package org.apache.camel.component.aws.secretsmanager;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.Base64;
import java.util.HashSet;
import java.util.Set;
import org.apache.camel.CamelContext;
import org.apache.camel.CamelContextAware;
import org.apache.camel.RuntimeCamelException;
import org.apache.camel.spi.annotations.PropertiesFunction;
import org.apache.camel.support.service.ServiceSupport;
import org.apache.camel.util.ObjectHelper;
import org.apache.camel.util.StringHelper;
import org.apache.camel.vault.AwsVaultConfiguration;
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClientBuilder;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueResponse;
import software.amazon.awssdk.services.secretsmanager.model.SecretsManagerException;

@PropertiesFunction("aws")
/* loaded from: input_file:org/apache/camel/component/aws/secretsmanager/SecretsManagerPropertiesFunction.class */
public class SecretsManagerPropertiesFunction extends ServiceSupport implements org.apache.camel.spi.PropertiesFunction, CamelContextAware {
    private static final String CAMEL_AWS_VAULT_ACCESS_KEY_ENV = "CAMEL_VAULT_AWS_ACCESS_KEY";
    private static final String CAMEL_AWS_VAULT_SECRET_KEY_ENV = "CAMEL_VAULT_AWS_SECRET_KEY";
    private static final String CAMEL_AWS_VAULT_REGION_ENV = "CAMEL_VAULT_AWS_REGION";
    private static final String CAMEL_AWS_VAULT_USE_DEFAULT_CREDENTIALS_PROVIDER_ENV = "CAMEL_VAULT_AWS_USE_DEFAULT_CREDENTIALS_PROVIDER";
    private CamelContext camelContext;
    private SecretsManagerClient client;
    private final Set<String> secrets = new HashSet();
    private String region;
    private boolean defaultCredentialsProvider;

    protected void doStart() throws Exception {
        super.doStart();
        String str = System.getenv(CAMEL_AWS_VAULT_ACCESS_KEY_ENV);
        String str2 = System.getenv(CAMEL_AWS_VAULT_SECRET_KEY_ENV);
        String str3 = System.getenv(CAMEL_AWS_VAULT_REGION_ENV);
        boolean parseBoolean = Boolean.parseBoolean(System.getenv(CAMEL_AWS_VAULT_USE_DEFAULT_CREDENTIALS_PROVIDER_ENV));
        if (ObjectHelper.isEmpty(str) && ObjectHelper.isEmpty(str2) && ObjectHelper.isEmpty(str3)) {
            AwsVaultConfiguration aws = getCamelContext().getVaultConfiguration().aws();
            if (ObjectHelper.isNotEmpty(aws)) {
                str = aws.getAccessKey();
                str2 = aws.getSecretKey();
                str3 = aws.getRegion();
                parseBoolean = aws.isDefaultCredentialsProvider();
            }
        }
        this.region = str3;
        if (ObjectHelper.isNotEmpty(str) && ObjectHelper.isNotEmpty(str2) && ObjectHelper.isNotEmpty(str3)) {
            SecretsManagerClientBuilder credentialsProvider = SecretsManagerClient.builder().credentialsProvider(StaticCredentialsProvider.create(AwsBasicCredentials.create(str, str2)));
            credentialsProvider.region(Region.of(str3));
            this.client = (SecretsManagerClient) credentialsProvider.build();
        } else {
            if (!parseBoolean || !ObjectHelper.isNotEmpty(str3)) {
                throw new RuntimeCamelException("Using the AWS Secrets Manager Properties Function requires setting AWS credentials as application properties or environment variables");
            }
            this.defaultCredentialsProvider = true;
            SecretsManagerClientBuilder builder = SecretsManagerClient.builder();
            builder.region(Region.of(str3));
            this.client = (SecretsManagerClient) builder.build();
        }
    }

    protected void doStop() throws Exception {
        if (this.client != null) {
            try {
                this.client.close();
            } catch (Exception e) {
            }
            this.client = null;
        }
        this.secrets.clear();
        super.doStop();
    }

    public String getName() {
        return "aws";
    }

    public String apply(String str) {
        String str2 = str;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = null;
        if (str.contains("/")) {
            str2 = StringHelper.before(str, "/");
            str3 = StringHelper.after(str, "/");
            str5 = StringHelper.after(str3, ":");
            if (ObjectHelper.isNotEmpty(str5) && str5.contains("@")) {
                str6 = StringHelper.after(str5, "@");
                str5 = StringHelper.before(str5, "@");
            }
            if (str3.contains(":")) {
                str3 = StringHelper.before(str3, ":");
            }
            if (str3.contains("@")) {
                str6 = StringHelper.after(str3, "@");
                str3 = StringHelper.before(str3, "@");
            }
        } else if (str.contains(":")) {
            str2 = StringHelper.before(str, ":");
            str5 = StringHelper.after(str, ":");
            if (str.contains("@")) {
                str6 = StringHelper.after(str, "@");
                str5 = StringHelper.before(str5, "@");
            }
        } else if (str.contains("@")) {
            str2 = StringHelper.before(str, "@");
            str6 = StringHelper.after(str, "@");
        }
        if (str2 != null) {
            try {
                str4 = getSecretFromSource(str2, str3, str5, str6);
            } catch (JsonProcessingException e) {
                throw new RuntimeCamelException("Something went wrong while recovering " + str2 + " from vault");
            }
        }
        return str4;
    }

    private String getSecretFromSource(String str, String str2, String str3, String str4) throws JsonProcessingException {
        String str5;
        this.secrets.add(str);
        GetSecretValueRequest.Builder builder = GetSecretValueRequest.builder();
        builder.secretId(str);
        if (ObjectHelper.isNotEmpty(str4)) {
            builder.versionId(str4);
        }
        try {
            GetSecretValueResponse secretValue = this.client.getSecretValue((GetSecretValueRequest) builder.build());
            str5 = ObjectHelper.isNotEmpty(secretValue.secretString()) ? secretValue.secretString() : new String(Base64.getDecoder().decode(secretValue.secretBinary().asByteBuffer()).array());
            if (ObjectHelper.isNotEmpty(str2)) {
                JsonNode jsonNode = new ObjectMapper().readTree(str5).get(str2);
                str5 = ObjectHelper.isNotEmpty(jsonNode) ? jsonNode.textValue() : null;
            }
            if (ObjectHelper.isEmpty(str5)) {
                str5 = str3;
            }
        } catch (SecretsManagerException e) {
            if (!ObjectHelper.isNotEmpty(str3)) {
                throw e;
            }
            str5 = str3;
        }
        return str5;
    }

    public void setCamelContext(CamelContext camelContext) {
        this.camelContext = camelContext;
    }

    public CamelContext getCamelContext() {
        return this.camelContext;
    }

    public Set<String> getSecrets() {
        return this.secrets;
    }

    public String getRegion() {
        return this.region;
    }

    public boolean isDefaultCredentialsProvider() {
        return this.defaultCredentialsProvider;
    }
}
