package org.eclipse.edc.connector.controlplane.transfer.dataplane;

import java.security.PrivateKey;
import java.time.Clock;
import java.util.function.Supplier;
import org.eclipse.edc.connector.controlplane.transfer.dataplane.api.ConsumerPullTransferTokenValidationApiController;
import org.eclipse.edc.connector.controlplane.transfer.dataplane.flow.ConsumerPullTransferDataFlowController;
import org.eclipse.edc.connector.controlplane.transfer.dataplane.flow.ProviderPushTransferDataFlowController;
import org.eclipse.edc.connector.controlplane.transfer.dataplane.proxy.ConsumerPullDataPlaneProxyResolver;
import org.eclipse.edc.connector.controlplane.transfer.dataplane.spi.security.DataEncrypter;
import org.eclipse.edc.connector.controlplane.transfer.dataplane.spi.token.ConsumerPullTokenExpirationDateFunction;
import org.eclipse.edc.connector.controlplane.transfer.dataplane.validation.ExpirationDateValidationRule;
import org.eclipse.edc.connector.controlplane.transfer.spi.flow.DataFlowManager;
import org.eclipse.edc.connector.dataplane.selector.spi.DataPlaneSelectorService;
import org.eclipse.edc.connector.dataplane.selector.spi.client.DataPlaneClientFactory;
import org.eclipse.edc.keys.spi.LocalPublicKeyService;
import org.eclipse.edc.keys.spi.PrivateKeyResolver;
import org.eclipse.edc.runtime.metamodel.annotation.Extension;
import org.eclipse.edc.runtime.metamodel.annotation.Inject;
import org.eclipse.edc.runtime.metamodel.annotation.Setting;
import org.eclipse.edc.spi.monitor.Monitor;
import org.eclipse.edc.spi.system.ServiceExtension;
import org.eclipse.edc.spi.system.ServiceExtensionContext;
import org.eclipse.edc.spi.types.TypeManager;
import org.eclipse.edc.token.JwtGenerationService;
import org.eclipse.edc.token.spi.TokenValidationRulesRegistry;
import org.eclipse.edc.token.spi.TokenValidationService;
import org.eclipse.edc.validator.spi.DataAddressValidatorRegistry;
import org.eclipse.edc.validator.spi.ValidationResult;
import org.eclipse.edc.web.spi.WebService;
import org.eclipse.edc.web.spi.configuration.context.ControlApiUrl;
import org.jetbrains.annotations.NotNull;

@Extension(TransferDataPlaneCoreExtension.NAME)
/* loaded from: input_file:org/eclipse/edc/connector/controlplane/transfer/dataplane/TransferDataPlaneCoreExtension.class */
public class TransferDataPlaneCoreExtension implements ServiceExtension {

    @Setting("Alias of private key used for signing tokens, retrieved from private key resolver")
    public static final String TOKEN_SIGNER_PRIVATE_KEY_ALIAS = "edc.transfer.proxy.token.signer.privatekey.alias";

    @Setting("Alias of public key used for verifying the tokens, retrieved from the vault")
    public static final String TOKEN_VERIFIER_PUBLIC_KEY_ALIAS = "edc.transfer.proxy.token.verifier.publickey.alias";
    public static final String NAME = "Transfer Data Plane Core";
    public static final String TRANSFER_DATAPLANE_TOKEN_CONTEXT = "dataplane-transfer";

    @Inject
    private WebService webService;

    @Inject
    private DataFlowManager dataFlowManager;

    @Inject
    private Clock clock;

    @Inject
    private DataEncrypter dataEncrypter;

    @Inject
    private DataPlaneSelectorService selectorService;

    @Inject
    private DataPlaneClientFactory clientFactory;

    @Inject
    private ConsumerPullTokenExpirationDateFunction tokenExpirationDateFunction;

    @Inject(required = false)
    private ControlApiUrl callbackUrl;

    @Inject
    private TypeManager typeManager;

    @Inject
    private LocalPublicKeyService publicKeyService;

    @Inject
    private PrivateKeyResolver privateKeyResolver;

    @Inject
    private DataAddressValidatorRegistry dataAddressValidatorRegistry;

    @Inject
    private TokenValidationRulesRegistry tokenValidationRulesRegistry;

    @Inject
    private TokenValidationService tokenValidationService;

    public String name() {
        return NAME;
    }

    public void initialize(ServiceExtensionContext serviceExtensionContext) {
        Monitor monitor = serviceExtensionContext.getMonitor();
        monitor.warning("The transfer-data-plane extension has been deprecated, please switch to the Data Plane Signaling feature.", new Throwable[0]);
        String setting = serviceExtensionContext.getSetting(TOKEN_VERIFIER_PUBLIC_KEY_ALIAS, (String) null);
        String setting2 = serviceExtensionContext.getSetting(TOKEN_SIGNER_PRIVATE_KEY_ALIAS, (String) null);
        if (setting == null || setting2 == null) {
            monitor.info("One of these settings is not configured, so the connector won't be able to provide 'consumer-pull' transfers: [%s, %s]".formatted(TOKEN_VERIFIER_PUBLIC_KEY_ALIAS, TOKEN_SIGNER_PRIVATE_KEY_ALIAS), new Throwable[0]);
        } else {
            this.webService.registerResource("control", new ConsumerPullTransferTokenValidationApiController(this.tokenValidationService, this.dataEncrypter, this.typeManager, str -> {
                return this.publicKeyService.resolveKey(setting);
            }));
            this.dataFlowManager.register(new ConsumerPullTransferDataFlowController(this.selectorService, new ConsumerPullDataPlaneProxyResolver(this.dataEncrypter, this.typeManager, new JwtGenerationService(), getPrivateKeySupplier(serviceExtensionContext, setting2), () -> {
                return setting;
            }, this.tokenExpirationDateFunction)));
        }
        this.tokenValidationRulesRegistry.addRule(TRANSFER_DATAPLANE_TOKEN_CONTEXT, new ExpirationDateValidationRule(this.clock));
        this.dataFlowManager.register(new ProviderPushTransferDataFlowController(this.callbackUrl, this.selectorService, this.clientFactory));
        this.dataAddressValidatorRegistry.registerDestinationValidator("HttpProxy", dataAddress -> {
            return ValidationResult.success();
        });
    }

    @NotNull
    private Supplier<PrivateKey> getPrivateKeySupplier(ServiceExtensionContext serviceExtensionContext, String str) {
        return () -> {
            return (PrivateKey) this.privateKeyResolver.resolvePrivateKey(str).orElse(failure -> {
                serviceExtensionContext.getMonitor().warning("Cannot resolve private key: " + failure.getFailureDetail(), new Throwable[0]);
                return null;
            });
        };
    }
}
