package shadow.palantir.driver.com.palantir.conjure.java.api.config.ssl;

import com.palantir.logsafe.Arg;
import com.palantir.logsafe.DoNotLog;
import com.palantir.logsafe.exceptions.SafeIllegalArgumentException;
import java.nio.file.Path;
import java.util.Optional;
import shadow.palantir.driver.com.fasterxml.jackson.annotation.JsonAlias;
import shadow.palantir.driver.com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import shadow.palantir.driver.com.google.common.collect.ImmutableSet;
import shadow.palantir.driver.com.palantir.conjure.java.api.config.ssl.ImmutableSslConfiguration;
import shadow.palantir.driver.org.immutables.value.Value;

@JsonDeserialize(builder = Builder.class)
@DoNotLog
@Value.Immutable
/* loaded from: input_file:shadow/palantir/driver/com/palantir/conjure/java/api/config/ssl/SslConfiguration.class */
public abstract class SslConfiguration {
    private static final ImmutableSet<String> PEM_EXTENSIONS = ImmutableSet.of("key", "pem", "cer", "crt");

    /* loaded from: input_file:shadow/palantir/driver/com/palantir/conjure/java/api/config/ssl/SslConfiguration$Builder.class */
    public static final class Builder extends ImmutableSslConfiguration.Builder {
    }

    /* loaded from: input_file:shadow/palantir/driver/com/palantir/conjure/java/api/config/ssl/SslConfiguration$StoreType.class */
    public enum StoreType {
        JKS,
        PEM,
        PKCS12,
        PUPPET
    }

    @JsonAlias({"trust-store-path"})
    public abstract Path trustStorePath();

    @Value.Default
    @JsonAlias({"trust-store-type"})
    public StoreType trustStoreType() {
        return isPemExtension(trustStorePath()) ? StoreType.PEM : StoreType.JKS;
    }

    @JsonAlias({"key-store-path"})
    public abstract Optional<Path> keyStorePath();

    @DoNotLog
    @JsonAlias({"key-store-password"})
    @Value.Redacted
    public abstract Optional<String> keyStorePassword();

    @Value.Default
    @JsonAlias({"key-store-type"})
    public StoreType keyStoreType() {
        return ((Boolean) keyStorePath().map(this::isPemExtension).orElse(false)).booleanValue() ? StoreType.PEM : StoreType.JKS;
    }

    @JsonAlias({"key-store-key-alias"})
    public abstract Optional<String> keyStoreKeyAlias();

    /* JADX INFO: Access modifiers changed from: protected */
    @Value.Check
    public final void check() {
        if (keyStorePassword().isPresent() && !keyStorePath().isPresent()) {
            throw new SafeIllegalArgumentException("keyStorePath must be present if a keyStorePassword is provided", new Arg[0]);
        }
        if (keyStorePath().isPresent() && keyStoreType().equals(StoreType.JKS) && !keyStorePassword().isPresent()) {
            throw new SafeIllegalArgumentException("keyStorePassword must be present if keyStoreType is JKS", new Arg[0]);
        }
        if (keyStoreKeyAlias().isPresent() && !keyStorePath().isPresent()) {
            throw new SafeIllegalArgumentException("keyStorePath must be present if keyStoreKeyAlias is present", new Arg[0]);
        }
    }

    protected final boolean isPemExtension(Path path) {
        return PEM_EXTENSIONS.stream().anyMatch(str -> {
            return path.getFileName().toString().endsWith(str);
        });
    }

    public static SslConfiguration of(Path path) {
        return builder().trustStorePath(path).build();
    }

    public static SslConfiguration of(Path path, Path path2, String str) {
        return builder().trustStorePath(path).keyStorePath(path2).keyStorePassword(str).build();
    }

    public static Builder builder() {
        return new Builder();
    }
}
