package com.atlassian.secrets.service.dao;

import com.atlassian.secrets.api.FileWriteRequest;
import com.atlassian.secrets.api.FileWriter;
import com.atlassian.secrets.api.SealedSecret;
import com.atlassian.secrets.api.SecretDao;
import com.atlassian.secrets.api.SecretServiceException;
import com.atlassian.secrets.service.SecretServiceParams;
import java.io.File;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Stream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Assert;

/* loaded from: input_file:com/atlassian/secrets/service/dao/MultiFileSecretDao.class */
public class MultiFileSecretDao implements SecretDao {
    public static final String SECRET_DIRECTORY_NAME = "secured";
    private static final Logger log = LoggerFactory.getLogger(MultiFileSecretDao.class);
    private static final Charset DEFAULT_CHARSET = StandardCharsets.UTF_8;
    private final Path secretDirectoryPath;
    private final FileWriter fileWriter;

    public MultiFileSecretDao(Path path) {
        this(path, SecretServiceParams.DEFAULT_FILE_WRITER);
    }

    public MultiFileSecretDao(Path path, FileWriter fileWriter) {
        this.secretDirectoryPath = path.resolve(SECRET_DIRECTORY_NAME);
        this.fileWriter = fileWriter;
        createSecretDirectory();
    }

    public void put(Set<SealedSecret> set) {
        Iterator<SealedSecret> it = set.iterator();
        while (it.hasNext()) {
            writeSealedSecret(it.next());
        }
    }

    public Optional<SealedSecret> get(String str) {
        Path fileForSecret = getFileForSecret(str);
        return !Files.exists(fileForSecret, new LinkOption[0]) ? Optional.empty() : Optional.of(parseSealedSecret(fileForSecret));
    }

    public void delete(String str) {
        Path fileForSecret = getFileForSecret(str);
        try {
            Files.delete(fileForSecret);
        } catch (IOException e) {
            log.error("Error deleting data for secret '{}', {}", fileForSecret.toAbsolutePath(), e);
        }
    }

    public Set<String> getIdsForBackend(String str) {
        HashSet hashSet = new HashSet();
        try {
            Stream<Path> list = Files.list(this.secretDirectoryPath);
            try {
                list.forEach(path -> {
                    SealedSecret parseSealedSecret = parseSealedSecret(path);
                    Assert.isTrue(path.getFileName().equals(getFileForSecret(parseSealedSecret.getIdentifier()).getFileName()), "Secret file name should match secret");
                    if (parseSealedSecret.getBackendId().equals(str)) {
                        hashSet.add(parseSealedSecret.getIdentifier());
                    }
                });
                if (list != null) {
                    list.close();
                }
                return hashSet;
            } finally {
            }
        } catch (IOException e) {
            throw new SecretServiceException("Error getting secrets stored by backend", e);
        }
    }

    private void createSecretDirectory() {
        File file = this.secretDirectoryPath.toFile();
        if (!file.exists()) {
            try {
                Files.createDirectories(this.secretDirectoryPath, new FileAttribute[0]);
            } catch (IOException e) {
                throw new SecretServiceException("Error creating secretDirectoryPath", e);
            }
        }
        if (!file.isDirectory()) {
            throw new SecretServiceException("secretDirectoryPath must be a directory");
        }
    }

    private void writeSealedSecret(SealedSecret sealedSecret) throws SecretServiceException {
        Path fileForSecret = getFileForSecret(sealedSecret.getIdentifier());
        Objects.requireNonNull(sealedSecret);
        this.fileWriter.write(new FileWriteRequest(fileForSecret, sealedSecret::toString, false, bool -> {
        }));
    }

    private SealedSecret parseSealedSecret(Path path) {
        try {
            return SealedSecret.from(new String(Files.readAllBytes(path), DEFAULT_CHARSET));
        } catch (IOException e) {
            throw new SecretServiceException("Error reading secret from file", e);
        }
    }

    Path getFileForSecret(String str) {
        return this.secretDirectoryPath.resolve(String.format("%040x", new BigInteger(1, str.getBytes(DEFAULT_CHARSET))));
    }
}
