package io.pivotal.spring.cloud.vault.config.java;

import io.pivotal.spring.cloud.vault.service.common.VaultServiceInfo;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.springframework.boot.autoconfigure.condition.ConditionOutcome;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.condition.SpringBootCondition;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.CloudException;
import org.springframework.cloud.CloudFactory;
import org.springframework.cloud.service.ServiceInfo;
import org.springframework.cloud.vault.config.GenericSecretBackendMetadata;
import org.springframework.cloud.vault.config.VaultBootstrapConfiguration;
import org.springframework.cloud.vault.config.VaultGenericBackendProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ConditionContext;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ConfigurationCondition;
import org.springframework.core.annotation.Order;
import org.springframework.core.env.Environment;
import org.springframework.core.type.AnnotatedTypeMetadata;
import org.springframework.util.StringUtils;
import org.springframework.vault.authentication.ClientAuthentication;
import org.springframework.vault.authentication.TokenAuthentication;
import org.springframework.vault.core.VaultOperations;

@EnableConfigurationProperties({VaultGenericBackendProperties.class, VaultConnectorGenericBackendProperties.class})
@Configuration
@ConditionalOnClass({VaultBootstrapConfiguration.class})
@ConditionalOnProperty(name = {"spring.cloud.vault.enabled"}, matchIfMissing = true)
@Conditional({OnSingleVaultServiceCondition.class})
@Order(2147483547)
/* loaded from: input_file:io/pivotal/spring/cloud/vault/config/java/VaultConnectorBootstrapConfiguration.class */
public class VaultConnectorBootstrapConfiguration {
    private final VaultConnectorGenericBackendProperties connectorVaultProperties;
    private final VaultGenericBackendProperties genericBackendProperties;
    private final Environment environment;
    private final VaultServiceInfo vaultServiceInfo;

    /* loaded from: input_file:io/pivotal/spring/cloud/vault/config/java/VaultConnectorBootstrapConfiguration$OnSingleVaultServiceCondition.class */
    static class OnSingleVaultServiceCondition extends SpringBootCondition implements ConfigurationCondition {
        OnSingleVaultServiceCondition() {
        }

        public ConditionOutcome getMatchOutcome(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata) {
            try {
                for (ServiceInfo serviceInfo : new CloudFactory().getCloud().getServiceInfos()) {
                    if (serviceInfo instanceof VaultServiceInfo) {
                        return ConditionOutcome.match(String.format("Found Vault service %s", serviceInfo.getId()));
                    }
                }
                return ConditionOutcome.noMatch("No Vault service found");
            } catch (CloudException e) {
                return ConditionOutcome.noMatch("Not running in a Cloud");
            }
        }

        public ConfigurationCondition.ConfigurationPhase getConfigurationPhase() {
            return ConfigurationCondition.ConfigurationPhase.REGISTER_BEAN;
        }
    }

    public VaultConnectorBootstrapConfiguration(VaultConnectorGenericBackendProperties vaultConnectorGenericBackendProperties, VaultGenericBackendProperties vaultGenericBackendProperties, Environment environment) {
        this.connectorVaultProperties = vaultConnectorGenericBackendProperties;
        this.genericBackendProperties = vaultGenericBackendProperties;
        this.environment = environment;
        VaultServiceInfo vaultServiceInfo = null;
        try {
            List serviceInfos = new CloudFactory().getCloud().getServiceInfos(VaultOperations.class);
            if (serviceInfos.size() == 1) {
                vaultServiceInfo = (VaultServiceInfo) serviceInfos.get(0);
            }
        } catch (CloudException e) {
        }
        this.vaultServiceInfo = vaultServiceInfo;
    }

    @ConditionalOnMissingBean
    @Bean
    public ClientAuthentication clientAuthentication() {
        return new TokenAuthentication(new String(this.vaultServiceInfo.getToken()));
    }

    @Bean
    public VaultConnectorConfigurer cloudVaultConfigurer() {
        List asList = Arrays.asList(this.environment.getActiveProfiles());
        ArrayList arrayList = new ArrayList();
        List<String> backends = this.connectorVaultProperties.getBackends();
        if (backends.size() == 1 && backends.contains(VaultConnectorGenericBackendProperties.DEFAULT)) {
            backends = getDefaultOrder(this.vaultServiceInfo);
        }
        for (String str : backends) {
            String backend = getBackend(str, this.vaultServiceInfo);
            List buildContexts = GenericSecretBackendMetadata.buildContexts(this.genericBackendProperties, asList);
            if (StringUtils.isEmpty(backend)) {
                throw new IllegalArgumentException(String.format("Cannot resolve backend for %s", str));
            }
            Iterator it = buildContexts.iterator();
            while (it.hasNext()) {
                arrayList.add(GenericSecretBackendMetadata.create(backend, (String) it.next()));
            }
        }
        return new VaultConnectorConfigurer(arrayList);
    }

    private static List<String> getDefaultOrder(VaultServiceInfo vaultServiceInfo) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(getDefault(vaultServiceInfo.getBackends()));
        arrayList.addAll(getDefault(vaultServiceInfo.getSharedBackends()));
        return arrayList;
    }

    private static List<String> getDefault(Map<String, String> map) {
        ArrayList arrayList = new ArrayList();
        if (map.containsKey("generic")) {
            arrayList.add("generic");
        }
        if (map.containsKey("space")) {
            arrayList.add("space");
        }
        if (map.containsKey("organization")) {
            arrayList.add("organization");
        }
        return arrayList;
    }

    private static String getBackend(String str, VaultServiceInfo vaultServiceInfo) {
        return vaultServiceInfo.getBackends().containsKey(str) ? (String) vaultServiceInfo.getBackends().get(str) : (String) vaultServiceInfo.getSharedBackends().get(str);
    }
}
