package digital.buildit.jenkins.credentials.vault;

import com.bettercloud.vault.Vault;
import com.bettercloud.vault.VaultConfig;
import com.bettercloud.vault.VaultException;
import com.cloudbees.plugins.credentials.CredentialsDescriptor;
import com.cloudbees.plugins.credentials.CredentialsScope;
import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.cloudbees.plugins.credentials.impl.BaseStandardCredentials;
import com.datapipe.jenkins.vault.VaultBuildWrapper;
import edu.umd.cs.findbugs.annotations.CheckForNull;
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.Extension;
import hudson.util.Secret;
import java.util.logging.Level;
import java.util.logging.Logger;
import jenkins.model.Jenkins;
import org.apache.commons.lang.StringUtils;
import org.kohsuke.stapler.DataBoundConstructor;

/* loaded from: input_file:digital/buildit/jenkins/credentials/vault/HashicorpVaultCredentialsImpl.class */
public class HashicorpVaultCredentialsImpl extends BaseStandardCredentials implements HashicorpVaultCredentials, StandardUsernamePasswordCredentials {
    public static final String DEFAULT_USERNAME_KEY = "username";
    public static final String DEFAULT_PASSWORD_KEY = "password";
    private static final long serialVersionUID = 1;
    private static final Logger LOGGER = Logger.getLogger(HashicorpVaultCredentialsImpl.class.getName());
    private String key;
    private String usernameKey;
    private String passwordKey;

    @Extension
    /* loaded from: input_file:digital/buildit/jenkins/credentials/vault/HashicorpVaultCredentialsImpl$DescriptorImpl.class */
    public static class DescriptorImpl extends CredentialsDescriptor {
        public String getDisplayName() {
            return "Hashicorp Vault Credentials";
        }
    }

    @DataBoundConstructor
    public HashicorpVaultCredentialsImpl(@CheckForNull CredentialsScope credentialsScope, @CheckForNull String str, @CheckForNull String str2, @CheckForNull String str3, @CheckForNull String str4, @CheckForNull String str5) {
        super(credentialsScope, str, str5);
        this.key = str2;
        this.usernameKey = StringUtils.isEmpty(str4) ? DEFAULT_USERNAME_KEY : str4;
        this.passwordKey = StringUtils.isEmpty(str3) ? DEFAULT_PASSWORD_KEY : str3;
    }

    @Override // digital.buildit.jenkins.credentials.vault.HashicorpVaultCredentials
    public String getDisplayName() {
        return this.key;
    }

    @NonNull
    public Secret getPassword() {
        return Secret.fromString(getValue(this.passwordKey));
    }

    private String getValue(String str) {
        VaultBuildWrapper.DescriptorImpl descriptorImpl = (VaultBuildWrapper.DescriptorImpl) Jenkins.getInstance().getExtensionList(VaultBuildWrapper.DescriptorImpl.class).get(0);
        if (descriptorImpl == null) {
            throw new IllegalStateException("Vault plugin has not been configured.");
        }
        try {
            String vaultUrl = descriptorImpl.getVaultUrl();
            Vault vault = new Vault(new VaultConfig(vaultUrl, Secret.toString(descriptorImpl.getAuthToken())).build());
            LOGGER.log(Level.FINE, "Fetching value " + this.key + " from vault: " + vaultUrl);
            return (String) vault.logical().read(this.key).getData().get(str);
        } catch (VaultException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    @NonNull
    public String getUsername() {
        return getValue(this.usernameKey);
    }

    @NonNull
    public String getPasswordKey() {
        return this.passwordKey;
    }

    public void setPasswordKey(String str) {
        this.passwordKey = str;
    }

    @NonNull
    public String getUsernameKey() {
        return this.usernameKey;
    }

    public void setUsernameKey(String str) {
        this.usernameKey = str;
    }

    @NonNull
    public String getKey() {
        return this.key;
    }

    public void setKey(String str) {
        this.key = str;
    }
}
