package com.azure.resourcemanager.compute.implementation;

import com.azure.core.util.polling.implementation.PollingConstants;
import com.azure.resourcemanager.compute.implementation.EncryptionSettings;
import com.azure.resourcemanager.compute.models.DiskEncryptionSettings;
import com.azure.resourcemanager.compute.models.DiskVolumeEncryptionMonitor;
import com.azure.resourcemanager.compute.models.DiskVolumeType;
import com.azure.resourcemanager.compute.models.OperatingSystemTypes;
import com.azure.resourcemanager.compute.models.VirtualMachine;
import com.azure.resourcemanager.compute.models.VirtualMachineEncryptionConfiguration;
import com.azure.resourcemanager.compute.models.VirtualMachineExtension;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/azure-resourcemanager-compute-2.16.0.jar:com/azure/resourcemanager/compute/implementation/VirtualMachineEncryptionHelper.class */
public class VirtualMachineEncryptionHelper {
    private final OperatingSystemTypes osType;
    private final VirtualMachine virtualMachine;
    private static final String ERROR_ENCRYPTION_EXTENSION_NOT_FOUND = "Expected encryption extension not found in the VM";
    private static final String ERROR_NON_SUCCESS_PROVISIONING_STATE = "Extension needed for disk encryption was not provisioned correctly, found ProvisioningState as '%s'";
    private static final String ERROR_EXPECTED_KEY_VAULT_URL_NOT_FOUND = "Could not found URL pointing to the secret for disk encryption";
    private static final String ERROR_EXPECTED_ENCRYPTION_EXTENSION_STATUS_NOT_FOUND = "Encryption extension with successful status not found in the VM";
    private static final String ERROR_ENCRYPTION_EXTENSION_STATUS_IS_EMPTY = "Encryption extension status is empty";
    private static final String ERROR_ON_LINUX_ONLY_DATA_DISK_CAN_BE_DECRYPTED = "Only data disk is supported to disable encryption on Linux VM";
    private static final String ERROR_LEGACY_ENCRYPTION_EXTENSION_FOUND_AAD_PARAMS_REQUIRED = "VM has Legacy Encryption Extension installed, updating it requires aadClientId and aadSecret parameters";
    private static final String ERROR_NOAAD_ENCRYPTION_EXTENSION_FOUND_AAD_PARAMS_NOT_REQUIRED = "VM has NoAAD Encryption Extension installed, aadClientId and aadSecret parameters are not allowed for this extension.";
    private static final String ERROR_NO_DECRYPT_ENCRYPTION_EXTENSION_NOT_FOUND = "Expected encryption extension not found in the VM, no decryption to perform";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/azure-resourcemanager-compute-2.16.0.jar:com/azure/resourcemanager/compute/implementation/VirtualMachineEncryptionHelper$VMExtTuple.class */
    public static class VMExtTuple {
        private final VirtualMachine virtualMachine;
        private final VirtualMachineExtension encryptExtension;

        VMExtTuple(VirtualMachine virtualMachine, VirtualMachineExtension virtualMachineExtension) {
            this.virtualMachine = virtualMachine;
            this.encryptExtension = virtualMachineExtension;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public VirtualMachineEncryptionHelper(VirtualMachine virtualMachine) {
        this.virtualMachine = virtualMachine;
        this.osType = this.virtualMachine.osType();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public <T extends VirtualMachineEncryptionConfiguration<T>> Mono<DiskVolumeEncryptionMonitor> enableEncryptionAsync(VirtualMachineEncryptionConfiguration<T> virtualMachineEncryptionConfiguration) {
        EncryptionSettings.Enable<T> createEnable = EncryptionSettings.createEnable(virtualMachineEncryptionConfiguration);
        return validateBeforeEncryptAsync(createEnable).flatMap(virtualMachineExtension -> {
            return updateEncryptionExtensionAsync(createEnable, virtualMachineExtension);
        }).switchIfEmpty(installEncryptionExtensionAsync(createEnable)).flatMap(virtualMachine -> {
            return createEnable.requestedForNoAADEncryptExtension() ? noAADExtensionEncryptPostProcessingAsync(virtualMachine) : legacyExtensionEncryptPostProcessingAsync(createEnable);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Mono<DiskVolumeEncryptionMonitor> disableEncryptionAsync(DiskVolumeType diskVolumeType) {
        EncryptionSettings.Disable createDisable = EncryptionSettings.createDisable(diskVolumeType);
        return validateBeforeDecryptAsync(diskVolumeType).flatMap(virtualMachineExtension -> {
            return updateEncryptionExtensionAsync(createDisable, virtualMachineExtension).map(virtualMachine -> {
                return new VMExtTuple(virtualMachine, virtualMachineExtension);
            });
        }).flatMap(vMExtTuple -> {
            return EncryptionExtensionIdentifier.isNoAADVersion(this.osType, vMExtTuple.encryptExtension.versionName()) ? noAADExtensionDecryptPostProcessingAsync(vMExtTuple.virtualMachine) : legacyExtensionDecryptPostProcessingAsync(createDisable);
        });
    }

    private Mono<DiskVolumeEncryptionMonitor> noAADExtensionEncryptPostProcessingAsync(VirtualMachine virtualMachine) {
        return this.osType == OperatingSystemTypes.LINUX ? new LinuxDiskVolumeNoAADEncryptionMonitorImpl(virtualMachine.id(), virtualMachine.manager()).refreshAsync() : new WindowsVolumeNoAADEncryptionMonitorImpl(virtualMachine.id(), virtualMachine.manager()).refreshAsync();
    }

    private <T extends VirtualMachineEncryptionConfiguration<T>> Mono<DiskVolumeEncryptionMonitor> legacyExtensionEncryptPostProcessingAsync(EncryptionSettings.Enable<T> enable) {
        return retrieveEncryptionExtensionStatusStringAsync(ERROR_EXPECTED_KEY_VAULT_URL_NOT_FOUND).flatMap(str -> {
            return updateVMStorageProfileAsync(enable, str);
        }).flatMap(virtualMachine -> {
            return this.osType == OperatingSystemTypes.LINUX ? new LinuxDiskVolumeLegacyEncryptionMonitorImpl(virtualMachine.id(), virtualMachine.manager()).refreshAsync() : new WindowsVolumeLegacyEncryptionMonitorImpl(virtualMachine.id(), virtualMachine.manager()).refreshAsync();
        });
    }

    private Mono<DiskVolumeEncryptionMonitor> noAADExtensionDecryptPostProcessingAsync(VirtualMachine virtualMachine) {
        return this.osType == OperatingSystemTypes.LINUX ? new LinuxDiskVolumeNoAADEncryptionMonitorImpl(virtualMachine.id(), virtualMachine.manager()).refreshAsync() : new WindowsVolumeNoAADEncryptionMonitorImpl(virtualMachine.id(), virtualMachine.manager()).refreshAsync();
    }

    private Mono<DiskVolumeEncryptionMonitor> legacyExtensionDecryptPostProcessingAsync(EncryptionSettings.Disable disable) {
        return retrieveEncryptionExtensionStatusStringAsync(ERROR_ENCRYPTION_EXTENSION_STATUS_IS_EMPTY).flatMap(str -> {
            return updateVMStorageProfileAsync(disable);
        }).flatMap(virtualMachine -> {
            return this.osType == OperatingSystemTypes.LINUX ? new LinuxDiskVolumeLegacyEncryptionMonitorImpl(virtualMachine.id(), virtualMachine.manager()).refreshAsync() : new WindowsVolumeLegacyEncryptionMonitorImpl(virtualMachine.id(), virtualMachine.manager()).refreshAsync();
        });
    }

    private <T extends VirtualMachineEncryptionConfiguration<T>> Mono<VirtualMachineExtension> validateBeforeEncryptAsync(EncryptionSettings.Enable<T> enable) {
        return (this.virtualMachine.storageProfile().osDisk().encryptionSettings() == null || !enable.requestedForNoAADEncryptExtension()) ? getEncryptionExtensionInstalledInVMAsync().flatMap(virtualMachineExtension -> {
            return EncryptionExtensionIdentifier.isNoAADVersion(this.osType, virtualMachineExtension.versionName()) ? enable.requestedForNoAADEncryptExtension() ? Mono.just(virtualMachineExtension) : Mono.error(new RuntimeException(ERROR_NOAAD_ENCRYPTION_EXTENSION_FOUND_AAD_PARAMS_NOT_REQUIRED)) : enable.requestedForNoAADEncryptExtension() ? Mono.error(new RuntimeException(ERROR_LEGACY_ENCRYPTION_EXTENSION_FOUND_AAD_PARAMS_REQUIRED)) : Mono.just(virtualMachineExtension);
        }) : Mono.error(new RuntimeException(ERROR_LEGACY_ENCRYPTION_EXTENSION_FOUND_AAD_PARAMS_REQUIRED));
    }

    private Mono<VirtualMachineExtension> validateBeforeDecryptAsync(DiskVolumeType diskVolumeType) {
        return (this.osType != OperatingSystemTypes.LINUX || diskVolumeType == DiskVolumeType.DATA) ? getEncryptionExtensionInstalledInVMAsync().switchIfEmpty(toErrorMono(ERROR_NO_DECRYPT_ENCRYPTION_EXTENSION_NOT_FOUND)) : toErrorMono(ERROR_ON_LINUX_ONLY_DATA_DISK_CAN_BE_DECRYPTED);
    }

    private Mono<VirtualMachineExtension> getEncryptionExtensionInstalledInVMAsync() {
        return this.virtualMachine.listExtensionsAsync().flatMapMany((v0) -> {
            return Flux.fromIterable(v0);
        }).filter(virtualMachineExtension -> {
            return EncryptionExtensionIdentifier.isEncryptionPublisherName(virtualMachineExtension.publisherName()) && EncryptionExtensionIdentifier.isEncryptionTypeName(virtualMachineExtension.typeName(), this.osType);
        }).singleOrEmpty();
    }

    private Mono<VirtualMachine> updateEncryptionExtensionAsync(EncryptionSettings encryptionSettings, VirtualMachineExtension virtualMachineExtension) {
        return this.virtualMachine.update2().updateExtension(virtualMachineExtension.name()).withPublicSettings(encryptionSettings.extensionPublicSettings()).withProtectedSettings(encryptionSettings.extensionProtectedSettings()).parent2().applyAsync();
    }

    private <T extends VirtualMachineEncryptionConfiguration<T>> Mono<VirtualMachine> installEncryptionExtensionAsync(EncryptionSettings.Enable<T> enable) {
        return Mono.defer(() -> {
            String typeName = EncryptionExtensionIdentifier.typeName(this.osType);
            return this.virtualMachine.update2().defineNewExtension(typeName).withPublisher(EncryptionExtensionIdentifier.publisherName()).withType(typeName).withVersion(enable.encryptionExtensionVersion()).withPublicSettings(enable.extensionPublicSettings()).withProtectedSettings(enable.extensionProtectedSettings()).withMinorVersionAutoUpgrade().attach2().applyAsync();
        });
    }

    private Mono<String> retrieveEncryptionExtensionStatusStringAsync(String str) {
        return getEncryptionExtensionInstalledInVMAsync().switchIfEmpty(toErrorMono(ERROR_ENCRYPTION_EXTENSION_NOT_FOUND)).flatMap(virtualMachineExtension -> {
            return !virtualMachineExtension.provisioningState().equalsIgnoreCase(PollingConstants.STATUS_SUCCEEDED) ? this.toErrorMono(String.format(ERROR_NON_SUCCESS_PROVISIONING_STATE, virtualMachineExtension.provisioningState())) : virtualMachineExtension.getInstanceViewAsync();
        }).flatMap(virtualMachineExtensionInstanceView -> {
            String message = virtualMachineExtensionInstanceView.statuses().get(0).message();
            return message == null ? this.toErrorMono(str) : Mono.just(message);
        }).switchIfEmpty(toErrorMono(ERROR_EXPECTED_ENCRYPTION_EXTENSION_STATUS_NOT_FOUND));
    }

    private Mono<VirtualMachine> updateVMStorageProfileAsync(EncryptionSettings encryptionSettings, String str) {
        DiskEncryptionSettings storageProfileEncryptionSettings = encryptionSettings.storageProfileEncryptionSettings();
        storageProfileEncryptionSettings.diskEncryptionKey().withSecretUrl(str);
        return this.virtualMachine.update2().withOSDiskEncryptionSettings(storageProfileEncryptionSettings).applyAsync();
    }

    private Mono<VirtualMachine> updateVMStorageProfileAsync(EncryptionSettings encryptionSettings) {
        return this.virtualMachine.update2().withOSDiskEncryptionSettings(encryptionSettings.storageProfileEncryptionSettings()).applyAsync();
    }

    private <ResultT> Mono<ResultT> toErrorMono(String str) {
        return Mono.error(new Exception(str));
    }
}
