package com.appiancorp.ix.data.connectedsystemix;

import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.connectedsystems.constants.AwsRegions;
import com.appiancorp.core.data.Dictionary;
import com.appiancorp.core.expr.portable.Value;
import com.appiancorp.encryption.InternalEncryptionService;
import com.appiancorp.integration.http.HttpParameterConstants;
import com.appiancorp.ix.ParameterizedExportProperties;
import com.appiancorp.ix.ParameterizedImportProperties;
import com.appiancorp.ix.data.IncludeSensitiveDataInIcf;
import com.appiancorp.ix.data.OutboundIntegrationIxAuthHelper;
import com.appiancorp.ix.data.OutboundIntegrationIxAuthHelperBuilder;
import com.appiancorp.services.ServiceContext;
import com.appiancorp.suiteapi.common.exceptions.AppianException;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.google.common.collect.Sets;
import java.util.Set;

/* loaded from: input_file:com/appiancorp/ix/data/connectedsystemix/AWSSigV4ConnectedSystemHaulDelegate.class */
public class AWSSigV4ConnectedSystemHaulDelegate extends ConnectedSystemHaulDelegate {
    public static final String ACCESS_KEY_ID = "accessKeyId";
    public static final String SECRET_KEY = "secretKey";
    public static final String AWS_REGION = "awsRegion";
    public static final String SECURITY_TOKEN = "securityToken";
    public static final String AWS_SERVICE = "awsService";
    private static final String SECRET_KEY_PATH = "sharedConfigParameters.authDetails.secretKey";
    private static final String ACCESS_KEY_ID_PATH = "sharedConfigParameters.authDetails.accessKeyId";
    private static final String AWS_REGION_PATH = "sharedConfigParameters.authDetails.awsRegion";
    private static final String SECURITY_TOKEN_PATH = "sharedConfigParameters.authDetails.securityToken";
    private static final String AWS_REGION_CHANGE_KEY = "connectedSystems.awsSigV4auth.updateRegion.onImport";
    private final ServiceContext sc;
    private final InternalEncryptionService encryptionService;

    public AWSSigV4ConnectedSystemHaulDelegate(ServiceContext serviceContext, InternalEncryptionService internalEncryptionService) {
        this.sc = serviceContext;
        this.encryptionService = internalEncryptionService;
    }

    @Override // com.appiancorp.ix.data.connectedsystemix.ConnectedSystemHaulDelegate
    public Value updateExportParameters(Value value, ParameterizedExportProperties.ExportPropertyGrouping exportPropertyGrouping, IncludeSensitiveDataInIcf includeSensitiveDataInIcf) {
        return getSecurityTokenImporter(this.sc).addExportPropertyAndUpdateParameters(getAWSRegionImporter(this.sc).addExportPropertyAndUpdateParameters(getSecretKeyImporter(this.sc).addExportPropertyAndUpdateParameters(getAccessKeyIdImporter(this.sc).addExportPropertyAndUpdateParameters(value, exportPropertyGrouping), exportPropertyGrouping), exportPropertyGrouping), exportPropertyGrouping);
    }

    @Override // com.appiancorp.ix.data.connectedsystemix.ConnectedSystemHaulDelegate
    public Value updateCreateParameters(Value value, String str, ParameterizedImportProperties parameterizedImportProperties) throws AppianException {
        return getSecurityTokenImporter(this.sc).validateForCreate(parameterizedImportProperties, getAWSRegionImporter(this.sc).validateForCreate(parameterizedImportProperties, getSecretKeyImporter(this.sc).validateForCreate(parameterizedImportProperties, getAccessKeyIdImporter(this.sc).validateForCreate(parameterizedImportProperties, value, str), str), str), str);
    }

    @Override // com.appiancorp.ix.data.connectedsystemix.ConnectedSystemHaulDelegate
    public Value updateUpdateParameters(Value value, Value value2, ParameterizedImportProperties parameterizedImportProperties, String str, boolean z) throws AppianException {
        Value validateForUpdate = getAWSRegionImporter(this.sc).validateForUpdate(parameterizedImportProperties, getSecretKeyImporter(this.sc).validateForUpdate(parameterizedImportProperties, getAccessKeyIdImporter(this.sc).validateForUpdate(parameterizedImportProperties, value, value2, str), value2, str), value2, str);
        if (!z) {
            logAwsRegionChange((Dictionary) value2.getValue(), parameterizedImportProperties);
        }
        return getSecurityTokenImporter(this.sc).validateForUpdate(parameterizedImportProperties, validateForUpdate, value2, str);
    }

    @Override // com.appiancorp.ix.data.connectedsystemix.ConnectedSystemHaulDelegate
    public Set<String> getNonSensitiveProperties() {
        return getNonSensitivePropertiesFromAuthHelpers(Sets.newHashSet(new OutboundIntegrationIxAuthHelper[]{getAccessKeyIdImporter(null), getSecretKeyImporter(null), getAWSRegionImporter(null), getSecurityTokenImporter(null)}));
    }

    private OutboundIntegrationIxAuthHelper getAccessKeyIdImporter(ServiceContext serviceContext) {
        return new OutboundIntegrationIxAuthHelperBuilder().friendlyPath(ACCESS_KEY_ID).fullPath(ParameterizedImportProperties.fieldPathToValues(ACCESS_KEY_ID_PATH)).authDetailsFieldToValidate(ACCESS_KEY_ID).encryptionService(this.encryptionService).serviceContext(serviceContext).errorCode(ErrorCode.CONNECTED_SYSTEM_MISSING_PROPERTY_CREATE).controlMask(143).build();
    }

    private OutboundIntegrationIxAuthHelper getSecretKeyImporter(ServiceContext serviceContext) {
        return new OutboundIntegrationIxAuthHelperBuilder().friendlyPath(SECRET_KEY).fullPath(ParameterizedImportProperties.fieldPathToValues(SECRET_KEY_PATH)).authDetailsFieldToValidate(SECRET_KEY).encryptionService(this.encryptionService).serviceContext(serviceContext).errorCode(ErrorCode.CONNECTED_SYSTEM_MISSING_PROPERTY_CREATE).controlMask(143).build();
    }

    private OutboundIntegrationIxAuthHelper getAWSRegionImporter(ServiceContext serviceContext) {
        return new OutboundIntegrationIxAuthHelperBuilder().friendlyPath(AWS_REGION).fullPath(ParameterizedImportProperties.fieldPathToValues(AWS_REGION_PATH)).authDetailsFieldToValidate(AWS_REGION).encryptionService(this.encryptionService).serviceContext(serviceContext).errorCode(ErrorCode.CONNECTED_SYSTEM_MISSING_PROPERTY_CREATE).controlMask(172).fieldValidators((str, str2, str3) -> {
            if (!AwsRegions.isValidRegion(str3)) {
                throw new AppianException(ErrorCode.CONNECTED_SYSTEM_INVALID_REGION, new Object[]{str});
            }
        }).build();
    }

    private OutboundIntegrationIxAuthHelper getSecurityTokenImporter(ServiceContext serviceContext) {
        return new OutboundIntegrationIxAuthHelperBuilder().friendlyPath(SECURITY_TOKEN).fullPath(ParameterizedImportProperties.fieldPathToValues(SECURITY_TOKEN_PATH)).authDetailsFieldToValidate(SECRET_KEY).encryptionService(this.encryptionService).serviceContext(serviceContext).errorCode(ErrorCode.CONNECTED_SYSTEM_MISSING_PROPERTY_CREATE).controlMask(3).build();
    }

    private void logAwsRegionChange(Dictionary dictionary, ParameterizedImportProperties parameterizedImportProperties) {
        String str = (String) ((Dictionary) dictionary.getAtKey(HttpParameterConstants.AUTH_DETAILS_KEY)).getAtKey(AWS_REGION);
        if (str != null) {
            parameterizedImportProperties.getValueByFieldName(AWS_REGION).ifPresent(obj -> {
                if (str.equals(obj)) {
                    return;
                }
                ProductMetricsAggregatedDataCollector.recordData(AWS_REGION_CHANGE_KEY);
            });
        }
    }
}
