package org.finos.legend.engine.authentication.flows.middletier;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.lang.invoke.SerializedLambda;
import org.eclipse.collections.api.factory.Lists;
import org.eclipse.collections.api.factory.SortedMaps;
import org.eclipse.collections.api.map.ImmutableMap;
import org.eclipse.collections.api.map.sorted.MutableSortedMap;
import org.finos.legend.engine.authentication.DatabaseAuthenticationFlow;
import org.finos.legend.engine.plan.execution.authorization.PlanExecutionAuthorizerInput;
import org.finos.legend.engine.protocol.pure.v1.model.packageableElement.store.relational.connection.authentication.MiddleTierUserNamePasswordAuthenticationStrategy;
import org.finos.legend.engine.protocol.pure.v1.model.packageableElement.store.relational.connection.specification.StaticDatasourceSpecification;
import org.finos.legend.engine.shared.core.identity.Credential;
import org.finos.legend.engine.shared.core.identity.Identity;
import org.finos.legend.engine.shared.core.identity.credential.middletier.MiddleTierUserPasswordCredential;
import org.finos.legend.engine.shared.core.operational.logs.LogInfo;
import org.finos.legend.engine.shared.core.operational.logs.LoggingEventType;
import org.finos.legend.engine.shared.core.vault.Vault;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/finos/legend/engine/authentication/flows/middletier/AbstractMiddleTierUserNamePasswordAuthenticationFlow.class */
public abstract class AbstractMiddleTierUserNamePasswordAuthenticationFlow implements DatabaseAuthenticationFlow<StaticDatasourceSpecification, MiddleTierUserNamePasswordAuthenticationStrategy> {
    private static final Logger LOGGER = LoggerFactory.getLogger(AbstractMiddleTierUserNamePasswordAuthenticationFlow.class);

    @Override // org.finos.legend.engine.authentication.DatabaseAuthenticationFlow
    public Class<StaticDatasourceSpecification> getDatasourceClass() {
        return StaticDatasourceSpecification.class;
    }

    @Override // org.finos.legend.engine.authentication.DatabaseAuthenticationFlow
    public Class<MiddleTierUserNamePasswordAuthenticationStrategy> getAuthenticationStrategyClass() {
        return MiddleTierUserNamePasswordAuthenticationStrategy.class;
    }

    @Override // org.finos.legend.engine.authentication.DatabaseAuthenticationFlow
    public Credential makeCredential(Identity identity, StaticDatasourceSpecification staticDatasourceSpecification, MiddleTierUserNamePasswordAuthenticationStrategy middleTierUserNamePasswordAuthenticationStrategy) throws Exception {
        return makeCredential(identity, staticDatasourceSpecification, middleTierUserNamePasswordAuthenticationStrategy, DatabaseAuthenticationFlow.RuntimeContext.empty());
    }

    @Override // org.finos.legend.engine.authentication.DatabaseAuthenticationFlow
    public Credential makeCredential(Identity identity, StaticDatasourceSpecification staticDatasourceSpecification, MiddleTierUserNamePasswordAuthenticationStrategy middleTierUserNamePasswordAuthenticationStrategy, DatabaseAuthenticationFlow.RuntimeContext runtimeContext) throws Exception {
        LOGGER.info(new LogInfo(identity.getName(), LoggingEventType.MIDDLETIER_CREDENTIAL_ACQUISITION, String.format("Acquiring middle tier credential. Context params ={}", runtimeContext.getContextParams())).toString());
        parseUsageContext(runtimeContext);
        parseResourceContext(runtimeContext);
        verifyMAC(null);
        return getCredentialFromVault(middleTierUserNamePasswordAuthenticationStrategy.vaultReference);
    }

    private void verifyMAC(String str) throws Exception {
    }

    private PlanExecutionAuthorizerInput.ExecutionMode parseUsageContext(DatabaseAuthenticationFlow.RuntimeContext runtimeContext) {
        try {
            ImmutableMap<String, String> contextParams = runtimeContext.getContextParams();
            if (contextParams.containsKey(PlanExecutionAuthorizerInput.USAGE_CONTEXT_PARAM)) {
                return PlanExecutionAuthorizerInput.ExecutionMode.valueOf((String) contextParams.get(PlanExecutionAuthorizerInput.USAGE_CONTEXT_PARAM));
            }
            throw new RuntimeException(String.format("Credential acquisition context does not contain a parameter named '%s'. Supplied context values=%s", PlanExecutionAuthorizerInput.USAGE_CONTEXT_PARAM, contextParams));
        } catch (IllegalArgumentException e) {
            throw new RuntimeException(String.format("Invalid value for parameter '%s' . Supplied value=%s, Valid values=%s", PlanExecutionAuthorizerInput.USAGE_CONTEXT_PARAM, null, Lists.immutable.of(PlanExecutionAuthorizerInput.ExecutionMode.values()).collect(executionMode -> {
                return executionMode.name();
            }).makeString(",")));
        }
    }

    private String parseResourceContext(DatabaseAuthenticationFlow.RuntimeContext runtimeContext) {
        return parseContext(runtimeContext, PlanExecutionAuthorizerInput.RESOURCE_CONTEXT_PARAM);
    }

    private String parseMACContext(DatabaseAuthenticationFlow.RuntimeContext runtimeContext) {
        return parseContext(runtimeContext, PlanExecutionAuthorizerInput.MAC_CONTEXT_PARAM);
    }

    private String parseContext(DatabaseAuthenticationFlow.RuntimeContext runtimeContext, String str) {
        ImmutableMap<String, String> contextParams = runtimeContext.getContextParams();
        if (contextParams.containsKey(str)) {
            return (String) contextParams.get(str);
        }
        MutableSortedMap with = SortedMaps.mutable.with((v0, v1) -> {
            return v0.compareTo(v1);
        });
        with.putAll(contextParams.castToMap());
        throw new RuntimeException(String.format("Credential acquisition context does not contain a parameter named '%s'. Supplied context values=%s", str, with));
    }

    protected MiddleTierUserPasswordCredential getCredentialFromVault(String str) throws Exception {
        String value = Vault.INSTANCE.getValue(str);
        if (value == null) {
            throw new Exception(String.format("Failed to locate credential using vault reference '%s'", str));
        }
        return (MiddleTierUserPasswordCredential) new ObjectMapper().readValue(value, MiddleTierUserPasswordCredential.class);
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -169276282:
                if (implMethodName.equals("lambda$parseUsageContext$9c459a06$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/eclipse/collections/api/block/function/Function") && serializedLambda.getFunctionalInterfaceMethodName().equals("valueOf") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("org/finos/legend/engine/authentication/flows/middletier/AbstractMiddleTierUserNamePasswordAuthenticationFlow") && serializedLambda.getImplMethodSignature().equals("(Lorg/finos/legend/engine/plan/execution/authorization/PlanExecutionAuthorizerInput$ExecutionMode;)Ljava/lang/String;")) {
                    return executionMode -> {
                        return executionMode.name();
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
