package org.springframework.cloud.vault.config;

import java.util.concurrent.atomic.AtomicReference;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.cloud.vault.config.VaultProperties;
import org.springframework.core.PriorityOrdered;
import org.springframework.core.env.PropertySource;
import org.springframework.util.Assert;
import org.springframework.vault.VaultException;
import org.springframework.vault.core.env.LeaseAwareVaultPropertySource;
import org.springframework.vault.core.lease.SecretLeaseContainer;
import org.springframework.vault.core.lease.domain.RequestedSecret;
import org.springframework.vault.core.lease.event.LeaseErrorListener;

/* loaded from: input_file:org/springframework/cloud/vault/config/LeasingVaultPropertySourceLocator.class */
class LeasingVaultPropertySourceLocator extends VaultPropertySourceLocatorSupport implements PriorityOrdered {
    private static final Log log = LogFactory.getLog(LeasingVaultPropertySourceLocator.class);
    private final SecretLeaseContainer secretLeaseContainer;
    private final VaultProperties properties;

    public LeasingVaultPropertySourceLocator(VaultProperties vaultProperties, PropertySourceLocatorConfiguration propertySourceLocatorConfiguration, SecretLeaseContainer secretLeaseContainer) {
        super(VaultProperties.Discovery.DEFAULT_VAULT, propertySourceLocatorConfiguration);
        Assert.notNull(secretLeaseContainer, "SecretLeaseContainer must not be null");
        Assert.notNull(vaultProperties, "VaultProperties must not be null");
        this.secretLeaseContainer = secretLeaseContainer;
        this.properties = vaultProperties;
    }

    public int getOrder() {
        return this.properties.getConfig().getOrder();
    }

    @Override // org.springframework.cloud.vault.config.VaultPropertySourceLocatorSupport
    protected PropertySource<?> createVaultPropertySource(SecretBackendMetadata secretBackendMetadata) {
        RequestedSecret requestedSecret = getRequestedSecret(secretBackendMetadata);
        return this.properties.isFailFast() ? createVaultPropertySourceFailFast(requestedSecret, secretBackendMetadata) : createVaultPropertySource(requestedSecret, secretBackendMetadata);
    }

    private RequestedSecret getRequestedSecret(SecretBackendMetadata secretBackendMetadata) {
        return secretBackendMetadata instanceof LeasingSecretBackendMetadata ? RequestedSecret.from(((LeasingSecretBackendMetadata) secretBackendMetadata).getLeaseMode(), secretBackendMetadata.getPath()) : secretBackendMetadata instanceof GenericSecretBackendMetadata ? RequestedSecret.rotating(secretBackendMetadata.getPath()) : RequestedSecret.renewable(secretBackendMetadata.getPath());
    }

    private PropertySource<?> createVaultPropertySourceFailFast(RequestedSecret requestedSecret, SecretBackendMetadata secretBackendMetadata) {
        AtomicReference atomicReference = new AtomicReference();
        LeaseErrorListener leaseErrorListener = (secretLeaseEvent, exc) -> {
            if (secretLeaseEvent.getSource() == requestedSecret) {
                atomicReference.compareAndSet(null, exc);
            }
        };
        this.secretLeaseContainer.addErrorListener(leaseErrorListener);
        try {
            PropertySource<?> createVaultPropertySource = createVaultPropertySource(requestedSecret, secretBackendMetadata);
            this.secretLeaseContainer.removeLeaseErrorListener(leaseErrorListener);
            VaultException vaultException = (Exception) atomicReference.get();
            if (vaultException == null) {
                return createVaultPropertySource;
            }
            if (vaultException instanceof VaultException) {
                throw vaultException;
            }
            throw new VaultException(String.format("Cannot initialize PropertySource for secret at %s", requestedSecret.getPath()), vaultException);
        } catch (Throwable th) {
            this.secretLeaseContainer.removeLeaseErrorListener(leaseErrorListener);
            VaultException vaultException2 = (Exception) atomicReference.get();
            if (vaultException2 == null) {
                throw th;
            }
            if (vaultException2 instanceof VaultException) {
                throw vaultException2;
            }
            throw new VaultException(String.format("Cannot initialize PropertySource for secret at %s", requestedSecret.getPath()), vaultException2);
        }
    }

    private PropertySource<?> createVaultPropertySource(RequestedSecret requestedSecret, SecretBackendMetadata secretBackendMetadata) {
        return new LeaseAwareVaultPropertySource(secretBackendMetadata.getName(), this.secretLeaseContainer, requestedSecret, secretBackendMetadata.getPropertyTransformer());
    }
}
