxLeaseTimeToLive)).setForceNoCache(enableEngineOptions.forceNoCache).setAuditNonHmacRequestKeys(enableEngineOptions.auditNonHMACRequestKeys).setAuditNonHmacResponseKeys(enableEngineOptions.auditNonHMACResponseKeys).setListingVisibility(enableEngineOptions.listingVisibility != null ? VaultSysMountsListingVisibility.from(enableEngineOptions.listingVisibility.getValue()) : null).setPassthroughRequestHeaders(enableEngineOptions.passthroughRequestHeaders).setAllowedResponseHeaders(enableEngineOptions.allowedResponseHeaders).setAllowedManagedKeys(enableEngineOptions.allowedManagedKeys).setPluginVersion(enableEngineOptions.pluginVersion), enableEngineOptions.options != null ? (Map) enableEngineOptions.options.entrySet().stream().collect(Collectors.toMap((v0) -> {
            return v0.getKey();
        }, (v0) -> {
            return v0.getValue();
        })) : null));
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<Void> disable(String str) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().mounts().disable(str));
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<VaultPlugins> listPlugins() {
        return Uni.createFrom().completionStage(this.vaultClient.sys().plugins().list()).map(vaultSysPluginsListResultData -> {
            return new VaultPlugins().setAuth(vaultSysPluginsListResultData.getAuth()).setDatabase(vaultSysPluginsListResultData.getDatabase()).setSecret(vaultSysPluginsListResultData.getSecret()).setDetailed((List) vaultSysPluginsListResultData.getDetailed().stream().map(vaultSysPluginsPluginDetails -> {
                return new VaultPluginDetails().setBuiltin(vaultSysPluginsPluginDetails.isBuiltin()).setDeprecationStatus(vaultSysPluginsPluginDetails.getDeprecationStatus()).setName(vaultSysPluginsPluginDetails.getName()).setType(vaultSysPluginsPluginDetails.getType()).setSha256(vaultSysPluginsPluginDetails.getSha256()).setVersion(vaultSysPluginsPluginDetails.getVersion());
            }).collect(Collectors.toList()));
        });
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<List<String>> listPlugins(String str) {
        String lowerCase = str.toLowerCase();
        boolean z = -1;
        switch (lowerCase.hashCode()) {
            case -906277200:
                if (lowerCase.equals(VaultRuntimeConfig.DEFAULT_KV_SECRET_ENGINE_MOUNT_PATH)) {
                    z = 2;
                    break;
                }
                break;
            case 3005864:
                if (lowerCase.equals("auth")) {
                    z = false;
                    break;
                }
                break;
            case 1789464955:
                if (lowerCase.equals(CredentialsProviderConfig.DATABASE_DEFAULT_MOUNT)) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return Uni.createFrom().completionStage(this.vaultClient.sys().plugins().listAuth());
            case true:
                return Uni.createFrom().completionStage(this.vaultClient.sys().plugins().listDatabase());
            case true:
                return Uni.createFrom().completionStage(this.vaultClient.sys().plugins().listSecret());
            default:
                return Uni.createFrom().failure(new IllegalArgumentException("Unknown plugin type: " + str));
        }
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<VaultPluginDetails> getPluginDetails(String str, String str2, @Nullable String str3) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().plugins().read(str, str2, str3)).map(vaultSysPluginsPluginInfo -> {
            return new VaultPluginDetails().setBuiltin(vaultSysPluginsPluginInfo.isBuiltin()).setName(vaultSysPluginsPluginInfo.getName()).setVersion(vaultSysPluginsPluginInfo.getVersion()).setSha256(vaultSysPluginsPluginInfo.getSha256()).setCommand(vaultSysPluginsPluginInfo.getCommand()).setArgs(vaultSysPluginsPluginInfo.getArgs()).setDeprecationStatus(vaultSysPluginsPluginInfo.getDeprecationStatus());
        }).onFailure(VaultClientException.class).recoverWithUni(th -> {
            return ((VaultClientException) th).getStatus().intValue() == 404 ? Uni.createFrom().nullItem() : Uni.createFrom().failure(th);
        });
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<Void> registerPlugin(String str, String str2, @Nullable String str3, String str4, String str5, @Nullable List<String> list, @Nullable List<String> list2) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().plugins().register(str, str2, new VaultSysPluginsRegisterParams().setVersion(str3).setSha256(str4).setCommand(str5).setArgs(list).setEnv(list2)));
    }

    @Override // io.quarkus.vault.VaultSystemBackendReactiveEngine
    public Uni<Void> removePlugin(String str, String str2, @Nullable String str3) {
        return Uni.createFrom().completionStage(this.vaultClient.sys().plugins().remove(str, str2, str3));
    }
}
