package keywhiz;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.base.Preconditions;
import com.google.inject.AbstractModule;
import com.google.inject.Provides;
import com.google.inject.Singleton;
import io.dropwizard.Configuration;
import io.dropwizard.auth.basic.BasicCredentials;
import io.dropwizard.db.ManagedDataSource;
import io.dropwizard.java8.auth.Authenticator;
import io.dropwizard.setup.Environment;
import java.sql.SQLException;
import java.time.Clock;
import keywhiz.JooqHealthCheck;
import keywhiz.auth.BouncyCastle;
import keywhiz.auth.User;
import keywhiz.auth.cookie.CookieConfig;
import keywhiz.auth.cookie.CookieModule;
import keywhiz.auth.cookie.SessionCookie;
import keywhiz.auth.xsrf.Xsrf;
import keywhiz.generators.SecretGeneratorBindingModule;
import keywhiz.generators.TemplatedSecretGenerator;
import keywhiz.service.config.Readonly;
import keywhiz.service.crypto.ContentCryptographer;
import keywhiz.service.crypto.CryptoModule;
import keywhiz.service.crypto.SecretTransformer;
import keywhiz.service.daos.SecretController;
import keywhiz.service.daos.SecretDAO;
import keywhiz.utility.DSLContexts;
import org.jooq.DSLContext;

/* loaded from: input_file:keywhiz/ServiceModule.class */
public class ServiceModule extends AbstractModule {
    private final Environment environment;
    private final KeywhizConfig config;

    public ServiceModule(KeywhizConfig keywhizConfig, Environment environment) {
        this.config = (KeywhizConfig) Preconditions.checkNotNull(keywhizConfig);
        this.environment = (Environment) Preconditions.checkNotNull(environment);
    }

    @Override // com.google.inject.AbstractModule
    protected void configure() {
        BouncyCastle.require();
        bind(Clock.class).toInstance(Clock.systemUTC());
        install(new CookieModule(this.config.getCookieKey()));
        install(new CryptoModule(this.config.getDerivationProviderClass(), this.config.getContentKeyStore()));
        bind(CookieConfig.class).annotatedWith(SessionCookie.class).toInstance(this.config.getSessionCookieConfig());
        bind(CookieConfig.class).annotatedWith(Xsrf.class).toInstance(this.config.getXsrfCookieConfig());
        bind(Environment.class).toInstance(this.environment);
        bind(Configuration.class).toInstance(this.config);
        bind(KeywhizConfig.class).toInstance(this.config);
        install(new SecretGeneratorBindingModule() { // from class: keywhiz.ServiceModule.1
            @Override // keywhiz.generators.SecretGeneratorBindingModule, com.google.inject.AbstractModule
            protected void configure() {
                bindSecretGenerator("templated", TemplatedSecretGenerator.class);
            }
        });
    }

    @Singleton
    @Provides
    ManagedDataSource dataSource(Environment environment, KeywhizConfig keywhizConfig) {
        ManagedDataSource build = keywhizConfig.getDataSourceFactory().build(environment.metrics(), "db-writable");
        environment.lifecycle().manage(build);
        environment.healthChecks().register("db-read-write-health", new JooqHealthCheck(build, JooqHealthCheck.OnFailure.LOG_ONLY));
        return build;
    }

    @Singleton
    @Provides
    @Readonly
    ManagedDataSource readonlyDataSource(Environment environment, KeywhizConfig keywhizConfig) {
        ManagedDataSource build = keywhizConfig.getReadonlyDataSourceFactory().build(environment.metrics(), "db-readonly");
        environment.lifecycle().manage(build);
        environment.healthChecks().register("db-readonly-health", new JooqHealthCheck(build, JooqHealthCheck.OnFailure.RETURN_UNHEALTHY));
        return build;
    }

    @Provides
    ObjectMapper configuredObjectMapper(Environment environment) {
        return environment.getObjectMapper();
    }

    @Singleton
    @Provides
    DSLContext jooqContext(ManagedDataSource managedDataSource) throws SQLException {
        return DSLContexts.databaseAgnostic(managedDataSource);
    }

    @Singleton
    @Provides
    @Readonly
    DSLContext readonlyJooqContext(@Readonly ManagedDataSource managedDataSource) throws SQLException {
        return DSLContexts.databaseAgnostic(managedDataSource);
    }

    @Singleton
    @Provides
    SecretController secretController(SecretTransformer secretTransformer, ContentCryptographer contentCryptographer, SecretDAO.SecretDAOFactory secretDAOFactory) {
        return new SecretController(secretTransformer, contentCryptographer, secretDAOFactory.readwrite());
    }

    @Singleton
    @Provides
    @Readonly
    SecretController readonlySecretController(SecretTransformer secretTransformer, ContentCryptographer contentCryptographer, SecretDAO.SecretDAOFactory secretDAOFactory) {
        return new SecretController(secretTransformer, contentCryptographer, secretDAOFactory.readonly());
    }

    @Singleton
    @Provides
    @Readonly
    Authenticator<BasicCredentials, User> authenticator(KeywhizConfig keywhizConfig, @Readonly DSLContext dSLContext) {
        return keywhizConfig.getUserAuthenticatorFactory().build(dSLContext);
    }
}
