package com.azure.security.attestation;

import com.azure.core.annotation.ReturnType;
import com.azure.core.annotation.ServiceClient;
import com.azure.core.annotation.ServiceMethod;
import com.azure.core.http.rest.ResponseBase;
import com.azure.core.util.BinaryData;
import com.azure.core.util.Context;
import com.azure.core.util.FluxUtil;
import com.azure.core.util.logging.ClientLogger;
import com.azure.core.util.serializer.JacksonAdapter;
import com.azure.core.util.serializer.SerializerAdapter;
import com.azure.core.util.serializer.SerializerEncoding;
import com.azure.security.attestation.implementation.AttestationClientImpl;
import com.azure.security.attestation.implementation.PoliciesImpl;
import com.azure.security.attestation.implementation.PolicyCertificatesImpl;
import com.azure.security.attestation.implementation.SigningCertificatesImpl;
import com.azure.security.attestation.implementation.models.AttestationCertificateManagementBody;
import com.azure.security.attestation.implementation.models.AttestationSignerCollectionImpl;
import com.azure.security.attestation.implementation.models.AttestationSignerImpl;
import com.azure.security.attestation.implementation.models.AttestationTokenImpl;
import com.azure.security.attestation.implementation.models.JsonWebKey;
import com.azure.security.attestation.implementation.models.JsonWebKeySet;
import com.azure.security.attestation.implementation.models.PolicyCertificatesModificationResultImpl;
import com.azure.security.attestation.implementation.models.PolicyCertificatesModifyResponse;
import com.azure.security.attestation.implementation.models.PolicyCertificatesResponse;
import com.azure.security.attestation.implementation.models.PolicyCertificatesResult;
import com.azure.security.attestation.implementation.models.PolicyResponse;
import com.azure.security.attestation.implementation.models.PolicyResult;
import com.azure.security.attestation.implementation.models.PolicyResultImpl;
import com.azure.security.attestation.implementation.models.StoredAttestationPolicy;
import com.azure.security.attestation.models.AttestationPolicySetOptions;
import com.azure.security.attestation.models.AttestationResponse;
import com.azure.security.attestation.models.AttestationSigner;
import com.azure.security.attestation.models.AttestationSignerCollection;
import com.azure.security.attestation.models.AttestationSigningKey;
import com.azure.security.attestation.models.AttestationToken;
import com.azure.security.attestation.models.AttestationTokenValidationOptions;
import com.azure.security.attestation.models.AttestationType;
import com.azure.security.attestation.models.PolicyCertificatesModificationResult;
import com.azure.security.attestation.models.PolicyManagementCertificateOptions;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
import java.util.Objects;
import java.util.concurrent.atomic.AtomicReference;
import reactor.core.publisher.Mono;

@ServiceClient(builder = AttestationClientBuilder.class, isAsync = true)
/* loaded from: input_file:com/azure/security/attestation/AttestationAdministrationAsyncClient.class */
public final class AttestationAdministrationAsyncClient {
    private final SigningCertificatesImpl signingCertificatesImpl;
    private final PoliciesImpl policyImpl;
    private final PolicyCertificatesImpl certificatesImpl;
    private final AttestationTokenValidationOptions tokenValidationOptions;
    private static final SerializerAdapter SERIALIZER_ADAPTER = JacksonAdapter.createDefaultSerializerAdapter();
    private final ClientLogger logger = new ClientLogger(AttestationAdministrationAsyncClient.class);
    private final AtomicReference<List<AttestationSigner>> cachedSigners = new AtomicReference<>(null);

    /* JADX INFO: Access modifiers changed from: package-private */
    public AttestationAdministrationAsyncClient(AttestationClientImpl attestationClientImpl, AttestationTokenValidationOptions attestationTokenValidationOptions) {
        this.signingCertificatesImpl = attestationClientImpl.getSigningCertificates();
        this.policyImpl = attestationClientImpl.getPolicies();
        this.certificatesImpl = attestationClientImpl.getPolicyCertificates();
        this.tokenValidationOptions = attestationTokenValidationOptions;
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<AttestationResponse<String>> getAttestationPolicyWithResponse(AttestationType attestationType, AttestationTokenValidationOptions attestationTokenValidationOptions) {
        return FluxUtil.withContext(context -> {
            return getAttestationPolicyWithResponse(attestationType, attestationTokenValidationOptions, context);
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<String> getAttestationPolicy(AttestationType attestationType) {
        return getAttestationPolicyWithResponse(attestationType, null).flatMap((v0) -> {
            return FluxUtil.toMono(v0);
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<String> getAttestationPolicy(AttestationType attestationType, AttestationTokenValidationOptions attestationTokenValidationOptions) {
        return getAttestationPolicyWithResponse(attestationType, attestationTokenValidationOptions).flatMap((v0) -> {
            return FluxUtil.toMono(v0);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Mono<AttestationResponse<String>> getAttestationPolicyWithResponse(AttestationType attestationType, AttestationTokenValidationOptions attestationTokenValidationOptions, Context context) {
        AttestationTokenValidationOptions attestationTokenValidationOptions2 = attestationTokenValidationOptions != null ? attestationTokenValidationOptions : this.tokenValidationOptions;
        return this.policyImpl.getWithResponseAsync(attestationType, context).onErrorMap(Utilities::mapException).flatMap(response -> {
            ResponseBase generateResponseFromModelType = Utilities.generateResponseFromModelType(response, new AttestationTokenImpl(((PolicyResponse) response.getValue()).getToken()));
            return getCachedAttestationSigners(context).map(list -> {
                ((AttestationTokenImpl) generateResponseFromModelType.getValue()).validate(list, attestationTokenValidationOptions2);
                AttestationTokenImpl attestationTokenImpl = new AttestationTokenImpl(((PolicyResult) ((AttestationTokenImpl) generateResponseFromModelType.getValue()).getBody(PolicyResult.class)).getPolicy());
                StoredAttestationPolicy storedAttestationPolicy = (StoredAttestationPolicy) attestationTokenImpl.getBody(StoredAttestationPolicy.class);
                return Utilities.generateAttestationResponseFromModelType(generateResponseFromModelType, attestationTokenImpl, storedAttestationPolicy != null ? new String(storedAttestationPolicy.getAttestationPolicy(), StandardCharsets.UTF_8) : null);
            });
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<com.azure.security.attestation.models.PolicyResult> setAttestationPolicy(AttestationType attestationType, String str) {
        return setAttestationPolicyWithResponse(attestationType, new AttestationPolicySetOptions().setAttestationPolicy(str)).flatMap((v0) -> {
            return FluxUtil.toMono(v0);
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<com.azure.security.attestation.models.PolicyResult> setAttestationPolicy(AttestationType attestationType, AttestationPolicySetOptions attestationPolicySetOptions) {
        return setAttestationPolicyWithResponse(attestationType, attestationPolicySetOptions).flatMap((v0) -> {
            return FluxUtil.toMono(v0);
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<AttestationResponse<com.azure.security.attestation.models.PolicyResult>> setAttestationPolicyWithResponse(AttestationType attestationType, AttestationPolicySetOptions attestationPolicySetOptions) {
        return FluxUtil.withContext(context -> {
            return setAttestationPolicyWithResponse(attestationType, attestationPolicySetOptions, context);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Mono<AttestationResponse<com.azure.security.attestation.models.PolicyResult>> setAttestationPolicyWithResponse(AttestationType attestationType, AttestationPolicySetOptions attestationPolicySetOptions, Context context) {
        AttestationTokenValidationOptions validationOptions = attestationPolicySetOptions.getValidationOptions();
        if (validationOptions == null) {
            validationOptions = this.tokenValidationOptions;
        }
        AttestationTokenValidationOptions attestationTokenValidationOptions = validationOptions;
        return this.policyImpl.setWithResponseAsync(attestationType, generatePolicySetToken(attestationPolicySetOptions.getAttestationPolicy(), attestationPolicySetOptions.getAttestationSigner()).serialize(), context).onErrorMap(Utilities::mapException).flatMap(response -> {
            ResponseBase generateResponseFromModelType = Utilities.generateResponseFromModelType(response, new AttestationTokenImpl(((PolicyResponse) response.getValue()).getToken()));
            return getCachedAttestationSigners(context).map(list -> {
                ((AttestationTokenImpl) generateResponseFromModelType.getValue()).validate(list, attestationTokenValidationOptions);
                return Utilities.generateAttestationResponseFromModelType(response, (AttestationToken) generateResponseFromModelType.getValue(), PolicyResultImpl.fromGenerated((PolicyResult) ((AttestationTokenImpl) generateResponseFromModelType.getValue()).getBody(PolicyResult.class)));
            });
        });
    }

    public BinaryData calculatePolicyTokenHash(String str, AttestationSigningKey attestationSigningKey) {
        AttestationToken generatePolicySetToken = generatePolicySetToken(str, attestationSigningKey);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.reset();
            messageDigest.update(generatePolicySetToken.serialize().getBytes(StandardCharsets.UTF_8));
            return BinaryData.fromBytes(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            throw this.logger.logExceptionAsError(new RuntimeException(e.getMessage()));
        }
    }

    private AttestationToken generatePolicySetToken(String str, AttestationSigningKey attestationSigningKey) {
        String str2 = null;
        if (str != null) {
            StoredAttestationPolicy storedAttestationPolicy = new StoredAttestationPolicy();
            storedAttestationPolicy.setAttestationPolicy(str.getBytes(StandardCharsets.UTF_8));
            try {
                str2 = SERIALIZER_ADAPTER.serialize(storedAttestationPolicy, SerializerEncoding.JSON);
            } catch (IOException e) {
                throw this.logger.logExceptionAsError(new RuntimeException(e.getMessage()));
            }
        }
        return attestationSigningKey == null ? str != null ? AttestationTokenImpl.createUnsecuredToken(str2) : AttestationTokenImpl.createUnsecuredToken() : str != null ? AttestationTokenImpl.createSecuredToken(str2, attestationSigningKey) : AttestationTokenImpl.createSecuredToken(attestationSigningKey);
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<com.azure.security.attestation.models.PolicyResult> resetAttestationPolicy(AttestationType attestationType) {
        return resetAttestationPolicyWithResponse(attestationType, new AttestationPolicySetOptions()).flatMap((v0) -> {
            return FluxUtil.toMono(v0);
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<com.azure.security.attestation.models.PolicyResult> resetAttestationPolicy(AttestationType attestationType, AttestationPolicySetOptions attestationPolicySetOptions) {
        return resetAttestationPolicyWithResponse(attestationType, attestationPolicySetOptions).flatMap((v0) -> {
            return FluxUtil.toMono(v0);
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<AttestationResponse<com.azure.security.attestation.models.PolicyResult>> resetAttestationPolicyWithResponse(AttestationType attestationType, AttestationPolicySetOptions attestationPolicySetOptions) {
        return FluxUtil.withContext(context -> {
            return resetAttestationPolicyWithResponse(attestationType, attestationPolicySetOptions, context);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Mono<AttestationResponse<com.azure.security.attestation.models.PolicyResult>> resetAttestationPolicyWithResponse(AttestationType attestationType, AttestationPolicySetOptions attestationPolicySetOptions, Context context) {
        if (attestationPolicySetOptions.getAttestationPolicy() != null) {
            this.logger.logThrowableAsError(new InvalidParameterException("Attestation policy should not be set in resetAttestationPolicy"));
        }
        AttestationTokenValidationOptions validationOptions = attestationPolicySetOptions.getValidationOptions();
        if (validationOptions == null) {
            validationOptions = this.tokenValidationOptions;
        }
        AttestationTokenValidationOptions attestationTokenValidationOptions = validationOptions;
        return this.policyImpl.resetWithResponseAsync(attestationType, (attestationPolicySetOptions.getAttestationSigner() == null ? AttestationTokenImpl.createUnsecuredToken() : AttestationTokenImpl.createSecuredToken(attestationPolicySetOptions.getAttestationSigner())).serialize(), context).onErrorMap(Utilities::mapException).flatMap(response -> {
            ResponseBase generateResponseFromModelType = Utilities.generateResponseFromModelType(response, new AttestationTokenImpl(((PolicyResponse) response.getValue()).getToken()));
            return getCachedAttestationSigners(context).map(list -> {
                ((AttestationTokenImpl) generateResponseFromModelType.getValue()).validate(list, attestationTokenValidationOptions);
                return Utilities.generateAttestationResponseFromModelType(response, (AttestationToken) generateResponseFromModelType.getValue(), PolicyResultImpl.fromGenerated((PolicyResult) ((AttestationTokenImpl) generateResponseFromModelType.getValue()).getBody(PolicyResult.class)));
            });
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<AttestationSignerCollection> listPolicyManagementCertificates() {
        return listPolicyManagementCertificatesWithResponse(null).flatMap((v0) -> {
            return FluxUtil.toMono(v0);
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<AttestationResponse<AttestationSignerCollection>> listPolicyManagementCertificatesWithResponse(AttestationTokenValidationOptions attestationTokenValidationOptions) {
        return FluxUtil.withContext(context -> {
            return listPolicyManagementCertificatesWithResponse(attestationTokenValidationOptions, context);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Mono<AttestationResponse<AttestationSignerCollection>> listPolicyManagementCertificatesWithResponse(AttestationTokenValidationOptions attestationTokenValidationOptions, Context context) {
        AttestationTokenValidationOptions attestationTokenValidationOptions2 = attestationTokenValidationOptions != null ? attestationTokenValidationOptions : this.tokenValidationOptions;
        return this.certificatesImpl.getWithResponseAsync(context).onErrorMap(Utilities::mapException).flatMap(response -> {
            ResponseBase generateResponseFromModelType = Utilities.generateResponseFromModelType(response, new AttestationTokenImpl(((PolicyCertificatesResponse) response.getValue()).getToken()));
            return getCachedAttestationSigners(context).map(list -> {
                ((AttestationTokenImpl) generateResponseFromModelType.getValue()).validate(list, attestationTokenValidationOptions2);
                return Utilities.generateAttestationResponseFromModelType(generateResponseFromModelType, (AttestationToken) generateResponseFromModelType.getValue(), new AttestationSignerCollectionImpl(AttestationSignerImpl.attestationSignersFromJwks(((PolicyCertificatesResult) ((AttestationTokenImpl) generateResponseFromModelType.getValue()).getBody(PolicyCertificatesResult.class)).getPolicyCertificates())));
            });
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<PolicyCertificatesModificationResult> addPolicyManagementCertificate(PolicyManagementCertificateOptions policyManagementCertificateOptions) {
        return addPolicyManagementCertificateWithResponse(policyManagementCertificateOptions).flatMap((v0) -> {
            return FluxUtil.toMono(v0);
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<AttestationResponse<PolicyCertificatesModificationResult>> addPolicyManagementCertificateWithResponse(PolicyManagementCertificateOptions policyManagementCertificateOptions) {
        return FluxUtil.withContext(context -> {
            return addPolicyManagementCertificateWithResponse(policyManagementCertificateOptions, context);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Mono<AttestationResponse<PolicyCertificatesModificationResult>> addPolicyManagementCertificateWithResponse(PolicyManagementCertificateOptions policyManagementCertificateOptions, Context context) {
        Objects.requireNonNull(policyManagementCertificateOptions.getCertificate());
        Objects.requireNonNull(policyManagementCertificateOptions.getAttestationSigner());
        AttestationTokenValidationOptions attestationTokenValidationOptions = this.tokenValidationOptions;
        try {
            String encodeToString = Base64.getEncoder().encodeToString(policyManagementCertificateOptions.getCertificate().getEncoded());
            JsonWebKey x5c = new JsonWebKey(policyManagementCertificateOptions.getCertificate().getType()).setX5C(new ArrayList());
            x5c.getX5C().add(encodeToString);
            try {
                return this.certificatesImpl.addWithResponseAsync(AttestationTokenImpl.createSecuredToken(SERIALIZER_ADAPTER.serialize(new AttestationCertificateManagementBody().setPolicyCertificate(x5c), SerializerEncoding.JSON), policyManagementCertificateOptions.getAttestationSigner()).serialize(), context).onErrorMap(Utilities::mapException).flatMap(response -> {
                    ResponseBase generateResponseFromModelType = Utilities.generateResponseFromModelType(response, new AttestationTokenImpl(((PolicyCertificatesModifyResponse) response.getValue()).getToken()));
                    return getCachedAttestationSigners(context).map(list -> {
                        ((AttestationTokenImpl) generateResponseFromModelType.getValue()).validate(list, attestationTokenValidationOptions);
                        return Utilities.generateAttestationResponseFromModelType(response, (AttestationToken) generateResponseFromModelType.getValue(), PolicyCertificatesModificationResultImpl.fromGenerated((com.azure.security.attestation.implementation.models.PolicyCertificatesModificationResult) ((AttestationTokenImpl) generateResponseFromModelType.getValue()).getBody(com.azure.security.attestation.implementation.models.PolicyCertificatesModificationResult.class)));
                    });
                });
            } catch (IOException e) {
                throw this.logger.logExceptionAsError(new RuntimeException(e.getMessage()));
            }
        } catch (CertificateEncodingException e2) {
            throw this.logger.logExceptionAsError(new RuntimeException(e2.getMessage()));
        }
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<PolicyCertificatesModificationResult> deletePolicyManagementCertificate(PolicyManagementCertificateOptions policyManagementCertificateOptions) {
        return deletePolicyManagementCertificateWithResponse(policyManagementCertificateOptions).flatMap((v0) -> {
            return FluxUtil.toMono(v0);
        });
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<AttestationResponse<PolicyCertificatesModificationResult>> deletePolicyManagementCertificateWithResponse(PolicyManagementCertificateOptions policyManagementCertificateOptions) {
        return FluxUtil.withContext(context -> {
            return deletePolicyManagementCertificateWithResponse(policyManagementCertificateOptions, context);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Mono<AttestationResponse<PolicyCertificatesModificationResult>> deletePolicyManagementCertificateWithResponse(PolicyManagementCertificateOptions policyManagementCertificateOptions, Context context) {
        Objects.requireNonNull(policyManagementCertificateOptions.getCertificate());
        Objects.requireNonNull(policyManagementCertificateOptions.getAttestationSigner());
        AttestationTokenValidationOptions attestationTokenValidationOptions = this.tokenValidationOptions;
        try {
            String encodeToString = Base64.getEncoder().encodeToString(policyManagementCertificateOptions.getCertificate().getEncoded());
            JsonWebKey x5c = new JsonWebKey(policyManagementCertificateOptions.getCertificate().getType()).setX5C(new ArrayList());
            x5c.getX5C().add(encodeToString);
            try {
                return this.certificatesImpl.removeWithResponseAsync(AttestationTokenImpl.createSecuredToken(SERIALIZER_ADAPTER.serialize(new AttestationCertificateManagementBody().setPolicyCertificate(x5c), SerializerEncoding.JSON), policyManagementCertificateOptions.getAttestationSigner()).serialize(), context).onErrorMap(Utilities::mapException).flatMap(response -> {
                    ResponseBase generateResponseFromModelType = Utilities.generateResponseFromModelType(response, new AttestationTokenImpl(((PolicyCertificatesModifyResponse) response.getValue()).getToken()));
                    return getCachedAttestationSigners(context).map(list -> {
                        ((AttestationTokenImpl) generateResponseFromModelType.getValue()).validate(list, attestationTokenValidationOptions);
                        return Utilities.generateAttestationResponseFromModelType(response, (AttestationToken) generateResponseFromModelType.getValue(), PolicyCertificatesModificationResultImpl.fromGenerated((com.azure.security.attestation.implementation.models.PolicyCertificatesModificationResult) ((AttestationTokenImpl) generateResponseFromModelType.getValue()).getBody(com.azure.security.attestation.implementation.models.PolicyCertificatesModificationResult.class)));
                    });
                });
            } catch (IOException e) {
                throw this.logger.logExceptionAsError(new RuntimeException(e.getMessage()));
            }
        } catch (CertificateEncodingException e2) {
            throw this.logger.logExceptionAsError(new RuntimeException(e2.getMessage()));
        }
    }

    Mono<List<AttestationSigner>> getCachedAttestationSigners(Context context) {
        return this.cachedSigners.get() != null ? Mono.just(this.cachedSigners.get()) : this.signingCertificatesImpl.getWithResponseAsync(context).map(response -> {
            return AttestationSignerImpl.attestationSignersFromJwks((JsonWebKeySet) response.getValue());
        }).map(list -> {
            this.cachedSigners.compareAndSet(null, list);
            return this.cachedSigners.get();
        });
    }
}
