package com.atlassian.jira.crowd.embedded;

import com.atlassian.crowd.manager.property.EncryptionSettings;
import com.atlassian.dc.filestore.api.compat.FilesystemPath;
import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.config.util.FileStores;
import com.atlassian.jira.exception.DataAccessException;
import java.io.File;
import java.util.Locale;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/jira/crowd/embedded/JiraEncryptionSettings.class */
public class JiraEncryptionSettings implements EncryptionSettings {
    private static final Logger LOG = LoggerFactory.getLogger(JiraEncryptionSettings.class);
    private static final String KEYS_DIRECTORY_NOT_ACCESSIBLE_ERROR = "Encryption keys directory cannot be accessed in your home directory. Check the filesystem permissions.";
    private static final String KEYS_DIRECTORY_CANNOT_CREATE_ERROR = "Encryption keys directory cannot be created in your home directory. Check the filesystem permissions.";
    public static final String CROWD_ENCRYPTION_ENCRYPTOR_DEFAULT = "crowd.encryption.encryptor.default";
    public static final String CROWD_ENCRYPTION_ENCRYPTOR_KEY_PATH = "crowd.encryption.encryptor.%s.keyPath";
    public static final String CROWD_ENCRYPTION_DISABLED_KEY = "DISABLED";
    private final FileStores fileStores;
    private final ApplicationProperties applicationProperties;

    public JiraEncryptionSettings(FileStores fileStores, ApplicationProperties applicationProperties) {
        this.fileStores = fileStores;
        this.applicationProperties = applicationProperties;
    }

    private Optional<String> optional(String str) {
        return (str == null || str.trim().isEmpty()) ? Optional.empty() : Optional.of(str);
    }

    public Optional<String> getDefaultEncryptor() {
        String string = this.applicationProperties.getString("crowd.encryption.encryptor.default");
        if (string != null && string.toUpperCase(Locale.ENGLISH).equals(CROWD_ENCRYPTION_DISABLED_KEY)) {
            string = null;
        }
        return optional(string);
    }

    public void setDefaultEncryptor(String str) {
        if (str == null) {
            str = CROWD_ENCRYPTION_DISABLED_KEY;
        }
        this.applicationProperties.setString("crowd.encryption.encryptor.default", str);
    }

    private String keyPathPropertyNameFor(String str) {
        return String.format(CROWD_ENCRYPTION_ENCRYPTOR_KEY_PATH, str);
    }

    public void setEncryptionKeyPath(String str, String str2) {
        this.applicationProperties.setString(keyPathPropertyNameFor(str), str2);
    }

    public Optional<String> getEncryptionKeyPath(String str) {
        return optional(this.applicationProperties.getString(keyPathPropertyNameFor(str)));
    }

    public String getKeyFilesDirectoryPath() {
        FilesystemPath path = this.fileStores.getHomeFilesystemPath().path(new String[]{"keys"});
        validateKeysDirectory(path.asJavaFile());
        return path.asJavaPath().toString();
    }

    private static void validateKeysDirectory(File file) {
        if (!file.exists() && !file.mkdirs()) {
            LOG.error(KEYS_DIRECTORY_CANNOT_CREATE_ERROR);
            throw new DataAccessException(KEYS_DIRECTORY_CANNOT_CREATE_ERROR);
        }
        if (file.isDirectory() && file.canRead() && file.canWrite()) {
            return;
        }
        LOG.error(KEYS_DIRECTORY_NOT_ACCESSIBLE_ERROR);
        throw new DataAccessException(KEYS_DIRECTORY_NOT_ACCESSIBLE_ERROR);
    }
}
