package com.bettercloud.vault.api;

import com.bettercloud.vault.VaultConfig;
import com.bettercloud.vault.VaultException;
import com.bettercloud.vault.json.Json;
import com.bettercloud.vault.json.JsonArray;
import com.bettercloud.vault.json.JsonObject;
import com.bettercloud.vault.json.JsonValue;
import com.bettercloud.vault.response.AuthResponse;
import com.bettercloud.vault.rest.Rest;
import com.bettercloud.vault.rest.RestResponse;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;

/* loaded from: input_file:WEB-INF/lib/vault-java-driver-1.1.0.jar:com/bettercloud/vault/api/Auth.class */
public class Auth {
    private final VaultConfig config;

    public Auth(VaultConfig vaultConfig) {
        this.config = vaultConfig;
    }

    public AuthResponse createToken(UUID uuid, List<String> list, Map<String, String> map, Boolean bool, Boolean bool2, String str, String str2, Long l) throws VaultException {
        int i = 0;
        while (true) {
            try {
                JsonObject object = Json.object();
                if (uuid != null) {
                    object.add("id", uuid.toString());
                }
                if (list != null && !list.isEmpty()) {
                    StringBuilder sb = new StringBuilder();
                    for (int i2 = 0; i2 < list.size(); i2++) {
                        sb.append(list.get(i2));
                        if (i2 + 1 < list.size()) {
                            sb.append(',');
                        }
                    }
                    object.add("polices", sb.toString());
                }
                if (map != null && !map.isEmpty()) {
                    JsonObject object2 = Json.object();
                    for (Map.Entry<String, String> entry : map.entrySet()) {
                        object2.add(entry.getKey(), entry.getValue());
                    }
                    object.add("meta", object2);
                }
                if (bool != null) {
                    object.add("no_parent", bool.booleanValue());
                }
                if (bool2 != null) {
                    object.add("no_default_policy", bool2.booleanValue());
                }
                if (str != null) {
                    object.add("ttl", str);
                }
                if (str2 != null) {
                    object.add("display_name", str2);
                }
                if (l != null) {
                    object.add("num_uses", l.longValue());
                }
                RestResponse post = new Rest().url(this.config.getAddress() + "/v1/auth/token/create").header("X-Vault-Token", this.config.getToken()).body(object.toString().getBytes("UTF-8")).connectTimeoutSeconds(this.config.getOpenTimeout()).readTimeoutSeconds(this.config.getReadTimeout()).sslPemUTF8(this.config.getSslPemUTF8()).sslVerification(this.config.isSslVerify() != null ? this.config.isSslVerify() : null).post();
                if (post.getStatus() != 200) {
                    throw new VaultException("Vault responded with HTTP status code: " + post.getStatus());
                }
                String mimeType = post.getMimeType() == null ? "null" : post.getMimeType();
                if (mimeType.equals("application/json")) {
                    return buildAuthResponse(post, i);
                }
                throw new VaultException("Vault responded with MIME type: " + mimeType);
            } catch (Exception e) {
                if (i >= this.config.getMaxRetries()) {
                    throw new VaultException(e);
                }
                i++;
                try {
                    Thread.sleep(this.config.getRetryIntervalMilliseconds());
                } catch (InterruptedException e2) {
                    e2.printStackTrace();
                }
            }
        }
    }

    public AuthResponse loginByAppID(String str, String str2, String str3) throws VaultException {
        int i = 0;
        while (true) {
            try {
                RestResponse post = new Rest().url(this.config.getAddress() + "/v1/auth/" + str).body(Json.object().add("app_id", str2).add("user_id", str3).toString().getBytes("UTF-8")).connectTimeoutSeconds(this.config.getOpenTimeout()).readTimeoutSeconds(this.config.getReadTimeout()).sslPemUTF8(this.config.getSslPemUTF8()).sslVerification(this.config.isSslVerify() != null ? this.config.isSslVerify() : null).post();
                if (post.getStatus() != 200) {
                    throw new VaultException("Vault responded with HTTP status code: " + post.getStatus());
                }
                String mimeType = post.getMimeType() == null ? "null" : post.getMimeType();
                if (mimeType.equals("application/json")) {
                    return buildAuthResponse(post, i);
                }
                throw new VaultException("Vault responded with MIME type: " + mimeType);
            } catch (Exception e) {
                if (i >= this.config.getMaxRetries()) {
                    throw new VaultException(e);
                }
                i++;
                try {
                    Thread.sleep(this.config.getRetryIntervalMilliseconds());
                } catch (InterruptedException e2) {
                    e2.printStackTrace();
                }
            }
        }
    }

    public AuthResponse loginByUsernamePassword(String str, String str2) throws VaultException {
        int i = 0;
        while (true) {
            try {
                RestResponse post = new Rest().url(this.config.getAddress() + "/v1/auth/" + str).body(Json.object().add("password", str2).toString().getBytes("UTF-8")).connectTimeoutSeconds(this.config.getOpenTimeout()).readTimeoutSeconds(this.config.getReadTimeout()).sslPemUTF8(this.config.getSslPemUTF8()).sslVerification(this.config.isSslVerify() != null ? this.config.isSslVerify() : null).post();
                if (post.getStatus() != 200) {
                    throw new VaultException("Vault responded with HTTP status code: " + post.getStatus());
                }
                String mimeType = post.getMimeType() == null ? "null" : post.getMimeType();
                if (mimeType.equals("application/json")) {
                    return buildAuthResponse(post, i);
                }
                throw new VaultException("Vault responded with MIME type: " + mimeType);
            } catch (Exception e) {
                if (i >= this.config.getMaxRetries()) {
                    throw new VaultException(e);
                }
                i++;
                try {
                    Thread.sleep(this.config.getRetryIntervalMilliseconds());
                } catch (InterruptedException e2) {
                    e2.printStackTrace();
                }
            }
        }
    }

    public AuthResponse renewSelf() throws VaultException {
        return renewSelf(-1L);
    }

    public AuthResponse renewSelf(long j) throws VaultException {
        int i = 0;
        while (true) {
            try {
                RestResponse post = new Rest().url(this.config.getAddress() + "/v1/auth/token/renew-self").header("X-Vault-Token", this.config.getToken()).body(j < 0 ? null : Json.object().add("increment", j).toString().getBytes("UTF-8")).connectTimeoutSeconds(this.config.getOpenTimeout()).readTimeoutSeconds(this.config.getReadTimeout()).sslPemUTF8(this.config.getSslPemUTF8()).sslVerification(this.config.isSslVerify() != null ? this.config.isSslVerify() : null).post();
                if (post.getStatus() != 200) {
                    throw new VaultException("Vault responded with HTTP status code: " + post.getStatus());
                }
                String mimeType = post.getMimeType() == null ? "null" : post.getMimeType();
                if (mimeType.equals("application/json")) {
                    return buildAuthResponse(post, i);
                }
                throw new VaultException("Vault responded with MIME type: " + mimeType);
            } catch (Exception e) {
                if (i >= this.config.getMaxRetries()) {
                    throw new VaultException(e);
                }
                i++;
                try {
                    Thread.sleep(this.config.getRetryIntervalMilliseconds());
                } catch (InterruptedException e2) {
                    e2.printStackTrace();
                }
            }
        }
    }

    @Deprecated
    private AuthResponse buildAuthResponse(RestResponse restResponse, int i) throws UnsupportedEncodingException {
        AuthResponse authResponse = new AuthResponse(restResponse, i);
        JsonObject asObject = Json.parse(new String(restResponse.getBody(), "UTF-8")).asObject().get("auth").asObject();
        authResponse.setAuthLeaseDuration(asObject.getInt("lease_duration", 0));
        authResponse.setAuthRenewable(asObject.getBoolean("renewable", false));
        if (asObject.get("metadata") != null && !asObject.get("metadata").toString().equalsIgnoreCase("null")) {
            JsonObject asObject2 = asObject.get("metadata").asObject();
            authResponse.setAppId(asObject2.getString("app-id", ""));
            authResponse.setUserId(asObject2.getString("user-id", ""));
            authResponse.setUsername(asObject2.getString("username", ""));
        }
        authResponse.setAuthClientToken(asObject.getString("client_token", ""));
        JsonArray asArray = asObject.get("policies").asArray();
        ArrayList arrayList = new ArrayList();
        Iterator<JsonValue> it = asArray.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().asString());
        }
        authResponse.setAuthPolicies(arrayList);
        return authResponse;
    }
}
