package com.dbeaver.net.aws.ssm;

import com.dbeaver.model.net.AbstractCommandLineTunnel;
import com.dbeaver.net.auth.aws.AuthModelAWSAbstract;
import com.dbeaver.net.auth.aws.AuthModelAWSCredentials;
import com.dbeaver.net.auth.aws.AuthModelAWSPreferences;
import com.google.gson.GsonBuilder;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import org.jkiss.code.NotNull;
import org.jkiss.dbeaver.DBException;
import org.jkiss.dbeaver.Log;
import org.jkiss.dbeaver.model.connection.DBPConnectionConfiguration;
import org.jkiss.dbeaver.model.exec.DBCException;
import org.jkiss.dbeaver.model.net.DBWHandlerConfiguration;
import org.jkiss.dbeaver.model.net.DBWUtils;
import org.jkiss.dbeaver.model.runtime.DBRProcessDescriptor;
import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
import org.jkiss.dbeaver.utils.RuntimeUtils;
import org.jkiss.utils.CommonUtils;

/* loaded from: input_file:com/dbeaver/net/aws/ssm/SSMTunnelImpl.class */
public class SSMTunnelImpl extends AbstractCommandLineTunnel {
    private static final Log log = Log.getLog(SSMTunnelImpl.class);
    private AuthModelAWSCredentials awsCredentials;

    protected Process createTunnelProcess(@NotNull DBRProgressMonitor dBRProgressMonitor, @NotNull DBWHandlerConfiguration dBWHandlerConfiguration, @NotNull DBPConnectionConfiguration dBPConnectionConfiguration, int i) throws DBException {
        Path parent;
        dBRProgressMonitor.subTask("Initiate SSM session");
        try {
            String stringProperty = dBWHandlerConfiguration.getStringProperty(SSMConstants.PROP_INSTANCE_ID);
            String stringProperty2 = dBWHandlerConfiguration.getStringProperty(SSMConstants.PROP_INSTANCE_REGION);
            if (CommonUtils.isEmpty(stringProperty)) {
                throw new DBException("AWS EC2 instance not specified");
            }
            if (CommonUtils.isEmpty(stringProperty2)) {
                throw new DBException("AWS region not specified");
            }
            this.awsCredentials = new AuthModelAWSCredentials();
            AuthModelAWSAbstract.loadCredentialsFromMap(this.awsCredentials, dBWHandlerConfiguration.getSecureProperties());
            this.awsCredentials.setRegion(stringProperty2);
            String hostName = dBPConnectionConfiguration.getHostName();
            boolean z = !DBWUtils.isLocalAddress(hostName);
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            if (z) {
                linkedHashMap.put("host", List.of(hostName));
            }
            linkedHashMap.put("portNumber", List.of(String.valueOf(getDefaultRemotePort(dBWHandlerConfiguration))));
            linkedHashMap.put("localPortNumber", List.of(String.valueOf(i)));
            String stringProperty3 = dBWHandlerConfiguration.getStringProperty(SSMConstants.PROP_SSM_DOCUMENT);
            if (CommonUtils.isEmpty(stringProperty3)) {
                stringProperty3 = z ? SSMConstants.DOCUMENT_PORT_FORWARDING_TO_REMOTE : SSMConstants.DOCUMENT_PORT_FORWARDING;
            }
            dBRProgressMonitor.subTask("Initialize SSM over AWS CLI");
            this.awsCredentials.getAuthCredentialsProvider(dBRProgressMonitor, dBPConnectionConfiguration);
            ArrayList arrayList = new ArrayList();
            String awsCliExecutablePath = AuthModelAWSCredentials.getAwsCliExecutablePath();
            arrayList.add(awsCliExecutablePath);
            arrayList.add("ssm");
            arrayList.add("start-session");
            arrayList.add("--target");
            arrayList.add(stringProperty);
            arrayList.add("--region");
            arrayList.add(this.awsCredentials.getRegion());
            arrayList.add("--document-name");
            arrayList.add(stringProperty3);
            String json = new GsonBuilder().serializeNulls().create().toJson(linkedHashMap, Map.class);
            arrayList.add("--parameters");
            arrayList.add(escapeCLIIdentifier(json));
            addCredentialArguments(arrayList);
            log.debug("Execute AWS CLI ssm");
            DBRProcessDescriptor createProcessByArguments = createProcessByArguments(arrayList);
            addCredentialEnvironment(createProcessByArguments);
            String string = AuthModelAWSPreferences.getPreferences().getString(AuthModelAWSPreferences.AWS_SSM_PLUGIN_FOLDER);
            if (CommonUtils.isEmpty(string) && (parent = Path.of(awsCliExecutablePath, new String[0]).getParent()) != null && parent.getParent() != null) {
                string = parent.getParent().resolve("SessionManagerPlugin").resolve("bin").toAbsolutePath().toString();
            }
            if (!CommonUtils.isEmpty(string) && Files.exists(Path.of(string, new String[0]), new LinkOption[0])) {
                createProcessByArguments.getProcessBuilder().environment().put("PATH", string + File.pathSeparator + System.getenv("PATH"));
            }
            try {
                createProcessByArguments.execute();
                return createProcessByArguments.getProcess();
            } catch (Throwable th) {
                Process process = createProcessByArguments.getProcess();
                if (process != null) {
                    process.destroy();
                }
                throw new DBCException("Error running AWS CLI. Is it installed on the local machine?", th);
            }
        } catch (Exception e) {
            throw new DBException("AWS SSM session initiation filed", e);
        }
    }

    private void addCredentialArguments(List<String> list) {
        if (CommonUtils.isEmpty(this.awsCredentials.getProfileName())) {
            return;
        }
        list.add("--profile");
        list.add(this.awsCredentials.getProfileName());
    }

    private void addCredentialEnvironment(@NotNull DBRProcessDescriptor dBRProcessDescriptor) {
        if (CommonUtils.isEmpty(this.awsCredentials.getAwsAccessKey())) {
            return;
        }
        dBRProcessDescriptor.getProcessBuilder().environment().put("AWS_ACCESS_KEY_ID", this.awsCredentials.getAwsAccessKey());
        dBRProcessDescriptor.getProcessBuilder().environment().put("AWS_SECRET_ACCESS_KEY", this.awsCredentials.getAwsSecretKey());
        if (CommonUtils.isNotEmpty(this.awsCredentials.getAwsSessionToken())) {
            dBRProcessDescriptor.getProcessBuilder().environment().put("AWS_SESSION_TOKEN", this.awsCredentials.getAwsSessionToken());
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:16:0x005c, code lost:
    
        r9 = r0.group(1);
     */
    /* JADX WARN: Finally extract failed */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void closeTunnel(@org.jkiss.code.NotNull org.jkiss.dbeaver.model.runtime.DBRProgressMonitor r7) throws org.jkiss.dbeaver.DBException, java.io.IOException {
        /*
            Method dump skipped, instructions count: 278
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.dbeaver.net.aws.ssm.SSMTunnelImpl.closeTunnel(org.jkiss.dbeaver.model.runtime.DBRProgressMonitor):void");
    }

    public static String escapeCLIIdentifier(String str) {
        return RuntimeUtils.isWindows() ? "\"" + str.replace("\"", "\"\"") + "\"" : str;
    }
}
