package digital.toke;

import digital.toke.accessor.Toke;
import digital.toke.exception.ConfigureException;
import digital.toke.exception.LoginFailedException;
import digital.toke.exception.ReadException;
import digital.toke.exception.WriteException;
import java.io.IOException;
import java.util.List;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.json.JSONObject;

/* loaded from: input_file:digital/toke/Auth.class */
public class Auth {
    private static final Logger logger = LogManager.getLogger(Auth.class);
    TokeDriverConfig config;
    Networking client;

    public Auth(TokeDriverConfig tokeDriverConfig, Networking networking) {
        this.config = tokeDriverConfig;
        this.client = networking;
        logger.info("Auth instance " + hashCode() + " configured");
    }

    public void logoff(Token token) {
    }

    public void logoffSelf() {
    }

    public boolean pingHost() {
        return this.client.pingHost(this.config.host, this.config.port, 200);
    }

    public boolean hostIsReachable() {
        return this.client.checkIsReachable(this.config.host);
    }

    public Token renewSelf(Token token) throws WriteException, ReadException {
        String authTokenRenewSelf = this.config.authTokenRenewSelf();
        logger.debug("Using: " + authTokenRenewSelf);
        JSONObject put = new JSONObject().put("increment", "1h");
        logger.debug(put.toString(4));
        try {
            Toke post = this.client.post(authTokenRenewSelf, put.toString());
            if (post.successful) {
                return lookupSelf(new Token(new JSONObject(post.response), post.successful));
            }
            throw new WriteException("Failed to renew token with accessor " + token.accessor());
        } catch (IOException e) {
            throw new WriteException(e);
        }
    }

    public Token renewPeriodic(Token token) throws WriteException, ReadException {
        String authTokenRenew = this.config.authTokenRenew();
        logger.debug("Using: " + authTokenRenew);
        JSONObject put = new JSONObject().put("token", token.clientToken());
        logger.debug(put.toString(4));
        try {
            Toke post = this.client.post(authTokenRenew, put.toString());
            if (post.successful) {
                return lookupSelf(new Token(new JSONObject(post.response), post.successful));
            }
            throw new WriteException("Failed to renew token with accessor " + token.accessor());
        } catch (IOException e) {
            throw new WriteException(e);
        }
    }

    public Toke checkSealStatus() throws ReadException {
        try {
            return this.client.get(this.config.baseURL().append("/sys/seal-status").toString(), false);
        } catch (IOException e) {
            throw new ReadException(e);
        }
    }

    public Toke unseal(List<String> list, boolean z, boolean z2) throws ConfigureException {
        Toke toke = null;
        int i = 1;
        for (String str : list) {
            logger.debug("sending unseal key " + i);
            toke = unseal(str, z, z2);
            i++;
        }
        return toke;
    }

    public Toke unseal(String str, boolean z, boolean z2) throws ConfigureException {
        String stringBuffer = this.config.baseURL().append("/sys/unseal").toString();
        logger.debug("Using: " + stringBuffer);
        try {
            Toke put = this.client.put(stringBuffer, new JSONObject().put("key", str).put("reset", z).put("migrate", z2).toString(), false);
            if (put.code != 200) {
                throw new ConfigureException(put.toString());
            }
            return put;
        } catch (IOException e) {
            throw new ConfigureException(e);
        }
    }

    Token loginLDAP() throws LoginFailedException {
        String authLdapLogin = this.config.authLdapLogin();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("password", this.config.password);
        return httpLogin(authLdapLogin, jSONObject);
    }

    Token loginAppRole() throws LoginFailedException {
        String authAppRoleLogin = this.config.authAppRoleLogin();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("role_id", this.config.roleId);
        jSONObject.put("secret_id", this.config.secretId);
        return httpLogin(authAppRoleLogin, jSONObject);
    }

    Token loginUserPass() throws LoginFailedException {
        logger.debug("in loginUserPass");
        String authUserPassLogin = this.config.authUserPassLogin();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("password", this.config.password);
        return httpLogin(authUserPassLogin, jSONObject);
    }

    Token loginToken() throws LoginFailedException {
        String authTokenLogin = this.config.authTokenLogin();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("renewable", this.config.renewable);
        try {
            Toke loginToken = this.client.loginToken(authTokenLogin, jSONObject.toString(), this.config.findToken());
            return new Token(new JSONObject(loginToken.response), loginToken.successful);
        } catch (IOException e) {
            throw new LoginFailedException(e);
        }
    }

    Token loginToken(CreateTokenParameters createTokenParameters) throws LoginFailedException {
        String authTokenLogin = this.config.authTokenLogin();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("renewable", this.config.renewable);
        try {
            Toke loginToken = this.client.loginToken(authTokenLogin, jSONObject.toString(), this.config.findToken());
            return new Token(new JSONObject(loginToken.response), loginToken.successful);
        } catch (IOException e) {
            throw new LoginFailedException(e);
        }
    }

    private Token httpLogin(String str, JSONObject jSONObject) throws LoginFailedException {
        logger.debug("in httpLogin");
        try {
            Toke login = this.client.login(str, jSONObject.toString());
            logger.debug("got result: " + login);
            return new Token(new JSONObject(login.response), login.successful);
        } catch (IOException e) {
            throw new LoginFailedException(e);
        }
    }

    public Token login() throws LoginFailedException {
        Token token = null;
        switch (this.config.authType) {
            case LDAP:
                token = loginLDAP();
                break;
            case APPROLE:
                token = loginAppRole();
                break;
            case USERPASS:
                token = loginUserPass();
                break;
            case TOKEN:
                token = loginToken();
                break;
        }
        return token;
    }

    public Token lookupSelf(Token token) throws ReadException {
        String authTokenLookupSelf = this.config.authTokenLookupSelf();
        logger.debug("using url = " + authTokenLookupSelf);
        try {
            Toke toke = this.client.get(authTokenLookupSelf);
            if (!toke.successful) {
                throw new ReadException("Failed to perform lookup: " + toke.toString());
            }
            if (toke.response == null || toke.response.contains("errors")) {
                throw new ReadException("Errors on token lookup: " + toke.response);
            }
            return new Token(token.getJson(), token.fromSuccessfulLoginRequest, new JSONObject(toke.response));
        } catch (IOException e) {
            throw new ReadException(e);
        }
    }

    public Token lookup(Token token) throws ReadException {
        String authTokenLookup = this.config.authTokenLookup();
        logger.debug("using url = " + authTokenLookup);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("token", token.clientToken());
        try {
            Toke post = this.client.post(authTokenLookup, jSONObject.toString());
            if (!post.successful) {
                throw new ReadException("Failed to perform lookup: " + post.toString());
            }
            if (post.response == null || post.response.contains("errors")) {
                throw new ReadException("Errors on token lookup: " + post.response);
            }
            return new Token(token.getJson(), token.fromSuccessfulLoginRequest, new JSONObject(post.response));
        } catch (IOException e) {
            throw new ReadException(e);
        }
    }
}
