package org.eclipse.edc.aws.s3;

import java.net.URI;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.Executor;
import java.util.concurrent.Executors;
import org.eclipse.edc.connector.transfer.spi.types.SecretToken;
import org.eclipse.edc.spi.EdcException;
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
import software.amazon.awssdk.auth.credentials.AwsSessionCredentials;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.core.client.builder.SdkClientBuilder;
import software.amazon.awssdk.core.client.config.SdkAdvancedAsyncClientOption;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.iam.IamAsyncClient;
import software.amazon.awssdk.services.iam.IamAsyncClientBuilder;
import software.amazon.awssdk.services.s3.S3AsyncClient;
import software.amazon.awssdk.services.s3.S3AsyncClientBuilder;
import software.amazon.awssdk.services.s3.S3BaseClientBuilder;
import software.amazon.awssdk.services.s3.S3Client;
import software.amazon.awssdk.services.s3.S3ClientBuilder;
import software.amazon.awssdk.services.s3.S3Configuration;
import software.amazon.awssdk.services.sts.StsAsyncClient;
import software.amazon.awssdk.services.sts.StsAsyncClientBuilder;
import software.amazon.awssdk.utils.StringUtils;
import software.amazon.awssdk.utils.ThreadFactoryBuilder;

/* loaded from: input_file:org/eclipse/edc/aws/s3/AwsClientProviderImpl.class */
public class AwsClientProviderImpl implements AwsClientProvider {
    private final AwsCredentialsProvider credentialsProvider;
    private final AwsClientProviderConfiguration configuration;
    private final Executor executor;
    private final Map<String, S3Client> s3Clients = new ConcurrentHashMap();
    private final Map<String, S3AsyncClient> s3AsyncClients = new ConcurrentHashMap();
    private final Map<String, StsAsyncClient> stsAsyncClients = new ConcurrentHashMap();
    private final IamAsyncClient iamAsyncClient = createIamAsyncClient();

    public AwsClientProviderImpl(AwsClientProviderConfiguration awsClientProviderConfiguration) {
        this.credentialsProvider = awsClientProviderConfiguration.getCredentialsProvider();
        this.configuration = awsClientProviderConfiguration;
        this.executor = Executors.newFixedThreadPool(awsClientProviderConfiguration.getThreadPoolSize(), new ThreadFactoryBuilder().threadNamePrefix("aws-client").build());
    }

    @Override // org.eclipse.edc.aws.s3.AwsClientProvider
    public S3Client s3Client(S3ClientRequest s3ClientRequest) {
        return createS3Client(s3ClientRequest);
    }

    @Override // org.eclipse.edc.aws.s3.AwsClientProvider
    public S3AsyncClient s3AsyncClient(String str) {
        return this.s3AsyncClients.computeIfAbsent(str, this::createS3AsyncClient);
    }

    @Override // org.eclipse.edc.aws.s3.AwsClientProvider
    public IamAsyncClient iamAsyncClient() {
        return this.iamAsyncClient;
    }

    @Override // org.eclipse.edc.aws.s3.AwsClientProvider
    public StsAsyncClient stsAsyncClient(String str) {
        return this.stsAsyncClients.computeIfAbsent(str, this::createStsClient);
    }

    @Override // org.eclipse.edc.aws.s3.AwsClientProvider
    public void shutdown() {
        this.iamAsyncClient.close();
        this.s3AsyncClients.values().forEach((v0) -> {
            v0.close();
        });
        this.stsAsyncClients.values().forEach((v0) -> {
            v0.close();
        });
    }

    private S3Client createS3Client(S3ClientRequest s3ClientRequest) {
        SecretToken secretToken = s3ClientRequest.secretToken();
        String region = s3ClientRequest.region();
        String endpointOverride = s3ClientRequest.endpointOverride();
        if (secretToken == null) {
            return this.s3Clients.computeIfAbsent(region, str -> {
                return createS3Client(this.credentialsProvider, region, endpointOverride);
            });
        }
        if (secretToken instanceof AwsTemporarySecretToken) {
            AwsTemporarySecretToken awsTemporarySecretToken = (AwsTemporarySecretToken) secretToken;
            return createS3Client(StaticCredentialsProvider.create(AwsSessionCredentials.create(awsTemporarySecretToken.getAccessKeyId(), awsTemporarySecretToken.getSecretAccessKey(), awsTemporarySecretToken.getSessionToken())), region, endpointOverride);
        }
        if (!(secretToken instanceof AwsSecretToken)) {
            throw new EdcException(String.format("SecretToken %s is not supported", secretToken.getClass()));
        }
        AwsSecretToken awsSecretToken = (AwsSecretToken) secretToken;
        return createS3Client(StaticCredentialsProvider.create(AwsBasicCredentials.create(awsSecretToken.getAccessKeyId(), awsSecretToken.getSecretAccessKey())), region, endpointOverride);
    }

    private S3Client createS3Client(AwsCredentialsProvider awsCredentialsProvider, String str, String str2) {
        S3ClientBuilder region = S3Client.builder().credentialsProvider(awsCredentialsProvider).region(Region.of(str));
        handleBaseEndpointOverride(region, str2);
        return (S3Client) region.build();
    }

    private S3AsyncClient createS3AsyncClient(String str) {
        S3AsyncClientBuilder region = S3AsyncClient.builder().asyncConfiguration(builder -> {
            builder.advancedOption(SdkAdvancedAsyncClientOption.FUTURE_COMPLETION_EXECUTOR, this.executor);
        }).credentialsProvider(this.credentialsProvider).region(Region.of(str));
        handleBaseEndpointOverride(region, null);
        return (S3AsyncClient) region.build();
    }

    private StsAsyncClient createStsClient(String str) {
        StsAsyncClientBuilder region = StsAsyncClient.builder().asyncConfiguration(builder -> {
            builder.advancedOption(SdkAdvancedAsyncClientOption.FUTURE_COMPLETION_EXECUTOR, this.executor);
        }).credentialsProvider(this.credentialsProvider).region(Region.of(str));
        handleEndpointOverride(region);
        return (StsAsyncClient) region.build();
    }

    private IamAsyncClient createIamAsyncClient() {
        IamAsyncClientBuilder region = IamAsyncClient.builder().asyncConfiguration(builder -> {
            builder.advancedOption(SdkAdvancedAsyncClientOption.FUTURE_COMPLETION_EXECUTOR, this.executor);
        }).credentialsProvider(this.credentialsProvider).region(Region.AWS_GLOBAL);
        handleEndpointOverride(region);
        return (IamAsyncClient) region.build();
    }

    private void handleBaseEndpointOverride(S3BaseClientBuilder<?, ?> s3BaseClientBuilder, String str) {
        URI create = StringUtils.isNotBlank(str) ? URI.create(str) : this.configuration.getEndpointOverride();
        if (create != null) {
            s3BaseClientBuilder.serviceConfiguration((S3Configuration) S3Configuration.builder().pathStyleAccessEnabled(true).build()).endpointOverride(create);
        }
    }

    private void handleEndpointOverride(SdkClientBuilder<?, ?> sdkClientBuilder) {
        URI endpointOverride = this.configuration.getEndpointOverride();
        if (endpointOverride != null) {
            sdkClientBuilder.endpointOverride(endpointOverride);
        }
    }
}
