package oracle.jdbc.provider.oci.vault;

import com.oracle.bmc.Region;
import com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider;
import com.oracle.bmc.secrets.SecretsClient;
import com.oracle.bmc.secrets.model.SecretBundle;
import com.oracle.bmc.secrets.requests.GetSecretBundleRequest;
import java.time.ZoneOffset;
import java.util.Date;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import oracle.jdbc.provider.cache.CachedResourceFactory;
import oracle.jdbc.provider.factory.Resource;
import oracle.jdbc.provider.factory.ResourceFactory;
import oracle.jdbc.provider.oci.OciResourceFactory;
import oracle.jdbc.provider.oci.Ocid;
import oracle.jdbc.provider.parameter.Parameter;
import oracle.jdbc.provider.parameter.ParameterSet;

/* loaded from: input_file:oracle/jdbc/provider/oci/vault/SecretFactory.class */
public final class SecretFactory extends OciResourceFactory<Secret> {
    public static final Parameter<String> OCID = Parameter.create(new Parameter.Attribute[0]);
    private static final ResourceFactory<Secret> INSTANCE = CachedResourceFactory.create(new SecretFactory());

    private SecretFactory() {
    }

    public static ResourceFactory<Secret> getInstance() {
        return INSTANCE;
    }

    @Override // oracle.jdbc.provider.oci.OciResourceFactory
    protected Resource<Secret> request(AbstractAuthenticationDetailsProvider abstractAuthenticationDetailsProvider, ParameterSet parameterSet) {
        Ocid ocid = new Ocid((String) parameterSet.getRequired(OCID));
        if (ocid.getRegion() == null) {
            throw new IllegalStateException("Region is missing in Secret OCID: " + ocid.getContent());
        }
        SecretBundle requestSecret = requestSecret(abstractAuthenticationDetailsProvider, ocid);
        Secret fromSecretBundle = Secret.fromSecretBundle(requestSecret);
        Date timeOfExpiry = requestSecret.getTimeOfExpiry();
        return timeOfExpiry == null ? Resource.createPermanentResource(fromSecretBundle, true) : Resource.createExpiringResource(fromSecretBundle, timeOfExpiry.toInstant().atOffset(ZoneOffset.UTC), true);
    }

    private SecretBundle requestSecret(AbstractAuthenticationDetailsProvider abstractAuthenticationDetailsProvider, Ocid ocid) {
        SecretsClient build = SecretsClient.builder().region(ocid.getRegion()).build(abstractAuthenticationDetailsProvider);
        try {
            SecretBundle secretBundle = build.getSecretBundle(GetSecretBundleRequest.builder().secretId(ocid.getContent()).stage(GetSecretBundleRequest.Stage.Current).build()).getSecretBundle();
            if (build != null) {
                build.close();
            }
            return secretBundle;
        } catch (Throwable th) {
            if (build != null) {
                try {
                    build.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private Region parseRegion(String str) {
        Matcher matcher = Pattern.compile("ocid1\\.[^.]+\\.[^.]+\\.([^.]+)\\..+").matcher(str);
        if (matcher.matches()) {
            return Region.fromRegionCode(matcher.group(1));
        }
        throw new IllegalStateException("Fail to parse region from the Secret OCID: " + str);
    }
}
