package io.trino.plugin.jdbc.credential;

import com.google.inject.Binder;
import com.google.inject.Module;
import com.google.inject.Provides;
import com.google.inject.Scopes;
import com.google.inject.Singleton;
import io.airlift.configuration.AbstractConfigurationAwareModule;
import io.airlift.configuration.ConditionalModule;
import io.airlift.configuration.ConfigBinder;
import io.airlift.configuration.ConfigurationFactory;
import io.airlift.configuration.ConfigurationLoader;
import io.trino.plugin.jdbc.credential.file.ConfigFileBasedCredentialProviderConfig;
import io.trino.plugin.jdbc.credential.keystore.KeyStoreBasedCredentialProviderConfig;
import io.trino.plugin.jdbc.credential.keystore.KeyStoreUtils;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.Optional;

/* loaded from: input_file:io/trino/plugin/jdbc/credential/CredentialProviderModule.class */
public class CredentialProviderModule extends AbstractConfigurationAwareModule {

    /* loaded from: input_file:io/trino/plugin/jdbc/credential/CredentialProviderModule$ConfigFileBasedCredentialProviderModule.class */
    private static class ConfigFileBasedCredentialProviderModule implements Module {
        private ConfigFileBasedCredentialProviderModule() {
        }

        public void configure(Binder binder) {
            ConfigBinder.configBinder(binder).bindConfig(ConfigFileBasedCredentialProviderConfig.class);
        }

        @Singleton
        @ForExtraCredentialProvider
        @Provides
        public CredentialProvider getCredentialProvider(ConfigFileBasedCredentialProviderConfig configFileBasedCredentialProviderConfig) throws IOException {
            CredentialConfig credentialConfig = (CredentialConfig) new ConfigurationFactory(ConfigurationLoader.loadPropertiesFrom(configFileBasedCredentialProviderConfig.getCredentialFile())).build(CredentialConfig.class);
            return new StaticCredentialProvider(credentialConfig.getConnectionUser(), credentialConfig.getConnectionPassword());
        }
    }

    /* loaded from: input_file:io/trino/plugin/jdbc/credential/CredentialProviderModule$InlineCredentialProviderModule.class */
    private static class InlineCredentialProviderModule implements Module {
        private InlineCredentialProviderModule() {
        }

        public void configure(Binder binder) {
            ConfigBinder.configBinder(binder).bindConfig(CredentialConfig.class);
        }

        @Singleton
        @ForExtraCredentialProvider
        @Provides
        public CredentialProvider getCredentialProvider(CredentialConfig credentialConfig) {
            return new StaticCredentialProvider(credentialConfig.getConnectionUser(), credentialConfig.getConnectionPassword());
        }
    }

    /* loaded from: input_file:io/trino/plugin/jdbc/credential/CredentialProviderModule$KeyStoreBasedCredentialProviderModule.class */
    private static class KeyStoreBasedCredentialProviderModule implements Module {
        private KeyStoreBasedCredentialProviderModule() {
        }

        public void configure(Binder binder) {
            ConfigBinder.configBinder(binder).bindConfig(KeyStoreBasedCredentialProviderConfig.class);
        }

        @Singleton
        @ForExtraCredentialProvider
        @Provides
        public CredentialProvider getCredentialProvider(KeyStoreBasedCredentialProviderConfig keyStoreBasedCredentialProviderConfig) throws IOException, GeneralSecurityException {
            KeyStore loadKeyStore = KeyStoreUtils.loadKeyStore(keyStoreBasedCredentialProviderConfig.getKeyStoreType(), keyStoreBasedCredentialProviderConfig.getKeyStoreFilePath(), keyStoreBasedCredentialProviderConfig.getKeyStorePassword());
            return new StaticCredentialProvider(Optional.of(KeyStoreUtils.readEntity(loadKeyStore, keyStoreBasedCredentialProviderConfig.getUserCredentialName(), keyStoreBasedCredentialProviderConfig.getPasswordForUserCredentialName())), Optional.of(KeyStoreUtils.readEntity(loadKeyStore, keyStoreBasedCredentialProviderConfig.getPasswordCredentialName(), keyStoreBasedCredentialProviderConfig.getPasswordForPasswordCredentialName())));
        }
    }

    protected void setup(Binder binder) {
        bindCredentialProviderModule(CredentialProviderType.INLINE, new InlineCredentialProviderModule());
        bindCredentialProviderModule(CredentialProviderType.FILE, new ConfigFileBasedCredentialProviderModule());
        bindCredentialProviderModule(CredentialProviderType.KEYSTORE, new KeyStoreBasedCredentialProviderModule());
        ConfigBinder.configBinder(binder).bindConfig(ExtraCredentialConfig.class);
        binder.bind(CredentialProvider.class).to(ExtraCredentialProvider.class).in(Scopes.SINGLETON);
    }

    private void bindCredentialProviderModule(CredentialProviderType credentialProviderType, Module module) {
        install(ConditionalModule.conditionalModule(CredentialProviderTypeConfig.class, credentialProviderTypeConfig -> {
            return credentialProviderType == credentialProviderTypeConfig.getCredentialProviderType();
        }, module));
    }
}
