package co.cask.cdap.client;

import co.cask.cdap.api.security.store.SecureStoreMetadata;
import co.cask.cdap.client.config.ClientConfig;
import co.cask.cdap.client.util.RESTClient;
import co.cask.cdap.common.AlreadyExistsException;
import co.cask.cdap.common.NamespaceNotFoundException;
import co.cask.cdap.common.SecureKeyAlreadyExistsException;
import co.cask.cdap.common.SecureKeyNotFoundException;
import co.cask.cdap.common.UnauthenticatedException;
import co.cask.cdap.proto.id.NamespaceId;
import co.cask.cdap.proto.id.SecureKeyId;
import co.cask.cdap.proto.security.SecureKeyCreateRequest;
import co.cask.cdap.security.spi.authorization.UnauthorizedException;
import co.cask.common.http.HttpMethod;
import co.cask.common.http.HttpResponse;
import co.cask.common.http.ObjectResponse;
import com.google.common.reflect.TypeToken;
import com.google.gson.Gson;
import com.google.inject.Inject;
import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:lib/cdap-client-4.0.0.jar:co/cask/cdap/client/SecureStoreClient.class */
public class SecureStoreClient {
    private static final Gson GSON = new Gson();
    private static final String SECURE_KEYS = "securekeys";
    private final RESTClient restClient;
    private final ClientConfig config;

    @Inject
    public SecureStoreClient(ClientConfig clientConfig, RESTClient rESTClient) {
        this.config = clientConfig;
        this.restClient = rESTClient;
    }

    public SecureStoreClient(ClientConfig clientConfig) {
        this(clientConfig, new RESTClient(clientConfig));
    }

    public void createKey(SecureKeyId secureKeyId, SecureKeyCreateRequest secureKeyCreateRequest) throws IOException, UnauthenticatedException, AlreadyExistsException, NamespaceNotFoundException, UnauthorizedException {
        HttpResponse execute = this.restClient.execute(HttpMethod.PUT, this.config.resolveNamespacedURLV3(secureKeyId.getParent(), getSecureKeyPath(secureKeyId)), GSON.toJson(secureKeyCreateRequest), null, this.config.getAccessToken(), HttpServletResponse.SC_NOT_FOUND, HttpServletResponse.SC_CONFLICT);
        if (execute.getResponseCode() == 409) {
            throw new SecureKeyAlreadyExistsException(secureKeyId);
        }
        if (execute.getResponseCode() == 404) {
            throw new NamespaceNotFoundException(secureKeyId.getParent());
        }
    }

    public String getData(SecureKeyId secureKeyId) throws IOException, UnauthenticatedException, SecureKeyNotFoundException, UnauthorizedException {
        HttpResponse execute = this.restClient.execute(HttpMethod.GET, this.config.resolveNamespacedURLV3(secureKeyId.getParent(), getSecureKeyPath(secureKeyId)), this.config.getAccessToken(), HttpServletResponse.SC_NOT_FOUND);
        if (execute.getResponseCode() == 404) {
            throw new SecureKeyNotFoundException(secureKeyId);
        }
        return execute.getResponseBodyAsString();
    }

    public SecureStoreMetadata getKeyMetadata(SecureKeyId secureKeyId) throws IOException, UnauthenticatedException, SecureKeyNotFoundException, UnauthorizedException {
        HttpResponse execute = this.restClient.execute(HttpMethod.GET, this.config.resolveNamespacedURLV3(secureKeyId.getParent(), String.format("%s/metadata", getSecureKeyPath(secureKeyId))), this.config.getAccessToken(), HttpServletResponse.SC_NOT_FOUND);
        if (execute.getResponseCode() == 404) {
            throw new SecureKeyNotFoundException(secureKeyId);
        }
        return (SecureStoreMetadata) GSON.fromJson(execute.getResponseBodyAsString(), SecureStoreMetadata.class);
    }

    public void deleteKey(SecureKeyId secureKeyId) throws IOException, UnauthenticatedException, SecureKeyNotFoundException, UnauthorizedException {
        if (this.restClient.execute(HttpMethod.DELETE, this.config.resolveNamespacedURLV3(secureKeyId.getParent(), getSecureKeyPath(secureKeyId)), this.config.getAccessToken(), HttpServletResponse.SC_NOT_FOUND).getResponseCode() == 404) {
            throw new SecureKeyNotFoundException(secureKeyId);
        }
    }

    public Map<String, String> listKeys(NamespaceId namespaceId) throws IOException, UnauthenticatedException, NamespaceNotFoundException, UnauthorizedException {
        HttpResponse execute = this.restClient.execute(HttpMethod.GET, this.config.resolveNamespacedURLV3(namespaceId, SECURE_KEYS), this.config.getAccessToken(), HttpServletResponse.SC_NOT_FOUND);
        if (execute.getResponseCode() == 404) {
            throw new NamespaceNotFoundException(namespaceId);
        }
        return (Map) ObjectResponse.fromJsonBody(execute, new TypeToken<Map<String, String>>() { // from class: co.cask.cdap.client.SecureStoreClient.1
        }).getResponseObject();
    }

    private static String getSecureKeyPath(SecureKeyId secureKeyId) {
        return String.format("%s/%s", SECURE_KEYS, secureKeyId.getName());
    }
}
