package org.springframework.boot.autoconfigure.ssl;

import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.net.URL;
import java.nio.file.Path;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import java.util.function.Function;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.springframework.boot.autoconfigure.ssl.JksSslBundleProperties;
import org.springframework.boot.autoconfigure.ssl.PemSslBundleProperties;
import org.springframework.boot.autoconfigure.ssl.SslProperties;
import org.springframework.boot.ssl.SslBundle;
import org.springframework.boot.ssl.SslBundleRegistry;
import org.springframework.util.Assert;
import org.springframework.util.ResourceUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/springframework/boot/autoconfigure/ssl/SslPropertiesBundleRegistrar.class */
class SslPropertiesBundleRegistrar implements SslBundleRegistrar {
    private static final Pattern PEM_CONTENT = Pattern.compile("-+BEGIN\\s+[^-]*-+", 2);
    private final SslProperties.Bundles properties;
    private final FileWatcher fileWatcher;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/springframework/boot/autoconfigure/ssl/SslPropertiesBundleRegistrar$Location.class */
    public static final class Location extends Record {
        private final String field;
        private final String value;

        private Location(String str, String str2) {
            this.field = str;
            this.value = str2;
        }

        boolean hasValue() {
            return StringUtils.hasText(this.value);
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, Location.class), Location.class, "field;value", "FIELD:Lorg/springframework/boot/autoconfigure/ssl/SslPropertiesBundleRegistrar$Location;->field:Ljava/lang/String;", "FIELD:Lorg/springframework/boot/autoconfigure/ssl/SslPropertiesBundleRegistrar$Location;->value:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, Location.class), Location.class, "field;value", "FIELD:Lorg/springframework/boot/autoconfigure/ssl/SslPropertiesBundleRegistrar$Location;->field:Ljava/lang/String;", "FIELD:Lorg/springframework/boot/autoconfigure/ssl/SslPropertiesBundleRegistrar$Location;->value:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, Location.class, Object.class), Location.class, "field;value", "FIELD:Lorg/springframework/boot/autoconfigure/ssl/SslPropertiesBundleRegistrar$Location;->field:Ljava/lang/String;", "FIELD:Lorg/springframework/boot/autoconfigure/ssl/SslPropertiesBundleRegistrar$Location;->value:Ljava/lang/String;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }

        public String field() {
            return this.field;
        }

        public String value() {
            return this.value;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SslPropertiesBundleRegistrar(SslProperties sslProperties, FileWatcher fileWatcher) {
        this.properties = sslProperties.getBundle();
        this.fileWatcher = fileWatcher;
    }

    @Override // org.springframework.boot.autoconfigure.ssl.SslBundleRegistrar
    public void registerBundles(SslBundleRegistry sslBundleRegistry) {
        registerBundles(sslBundleRegistry, this.properties.getPem(), PropertiesSslBundle::get, this::getLocations);
        registerBundles(sslBundleRegistry, this.properties.getJks(), PropertiesSslBundle::get, this::getLocations);
    }

    private <P extends SslBundleProperties> void registerBundles(SslBundleRegistry sslBundleRegistry, Map<String, P> map, Function<P, SslBundle> function, Function<P, Set<Location>> function2) {
        map.forEach((str, sslBundleProperties) -> {
            sslBundleRegistry.registerBundle(str, (SslBundle) function.apply(sslBundleProperties));
            if (sslBundleProperties.isReloadOnUpdate()) {
                this.fileWatcher.watch((Set) ((Set) function2.apply(sslBundleProperties)).stream().filter((v0) -> {
                    return v0.hasValue();
                }).map(location -> {
                    return toPath(str, location);
                }).collect(Collectors.toSet()), () -> {
                    sslBundleRegistry.updateBundle(str, (SslBundle) function.apply(sslBundleProperties));
                });
            }
        });
    }

    private Set<Location> getLocations(JksSslBundleProperties jksSslBundleProperties) {
        JksSslBundleProperties.Store keystore = jksSslBundleProperties.getKeystore();
        JksSslBundleProperties.Store truststore = jksSslBundleProperties.getTruststore();
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedHashSet.add(new Location("keystore.location", keystore.getLocation()));
        linkedHashSet.add(new Location("truststore.location", truststore.getLocation()));
        return linkedHashSet;
    }

    private Set<Location> getLocations(PemSslBundleProperties pemSslBundleProperties) {
        PemSslBundleProperties.Store keystore = pemSslBundleProperties.getKeystore();
        PemSslBundleProperties.Store truststore = pemSslBundleProperties.getTruststore();
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedHashSet.add(new Location("keystore.private-key", keystore.getPrivateKey()));
        linkedHashSet.add(new Location("keystore.certificate", keystore.getCertificate()));
        linkedHashSet.add(new Location("truststore.private-key", truststore.getPrivateKey()));
        linkedHashSet.add(new Location("truststore.certificate", truststore.getCertificate()));
        return linkedHashSet;
    }

    private Path toPath(String str, Location location) {
        String value = location.value();
        String field = location.field();
        Assert.state(!PEM_CONTENT.matcher(value).find(), () -> {
            return "SSL bundle '%s' '%s' is not a URL and can't be watched".formatted(str, field);
        });
        try {
            URL url = ResourceUtils.getURL(value);
            Assert.state("file".equalsIgnoreCase(url.getProtocol()), () -> {
                return "SSL bundle '%s' '%s' URL '%s' doesn't point to a file".formatted(str, field, url);
            });
            return Path.of(url.toURI()).toAbsolutePath();
        } catch (Exception e) {
            throw new RuntimeException("SSL bundle '%s' '%s' location '%s' cannot be watched".formatted(str, field, value), e);
        }
    }
}
