package com.terracotta.management.security.impl;

import com.terracotta.management.keychain.FileStoreKeyChain;
import com.terracotta.management.keychain.KeyName;
import com.terracotta.management.security.KeyChainAccessor;
import com.terracotta.management.security.KeychainInitializationException;
import com.terracotta.management.security.ObfuscatingSecretProviderBackend;
import com.terracotta.management.security.SecretProvider;
import java.net.MalformedURLException;
import java.net.URL;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/terracotta/management/security/impl/ObfuscatedSecretFileStoreKeyChainAccessor.class */
public final class ObfuscatedSecretFileStoreKeyChainAccessor implements KeyChainAccessor {
    private static final Logger LOG = LoggerFactory.getLogger(ObfuscatedSecretFileStoreKeyChainAccessor.class);
    private static final String DFLT_KEYCHAIN_FILE_LOCATION = "file://" + System.getProperty("user.home") + "/.tc/mgmt/keychain";
    private static final String JVM_KEYCHAIN_LOCATION_PROP = "com.tc.management.keychain.file";
    private FileStoreKeyChain keyChain;

    public ObfuscatedSecretFileStoreKeyChainAccessor() throws KeychainInitializationException {
        String property = System.getProperty(JVM_KEYCHAIN_LOCATION_PROP) == null ? DFLT_KEYCHAIN_FILE_LOCATION : System.getProperty(JVM_KEYCHAIN_LOCATION_PROP);
        if (property == null) {
            throw new KeychainInitializationException("Unable to locate a valid keychain for security context.");
        }
        try {
            URL url = new URL(property);
            SecretProvider.fetchSecret(new ObfuscatingSecretProviderBackend());
            try {
                this.keyChain = new FileStoreKeyChain(url);
                this.keyChain.unlock(SecretProvider.getSecret());
            } catch (RuntimeException e) {
                throw new KeychainInitializationException(e);
            }
        } catch (MalformedURLException e2) {
            throw new KeychainInitializationException("Failed to instantiate keychain URL.", e2);
        }
    }

    @Override // com.terracotta.management.security.KeyChainAccessor
    public byte[] retrieveSecret(KeyName keyName) {
        byte[] password = this.keyChain.getPassword(SecretProvider.getSecret(), keyName);
        if (password == null) {
            LOG.info("No secret found in keychain for URL: " + keyName.toString());
        }
        return password;
    }
}
