package com.microsoft.azure.spring.cloud.keyvault.config.auth;

import com.microsoft.aad.adal4j.AsymmetricKeyCredential;
import com.microsoft.aad.adal4j.ClientCredential;
import java.io.IOException;
import java.nio.charset.Charset;
import org.springframework.core.io.Resource;
import org.springframework.util.StreamUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/microsoft/azure/spring/cloud/keyvault/config/auth/DefaultAuthenticationExecutorFactory.class */
public class DefaultAuthenticationExecutorFactory implements AuthenticationExecutorFactory {
    private static final String CREDENTIAL_NOT_COMPLETE = "Credentials configuration is not complete. Either clientCertificate or clientSecret should be configured for Azure Key Vault authentication.";
    private static final String READ_CERT_FAILED = "Failed to read client certificate for Azure Key Vault authentication.";

    @Override // com.microsoft.azure.spring.cloud.keyvault.config.auth.AuthenticationExecutorFactory
    public AuthenticationExecutor create(Credentials credentials) {
        String clientId = credentials.getClientId();
        Resource clientCertificate = credentials.getClientCertificate();
        if (clientCertificate != null) {
            return create(clientId, clientCertificate);
        }
        String clientSecret = credentials.getClientSecret();
        if (StringUtils.isEmpty(clientSecret)) {
            throw new IllegalArgumentException(CREDENTIAL_NOT_COMPLETE);
        }
        return create(clientId, clientSecret);
    }

    private static AuthenticationExecutor create(String str, Resource resource) {
        try {
            return new CertificateAuthenticationExecutor(createAsymmetricKeyCredential(str, resource));
        } catch (IOException e) {
            throw new IllegalStateException(READ_CERT_FAILED, e);
        }
    }

    private static AuthenticationExecutor create(String str, String str2) {
        return new SecretAuthenticationExecutor(new ClientCredential(str, str2));
    }

    private static AsymmetricKeyCredential createAsymmetricKeyCredential(String str, Resource resource) throws IOException {
        String copyToString = StreamUtils.copyToString(resource.getInputStream(), Charset.defaultCharset());
        return AsymmetricKeyCredential.create(str, CertificateUtils.readPrivateKeyFromPem(copyToString), CertificateUtils.readX509CertificateFromPem(copyToString));
    }
}
