package com.mulesoft.modules.configuration.properties.internal;

import com.mulesoft.modules.configuration.properties.api.EncryptionAlgorithm;
import com.mulesoft.modules.configuration.properties.api.EncryptionMode;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Base64;
import java.util.Optional;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.mule.encryption.exception.MuleEncryptionException;
import org.mule.runtime.api.component.location.ComponentLocation;
import org.mule.runtime.config.api.dsl.model.ResourceProvider;
import org.mule.runtime.config.api.dsl.model.properties.ConfigurationProperty;
import org.mule.runtime.config.api.dsl.model.properties.DefaultConfigurationPropertiesProvider;
import org.mule.runtime.core.api.util.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:repository/com/mulesoft/modules/mule-secure-configuration-property-module/1.2.7/mule-secure-configuration-property-module-1.2.7-mule-plugin.jar:com/mulesoft/modules/configuration/properties/internal/SecureConfigurationPropertiesProvider.class */
public class SecureConfigurationPropertiesProvider extends DefaultConfigurationPropertiesProvider {
    private static final String SECURE_PREFIX = "secure::";
    private boolean logged_message;
    private final EncryptionAlgorithm algorithm;
    private final EncryptionMode mode;
    private final boolean fileLevelEncryption;
    private final SecurePropertyPlaceholderModule securePropertyPlaceholderModule;
    private static final Pattern SECURE_PATTERN = Pattern.compile("\\$\\{secure::[^}]*}");
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SecureConfigurationPropertiesProvider.class);

    public SecureConfigurationPropertiesProvider(ResourceProvider resourceProvider, String str, EncryptionAlgorithm encryptionAlgorithm, String str2, EncryptionMode encryptionMode, String str3, boolean z, boolean z2) {
        super(str, str3, resourceProvider);
        this.logged_message = false;
        this.algorithm = encryptionAlgorithm;
        this.mode = encryptionMode;
        this.fileLevelEncryption = z;
        this.securePropertyPlaceholderModule = new SecurePropertyPlaceholderModule(encryptionAlgorithm, encryptionMode, str2, z2);
    }

    public Optional<ConfigurationProperty> getConfigurationProperty(String str) {
        if (!str.startsWith(SECURE_PREFIX)) {
            return Optional.empty();
        }
        final ConfigurationProperty configurationProperty = (ConfigurationProperty) this.configurationAttributes.get(str.substring(SECURE_PREFIX.length()));
        if (configurationProperty == null) {
            return Optional.empty();
        }
        String str2 = (String) configurationProperty.getRawValue();
        String substring = str2.substring(configurationProperty.getKey().length() + 1, ((str2.length() - this.algorithm.name().length()) - this.mode.name().length()) - 2);
        logWarningIfNotEncrypted(substring);
        final String resolveInnerProperties = resolveInnerProperties(this.securePropertyPlaceholderModule.convertPropertyValue(substring));
        return Optional.of(new ConfigurationProperty() { // from class: com.mulesoft.modules.configuration.properties.internal.SecureConfigurationPropertiesProvider.1
            public Object getSource() {
                return configurationProperty.getSource();
            }

            public Object getRawValue() {
                return resolveInnerProperties;
            }

            public String getKey() {
                return configurationProperty.getKey();
            }
        });
    }

    public String getDescription() {
        ComponentLocation componentLocation = (ComponentLocation) getAnnotation(LOCATION_KEY);
        return String.format("<secure-properties file=\"%s\"> - file: %s, line number: %s", this.fileLocation, componentLocation.getFileName().orElse("unknown"), componentLocation.getLineInFile().map((v0) -> {
            return String.valueOf(v0);
        }).orElse("unknown"));
    }

    protected String createValue(String str, String str2) {
        return String.format("%s:%s:%s:%s", str, str2, this.algorithm, this.mode);
    }

    protected InputStream getResourceInputStream(String str) throws IOException {
        InputStream resourceInputStream = super.getResourceInputStream(str);
        if (!this.fileLevelEncryption) {
            return resourceInputStream;
        }
        try {
            return new ByteArrayInputStream(this.securePropertyPlaceholderModule.decrypt(Base64.getDecoder().decode(IOUtils.toByteArray(resourceInputStream))));
        } catch (MuleEncryptionException e) {
            throw new IOException(e);
        }
    }

    private String resolveInnerProperties(String str) {
        Matcher matcher = SECURE_PATTERN.matcher(str);
        while (matcher.find()) {
            String group = matcher.group();
            Optional<ConfigurationProperty> configurationProperty = getConfigurationProperty(group);
            if (configurationProperty.isPresent()) {
                str = str.replaceAll(group, (String) configurationProperty.get().getRawValue());
            }
        }
        return str;
    }

    private void logWarningIfNotEncrypted(String str) {
        if ((this.logged_message || this.fileLevelEncryption || this.securePropertyPlaceholderModule.isEncrypted(str)) ? false : true) {
            this.logged_message = true;
            LOGGER.warn(String.format("Secure Properties file has non-encrypted values. Check file '%s'. Remember to encrypt properties or use file-level encryption before going into productive environment", this.fileLocation));
        }
    }
}
