package com.marklogic.client.impl;

import com.marklogic.client.DatabaseClient;
import com.marklogic.client.DatabaseClientBuilder;
import com.marklogic.client.DatabaseClientFactory;
import com.marklogic.client.datamovement.PathSplitter;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.function.BiConsumer;
import java.util.function.Function;
import javax.net.ssl.SSLContext;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/marklogic/client/impl/DatabaseClientPropertySource.class */
public class DatabaseClientPropertySource {
    private static final String PREFIX = "marklogic.client.";
    private final Function<String, Object> propertySource;
    private static final Logger logger = LoggerFactory.getLogger(DatabaseClientPropertySource.class);
    private static Map<String, BiConsumer<DatabaseClientFactory.Bean, Object>> connectionPropertyHandlers = new LinkedHashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/marklogic/client/impl/DatabaseClientPropertySource$SSLInputs.class */
    public static class SSLInputs {
        private final SSLContext sslContext;
        private final String sslProtocol;
        private final X509TrustManager trustManager;

        public SSLInputs(SSLContext sSLContext, String str, X509TrustManager x509TrustManager) {
            this.sslContext = sSLContext;
            this.sslProtocol = str;
            this.trustManager = x509TrustManager;
        }

        public SSLContext getSslContext() {
            return this.sslContext;
        }

        public String getSslProtocol() {
            return this.sslProtocol;
        }

        public X509TrustManager getTrustManager() {
            return this.trustManager;
        }
    }

    public DatabaseClientPropertySource(Function<String, Object> function) {
        this.propertySource = function;
    }

    public DatabaseClient newClient() {
        DatabaseClientFactory.Bean newClientBean = newClientBean();
        return DatabaseClientFactory.newClient(newClientBean.getHost(), newClientBean.getPort(), newClientBean.getBasePath(), newClientBean.getDatabase(), newClientBean.getSecurityContext(), newClientBean.getConnectionType());
    }

    public DatabaseClientFactory.Bean newClientBean() {
        DatabaseClientFactory.Bean bean = new DatabaseClientFactory.Bean();
        connectionPropertyHandlers.forEach((str, biConsumer) -> {
            Object apply = this.propertySource.apply(str);
            if (apply != null) {
                biConsumer.accept(bean, apply);
            }
        });
        bean.setSecurityContext(newSecurityContext());
        return bean;
    }

    private DatabaseClientFactory.SecurityContext newSecurityContext() {
        Object apply = this.propertySource.apply("marklogic.client.securityContext");
        if (apply != null) {
            if (apply instanceof DatabaseClientFactory.SecurityContext) {
                return (DatabaseClientFactory.SecurityContext) apply;
            }
            throw new IllegalArgumentException("Security context must be of type " + DatabaseClientFactory.SecurityContext.class.getName());
        }
        Object apply2 = this.propertySource.apply("marklogic.client.authType");
        if (apply2 == null || !(apply2 instanceof String)) {
            throw new IllegalArgumentException("Security context should be set, or auth type must be of type String");
        }
        String str = (String) apply2;
        SSLInputs buildSSLInputs = buildSSLInputs(str);
        DatabaseClientFactory.SecurityContext newSecurityContext = newSecurityContext(str, buildSSLInputs);
        X509TrustManager determineTrustManager = determineTrustManager(buildSSLInputs);
        SSLContext sslContext = buildSSLInputs.getSslContext() != null ? buildSSLInputs.getSslContext() : determineSSLContext(buildSSLInputs, determineTrustManager);
        if (sslContext != null) {
            newSecurityContext.withSSLContext(sslContext, determineTrustManager);
        }
        newSecurityContext.withSSLHostnameVerifier(determineHostnameVerifier());
        return newSecurityContext;
    }

    private DatabaseClientFactory.SecurityContext newSecurityContext(String str, SSLInputs sSLInputs) {
        String lowerCase = str.toLowerCase();
        boolean z = -1;
        switch (lowerCase.hashCode()) {
            case -1331913276:
                if (lowerCase.equals(DatabaseClientBuilder.AUTH_TYPE_DIGEST)) {
                    z = true;
                    break;
                }
                break;
            case 3522669:
                if (lowerCase.equals(DatabaseClientBuilder.AUTH_TYPE_SAML)) {
                    z = 5;
                    break;
                }
                break;
            case 93508654:
                if (lowerCase.equals(DatabaseClientBuilder.AUTH_TYPE_BASIC)) {
                    z = false;
                    break;
                }
                break;
            case 94756405:
                if (lowerCase.equals(DatabaseClientBuilder.AUTH_TYPE_MARKLOGIC_CLOUD)) {
                    z = 2;
                    break;
                }
                break;
            case 303053659:
                if (lowerCase.equals(DatabaseClientBuilder.AUTH_TYPE_KERBEROS)) {
                    z = 3;
                    break;
                }
                break;
            case 1952399767:
                if (lowerCase.equals(DatabaseClientBuilder.AUTH_TYPE_CERTIFICATE)) {
                    z = 4;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return newBasicAuthContext();
            case true:
                return newDigestAuthContext();
            case true:
                return newCloudAuthContext();
            case true:
                return newKerberosAuthContext();
            case true:
                return newCertificateAuthContext(sSLInputs);
            case true:
                return newSAMLAuthContext();
            default:
                throw new IllegalArgumentException("Unrecognized auth type: " + str);
        }
    }

    private String getRequiredStringValue(String str) {
        Object apply = this.propertySource.apply("marklogic.client." + str);
        if (apply == null || !(apply instanceof String)) {
            throw new IllegalArgumentException(str + " must be of type String");
        }
        return (String) apply;
    }

    private String getNullableStringValue(String str) {
        Object apply = this.propertySource.apply("marklogic.client." + str);
        if (apply == null || (apply instanceof String)) {
            return (String) apply;
        }
        throw new IllegalArgumentException(str + " must be of type String");
    }

    private DatabaseClientFactory.SecurityContext newBasicAuthContext() {
        return new DatabaseClientFactory.BasicAuthContext(getRequiredStringValue("username"), getRequiredStringValue("password"));
    }

    private DatabaseClientFactory.SecurityContext newDigestAuthContext() {
        return new DatabaseClientFactory.DigestAuthContext(getRequiredStringValue("username"), getRequiredStringValue("password"));
    }

    private DatabaseClientFactory.SecurityContext newCloudAuthContext() {
        return new DatabaseClientFactory.MarkLogicCloudAuthContext(getRequiredStringValue("cloud.apiKey"));
    }

    private DatabaseClientFactory.SecurityContext newCertificateAuthContext(SSLInputs sSLInputs) {
        try {
            return new DatabaseClientFactory.CertificateAuthContext(getRequiredStringValue("certificate.file"), getRequiredStringValue("certificate.password"), sSLInputs.getTrustManager());
        } catch (Exception e) {
            throw new RuntimeException("Unable to create CertificateAuthContext; cause " + e.getMessage(), e);
        }
    }

    private DatabaseClientFactory.SecurityContext newKerberosAuthContext() {
        return new DatabaseClientFactory.KerberosAuthContext(getRequiredStringValue("kerberos.principal"));
    }

    private DatabaseClientFactory.SecurityContext newSAMLAuthContext() {
        return new DatabaseClientFactory.SAMLAuthContext(getRequiredStringValue("saml.token"));
    }

    private SSLContext determineSSLContext(SSLInputs sSLInputs, X509TrustManager x509TrustManager) {
        String sslProtocol = sSLInputs.getSslProtocol();
        if (sslProtocol == null) {
            return null;
        }
        if (PathSplitter.DEFAULT_SPLITTER_KEY.equalsIgnoreCase(sslProtocol)) {
            try {
                return SSLContext.getDefault();
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException("Unable to obtain default SSLContext; cause: " + e.getMessage(), e);
            }
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance(sslProtocol);
            if (x509TrustManager != null) {
                try {
                    sSLContext.init(null, new X509TrustManager[]{x509TrustManager}, null);
                } catch (KeyManagementException e2) {
                    throw new RuntimeException("Unable to initialize SSLContext; protocol: " + sslProtocol + "; cause: " + e2.getMessage(), e2);
                }
            }
            return sSLContext;
        } catch (NoSuchAlgorithmException e3) {
            throw new RuntimeException("Unable to get SSLContext instance with protocol: " + sslProtocol + "; cause: " + e3.getMessage(), e3);
        }
    }

    private X509TrustManager determineTrustManager(SSLInputs sSLInputs) {
        if (sSLInputs.getTrustManager() != null) {
            return sSLInputs.getTrustManager();
        }
        if (!PathSplitter.DEFAULT_SPLITTER_KEY.equalsIgnoreCase(sSLInputs.getSslProtocol())) {
            return null;
        }
        X509TrustManager defaultTrustManager = SSLUtil.getDefaultTrustManager();
        if (logger.isDebugEnabled() && defaultTrustManager != null && defaultTrustManager.getAcceptedIssuers() != null) {
            logger.debug("Count of accepted issuers in default trust manager: {}", Integer.valueOf(defaultTrustManager.getAcceptedIssuers().length));
        }
        return defaultTrustManager;
    }

    private DatabaseClientFactory.SSLHostnameVerifier determineHostnameVerifier() {
        Object apply = this.propertySource.apply("marklogic.client.sslHostnameVerifier");
        if (apply instanceof DatabaseClientFactory.SSLHostnameVerifier) {
            return (DatabaseClientFactory.SSLHostnameVerifier) apply;
        }
        if (!(apply instanceof String)) {
            return null;
        }
        String str = (String) apply;
        if ("ANY".equalsIgnoreCase(str)) {
            return DatabaseClientFactory.SSLHostnameVerifier.ANY;
        }
        if ("COMMON".equalsIgnoreCase(str)) {
            return DatabaseClientFactory.SSLHostnameVerifier.COMMON;
        }
        if ("STRICT".equalsIgnoreCase(str)) {
            return DatabaseClientFactory.SSLHostnameVerifier.STRICT;
        }
        throw new IllegalArgumentException(String.format("Unrecognized value for SSLHostnameVerifier: %s", str));
    }

    private SSLInputs buildSSLInputs(String str) {
        SSLContext sSLContext = null;
        Object apply = this.propertySource.apply("marklogic.client.sslContext");
        if (apply != null) {
            if (!(apply instanceof SSLContext)) {
                throw new IllegalArgumentException("SSL context must be an instanceof " + SSLContext.class.getName());
            }
            sSLContext = (SSLContext) apply;
        }
        String nullableStringValue = getNullableStringValue("sslProtocol");
        if (sSLContext == null && ((nullableStringValue == null || nullableStringValue.trim().length() == 0) && DatabaseClientBuilder.AUTH_TYPE_MARKLOGIC_CLOUD.equalsIgnoreCase(str))) {
            nullableStringValue = PathSplitter.DEFAULT_SPLITTER_KEY;
        }
        Object apply2 = this.propertySource.apply("marklogic.client.trustManager");
        X509TrustManager x509TrustManager = null;
        if (apply2 != null) {
            if (!(apply2 instanceof X509TrustManager)) {
                throw new IllegalArgumentException("Trust manager must be an instanceof " + X509TrustManager.class.getName());
            }
            x509TrustManager = (X509TrustManager) apply2;
        }
        return new SSLInputs(sSLContext, nullableStringValue, x509TrustManager);
    }

    static {
        connectionPropertyHandlers.put("marklogic.client.host", (bean, obj) -> {
            if (!(obj instanceof String)) {
                throw new IllegalArgumentException("Host must be of type String");
            }
            bean.setHost((String) obj);
        });
        connectionPropertyHandlers.put("marklogic.client.port", (bean2, obj2) -> {
            if (obj2 instanceof String) {
                bean2.setPort(Integer.parseInt((String) obj2));
            } else {
                if (!(obj2 instanceof Integer)) {
                    throw new IllegalArgumentException("Port must be of type String or Integer");
                }
                bean2.setPort(((Integer) obj2).intValue());
            }
        });
        connectionPropertyHandlers.put("marklogic.client.database", (bean3, obj3) -> {
            if (!(obj3 instanceof String)) {
                throw new IllegalArgumentException("Database must be of type String");
            }
            bean3.setDatabase((String) obj3);
        });
        connectionPropertyHandlers.put("marklogic.client.basePath", (bean4, obj4) -> {
            if (!(obj4 instanceof String)) {
                throw new IllegalArgumentException("Base path must be of type String");
            }
            bean4.setBasePath((String) obj4);
        });
        connectionPropertyHandlers.put("marklogic.client.connectionType", (bean5, obj5) -> {
            if (obj5 instanceof DatabaseClient.ConnectionType) {
                bean5.setConnectionType((DatabaseClient.ConnectionType) obj5);
            } else {
                if (!(obj5 instanceof String)) {
                    throw new IllegalArgumentException("Connection type must either be a String or an instance of ConnectionType");
                }
                String str = (String) obj5;
                if (str.trim().length() > 0) {
                    bean5.setConnectionType(DatabaseClient.ConnectionType.valueOf(str.toUpperCase()));
                }
            }
        });
    }
}
