package org.springframework.cloud.vault.config;

import java.util.Date;
import java.util.HashSet;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicReference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.DisposableBean;
import org.springframework.scheduling.TaskScheduler;
import org.springframework.scheduling.Trigger;
import org.springframework.scheduling.TriggerContext;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.vault.client.VaultException;
import org.springframework.vault.client.VaultResponseEntity;
import org.springframework.vault.core.VaultOperations;

/* loaded from: input_file:org/springframework/cloud/vault/config/LeasingVaultPropertySource.class */
class LeasingVaultPropertySource extends VaultPropertySource implements DisposableBean {
    private static final Logger log = LoggerFactory.getLogger(LeasingVaultPropertySource.class);
    private final LeaseRenewalScheduler leaseRenewal;
    private int minRenewalSeconds;
    private int expiryThresholdSeconds;
    private volatile Lease lease;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/springframework/cloud/vault/config/LeasingVaultPropertySource$LeaseRenewalScheduler.class */
    public static class LeaseRenewalScheduler {
        private final TaskScheduler taskScheduler;
        private final Logger logger = LoggerFactory.getLogger(getClass());
        private final AtomicReference<Lease> currentLease = new AtomicReference<>();
        private final Map<Lease, ScheduledFuture<?>> schedules = new ConcurrentHashMap();

        LeaseRenewalScheduler(TaskScheduler taskScheduler) {
            this.taskScheduler = taskScheduler;
        }

        void scheduleRenewal(final RenewLease renewLease, final Lease lease, int i, int i2) {
            this.logger.debug("Scheduling renewal for lease {}, lease duration {}", lease.getLeaseId(), Long.valueOf(lease.getLeaseDuration()));
            Lease lease2 = this.currentLease.get();
            this.currentLease.set(lease);
            if (lease2 != null) {
                cancelSchedule(lease2);
            }
            this.schedules.put(lease, this.taskScheduler.schedule(new Runnable() { // from class: org.springframework.cloud.vault.config.LeasingVaultPropertySource.LeaseRenewalScheduler.1
                @Override // java.lang.Runnable
                public void run() {
                    try {
                        LeaseRenewalScheduler.this.schedules.remove(lease);
                        if (LeaseRenewalScheduler.this.currentLease.get() != lease) {
                            LeaseRenewalScheduler.this.logger.debug("Current lease has changed. Skipping renewal");
                        } else {
                            LeaseRenewalScheduler.this.logger.debug("Renewing lease {}", lease.getLeaseId());
                            LeaseRenewalScheduler.this.currentLease.compareAndSet(lease, renewLease.renewLease(lease));
                        }
                    } catch (Exception e) {
                        LeaseRenewalScheduler.this.logger.error("Cannot renew lease {}", lease.getLeaseId(), e);
                    }
                }
            }, new OneShotTrigger(getRenewalSeconds(lease, i, i2))));
        }

        private void cancelSchedule(Lease lease) {
            ScheduledFuture<?> scheduledFuture = this.schedules.get(lease);
            if (scheduledFuture != null) {
                this.logger.debug("Canceling previously registered schedule for lease {}", lease.getLeaseId());
                scheduledFuture.cancel(false);
            }
        }

        public void disableScheduleRenewal() {
            this.currentLease.set(null);
            for (Lease lease : new HashSet(this.schedules.keySet())) {
                cancelSchedule(lease);
                this.schedules.remove(lease);
            }
        }

        private long getRenewalSeconds(Lease lease, int i, int i2) {
            return Math.max(i, lease.getLeaseDuration() - i2);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public boolean isLeaseRenewable(Lease lease) {
            return lease != null && lease.isRenewable();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/springframework/cloud/vault/config/LeasingVaultPropertySource$OneShotTrigger.class */
    public static class OneShotTrigger implements Trigger {
        private final AtomicBoolean fired = new AtomicBoolean();
        private final long seconds;

        OneShotTrigger(long j) {
            this.seconds = j;
        }

        public Date nextExecutionTime(TriggerContext triggerContext) {
            if (this.fired.compareAndSet(false, true)) {
                return new Date(System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(this.seconds));
            }
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/springframework/cloud/vault/config/LeasingVaultPropertySource$RenewLease.class */
    public interface RenewLease {
        Lease renewLease(Lease lease) throws VaultException;
    }

    public LeasingVaultPropertySource(VaultConfigOperations vaultConfigOperations, boolean z, SecretBackendMetadata secretBackendMetadata, TaskScheduler taskScheduler) {
        super(vaultConfigOperations, z, secretBackendMetadata);
        this.minRenewalSeconds = 10;
        this.expiryThresholdSeconds = 60;
        Assert.notNull(taskScheduler, "TaskScheduler must not be null");
        this.leaseRenewal = new LeaseRenewalScheduler(taskScheduler);
    }

    public void setExpiryThresholdSeconds(int i) {
        this.expiryThresholdSeconds = i;
    }

    public void setMinRenewalSeconds(int i) {
        this.minRenewalSeconds = i;
    }

    @Override // org.springframework.cloud.vault.config.VaultPropertySource
    public void init() {
        super.init();
        this.lease = getLease(getSecrets());
        potentiallyScheduleLeaseRenewal(this.lease);
    }

    public void destroy() {
        if (this.lease != null) {
            try {
                this.leaseRenewal.disableScheduleRenewal();
                doRevokeLease(this.lease);
            } finally {
                this.lease = null;
            }
        }
    }

    private Lease getLease(Secrets secrets) {
        if (secrets == null || !StringUtils.hasText(secrets.getLeaseId())) {
            return null;
        }
        return Lease.of(secrets.getLeaseId(), secrets.getLeaseDuration(), secrets.isRenewable());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void potentiallyScheduleLeaseRenewal(Lease lease) {
        if (this.leaseRenewal.isLeaseRenewable(lease)) {
            if (log.isDebugEnabled()) {
                log.debug(String.format("Lease %s qualified for renewal", lease.getLeaseId()));
            }
            this.leaseRenewal.scheduleRenewal(new RenewLease() { // from class: org.springframework.cloud.vault.config.LeasingVaultPropertySource.1
                @Override // org.springframework.cloud.vault.config.LeasingVaultPropertySource.RenewLease
                public Lease renewLease(Lease lease2) {
                    Lease doRenewLease = LeasingVaultPropertySource.this.doRenewLease(lease2);
                    LeasingVaultPropertySource.this.lease = doRenewLease;
                    LeasingVaultPropertySource.this.potentiallyScheduleLeaseRenewal(doRenewLease);
                    return doRenewLease;
                }
            }, lease, this.minRenewalSeconds, this.expiryThresholdSeconds);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Lease doRenewLease(final Lease lease) {
        VaultResponseEntity vaultResponseEntity = (VaultResponseEntity) ((VaultConfigOperations) getSource()).getVaultOperations().doWithVault(new VaultOperations.SessionCallback<VaultResponseEntity<Map<String, Object>>>() { // from class: org.springframework.cloud.vault.config.LeasingVaultPropertySource.2
            /* renamed from: doWithVault, reason: merged with bridge method [inline-methods] */
            public VaultResponseEntity<Map<String, Object>> m1doWithVault(VaultOperations.VaultSession vaultSession) {
                return vaultSession.putForEntity(String.format("sys/renew/%s", lease.getLeaseId()), (Object) null, Map.class);
            }
        });
        if (!vaultResponseEntity.isSuccessful() || !vaultResponseEntity.hasBody()) {
            throw new VaultException(String.format("Cannot renew lease: %s", buildExceptionMessage(vaultResponseEntity)));
        }
        Map map = (Map) vaultResponseEntity.getBody();
        String str = (String) map.get("lease_id");
        Number number = (Number) map.get("lease_duration");
        boolean booleanValue = ((Boolean) map.get("renewable")).booleanValue();
        if (StringUtils.hasText(str)) {
            return Lease.of(str, number != null ? number.longValue() : 0L, booleanValue);
        }
        return null;
    }

    private void doRevokeLease(final Lease lease) {
        VaultResponseEntity vaultResponseEntity = (VaultResponseEntity) ((VaultConfigOperations) getSource()).getVaultOperations().doWithVault(new VaultOperations.SessionCallback<VaultResponseEntity<Map<String, Object>>>() { // from class: org.springframework.cloud.vault.config.LeasingVaultPropertySource.3
            /* renamed from: doWithVault, reason: merged with bridge method [inline-methods] */
            public VaultResponseEntity<Map<String, Object>> m2doWithVault(VaultOperations.VaultSession vaultSession) {
                return vaultSession.putForEntity(String.format("sys/revoke/%s", lease.getLeaseId()), (Object) null, Map.class);
            }
        });
        if (!vaultResponseEntity.isSuccessful()) {
            throw new VaultException(String.format("Cannot revoke lease: %s", buildExceptionMessage(vaultResponseEntity)));
        }
    }

    private static String buildExceptionMessage(VaultResponseEntity<?> vaultResponseEntity) {
        return StringUtils.hasText(vaultResponseEntity.getMessage()) ? String.format("Status %s URI %s: %s", vaultResponseEntity.getStatusCode(), vaultResponseEntity.getUri(), vaultResponseEntity.getMessage()) : String.format("Status %s URI %s", vaultResponseEntity.getStatusCode(), vaultResponseEntity.getUri());
    }
}
