package software.amazon.awssdk.codegen.poet.auth.scheme;

import com.squareup.javapoet.ClassName;
import com.squareup.javapoet.CodeBlock;
import com.squareup.javapoet.FieldSpec;
import com.squareup.javapoet.MethodSpec;
import com.squareup.javapoet.ParameterizedTypeName;
import com.squareup.javapoet.TypeName;
import com.squareup.javapoet.TypeSpec;
import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import javax.lang.model.element.Modifier;
import software.amazon.awssdk.annotations.SdkInternalApi;
import software.amazon.awssdk.awscore.endpoints.AwsEndpointAttribute;
import software.amazon.awssdk.awscore.endpoints.authscheme.EndpointAuthScheme;
import software.amazon.awssdk.awscore.endpoints.authscheme.SigV4AuthScheme;
import software.amazon.awssdk.awscore.endpoints.authscheme.SigV4aAuthScheme;
import software.amazon.awssdk.codegen.model.intermediate.IntermediateModel;
import software.amazon.awssdk.codegen.model.rules.endpoints.ParameterModel;
import software.amazon.awssdk.codegen.poet.ClassSpec;
import software.amazon.awssdk.codegen.poet.PoetUtils;
import software.amazon.awssdk.codegen.poet.rules.EndpointRulesSpecUtils;
import software.amazon.awssdk.endpoints.Endpoint;
import software.amazon.awssdk.http.auth.aws.scheme.AwsV4AuthScheme;
import software.amazon.awssdk.http.auth.aws.scheme.AwsV4aAuthScheme;
import software.amazon.awssdk.http.auth.aws.signer.AwsV4HttpSigner;
import software.amazon.awssdk.http.auth.aws.signer.AwsV4aHttpSigner;
import software.amazon.awssdk.http.auth.aws.signer.RegionSet;
import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption;
import software.amazon.awssdk.utils.CollectionUtils;
import software.amazon.awssdk.utils.CompletableFutureUtils;
import software.amazon.awssdk.utils.Validate;

/* loaded from: input_file:software/amazon/awssdk/codegen/poet/auth/scheme/EndpointBasedAuthSchemeProviderSpec.class */
public class EndpointBasedAuthSchemeProviderSpec implements ClassSpec {
    private final AuthSchemeSpecUtils authSchemeSpecUtils;
    private final EndpointRulesSpecUtils endpointRulesSpecUtils;
    private final SigV4AuthSchemeCodegenKnowledgeIndex sigV4AuthSchemeCodegenKnowledgeIndex;

    public EndpointBasedAuthSchemeProviderSpec(IntermediateModel intermediateModel) {
        this.authSchemeSpecUtils = new AuthSchemeSpecUtils(intermediateModel);
        this.endpointRulesSpecUtils = new EndpointRulesSpecUtils(intermediateModel);
        this.sigV4AuthSchemeCodegenKnowledgeIndex = SigV4AuthSchemeCodegenKnowledgeIndex.of(intermediateModel);
    }

    @Override // software.amazon.awssdk.codegen.poet.ClassSpec
    public ClassName className() {
        return this.authSchemeSpecUtils.defaultAuthSchemeProviderName();
    }

    @Override // software.amazon.awssdk.codegen.poet.ClassSpec
    public TypeSpec poetSpec() {
        TypeSpec.Builder addMethod = PoetUtils.createClassBuilder(className()).addModifiers(new Modifier[]{Modifier.PUBLIC, Modifier.FINAL}).addAnnotation(SdkInternalApi.class).addSuperinterface(this.authSchemeSpecUtils.providerInterfaceName()).addMethod(constructor()).addField(defaultInstance()).addField(modeledResolverInstance()).addField(endpointDelegateInstance()).addMethod(createMethod()).addMethod(resolveAuthSchemeMethod()).addMethod(endpointProvider());
        if (this.sigV4AuthSchemeCodegenKnowledgeIndex.hasSigV4Overrides()) {
            addMethod.addMethod(addV4Defaults());
        }
        return addMethod.build();
    }

    private MethodSpec constructor() {
        return MethodSpec.constructorBuilder().addModifiers(new Modifier[]{Modifier.PRIVATE}).build();
    }

    private FieldSpec defaultInstance() {
        return FieldSpec.builder(className(), "DEFAULT", new Modifier[0]).addModifiers(new Modifier[]{Modifier.PRIVATE, Modifier.STATIC, Modifier.FINAL}).initializer("new $T()", new Object[]{className()}).build();
    }

    private FieldSpec endpointDelegateInstance() {
        return FieldSpec.builder(this.endpointRulesSpecUtils.providerInterfaceName(), "DELEGATE", new Modifier[0]).addModifiers(new Modifier[]{Modifier.PRIVATE, Modifier.STATIC, Modifier.FINAL}).initializer("$T.defaultProvider()", new Object[]{this.endpointRulesSpecUtils.providerInterfaceName()}).build();
    }

    private MethodSpec endpointProvider() {
        ClassName providerInterfaceName = this.endpointRulesSpecUtils.providerInterfaceName();
        MethodSpec.Builder addParameter = MethodSpec.methodBuilder("endpointProvider").addModifiers(new Modifier[]{Modifier.PRIVATE}).returns(providerInterfaceName).addParameter(this.authSchemeSpecUtils.parametersInterfaceName(), "params", new Modifier[0]);
        ClassName parametersEndpointAwareDefaultImplName = this.authSchemeSpecUtils.parametersEndpointAwareDefaultImplName();
        addParameter.beginControlFlow("if (params instanceof $T)", new Object[]{parametersEndpointAwareDefaultImplName});
        addParameter.addStatement("$1T endpointAwareParams = ($1T) params", new Object[]{parametersEndpointAwareDefaultImplName});
        addParameter.addStatement("$T endpointProvider = endpointAwareParams.endpointProvider()", new Object[]{providerInterfaceName});
        addParameter.beginControlFlow("if (endpointProvider != null)", new Object[0]);
        addParameter.addStatement("return endpointProvider", new Object[0]);
        addParameter.endControlFlow();
        addParameter.endControlFlow();
        addParameter.addStatement("return DELEGATE", new Object[0]);
        return addParameter.build();
    }

    private FieldSpec modeledResolverInstance() {
        return FieldSpec.builder(this.authSchemeSpecUtils.providerInterfaceName(), "MODELED_RESOLVER", new Modifier[0]).addModifiers(new Modifier[]{Modifier.PRIVATE, Modifier.STATIC, Modifier.FINAL}).initializer("$T.create()", new Object[]{this.authSchemeSpecUtils.modeledAuthSchemeProviderName()}).build();
    }

    private MethodSpec createMethod() {
        return MethodSpec.methodBuilder("create").addModifiers(new Modifier[]{Modifier.PUBLIC, Modifier.STATIC}).returns(this.authSchemeSpecUtils.providerInterfaceName()).addStatement("return DEFAULT", new Object[0]).build();
    }

    private MethodSpec resolveAuthSchemeMethod() {
        MethodSpec.Builder addParameter = MethodSpec.methodBuilder("resolveAuthScheme").addModifiers(new Modifier[]{Modifier.PUBLIC}).addAnnotation(Override.class).returns(this.authSchemeSpecUtils.resolverReturnType()).addParameter(this.authSchemeSpecUtils.parametersInterfaceName(), "params", new Modifier[0]);
        addParameter.addCode("$1T endpointParameters = $1T.builder()\n$>", new Object[]{this.endpointRulesSpecUtils.parametersClassName()});
        parameters().forEach((str, parameterModel) -> {
            if (this.authSchemeSpecUtils.includeParamForProvider(str)) {
                addParameter.addCode(".$1L(params.$1L())\n", new Object[]{this.endpointRulesSpecUtils.paramMethodName(str)});
            }
        });
        addParameter.addStatement(".build()", new Object[0]);
        addParameter.addStatement("$T endpoint = $T.joinLikeSync(endpointProvider(params).resolveEndpoint(endpointParameters))", new Object[]{Endpoint.class, CompletableFutureUtils.class});
        addParameter.addStatement("$T authSchemes = endpoint.attribute($T.AUTH_SCHEMES)", new Object[]{ParameterizedTypeName.get(List.class, new Type[]{EndpointAuthScheme.class}), AwsEndpointAttribute.class});
        addParameter.beginControlFlow("if (authSchemes == null)", new Object[0]);
        addParameter.addStatement("return MODELED_RESOLVER.resolveAuthScheme(params)", new Object[0]);
        addParameter.endControlFlow();
        addParameter.addStatement("$T options = new $T<>()", new Object[]{ParameterizedTypeName.get(List.class, new Type[]{AuthSchemeOption.class}), TypeName.get(ArrayList.class)});
        addParameter.beginControlFlow("for ($T authScheme : authSchemes)", new Object[]{EndpointAuthScheme.class});
        addAuthSchemeSwitch(addParameter);
        addParameter.endControlFlow();
        return addParameter.addStatement("return $T.unmodifiableList(options)", new Object[]{Collections.class}).build();
    }

    private void addAuthSchemeSwitch(MethodSpec.Builder builder) {
        builder.addStatement("$T name = authScheme.name()", new Object[]{String.class});
        builder.beginControlFlow("switch(name)", new Object[0]);
        addAuthSchemeSwitchSigV4Case(builder);
        addAuthSchemeSwitchSigV4aCase(builder);
        if (this.endpointRulesSpecUtils.useS3Express()) {
            addAuthSchemeSwitchS3ExpressCase(builder);
        }
        addAuthSchemeSwitchDefaultCase(builder);
        builder.endControlFlow();
    }

    private void addAuthSchemeSwitchSigV4Case(MethodSpec.Builder builder) {
        builder.addCode("case $S:", new Object[]{"sigv4"});
        builder.addStatement("$T sigv4AuthScheme = $T.isInstanceOf($T.class, authScheme, $S, authScheme.getClass().getName())", new Object[]{SigV4AuthScheme.class, Validate.class, SigV4AuthScheme.class, "Expecting auth scheme of class SigV4AuthScheme, got instead object of class %s"});
        CodeBlock.Builder builder2 = CodeBlock.builder();
        builder2.add("$T.builder()", new Object[]{AuthSchemeOption.class}).add("\n.schemeId($T.SCHEME_ID)", new Object[]{AwsV4AuthScheme.class}).add("\n.putSignerProperty($T.SERVICE_SIGNING_NAME, sigv4AuthScheme.signingName())", new Object[]{AwsV4HttpSigner.class}).add("\n.putSignerProperty($T.REGION_NAME, sigv4AuthScheme.signingRegion())", new Object[]{AwsV4HttpSigner.class}).add("\n.putSignerProperty($T.DOUBLE_URL_ENCODE, !sigv4AuthScheme.disableDoubleEncoding())", new Object[]{AwsV4HttpSigner.class});
        if (this.sigV4AuthSchemeCodegenKnowledgeIndex.hasSigV4Overrides()) {
            builder.addCode("$1T sigv4AuthSchemeOption = applySigV4FamilyDefaults(", new Object[]{AuthSchemeOption.class}).addCode(builder2.build()).addCode(", params)", new Object[0]).addStatement(".build()", new Object[0]);
        } else {
            builder.addCode("$1T sigv4AuthSchemeOption = ", new Object[]{AuthSchemeOption.class}).addCode(builder2.build()).addStatement(".build()", new Object[0]);
        }
        builder.addStatement("options.add(sigv4AuthSchemeOption)", new Object[0]);
        builder.addStatement("break", new Object[0]);
    }

    private void addAuthSchemeSwitchSigV4aCase(MethodSpec.Builder builder) {
        builder.addCode("case $S:", new Object[]{"sigv4a"});
        builder.addStatement("$T sigv4aAuthScheme = $T.isInstanceOf($T.class, authScheme, $S, authScheme.getClass().getName())", new Object[]{SigV4aAuthScheme.class, Validate.class, SigV4aAuthScheme.class, "Expecting auth scheme of class SigV4AuthScheme, got instead object of class %s"});
        builder.addStatement("$1T regionSet = $2T.ofNullable(params.regionSet()).orElseGet(() -> $2T.ofNullable(sigv4aAuthScheme.signingRegionSet()).filter(set -> !$3T.isNullOrEmpty(set)).map($1T::create).orElse(null))", new Object[]{RegionSet.class, Optional.class, CollectionUtils.class});
        CodeBlock.Builder builder2 = CodeBlock.builder();
        builder2.add("$1T.builder().schemeId($2T.SCHEME_ID)", new Object[]{AuthSchemeOption.class, AwsV4aAuthScheme.class}).add("\n.putSignerProperty($T.SERVICE_SIGNING_NAME, sigv4aAuthScheme.signingName())", new Object[]{AwsV4HttpSigner.class}).add("\n.putSignerProperty($T.REGION_SET, regionSet)", new Object[]{AwsV4aHttpSigner.class}).add("\n.putSignerProperty($T.DOUBLE_URL_ENCODE, !sigv4aAuthScheme.disableDoubleEncoding())", new Object[]{AwsV4HttpSigner.class});
        if (this.sigV4AuthSchemeCodegenKnowledgeIndex.hasSigV4Overrides()) {
            builder.addCode("$1T sigv4aAuthSchemeOption = applySigV4FamilyDefaults(", new Object[]{AuthSchemeOption.class}).addCode(builder2.build()).addCode(", params)", new Object[0]).addStatement(".build()", new Object[0]);
        } else {
            builder.addCode("$1T sigv4aAuthSchemeOption = ", new Object[]{AuthSchemeOption.class}).addCode(builder2.build()).addStatement(".build()", new Object[0]);
        }
        builder.addStatement("options.add(sigv4aAuthSchemeOption)", new Object[0]);
        builder.addStatement("break", new Object[0]);
    }

    private void addAuthSchemeSwitchS3ExpressCase(MethodSpec.Builder builder) {
        builder.addCode("case $S:", new Object[]{"sigv4-s3express"});
        ClassName className = ClassName.get(this.authSchemeSpecUtils.baseClientPackageName() + ".endpoints.authscheme", "S3ExpressEndpointAuthScheme", new String[0]);
        builder.addStatement("$T s3ExpressAuthScheme = $T.isInstanceOf($T.class, authScheme, $S, authScheme.getClass().getName())", new Object[]{className, Validate.class, className, "Expecting auth scheme of class S3ExpressAuthScheme, got instead object of class %s"});
        ClassName className2 = ClassName.get(this.authSchemeSpecUtils.baseClientPackageName() + ".s3express", "S3ExpressAuthScheme", new String[0]);
        CodeBlock.Builder builder2 = CodeBlock.builder();
        builder2.add("$1T.builder().schemeId($2T.SCHEME_ID)", new Object[]{AuthSchemeOption.class, className2}).add("\n.putSignerProperty($T.SERVICE_SIGNING_NAME, s3ExpressAuthScheme.signingName())", new Object[]{AwsV4HttpSigner.class}).add("\n.putSignerProperty($T.REGION_NAME, s3ExpressAuthScheme.signingRegion())", new Object[]{AwsV4HttpSigner.class}).add("\n.putSignerProperty($T.DOUBLE_URL_ENCODE, !s3ExpressAuthScheme.disableDoubleEncoding())", new Object[]{AwsV4HttpSigner.class});
        if (this.sigV4AuthSchemeCodegenKnowledgeIndex.hasSigV4Overrides()) {
            builder.addCode("$1T s3ExpressAuthSchemeOption = applySigV4FamilyDefaults(", new Object[]{AuthSchemeOption.class}).addCode(builder2.build()).addCode(", params)", new Object[0]).addStatement(".build()", new Object[0]);
        } else {
            builder.addCode("$1T s3ExpressAuthSchemeOption = ", new Object[]{AuthSchemeOption.class}).addCode(builder2.build()).addStatement(".build()", new Object[0]);
        }
        builder.addStatement("options.add(s3ExpressAuthSchemeOption)", new Object[0]);
        builder.addStatement("break", new Object[0]);
    }

    private void addAuthSchemeSwitchDefaultCase(MethodSpec.Builder builder) {
        builder.addCode("default:", new Object[0]);
        builder.addStatement("throw new $T($S + name)", new Object[]{IllegalArgumentException.class, "Unknown auth scheme: "});
    }

    private MethodSpec addV4Defaults() {
        MethodSpec.Builder addParameter = MethodSpec.methodBuilder("applySigV4FamilyDefaults").addModifiers(new Modifier[]{Modifier.PRIVATE, Modifier.STATIC}).returns(AuthSchemeOption.Builder.class).addParameter(AuthSchemeOption.Builder.class, "option", new Modifier[0]).addParameter(this.authSchemeSpecUtils.parametersInterfaceName(), "params", new Modifier[0]);
        if (!this.sigV4AuthSchemeCodegenKnowledgeIndex.hasPerOperationSigV4Overrides()) {
            addAuthTypeProperties(addParameter, this.sigV4AuthSchemeCodegenKnowledgeIndex.serviceSigV4Overrides());
            return addParameter.build();
        }
        addParameter.beginControlFlow("switch(params.operation())", new Object[0]);
        this.sigV4AuthSchemeCodegenKnowledgeIndex.forEachOperationsOverridesGroup((list, authSchemeCodegenMetadata) -> {
            if (list.isEmpty()) {
                return;
            }
            addCasesForOperations(addParameter, list, authSchemeCodegenMetadata);
        });
        AuthSchemeCodegenMetadata serviceSigV4Overrides = this.sigV4AuthSchemeCodegenKnowledgeIndex.serviceSigV4Overrides();
        if (serviceSigV4Overrides != null) {
            addCasesForDefault(addParameter, serviceSigV4Overrides);
        }
        addParameter.endControlFlow();
        return addParameter.build();
    }

    private void addCasesForOperations(MethodSpec.Builder builder, List<String> list, AuthSchemeCodegenMetadata authSchemeCodegenMetadata) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            builder.addCode("case $S:\n", new Object[]{it.next()});
        }
        addAuthTypeProperties(builder, authSchemeCodegenMetadata);
    }

    private void addCasesForDefault(MethodSpec.Builder builder, AuthSchemeCodegenMetadata authSchemeCodegenMetadata) {
        builder.addCode("default:\n", new Object[0]);
        addAuthTypeProperties(builder, authSchemeCodegenMetadata);
    }

    private void addAuthTypeProperties(MethodSpec.Builder builder, AuthSchemeCodegenMetadata authSchemeCodegenMetadata) {
        builder.addCode("option", new Object[0]);
        builder.addCode(AuthSchemeCodegenMetadataExt.codegenSignerPropertiesIfAbsent(this.authSchemeSpecUtils, authSchemeCodegenMetadata.properties()));
        builder.addStatement("", new Object[0]);
        builder.addStatement("return option", new Object[0]);
    }

    private Map<String, ParameterModel> parameters() {
        return this.endpointRulesSpecUtils.parameters();
    }
}
