package com.microsoft.kusto.spark.utils;

import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
import com.microsoft.kusto.spark.authentication.AadApplicationAuthentication;
import com.microsoft.kusto.spark.authentication.KeyVaultAppAuthentication;
import com.microsoft.kusto.spark.authentication.KeyVaultAuthentication;
import com.microsoft.kusto.spark.authentication.KeyVaultCertificateAuthentication;
import com.microsoft.kusto.spark.datasource.TransientStorageCredentials;
import java.io.IOException;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Some;
import scala.util.Try;
import scala.util.Try$;

/* compiled from: KeyVaultUtils.scala */
/* loaded from: input_file:com/microsoft/kusto/spark/utils/KeyVaultUtils$.class */
public final class KeyVaultUtils$ {
    public static KeyVaultUtils$ MODULE$;
    private final String AppId;
    private final String AppKey;
    private final String AppAuthority;
    private final String SasUrl;
    private final String StorageAccountName;
    private final String StorageAccountKey;
    private final String Container;
    private SecretClient cachedClient;

    static {
        new KeyVaultUtils$();
    }

    public String AppId() {
        return this.AppId;
    }

    public String AppKey() {
        return this.AppKey;
    }

    public String AppAuthority() {
        return this.AppAuthority;
    }

    public String SasUrl() {
        return this.SasUrl;
    }

    public String StorageAccountName() {
        return this.StorageAccountName;
    }

    public String StorageAccountKey() {
        return this.StorageAccountKey;
    }

    public String Container() {
        return this.Container;
    }

    public SecretClient cachedClient() {
        return this.cachedClient;
    }

    public void cachedClient_$eq(SecretClient secretClient) {
        this.cachedClient = secretClient;
    }

    private SecretClient getClient(String str, String str2, String str3, String str4) {
        if (cachedClient() == null) {
            cachedClient_$eq(new KeyVaultADALAuthenticator(str, str2, str3, str4).getAuthenticatedClient());
        }
        return cachedClient();
    }

    public TransientStorageCredentials getStorageParamsFromKeyVault(KeyVaultAuthentication keyVaultAuthentication) throws IOException {
        if (keyVaultAuthentication instanceof KeyVaultAppAuthentication) {
            KeyVaultAppAuthentication keyVaultAppAuthentication = (KeyVaultAppAuthentication) keyVaultAuthentication;
            return getStorageParamsFromKeyVaultImpl(getClient(keyVaultAppAuthentication.uri(), keyVaultAppAuthentication.keyVaultAppID(), keyVaultAppAuthentication.keyVaultAppKey(), keyVaultAppAuthentication.authority()), keyVaultAppAuthentication.uri());
        }
        if (keyVaultAuthentication instanceof KeyVaultCertificateAuthentication) {
            throw new UnsupportedOperationException("certificates are not yet supported");
        }
        throw new MatchError(keyVaultAuthentication);
    }

    public AadApplicationAuthentication getAadAppParametersFromKeyVault(KeyVaultAuthentication keyVaultAuthentication) throws IOException {
        if (keyVaultAuthentication instanceof KeyVaultAppAuthentication) {
            KeyVaultAppAuthentication keyVaultAppAuthentication = (KeyVaultAppAuthentication) keyVaultAuthentication;
            return getAadAppParamsFromKeyVaultImpl(getClient(keyVaultAppAuthentication.uri(), keyVaultAppAuthentication.keyVaultAppID(), keyVaultAppAuthentication.keyVaultAppKey(), keyVaultAppAuthentication.authority()), keyVaultAppAuthentication.uri());
        }
        if (keyVaultAuthentication instanceof KeyVaultCertificateAuthentication) {
            throw new UnsupportedOperationException("certificates are not yet supported");
        }
        throw new MatchError(keyVaultAuthentication);
    }

    private AadApplicationAuthentication getAadAppParamsFromKeyVaultImpl(SecretClient secretClient, String str) {
        KeyVaultSecret secret = secretClient.getSecret(AppId());
        KeyVaultSecret secret2 = secretClient.getSecret(AppKey());
        Option option = None$.MODULE$;
        try {
            option = new Some(secretClient.getSecret(AppAuthority()).getValue());
        } catch (Exception e) {
            Predef$.MODULE$.println(e);
        }
        if (option.isEmpty()) {
            option = new Some("microsoft.com");
        }
        return new AadApplicationAuthentication(secret == null ? null : secret.getValue(), secret2 == null ? null : secret2.getValue(), (String) option.get());
    }

    private TransientStorageCredentials getStorageParamsFromKeyVaultImpl(SecretClient secretClient, String str) {
        Try apply = Try$.MODULE$.apply(() -> {
            return secretClient.getSecret(MODULE$.SasUrl());
        });
        Try apply2 = Try$.MODULE$.apply(() -> {
            return secretClient.getSecret(MODULE$.StorageAccountName());
        });
        Try apply3 = Try$.MODULE$.apply(() -> {
            return secretClient.getSecret(MODULE$.StorageAccountKey());
        });
        Try apply4 = Try$.MODULE$.apply(() -> {
            return secretClient.getSecret(MODULE$.Container());
        });
        if (apply.isFailure()) {
            return new TransientStorageCredentials(apply2.isFailure() ? ((KeyVaultSecret) apply2.get()).getValue() : "", apply3.isFailure() ? ((KeyVaultSecret) apply3.get()).getValue() : "", apply4.isFailure() ? ((KeyVaultSecret) apply4.get()).getValue() : "");
        }
        return new TransientStorageCredentials(((KeyVaultSecret) apply.get()).getValue());
    }

    private KeyVaultUtils$() {
        MODULE$ = this;
        this.AppId = "kustoAppId";
        this.AppKey = "kustoAppKey";
        this.AppAuthority = "kustoAppAuthority";
        this.SasUrl = "blobStorageSasUrl";
        this.StorageAccountName = "blobStorageAccountName";
        this.StorageAccountKey = "blobStorageAccountKey";
        this.Container = "blobContainer";
    }
}
