package keywhiz.service.resources.automation;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableList;
import io.dropwizard.auth.Auth;
import io.dropwizard.jersey.params.LongParam;
import java.util.Collection;
import java.util.List;
import java.util.Optional;
import javax.inject.Inject;
import javax.validation.Valid;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import keywhiz.api.AutomationSecretResponse;
import keywhiz.api.CreateSecretRequest;
import keywhiz.api.model.AutomationClient;
import keywhiz.api.model.SanitizedSecret;
import keywhiz.api.model.Secret;
import keywhiz.api.model.VersionGenerator;
import keywhiz.service.daos.AclDAO;
import keywhiz.service.daos.SecretController;
import keywhiz.service.daos.SecretSeriesDAO;
import keywhiz.service.exceptions.ConflictException;
import org.jooq.exception.DataAccessException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Produces({MediaType.APPLICATION_JSON})
@Path("/automation/secrets")
@Deprecated
/* loaded from: input_file:keywhiz/service/resources/automation/AutomationSecretResource.class */
public class AutomationSecretResource {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AutomationSecretResource.class);
    private final SecretController secretController;
    private final SecretSeriesDAO secretSeriesDAO;
    private final AclDAO aclDAO;

    @Inject
    public AutomationSecretResource(SecretController secretController, SecretSeriesDAO.SecretSeriesDAOFactory secretSeriesDAOFactory, AclDAO.AclDAOFactory aclDAOFactory) {
        this.secretController = secretController;
        this.secretSeriesDAO = secretSeriesDAOFactory.readwrite();
        this.aclDAO = aclDAOFactory.readwrite();
    }

    @VisibleForTesting
    AutomationSecretResource(SecretController secretController, SecretSeriesDAO secretSeriesDAO, AclDAO aclDAO) {
        this.secretController = secretController;
        this.secretSeriesDAO = secretSeriesDAO;
        this.aclDAO = aclDAO;
    }

    @POST
    @Consumes({MediaType.APPLICATION_JSON})
    public AutomationSecretResponse createSecret(@Auth AutomationClient automationClient, @Valid CreateSecretRequest createSecretRequest) {
        SecretController.SecretBuilder withDescription = this.secretController.builder(createSecretRequest.name, createSecretRequest.content, automationClient.getName()).withDescription(Strings.nullToEmpty(createSecretRequest.description));
        if (createSecretRequest.withVersion) {
            withDescription.withVersion(VersionGenerator.now().toHex());
        }
        if (createSecretRequest.metadata != null) {
            withDescription.withMetadata(createSecretRequest.metadata);
        }
        try {
            Secret build = withDescription.build();
            return AutomationSecretResponse.fromSecret(build, ImmutableList.copyOf((Collection) this.aclDAO.getGroupsFor(build)));
        } catch (DataAccessException e) {
            logger.warn("Cannot create secret {}: {}", createSecretRequest.name, e);
            throw new ConflictException(String.format("Cannot create secret %s.", createSecretRequest.name));
        }
    }

    @GET
    public ImmutableList<AutomationSecretResponse> readSecrets(@Auth AutomationClient automationClient, @QueryParam("name") String str) {
        ImmutableList.Builder builder = ImmutableList.builder();
        if (str != null) {
            Optional<Secret> secretByNameAndVersion = this.secretController.getSecretByNameAndVersion(str, "");
            if (!secretByNameAndVersion.isPresent()) {
                throw new NotFoundException("Secret not found.");
            }
            Secret secret = secretByNameAndVersion.get();
            builder.add((ImmutableList.Builder) AutomationSecretResponse.fromSecret(secret, ImmutableList.copyOf((Collection) this.aclDAO.getGroupsFor(secret))));
        } else {
            for (SanitizedSecret sanitizedSecret : this.secretController.getSanitizedSecrets()) {
                Secret orElseThrow = this.secretController.getSecretByIdAndVersion(sanitizedSecret.id(), sanitizedSecret.version()).orElseThrow(() -> {
                    return new IllegalStateException(String.format("Cannot find record related to %s", sanitizedSecret));
                });
                builder.add((ImmutableList.Builder) AutomationSecretResponse.fromSecret(orElseThrow, ImmutableList.copyOf((Collection) this.aclDAO.getGroupsFor(orElseThrow))));
            }
        }
        return builder.build();
    }

    @GET
    @Path("{secretId}")
    public AutomationSecretResponse readSecretById(@Auth AutomationClient automationClient, @PathParam("secretId") LongParam longParam) {
        List<Secret> secretsById = this.secretController.getSecretsById(longParam.get().longValue());
        if (secretsById.isEmpty()) {
            throw new NotFoundException("Secret not found.");
        }
        Secret secret = secretsById.get(0);
        return AutomationSecretResponse.fromSecret(secret, ImmutableList.copyOf((Collection) this.aclDAO.getGroupsFor(secret)));
    }

    @Path("{secretName}")
    @DELETE
    public Response deleteSecretSeries(@Auth AutomationClient automationClient, @PathParam("secretName") String str) {
        this.secretSeriesDAO.getSecretSeriesByName(str).orElseThrow(() -> {
            return new NotFoundException("Secret series not found.");
        });
        this.secretSeriesDAO.deleteSecretSeriesByName(str);
        return Response.ok().build();
    }
}
