package com.uid2.attestation.azure;

import com.azure.identity.ManagedIdentityCredentialBuilder;
import com.azure.security.keyvault.secrets.SecretClientBuilder;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
import com.google.common.base.Strings;
import com.uid2.enclave.IOperatorKeyRetriever;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/uid2/attestation/azure/AzureVaultOperatorKeyRetriever.class */
public class AzureVaultOperatorKeyRetriever implements IOperatorKeyRetriever {
    private static final Logger LOGGER = LoggerFactory.getLogger(AzureVaultOperatorKeyRetriever.class);
    private final String vaultName;
    private final String secretName;

    public AzureVaultOperatorKeyRetriever(String str, String str2) {
        if (Strings.isNullOrEmpty(str)) {
            throw new IllegalArgumentException("vaultName is null or empty");
        }
        if (Strings.isNullOrEmpty(str2)) {
            throw new IllegalArgumentException("secretName is null or empty");
        }
        this.vaultName = str;
        this.secretName = str2;
    }

    public String retrieve() {
        String str = "https://" + this.vaultName + ".vault.azure.net";
        LOGGER.info(String.format("Load OperatorKey secret (%s) from %s", this.secretName, str));
        KeyVaultSecret secret = new SecretClientBuilder().vaultUrl(str).credential(new ManagedIdentityCredentialBuilder().build()).buildClient().getSecret(this.secretName);
        LOGGER.info("OperatorKey secret is loaded.");
        return secret.getValue();
    }
}
