package au.net.causal.maven.plugins.keepassxc;

import au.net.causal.maven.plugins.keepassxc.connection.KeepassProxy;
import au.net.causal.maven.plugins.keepassxc.shaded.org.purejava.KeepassProxyAccessException;
import com.google.common.base.StandardSystemProperty;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import java.io.IOException;
import java.nio.file.Path;
import java.time.Clock;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ExecutionException;
import org.codehaus.plexus.logging.AbstractLogEnabled;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.Disposable;
import org.sonatype.plexus.components.sec.dispatcher.PasswordDecryptor;
import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException;

/* loaded from: input_file:au/net/causal/maven/plugins/keepassxc/KeepassXcPasswordDecryptor.class */
public class KeepassXcPasswordDecryptor extends AbstractLogEnabled implements PasswordDecryptor, Disposable {
    private static final Path CREDENTIALS_STORE_BASE_DIRECTORY = Path.of(StandardSystemProperty.USER_HOME.value(), ".m2");
    private final Clock clock = Clock.systemUTC();
    private final LoadingCache<Map<?, ?>, ConnectionOrFailure> proxyCacheByConfig = CacheBuilder.newBuilder().removalListener(removalNotification -> {
        ((ConnectionOrFailure) removalNotification.getValue()).close();
    }).build(new CacheLoader<Map<?, ?>, ConnectionOrFailure>() { // from class: au.net.causal.maven.plugins.keepassxc.KeepassXcPasswordDecryptor.1
        public ConnectionOrFailure load(Map<?, ?> map) throws Exception {
            try {
                return new ConnectionOrFailure(KeepassXcPasswordDecryptor.this.connectKeepassProxy(map));
            } catch (SecDispatcherException e) {
                return new ConnectionOrFailure(e);
            }
        }
    });

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:au/net/causal/maven/plugins/keepassxc/KeepassXcPasswordDecryptor$ConnectionOrFailure.class */
    public static class ConnectionOrFailure implements AutoCloseable {
        private final KeepassProxy connection;
        private final SecDispatcherException failure;

        public ConnectionOrFailure(KeepassProxy keepassProxy) {
            this.connection = (KeepassProxy) Objects.requireNonNull(keepassProxy);
            this.failure = null;
        }

        public ConnectionOrFailure(SecDispatcherException secDispatcherException) {
            this.connection = null;
            this.failure = (SecDispatcherException) Objects.requireNonNull(secDispatcherException);
        }

        public KeepassProxy getConnection() {
            if (isSuccessfulConnection()) {
                return this.connection;
            }
            throw new IllegalStateException("No connection");
        }

        public SecDispatcherException getFailure() {
            if (isSuccessfulConnection()) {
                throw new IllegalStateException("No failure");
            }
            return this.failure;
        }

        public boolean isSuccessfulConnection() {
            return this.connection != null;
        }

        @Override // java.lang.AutoCloseable
        public void close() {
            if (isSuccessfulConnection()) {
                getConnection().close();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:au/net/causal/maven/plugins/keepassxc/KeepassXcPasswordDecryptor$EntryFilter.class */
    public static class EntryFilter {
        private final String key;
        private final String value;

        public EntryFilter(String str, String str2) {
            this.key = str;
            this.value = str2;
        }

        public String getKey() {
            return this.key;
        }

        public String getValue() {
            return this.value;
        }

        public String toString() {
            return getKey() + "=" + getValue();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:au/net/causal/maven/plugins/keepassxc/KeepassXcPasswordDecryptor$KeepassEntry.class */
    public static class KeepassEntry {
        private final String name;
        private final String login;
        private final String password;
        private final String group;
        private final Map<String, String> stringFields;

        public KeepassEntry(String str, String str2, String str3, String str4, Map<String, String> map) {
            this.name = str;
            this.login = str2;
            this.password = str3;
            this.group = str4;
            this.stringFields = Map.copyOf(map);
        }

        public static KeepassEntry parse(Map<?, ?> map) {
            String stringValue = KeepassXcPasswordDecryptor.stringValue(map.get("name"));
            String stringValue2 = KeepassXcPasswordDecryptor.stringValue(map.get("login"));
            String stringValue3 = KeepassXcPasswordDecryptor.stringValue(map.get("password"));
            String stringValue4 = KeepassXcPasswordDecryptor.stringValue(map.get("group"));
            Object obj = map.get("stringFields");
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            if (obj instanceof Collection) {
                for (Object obj2 : (Collection) obj) {
                    if (obj2 instanceof Map) {
                        for (Map.Entry entry : ((Map) obj2).entrySet()) {
                            if (entry.getKey() != null && entry.getValue() != null) {
                                linkedHashMap.put(entry.getKey().toString(), entry.getValue().toString());
                            }
                        }
                    }
                }
            }
            return new KeepassEntry(stringValue, stringValue2, stringValue3, stringValue4, linkedHashMap);
        }

        public String getName() {
            return this.name;
        }

        public String getLogin() {
            return this.login;
        }

        public String getPassword() {
            return this.password;
        }

        public String getGroup() {
            return this.group;
        }

        public Map<String, ?> getStringFields() {
            return this.stringFields;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    @FunctionalInterface
    /* loaded from: input_file:au/net/causal/maven/plugins/keepassxc/KeepassXcPasswordDecryptor$RepeatBlock.class */
    public interface RepeatBlock {
        void call() throws SecDispatcherException;
    }

    private KeepassProxy connectKeepassProxy(Map<?, ?> map) throws SecDispatcherException {
        Map<?, ?> of = map == null ? Map.of() : Map.copyOf(map);
        KeepassExtensionSettings keepassExtensionSettings = new KeepassExtensionSettings();
        keepassExtensionSettings.configure(of, getLogger());
        return connectKeepassProxy(createCredentialsStore(keepassExtensionSettings), keepassExtensionSettings);
    }

    private KeepassProxy connectKeepassProxy(KeepassCredentialsStore keepassCredentialsStore, KeepassExtensionSettings keepassExtensionSettings) throws SecDispatcherException {
        try {
            KeepassProxy keepassProxy = new KeepassProxy(keepassCredentialsStore, getLogger());
            tryRepeat(keepassExtensionSettings, "Maven needs to read passwords from KeepassXC, please start KeepassXC, ensure the 'Browser Extensions' option is enabled and open your database", "Failed to connect to KeepassXC", () -> {
                try {
                    keepassProxy.connect();
                } catch (IOException e) {
                    throw new SecDispatcherException("Failed to connect to KeepassXC: " + e.getMessage(), e);
                }
            });
            if (!keepassProxy.connectionAvailable()) {
                keepassProxy.associate();
            }
            tryRepeat(keepassExtensionSettings, "Maven needs to read passwords from KeepassXC, please unlock your database", "Failed to connect to KeepassXC - database remained locked", () -> {
                if (!keepassProxy.connectionAvailable()) {
                    throw new SecDispatcherException("Could not connect to KeepassXC");
                }
            });
            return keepassProxy;
        } catch (IOException e) {
            SecDispatcherException secDispatcherException = new SecDispatcherException("Error initializing Keepass proxy: " + String.valueOf(e), e);
            getLogger().error(secDispatcherException.getMessage(), secDispatcherException);
            throw secDispatcherException;
        }
    }

    private void tryRepeat(KeepassExtensionSettings keepassExtensionSettings, String str, String str2, RepeatBlock repeatBlock) throws SecDispatcherException {
        SecDispatcherException secDispatcherException = null;
        Instant plus = Instant.now(this.clock).plus((TemporalAmount) keepassExtensionSettings.getUnlockMaxWaitTime());
        Instant instant = Instant.EPOCH;
        while (true) {
            if (secDispatcherException != null && !Instant.now(this.clock).isBefore(plus)) {
                String str3 = str2 + " (within " + String.valueOf(keepassExtensionSettings.getUnlockMaxWaitTime()) + ")";
                getLogger().error(str3);
                throw new SecDispatcherException(str3);
            }
            try {
                repeatBlock.call();
                return;
            } catch (SecDispatcherException e) {
                secDispatcherException = e;
                Instant now = Instant.now(this.clock);
                Duration truncatedTo = Duration.between(now, plus).truncatedTo(ChronoUnit.SECONDS);
                if (instant.plus((TemporalAmount) keepassExtensionSettings.getUnlockMessageRepeatTime()).isBefore(now)) {
                    getLogger().error(str + " (timeout in " + String.valueOf(truncatedTo) + ")...");
                    instant = now;
                }
                try {
                    Thread.sleep(500L);
                } catch (InterruptedException e2) {
                    throw new SecDispatcherException("Interrupted while waiting for KeepassXC", e2);
                }
            }
        }
    }

    protected KeepassCredentialsStore createCredentialsStore(KeepassExtensionSettings keepassExtensionSettings) {
        return new MavenKeepassCredentialsStore(CREDENTIALS_STORE_BASE_DIRECTORY.resolve(keepassExtensionSettings.getCredentialsStoreFile()), getLogger());
    }

    public String decrypt(String str, Map map, Map map2) throws SecDispatcherException {
        Map<?, ?> of = map2 == null ? Map.of() : Map.copyOf(map2);
        KeepassExtensionSettings keepassExtensionSettings = new KeepassExtensionSettings();
        keepassExtensionSettings.configure(of, getLogger());
        try {
            try {
                ConnectionOrFailure connectionOrFailure = (ConnectionOrFailure) this.proxyCacheByConfig.get(of);
                if (!connectionOrFailure.isSuccessfulConnection()) {
                    getLogger().debug("Cached connection failure: " + String.valueOf(connectionOrFailure.getFailure()), connectionOrFailure.getFailure());
                    return keepassExtensionSettings.getFailMode().handleKeepassFailure(connectionOrFailure.getFailure());
                }
                KeepassProxy connection = connectionOrFailure.getConnection();
                getLogger().debug("Need to read entry '" + str + "' from KeepassXC");
                try {
                    Map<String, ?> logins = connection.getLogins(str, null, true, List.of(connection.exportConnection()));
                    if (logins == null) {
                        throw new SecDispatcherException("No KeepassXC entry for " + str);
                    }
                    Object obj = logins.get("entries");
                    if (!(obj instanceof Collection)) {
                        throw new SecDispatcherException("No entries value for " + str);
                    }
                    Collection collection = (Collection) obj;
                    ArrayList arrayList = new ArrayList(collection.size());
                    for (Object obj2 : collection) {
                        if (obj2 instanceof Map) {
                            arrayList.add(KeepassEntry.parse((Map) obj2));
                        }
                    }
                    KeepassEntry selectEntry = selectEntry(arrayList, map);
                    if (selectEntry == null) {
                        throw new SecDispatcherException("No KeepassXC entry for " + str);
                    }
                    String selectEntryValue = selectEntryValue(selectEntry, (Map<?, ?>) map);
                    if (selectEntryValue == null) {
                        throw new SecDispatcherException("No KeepassXC entry value for " + str);
                    }
                    return selectEntryValue;
                } catch (KeepassProxyAccessException | IOException e) {
                    throw new SecDispatcherException("Error getting entry for " + str + ": " + String.valueOf(e), e);
                }
            } catch (ExecutionException e2) {
                if (e2.getCause() instanceof SecDispatcherException) {
                    throw e2.getCause();
                }
                if (e2.getCause() instanceof RuntimeException) {
                    throw ((RuntimeException) e2.getCause());
                }
                if (e2.getCause() instanceof Error) {
                    throw ((Error) e2.getCause());
                }
                throw new RuntimeException(e2);
            }
        } catch (SecDispatcherException e3) {
            if (getLogger().isDebugEnabled()) {
                getLogger().error(e3.getMessage(), e3);
            } else {
                getLogger().error(e3.getMessage());
            }
            return keepassExtensionSettings.getFailMode().handleKeepassFailure(e3);
        }
    }

    protected KeepassEntry selectEntry(Collection<? extends KeepassEntry> collection, Map<?, ?> map) throws SecDispatcherException {
        if (collection.isEmpty()) {
            return null;
        }
        List<? extends EntryFilter> filtersFromDecrypterEntryAttributes = filtersFromDecrypterEntryAttributes(map);
        return collection.stream().filter(keepassEntry -> {
            Iterator it = filtersFromDecrypterEntryAttributes.iterator();
            while (it.hasNext()) {
                EntryFilter entryFilter = (EntryFilter) it.next();
                if (!Objects.equals(selectEntryValue(keepassEntry, entryFilter.getKey()), entryFilter.getValue())) {
                    return false;
                }
            }
            return true;
        }).findFirst().orElse(null);
    }

    private List<? extends EntryFilter> filtersFromDecrypterEntryAttributes(Map<?, ?> map) {
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<?, ?> entry : map.entrySet()) {
            if ((entry.getKey() instanceof String) && entry.getValue() != null) {
                String str = (String) entry.getKey();
                if (str.startsWith("where:")) {
                    arrayList.add(new EntryFilter(str.substring("where:".length()), entry.getValue().toString()));
                }
            }
        }
        return arrayList;
    }

    protected String selectEntryValue(KeepassEntry keepassEntry, Map<?, ?> map) throws SecDispatcherException {
        return selectEntryValue(keepassEntry, stringValue(map.get("select")));
    }

    private String selectEntryValue(KeepassEntry keepassEntry, String str) {
        if (str == null || "password".equals(str)) {
            return keepassEntry.getPassword();
        }
        if ("username".equals(str)) {
            return keepassEntry.getLogin();
        }
        if ("title".equals(str)) {
            return keepassEntry.getName();
        }
        String stringValue = stringValue(keepassEntry.getStringFields().get(str));
        if (stringValue == null) {
            stringValue = stringValue(keepassEntry.getStringFields().get("KPH: " + str));
        }
        return stringValue;
    }

    private static String stringValue(Object obj) {
        if (obj == null) {
            return null;
        }
        return obj.toString();
    }

    public void dispose() {
        this.proxyCacheByConfig.invalidateAll();
    }
}
