package com.azure.spring.cloud.appconfiguration.config.implementation.stores;

import com.azure.identity.ManagedIdentityCredentialBuilder;
import com.azure.security.keyvault.secrets.SecretAsyncClient;
import com.azure.security.keyvault.secrets.SecretClientBuilder;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
import com.azure.spring.cloud.appconfiguration.config.KeyVaultSecretProvider;
import com.azure.spring.cloud.appconfiguration.config.SecretClientCustomizer;
import com.azure.spring.cloud.service.implementation.keyvault.secrets.SecretClientBuilderFactory;
import java.net.URI;
import java.time.Duration;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/azure/spring/cloud/appconfiguration/config/implementation/stores/AppConfigurationSecretClientManager.class */
public final class AppConfigurationSecretClientManager {
    private SecretAsyncClient secretClient;
    private final SecretClientCustomizer keyVaultClientProvider;
    private final String endpoint;
    private final KeyVaultSecretProvider keyVaultSecretProvider;
    private final SecretClientBuilderFactory secretClientFactory;
    private final boolean credentialConfigured;

    public AppConfigurationSecretClientManager(String str, SecretClientCustomizer secretClientCustomizer, KeyVaultSecretProvider keyVaultSecretProvider, SecretClientBuilderFactory secretClientBuilderFactory, boolean z) {
        this.endpoint = str;
        this.keyVaultClientProvider = secretClientCustomizer;
        this.keyVaultSecretProvider = keyVaultSecretProvider;
        this.secretClientFactory = secretClientBuilderFactory;
        this.credentialConfigured = z;
    }

    AppConfigurationSecretClientManager build() {
        SecretClientBuilder secretClientBuilder = (SecretClientBuilder) this.secretClientFactory.build();
        if (!this.credentialConfigured) {
            secretClientBuilder.credential(new ManagedIdentityCredentialBuilder().build());
        }
        secretClientBuilder.vaultUrl(this.endpoint);
        if (this.keyVaultClientProvider != null) {
            this.keyVaultClientProvider.customize(secretClientBuilder, this.endpoint);
        }
        this.secretClient = secretClientBuilder.buildAsyncClient();
        return this;
    }

    public KeyVaultSecret getSecret(URI uri, int i) {
        if (this.secretClient == null) {
            build();
        }
        String[] split = uri.getPath().split("/");
        String str = split.length >= 3 ? split[2] : null;
        String str2 = split.length >= 4 ? split[3] : null;
        if (this.keyVaultSecretProvider != null) {
            String secret = this.keyVaultSecretProvider.getSecret(uri.getRawPath());
            if (StringUtils.hasText(secret)) {
                return new KeyVaultSecret(str, secret);
            }
        }
        return (KeyVaultSecret) this.secretClient.getSecret(str, str2).block(Duration.ofSeconds(i));
    }
}
