package shaded.com.walmartlabs.concord.client;

import java.io.File;
import java.nio.file.Files;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import shaded.com.google.gson.reflect.TypeToken;
import shaded.com.walmartlabs.concord.ApiClient;
import shaded.com.walmartlabs.concord.ApiException;
import shaded.com.walmartlabs.concord.ApiResponse;
import shaded.com.walmartlabs.concord.client.SecretEntry;
import shaded.com.walmartlabs.concord.common.secret.BinaryDataSecret;
import shaded.com.walmartlabs.concord.common.secret.KeyPair;
import shaded.com.walmartlabs.concord.common.secret.UsernamePassword;
import shaded.com.walmartlabs.concord.sdk.Constants;
import shaded.com.walmartlabs.concord.sdk.Secret;

/* loaded from: input_file:shaded/com/walmartlabs/concord/client/SecretClient.class */
public class SecretClient {
    private static final int DEFAULT_RETRY_COUNT = 3;
    private static final long DEFAULT_RETRY_INTERVAL = 5000;
    private final ApiClient apiClient;
    private final int retryCount;
    private final long retryInterval;
    private static /* synthetic */ int[] $SWITCH_TABLE$com$walmartlabs$concord$client$SecretEntry$TypeEnum;

    public SecretClient(ApiClient apiClient) {
        this(apiClient, 3, DEFAULT_RETRY_INTERVAL);
    }

    public SecretClient(ApiClient apiClient, int i, long j) {
        this.apiClient = apiClient;
        this.retryCount = i;
        this.retryInterval = j;
    }

    public <T extends Secret> T getData(String str, String str2, String str3, SecretEntry.TypeEnum typeEnum) throws Exception {
        String str4 = "/api/v1/org/" + str + "/secret/" + str2 + "/data";
        ApiResponse apiResponse = null;
        HashMap hashMap = new HashMap();
        String str5 = str3;
        if (str3 == null) {
            str5 = "";
        }
        hashMap.put(Constants.Multipart.STORE_PASSWORD, str5);
        try {
            try {
                ApiResponse apiResponse2 = (ApiResponse) ClientUtils.withRetry(this.retryCount, this.retryInterval, () -> {
                    return ClientUtils.postData(this.apiClient, str4, (Map<String, Object>) hashMap, File.class);
                });
                if (apiResponse2.getData() == null) {
                    throw new IllegalArgumentException("Secret not found: " + str + "/" + str2);
                }
                String header = ClientUtils.getHeader(Constants.Headers.SECRET_TYPE, apiResponse2);
                if (header == null) {
                    throw new IllegalStateException("Can't determine the secret's expectedType. Server response: code=" + apiResponse2.getStatusCode() + ", path=" + str4);
                }
                SecretEntry.TypeEnum valueOf = SecretEntry.TypeEnum.valueOf(header);
                if (typeEnum != null && typeEnum != valueOf) {
                    throw new IllegalArgumentException(String.format("Unexpected type of %s/%s. Expected %s, got %s. Check the secret's expectedType and its usage - some secrets can only be used for specific purposes (e.g. %s is typically used for key-based authentication).", str, str2, typeEnum, valueOf, SecretEntry.TypeEnum.KEY_PAIR));
                }
                T t = (T) readSecret(valueOf, Files.readAllBytes(((File) apiResponse2.getData()).toPath()));
                if (apiResponse2 != null && apiResponse2.getData() != null) {
                    Files.delete(((File) apiResponse2.getData()).toPath());
                }
                return t;
            } catch (ApiException e) {
                if (e.getCode() == 404) {
                    throw new IllegalArgumentException("Secret not found: " + str + "/" + str2);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (0 != 0 && apiResponse.getData() != null) {
                Files.delete(((File) apiResponse.getData()).toPath());
            }
            throw th;
        }
    }

    public byte[] decryptString(UUID uuid, byte[] bArr) throws Exception {
        String str = "/api/v1/process/" + uuid + "/decrypt";
        try {
            return (byte[]) ((ApiResponse) ClientUtils.withRetry(this.retryCount, this.retryInterval, () -> {
                return ClientUtils.postData(this.apiClient, str, bArr, new TypeToken<byte[]>() { // from class: shaded.com.walmartlabs.concord.client.SecretClient.2
                }.getType());
            })).getData();
        } catch (ApiException e) {
            if (e.getCode() == 400) {
                throw new IllegalArgumentException("Can't decrypt the string: " + Base64.getEncoder().encodeToString(bArr));
            }
            throw e;
        }
    }

    public String encryptString(UUID uuid, String str, String str2, String str3) throws Exception {
        String str4 = "/api/v1/org/" + str + "/project/" + str2 + "/encrypt";
        HashMap hashMap = new HashMap();
        hashMap.put("Content-Type", "text/plain;charset=UTF-8");
        ApiResponse apiResponse = (ApiResponse) ClientUtils.withRetry(this.retryCount, this.retryInterval, () -> {
            return ClientUtils.postData(this.apiClient, str4, str3, hashMap, EncryptValueResponse.class);
        });
        if (apiResponse.getStatusCode() == 200 && ((EncryptValueResponse) apiResponse.getData()).isOk().booleanValue()) {
            return ((EncryptValueResponse) apiResponse.getData()).getData();
        }
        throw new ApiException("Error encrypting string. Status code:" + apiResponse.getStatusCode() + " Data: " + apiResponse.getData());
    }

    private static <T> T readSecret(SecretEntry.TypeEnum typeEnum, byte[] bArr) {
        switch ($SWITCH_TABLE$com$walmartlabs$concord$client$SecretEntry$TypeEnum()[typeEnum.ordinal()]) {
            case 1:
                return (T) KeyPair.deserialize(bArr);
            case 2:
                return (T) UsernamePassword.deserialize(bArr);
            case 3:
                return (T) new BinaryDataSecret(bArr);
            default:
                throw new IllegalArgumentException("unknown secret type: " + typeEnum);
        }
    }

    static /* synthetic */ int[] $SWITCH_TABLE$com$walmartlabs$concord$client$SecretEntry$TypeEnum() {
        int[] iArr = $SWITCH_TABLE$com$walmartlabs$concord$client$SecretEntry$TypeEnum;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[SecretEntry.TypeEnum.valuesCustom().length];
        try {
            iArr2[SecretEntry.TypeEnum.DATA.ordinal()] = 3;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[SecretEntry.TypeEnum.KEY_PAIR.ordinal()] = 1;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[SecretEntry.TypeEnum.USERNAME_PASSWORD.ordinal()] = 2;
        } catch (NoSuchFieldError unused3) {
        }
        $SWITCH_TABLE$com$walmartlabs$concord$client$SecretEntry$TypeEnum = iArr2;
        return iArr2;
    }
}
