package com.mulesoft.connector.lib.keyvault.crypto;

import com.azure.core.exception.HttpResponseException;
import com.azure.identity.ClientSecretCredentialBuilder;
import com.azure.security.keyvault.keys.KeyClient;
import com.azure.security.keyvault.keys.cryptography.CryptographyClient;
import com.azure.security.keyvault.keys.cryptography.CryptographyClientBuilder;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
import com.microsoft.aad.msal4j.MsalServiceException;
import com.mulesoft.connector.lib.keyvault.api.TokenCredentialProperties;
import com.mulesoft.connector.lib.keyvault.error.AuthenticationException;
import com.mulesoft.connector.lib.keyvault.error.InvalidHostException;
import com.mulesoft.connector.lib.keyvault.error.KeyNotFoundException;
import java.net.UnknownHostException;

/* loaded from: input_file:com/mulesoft/connector/lib/keyvault/crypto/CryptoClientProviderImpl.class */
public class CryptoClientProviderImpl implements CryptoClientProvider {
    private TokenCredentialProperties properties;
    private final KeyClient keyClient;

    public CryptoClientProviderImpl(TokenCredentialProperties tokenCredentialProperties, KeyClient keyClient) {
        this.properties = tokenCredentialProperties;
        this.keyClient = keyClient;
    }

    @Override // com.mulesoft.connector.lib.keyvault.crypto.CryptoClientProvider
    public CryptographyClient getCryptoClient(String str, String str2) {
        String id = getKey(str, str2).getId();
        return new CryptographyClientBuilder().keyIdentifier(id).credential(new ClientSecretCredentialBuilder().clientId(this.properties.getClientId()).tenantId(this.properties.getTenantId()).clientSecret(this.properties.getClientSecret()).build()).buildClient();
    }

    @Override // com.mulesoft.connector.lib.keyvault.crypto.CryptoClientProvider
    public CryptographyClient getNewCryptoClient(String str, String str2) {
        return getCryptoClient(str, null);
    }

    private KeyVaultKey getKey(String str, String str2) {
        try {
            return str2 == null ? this.keyClient.getKey(str) : this.keyClient.getKey(str, str2);
        } catch (HttpResponseException e) {
            int statusCode = e.getResponse().getStatusCode();
            if (e.getMessage().contains("VaultNotFound")) {
                throw new InvalidHostException(this.keyClient.getVaultUrl(), e);
            }
            if (statusCode == 400) {
                throw new KeyNotFoundException(str, str2, e);
            }
            if (statusCode == 404) {
                throw new KeyNotFoundException(str, e);
            }
            throw e;
        } catch (Exception e2) {
            if (e2.getCause() instanceof UnknownHostException) {
                throw new InvalidHostException(this.keyClient.getVaultUrl(), e2);
            }
            throw e2;
        } catch (MsalServiceException e3) {
            throw new AuthenticationException(e3);
        }
    }
}
