package com.slack.api.bolt.service.builtin;

import com.slack.api.bolt.Initializer;
import com.slack.api.bolt.service.OAuthStateService;
import java.net.URI;
import java.nio.charset.StandardCharsets;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.amazon.awssdk.auth.credentials.AwsCredentials;
import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
import software.amazon.awssdk.core.ResponseBytes;
import software.amazon.awssdk.core.sync.RequestBody;
import software.amazon.awssdk.core.sync.ResponseTransformer;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.s3.S3Client;
import software.amazon.awssdk.services.s3.model.DeleteObjectRequest;
import software.amazon.awssdk.services.s3.model.GetObjectRequest;
import software.amazon.awssdk.services.s3.model.GetObjectResponse;
import software.amazon.awssdk.services.s3.model.HeadBucketRequest;
import software.amazon.awssdk.services.s3.model.PutObjectRequest;
import software.amazon.awssdk.services.s3.model.PutObjectResponse;

/* loaded from: input_file:com/slack/api/bolt/service/builtin/AmazonS3OAuthStateService.class */
public class AmazonS3OAuthStateService implements OAuthStateService {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(AmazonS3OAuthStateService.class);
    private final String bucketName;
    private final AwsCredentialsProvider credentialsProvider;
    private final Region region;
    private final URI endpointOverride;

    public AmazonS3OAuthStateService(String str) {
        this(str, DefaultCredentialsProvider.create());
    }

    public AmazonS3OAuthStateService(String str, AwsCredentialsProvider awsCredentialsProvider) {
        this(str, awsCredentialsProvider, null, null);
    }

    public AmazonS3OAuthStateService(String str, AwsCredentialsProvider awsCredentialsProvider, Region region, String str2) {
        this.bucketName = str;
        this.credentialsProvider = awsCredentialsProvider;
        this.region = (region != null || System.getenv("AWS_REGION") == null) ? region : Region.of(System.getenv("AWS_REGION"));
        this.endpointOverride = (str2 == null || str2.isEmpty()) ? null : URI.create(str2);
    }

    @Override // com.slack.api.bolt.service.Service
    public Initializer initializer() {
        return app -> {
            AwsCredentials createCredentials = createCredentials(this.credentialsProvider);
            if (createCredentials == null || createCredentials.accessKeyId() == null) {
                throw new IllegalStateException("AWS credentials not found");
            }
            if (log.isDebugEnabled()) {
                log.debug("AWS credentials loaded (access key id: {})", createCredentials.accessKeyId());
            }
            boolean z = false;
            Exception exc = null;
            try {
                S3Client createS3Client = createS3Client();
                try {
                    z = createS3Client.headBucket((HeadBucketRequest) HeadBucketRequest.builder().bucket(this.bucketName).build()) != null;
                    if (createS3Client != null) {
                        createS3Client.close();
                    }
                } finally {
                }
            } catch (Exception e) {
                exc = e;
            }
            if (z) {
            } else {
                throw new IllegalStateException("Failed to access the Amazon S3 bucket (name: " + this.bucketName + ", error: " + (exc != null ? exc.getClass().getName() + ":" + exc.getMessage() : "-") + ")");
            }
        };
    }

    @Override // com.slack.api.bolt.service.OAuthStateService
    public void addNewStateToDatastore(String str) throws Exception {
        S3Client createS3Client = createS3Client();
        try {
            PutObjectResponse putObject = createS3Client.putObject((PutObjectRequest) PutObjectRequest.builder().bucket(this.bucketName).key(getKey(str)).build(), RequestBody.fromString("" + (System.currentTimeMillis() + (getExpirationInSeconds() * 1000))));
            if (createS3Client != null) {
                createS3Client.close();
            }
            if (log.isDebugEnabled()) {
                log.debug("AWS S3 putObject result of state data - {}", putObject.toString());
            }
        } catch (Throwable th) {
            if (createS3Client != null) {
                try {
                    createS3Client.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Override // com.slack.api.bolt.service.OAuthStateService
    public boolean isAvailableInDatabase(String str) {
        ResponseBytes<GetObjectResponse> object = getObject(createS3Client(), getKey(str));
        if (object == null) {
            return false;
        }
        String str2 = null;
        try {
            str2 = object.asString(StandardCharsets.UTF_8);
            return Long.parseLong(str2) > System.currentTimeMillis();
        } catch (NumberFormatException e) {
            log.error("Invalid state value detected - state: {}, millisToExpire: {}", str, str2);
            return false;
        } catch (Exception e2) {
            log.error("Failed to load a state data for state: {}", str, e2);
            return false;
        }
    }

    @Override // com.slack.api.bolt.service.OAuthStateService
    public void deleteStateFromDatastore(String str) throws Exception {
        S3Client createS3Client = createS3Client();
        try {
            createS3Client.deleteObject((DeleteObjectRequest) DeleteObjectRequest.builder().bucket(this.bucketName).key(getKey(str)).build());
            if (createS3Client != null) {
                createS3Client.close();
            }
        } catch (Throwable th) {
            if (createS3Client != null) {
                try {
                    createS3Client.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    protected AwsCredentials createCredentials(AwsCredentialsProvider awsCredentialsProvider) {
        return awsCredentialsProvider.resolveCredentials();
    }

    protected S3Client createS3Client() {
        return (S3Client) S3Client.builder().credentialsProvider(this.credentialsProvider).region(this.region).endpointOverride(this.endpointOverride).build();
    }

    private String getKey(String str) {
        return "state/" + str;
    }

    private ResponseBytes<GetObjectResponse> getObject(S3Client s3Client, String str) {
        try {
            return (ResponseBytes) s3Client.getObject((GetObjectRequest) GetObjectRequest.builder().bucket(this.bucketName).key(str).build(), ResponseTransformer.toBytes());
        } catch (Exception e) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Amazon S3 object metadata not found (key: {}, Exception: {})", str, e.toString());
            return null;
        }
    }
}
