package io.spiffe.workloadapi;

import com.networknt.rule.RuleConstants;
import io.spiffe.bundle.x509bundle.X509Bundle;
import io.spiffe.bundle.x509bundle.X509BundleSet;
import io.spiffe.exception.BundleNotFoundException;
import io.spiffe.exception.SocketEndpointAddressException;
import io.spiffe.exception.WatcherException;
import io.spiffe.exception.X509SourceException;
import io.spiffe.spiffeid.TrustDomain;
import io.spiffe.svid.x509svid.X509Svid;
import io.spiffe.workloadapi.DefaultWorkloadApiClient;
import io.spiffe.workloadapi.internal.ThreadUtils;
import java.time.Duration;
import java.util.List;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import java.util.function.Function;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;
import lombok.Generated;
import lombok.NonNull;

/* loaded from: input_file:io/spiffe/workloadapi/DefaultX509Source.class */
public final class DefaultX509Source implements X509Source {

    @Generated
    private static final Logger log = Logger.getLogger(DefaultX509Source.class.getName());
    private static final String TIMEOUT_SYSTEM_PROPERTY = "spiffe.newX509Source.timeout";
    private static final Duration DEFAULT_TIMEOUT = Duration.parse(System.getProperty(TIMEOUT_SYSTEM_PROPERTY, "PT0S"));
    private X509Svid svid;
    private X509BundleSet bundles;
    private final Function<List<X509Svid>, X509Svid> picker;
    private final WorkloadApiClient workloadApiClient;
    private volatile boolean closed;

    /* loaded from: input_file:io/spiffe/workloadapi/DefaultX509Source$X509SourceOptions.class */
    public static class X509SourceOptions {
        private String spiffeSocketPath;
        private Duration initTimeout;
        private Function<List<X509Svid>, X509Svid> svidPicker;
        private WorkloadApiClient workloadApiClient;

        @Generated
        /* loaded from: input_file:io/spiffe/workloadapi/DefaultX509Source$X509SourceOptions$X509SourceOptionsBuilder.class */
        public static class X509SourceOptionsBuilder {

            @Generated
            private String spiffeSocketPath;

            @Generated
            private Duration initTimeout;

            @Generated
            private Function<List<X509Svid>, X509Svid> svidPicker;

            @Generated
            private WorkloadApiClient workloadApiClient;

            @Generated
            X509SourceOptionsBuilder() {
            }

            @Generated
            public X509SourceOptionsBuilder spiffeSocketPath(String str) {
                this.spiffeSocketPath = str;
                return this;
            }

            @Generated
            public X509SourceOptionsBuilder initTimeout(Duration duration) {
                this.initTimeout = duration;
                return this;
            }

            @Generated
            public X509SourceOptionsBuilder svidPicker(Function<List<X509Svid>, X509Svid> function) {
                this.svidPicker = function;
                return this;
            }

            @Generated
            public X509SourceOptionsBuilder workloadApiClient(WorkloadApiClient workloadApiClient) {
                this.workloadApiClient = workloadApiClient;
                return this;
            }

            @Generated
            public X509SourceOptions build() {
                return new X509SourceOptions(this.spiffeSocketPath, this.initTimeout, this.svidPicker, this.workloadApiClient);
            }

            @Generated
            public String toString() {
                return "DefaultX509Source.X509SourceOptions.X509SourceOptionsBuilder(spiffeSocketPath=" + this.spiffeSocketPath + ", initTimeout=" + this.initTimeout + ", svidPicker=" + this.svidPicker + ", workloadApiClient=" + this.workloadApiClient + RuleConstants.RIGHT_PARENTHESIS;
            }
        }

        public X509SourceOptions(String str, Duration duration, Function<List<X509Svid>, X509Svid> function, WorkloadApiClient workloadApiClient) {
            this.spiffeSocketPath = str;
            this.initTimeout = duration;
            this.svidPicker = function;
            this.workloadApiClient = workloadApiClient;
        }

        @Generated
        public static X509SourceOptionsBuilder builder() {
            return new X509SourceOptionsBuilder();
        }

        @Generated
        public String getSpiffeSocketPath() {
            return this.spiffeSocketPath;
        }

        @Generated
        public Duration getInitTimeout() {
            return this.initTimeout;
        }

        @Generated
        public Function<List<X509Svid>, X509Svid> getSvidPicker() {
            return this.svidPicker;
        }

        @Generated
        public WorkloadApiClient getWorkloadApiClient() {
            return this.workloadApiClient;
        }

        @Generated
        public void setSpiffeSocketPath(String str) {
            this.spiffeSocketPath = str;
        }

        @Generated
        public void setInitTimeout(Duration duration) {
            this.initTimeout = duration;
        }

        @Generated
        public void setSvidPicker(Function<List<X509Svid>, X509Svid> function) {
            this.svidPicker = function;
        }

        @Generated
        public void setWorkloadApiClient(WorkloadApiClient workloadApiClient) {
            this.workloadApiClient = workloadApiClient;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof X509SourceOptions)) {
                return false;
            }
            X509SourceOptions x509SourceOptions = (X509SourceOptions) obj;
            if (!x509SourceOptions.canEqual(this)) {
                return false;
            }
            String spiffeSocketPath = getSpiffeSocketPath();
            String spiffeSocketPath2 = x509SourceOptions.getSpiffeSocketPath();
            if (spiffeSocketPath == null) {
                if (spiffeSocketPath2 != null) {
                    return false;
                }
            } else if (!spiffeSocketPath.equals(spiffeSocketPath2)) {
                return false;
            }
            Duration initTimeout = getInitTimeout();
            Duration initTimeout2 = x509SourceOptions.getInitTimeout();
            if (initTimeout == null) {
                if (initTimeout2 != null) {
                    return false;
                }
            } else if (!initTimeout.equals(initTimeout2)) {
                return false;
            }
            Function<List<X509Svid>, X509Svid> svidPicker = getSvidPicker();
            Function<List<X509Svid>, X509Svid> svidPicker2 = x509SourceOptions.getSvidPicker();
            if (svidPicker == null) {
                if (svidPicker2 != null) {
                    return false;
                }
            } else if (!svidPicker.equals(svidPicker2)) {
                return false;
            }
            WorkloadApiClient workloadApiClient = getWorkloadApiClient();
            WorkloadApiClient workloadApiClient2 = x509SourceOptions.getWorkloadApiClient();
            return workloadApiClient == null ? workloadApiClient2 == null : workloadApiClient.equals(workloadApiClient2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof X509SourceOptions;
        }

        @Generated
        public int hashCode() {
            String spiffeSocketPath = getSpiffeSocketPath();
            int hashCode = (1 * 59) + (spiffeSocketPath == null ? 43 : spiffeSocketPath.hashCode());
            Duration initTimeout = getInitTimeout();
            int hashCode2 = (hashCode * 59) + (initTimeout == null ? 43 : initTimeout.hashCode());
            Function<List<X509Svid>, X509Svid> svidPicker = getSvidPicker();
            int hashCode3 = (hashCode2 * 59) + (svidPicker == null ? 43 : svidPicker.hashCode());
            WorkloadApiClient workloadApiClient = getWorkloadApiClient();
            return (hashCode3 * 59) + (workloadApiClient == null ? 43 : workloadApiClient.hashCode());
        }

        @Generated
        public String toString() {
            return "DefaultX509Source.X509SourceOptions(spiffeSocketPath=" + getSpiffeSocketPath() + ", initTimeout=" + getInitTimeout() + ", svidPicker=" + getSvidPicker() + ", workloadApiClient=" + getWorkloadApiClient() + RuleConstants.RIGHT_PARENTHESIS;
        }
    }

    private DefaultX509Source(Function<List<X509Svid>, X509Svid> function, WorkloadApiClient workloadApiClient) {
        this.picker = function;
        this.workloadApiClient = workloadApiClient;
    }

    public static DefaultX509Source newSource() throws SocketEndpointAddressException, X509SourceException {
        return newSource(X509SourceOptions.builder().initTimeout(DEFAULT_TIMEOUT).build());
    }

    public static DefaultX509Source newSource(@NonNull X509SourceOptions x509SourceOptions) throws SocketEndpointAddressException, X509SourceException {
        if (x509SourceOptions == null) {
            throw new NullPointerException("options is marked non-null but is null");
        }
        if (x509SourceOptions.workloadApiClient == null) {
            x509SourceOptions.workloadApiClient = createClient(x509SourceOptions);
        }
        if (x509SourceOptions.initTimeout == null) {
            x509SourceOptions.initTimeout = DEFAULT_TIMEOUT;
        }
        DefaultX509Source defaultX509Source = new DefaultX509Source(x509SourceOptions.svidPicker, x509SourceOptions.workloadApiClient);
        try {
            defaultX509Source.init(x509SourceOptions.initTimeout);
            return defaultX509Source;
        } catch (Exception e) {
            defaultX509Source.close();
            throw new X509SourceException("Error creating X.509 source", e);
        }
    }

    @Override // io.spiffe.svid.x509svid.X509SvidSource
    public X509Svid getX509Svid() {
        if (isClosed()) {
            throw new IllegalStateException("X.509 SVID source is closed");
        }
        return this.svid;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // io.spiffe.bundle.BundleSource
    public X509Bundle getBundleForTrustDomain(@NonNull TrustDomain trustDomain) throws BundleNotFoundException {
        if (trustDomain == null) {
            throw new NullPointerException("trustDomain is marked non-null but is null");
        }
        if (isClosed()) {
            throw new IllegalStateException("X.509 bundle source is closed");
        }
        return this.bundles.getBundleForTrustDomain(trustDomain);
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() {
        if (!this.closed) {
            synchronized (this) {
                if (!this.closed) {
                    this.workloadApiClient.close();
                    this.closed = true;
                }
            }
        }
    }

    private static WorkloadApiClient createClient(X509SourceOptions x509SourceOptions) throws SocketEndpointAddressException {
        return DefaultWorkloadApiClient.newClient(DefaultWorkloadApiClient.ClientOptions.builder().spiffeSocketPath(x509SourceOptions.spiffeSocketPath).build());
    }

    private void init(Duration duration) throws TimeoutException {
        boolean await;
        CountDownLatch countDownLatch = new CountDownLatch(1);
        setX509ContextWatcher(countDownLatch);
        if (duration.isZero()) {
            ThreadUtils.await(countDownLatch);
            await = true;
        } else {
            await = ThreadUtils.await(countDownLatch, duration.getSeconds(), TimeUnit.SECONDS);
        }
        if (!await) {
            throw new TimeoutException("Timeout waiting for X.509 Context update");
        }
    }

    private void setX509ContextWatcher(final CountDownLatch countDownLatch) {
        this.workloadApiClient.watchX509Context(new Watcher<X509Context>() { // from class: io.spiffe.workloadapi.DefaultX509Source.1
            @Override // io.spiffe.workloadapi.Watcher
            public void onUpdate(X509Context x509Context) {
                DefaultX509Source.log.log(Level.INFO, String.format("Received X509Context update: %s", (String) x509Context.getX509Svids().stream().map(x509Svid -> {
                    return x509Svid.getSpiffeId().toString();
                }).collect(Collectors.joining(", "))));
                DefaultX509Source.this.setX509Context(x509Context);
                countDownLatch.countDown();
            }

            @Override // io.spiffe.workloadapi.Watcher
            public void onError(Throwable th) {
                DefaultX509Source.log.log(Level.SEVERE, "Error in X509Context watcher", th);
                countDownLatch.countDown();
                throw new WatcherException("Error in X509Context watcher", th);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setX509Context(X509Context x509Context) {
        X509Svid defaultSvid = this.picker == null ? x509Context.getDefaultSvid() : this.picker.apply(x509Context.getX509Svids());
        synchronized (this) {
            this.svid = defaultSvid;
            this.bundles = x509Context.getX509BundleSet();
        }
    }

    private boolean isClosed() {
        boolean z;
        synchronized (this) {
            z = this.closed;
        }
        return z;
    }
}
