package org.projectnessie.catalog.service.rest;

import jakarta.enterprise.context.RequestScoped;
import jakarta.inject.Inject;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.Response;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.time.Clock;
import java.time.Duration;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Properties;
import java.util.function.BiConsumer;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.projectnessie.catalog.files.api.ObjectIO;
import org.projectnessie.catalog.files.api.StorageLocations;
import org.projectnessie.catalog.files.s3.S3Utils;
import org.projectnessie.catalog.formats.iceberg.meta.IcebergTableMetadata;
import org.projectnessie.catalog.model.snapshot.NessieEntitySnapshot;
import org.projectnessie.catalog.service.api.SignerKeysService;
import org.projectnessie.catalog.service.config.LakehouseConfig;
import org.projectnessie.catalog.service.config.WarehouseConfig;
import org.projectnessie.catalog.service.objtypes.SignerKey;
import org.projectnessie.catalog.service.rest.ImmutableIcebergTableConfig;
import org.projectnessie.model.ContentKey;
import org.projectnessie.services.config.ServerConfig;
import org.projectnessie.storage.uri.StorageUri;

@RequestScoped
/* loaded from: input_file:org/projectnessie/catalog/service/rest/IcebergConfigurer.class */
public class IcebergConfigurer {
    static final String ICEBERG_WAREHOUSE_LOCATION = "warehouse";
    static final String ICEBERG_PREFIX = "prefix";
    static final String METRICS_REPORTING_ENABLED = "rest-metrics-reporting-enabled";
    static final String S3_SIGNER_URI = "s3.signer.uri";
    static final String S3_SIGNER_ENDPOINT = "s3.signer.endpoint";

    @Inject
    ServerConfig serverConfig;

    @Inject
    LakehouseConfig lakehouseConfig;

    @Inject
    ObjectIO objectIO;

    @Inject
    SignerKeysService signerKeysService;

    @Inject
    @ConfigProperty(name = "nessie.server.authentication.enabled")
    boolean authnEnabled;

    @Context
    ExternalBaseUri uriInfo;

    public Response trinoConfig(String str, String str2, String str3) {
        WarehouseConfig warehouse = this.lakehouseConfig.catalog().getWarehouse(str2);
        StorageUri of = StorageUri.of(warehouse.location());
        HashMap hashMap = new HashMap();
        BiConsumer<String, String> biConsumer = (str4, str5) -> {
        };
        Objects.requireNonNull(hashMap);
        icebergWarehouseConfig(str, str2, biConsumer, (v1, v2) -> {
            r4.put(v1, v2);
        });
        ObjectIO objectIO = this.objectIO;
        StorageUri of2 = StorageUri.of(warehouse.location());
        Objects.requireNonNull(hashMap);
        BiConsumer biConsumer2 = (v1, v2) -> {
            r2.put(v1, v2);
        };
        Objects.requireNonNull(hashMap);
        objectIO.configureIcebergWarehouse(of2, biConsumer2, (v1, v2) -> {
            r3.put(v1, v2);
        });
        Properties properties = new Properties();
        properties.put("connector.name", "iceberg");
        properties.put("iceberg.catalog.type", "rest");
        properties.put("iceberg.rest-catalog.uri", this.uriInfo.icebergBaseURI().toString());
        properties.put("iceberg.rest-catalog.security", this.authnEnabled ? "OAUTH2" : "NONE");
        if (this.authnEnabled) {
            properties.put("iceberg.rest-catalog.oauth2.token", "fill-in-your-oauth-token or use .credential");
            properties.put("iceberg.rest-catalog.oauth2.credential", "fill-in-your-oauth-credentials or use .token");
        }
        ObjectIO objectIO2 = this.objectIO;
        Objects.requireNonNull(properties);
        objectIO2.trinoSampleConfig(of, hashMap, (v1, v2) -> {
            r3.put(v1, v2);
        });
        List of3 = List.of((Object[]) new String[]{"Example Trino starter configuration properties for warehouse " + String.valueOf(of), "generated by Nessie to be placed for example in", "/etc/trino/catalogs/nessie.properties within a Trino container/pod when.", "using Trino 'static' configurations.", "", "This starter configuration must be inspected and verified to validate that", "all options and values match your specific needs and no mandatory options", "are missing or superfluous options are present.", "", "When using OAuth2, you have to supply the 'iceberg.rest-catalog.oauth2.token'", "configuration.", "", "WARNING! Trino lacks functionality to configure the oauth endpoint and is therefore", "unable to work with any Iceberg REST catalog implementation and demands a standard", "OAuth2 server like Keycloak or Authelia. If you feel you need client-ID/secret flow,", "please report an issue against Trino.", "", "No guarantees that this configuration works for your specific needs.", "Use at your own risk!", "Do not distribute the contents as those may contain sensitive information!"});
        String trim = str3 == null ? "properties" : str3.toLowerCase(Locale.ROOT).trim();
        boolean z = -1;
        switch (trim.hashCode()) {
            case -926053069:
                if (trim.equals("properties")) {
                    z = 3;
                    break;
                }
                break;
            case -892481938:
                if (trim.equals("static")) {
                    z = 4;
                    break;
                }
                break;
            case 99308:
                if (trim.equals("ddl")) {
                    z = true;
                    break;
                }
                break;
            case 114126:
                if (trim.equals("sql")) {
                    z = false;
                    break;
                }
                break;
            case 2124767295:
                if (trim.equals("dynamic")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
            case true:
                return Response.ok(((String) of3.stream().collect(Collectors.joining("\n * ", "/*\n * ", "\n */\n"))) + ((String) properties.entrySet().stream().sorted(Comparator.comparing(entry -> {
                    return entry.getKey().toString();
                })).map(entry2 -> {
                    return String.format("    \"%s\" = '%s'", entry2.getKey(), entry2.getValue());
                }).collect(Collectors.joining(",\n", "CREATE CATALOG nessie\n  USING iceberg\n  WITH (\n", "\n  );\n"))), "application/sql").header("Content-Disposition", "attachment; filename=\"create-catalog-nessie.sql\"").build();
            case true:
            case true:
            default:
                StringWriter stringWriter = new StringWriter();
                PrintWriter printWriter = new PrintWriter(stringWriter);
                try {
                    try {
                        printWriter.println("#\n# " + String.join("\n# ", of3) + "\n#\n");
                        properties.store(printWriter, "");
                        printWriter.close();
                        return Response.ok(stringWriter.toString(), "text/plain").header("Content-Disposition", "attachment; filename=\"nessie.properties\"").build();
                    } catch (IOException e) {
                        throw new RuntimeException(e);
                    }
                } catch (Throwable th) {
                    try {
                        printWriter.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
        }
    }

    public void icebergWarehouseConfig(String str, String str2, BiConsumer<String, String> biConsumer, BiConsumer<String, String> biConsumer2) {
        boolean z = (str2 == null || str2.isEmpty()) ? false : true;
        WarehouseConfig warehouse = this.lakehouseConfig.catalog().getWarehouse(str2);
        String defaultBranchName = defaultBranchName(str);
        biConsumer.accept(METRICS_REPORTING_ENABLED, "false");
        biConsumer.accept(ICEBERG_WAREHOUSE_LOCATION, warehouse.location());
        this.uriInfo.icebergConfigDefaults(biConsumer);
        biConsumer.accept("rest-page-size", "200");
        this.lakehouseConfig.catalog().icebergConfigDefaults().forEach(biConsumer);
        warehouse.icebergConfigDefaults().forEach(biConsumer);
        if (z || !this.lakehouseConfig.catalog().defaultWarehouse().isPresent()) {
            biConsumer.accept(ICEBERG_PREFIX, URLEncoder.encode(defaultBranchName + "|" + this.lakehouseConfig.catalog().resolveWarehouseName(str2), StandardCharsets.UTF_8));
        } else {
            biConsumer.accept(ICEBERG_PREFIX, URLEncoder.encode(defaultBranchName, StandardCharsets.UTF_8));
        }
        this.uriInfo.icebergConfigOverrides(biConsumer2);
        this.lakehouseConfig.catalog().icebergConfigOverrides().forEach(biConsumer2);
        warehouse.icebergConfigOverrides().forEach(biConsumer2);
        biConsumer2.accept("nessie.is-nessie-catalog", "true");
        biConsumer2.accept("nessie.prefix-pattern", "{ref}|{warehouse}");
        biConsumer2.accept("nessie.default-branch.name", defaultBranchName);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public IcebergTableConfig icebergConfigPerTable(NessieEntitySnapshot<?> nessieEntitySnapshot, String str, IcebergTableMetadata icebergTableMetadata, String str2, ContentKey contentKey, String str3, boolean z) {
        String icebergWriteLocation;
        ImmutableIcebergTableConfig.Builder builder = ImmutableIcebergTableConfig.builder();
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        HashSet hashSet3 = z ? hashSet : hashSet2;
        (icebergTableMetadata.location().startsWith(str) ? hashSet3 : hashSet2).add(StorageUri.of(icebergTableMetadata.location()));
        if (!icebergWriteObjectStorage(builder, icebergTableMetadata.properties(), str) && (icebergWriteLocation = icebergWriteLocation(icebergTableMetadata.properties())) != null && !icebergWriteLocation.startsWith(icebergTableMetadata.location())) {
            (icebergWriteLocation.startsWith(str) ? hashSet3 : hashSet2).add(StorageUri.of(icebergWriteLocation));
        }
        Iterator it = nessieEntitySnapshot.additionalKnownLocations().iterator();
        while (it.hasNext()) {
            StorageUri of = StorageUri.of((String) it.next());
            if (!hashSet.contains(of)) {
                hashSet2.add(of);
            }
        }
        StorageLocations storageLocations = StorageLocations.storageLocations(StorageUri.of(str), hashSet, hashSet2);
        Predicate<AccessDelegation> accessDelegationPredicate = AccessDelegation.accessDelegationPredicate(str3);
        HashMap hashMap = new HashMap();
        ObjectIO objectIO = this.objectIO;
        Objects.requireNonNull(hashMap);
        objectIO.configureIcebergTable(storageLocations, (v1, v2) -> {
            r2.put(v1, v2);
        }, duration -> {
            Objects.requireNonNull(hashMap);
            return configureS3RequestSigningForTable(duration, storageLocations, accessDelegationPredicate, str2, contentKey, (v1, v2) -> {
                r6.put(v1, v2);
            });
        }, accessDelegationPredicate.test(AccessDelegation.VENDED_CREDENTIALS));
        return builder.config(hashMap).build();
    }

    private boolean configureS3RequestSigningForTable(Duration duration, StorageLocations storageLocations, Predicate<AccessDelegation> predicate, String str, ContentKey contentKey, BiConsumer<String, String> biConsumer) {
        if (!predicate.test(AccessDelegation.REMOTE_SIGNING) || !Stream.concat(storageLocations.writeableLocations().stream(), storageLocations.readonlyLocations().stream()).map((v0) -> {
            return v0.scheme();
        }).allMatch(S3Utils::isS3scheme)) {
            return false;
        }
        String normalizeS3Scheme = S3Utils.normalizeS3Scheme(storageLocations.warehouseLocation().toString());
        biConsumer.accept(S3_SIGNER_URI, this.uriInfo.icebergBaseURI().toString());
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        Iterator it = storageLocations.writeableLocations().iterator();
        while (it.hasNext()) {
            String normalizeS3Scheme2 = S3Utils.normalizeS3Scheme(((StorageUri) it.next()).toString());
            if (normalizeS3Scheme2.startsWith(normalizeS3Scheme)) {
                arrayList.add(normalizeS3Scheme2);
            }
        }
        Iterator it2 = storageLocations.readonlyLocations().iterator();
        while (it2.hasNext()) {
            arrayList2.add(S3Utils.normalizeS3Scheme(((StorageUri) it2.next()).toString()));
        }
        SignerKey currentSignerKey = this.signerKeysService.currentSignerKey();
        long epochSecond = Clock.systemUTC().instant().plus((TemporalAmount) duration).getEpochSecond();
        biConsumer.accept(S3_SIGNER_ENDPOINT, this.uriInfo.icebergS3SignerPathWithPath(str, SignerSignature.builder().expirationTimestamp(epochSecond).prefix(str).identifier(contentKey.toPathStringEscaped()).warehouseLocation(normalizeS3Scheme).writeLocations(arrayList).readLocations(arrayList2).build().toPathParam(currentSignerKey)));
        return true;
    }

    static boolean icebergWriteObjectStorage(ImmutableIcebergTableConfig.Builder builder, Map<String, String> map, String str) {
        if (!Boolean.parseBoolean(map.getOrDefault("write.object-storage.enabled", "false"))) {
            return false;
        }
        HashMap hashMap = new HashMap(map);
        hashMap.put("write.data.path", str);
        hashMap.remove("write.object-storage.path");
        hashMap.remove("write.folder-storage.path");
        builder.updatedMetadataProperties(hashMap);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String icebergWriteLocation(Map<String, String> map) {
        String str = map.get("write.data.path");
        if (str == null) {
            str = map.get("write.object-storage.path");
            if (str == null) {
                str = map.get("write.folder-storage.path");
            }
        }
        return str;
    }

    private String defaultBranchName(String str) {
        String str2 = str;
        if (str2 == null) {
            str2 = this.serverConfig.getDefaultBranch();
        }
        if (str2 == null) {
            str2 = "main";
        }
        return str2;
    }
}
