package org.apache.knox.gateway.backend.hashicorp.vault.authentication;

import java.net.URI;
import java.util.Map;
import org.apache.knox.gateway.backend.hashicorp.vault.HashicorpVaultAliasService;
import org.apache.knox.gateway.services.security.AliasService;
import org.springframework.vault.authentication.ClientAuthentication;
import org.springframework.vault.authentication.KubernetesAuthentication;
import org.springframework.vault.authentication.KubernetesAuthenticationOptions;
import org.springframework.vault.client.ClientHttpRequestFactoryFactory;
import org.springframework.vault.client.SimpleVaultEndpointProvider;
import org.springframework.vault.client.VaultClients;
import org.springframework.vault.client.VaultEndpoint;
import org.springframework.vault.support.ClientOptions;
import org.springframework.vault.support.SslConfiguration;
import org.springframework.web.client.RestOperations;

/* loaded from: input_file:org/apache/knox/gateway/backend/hashicorp/vault/authentication/KubernetesHashicorpVaultClientAuthenticationProvider.class */
public class KubernetesHashicorpVaultClientAuthenticationProvider implements HashicorpVaultClientAuthenticationProvider {
    public static final String TYPE = "kubernetes";
    public static final String KUBERNETES_ROLE_KEY = "hashicorp.vault.authentication.kubernetes.role";

    @Override // org.apache.knox.gateway.backend.hashicorp.vault.authentication.HashicorpVaultClientAuthenticationProvider
    public String getType() {
        return TYPE;
    }

    @Override // org.apache.knox.gateway.backend.hashicorp.vault.authentication.HashicorpVaultClientAuthenticationProvider
    public ClientAuthentication newInstance(AliasService aliasService, Map<String, String> map) throws Exception {
        return new KubernetesAuthentication(KubernetesAuthenticationOptions.builder().role(map.get(KUBERNETES_ROLE_KEY)).build(), getRestOperations(map));
    }

    private RestOperations getRestOperations(Map<String, String> map) throws Exception {
        return VaultClients.createRestTemplate(SimpleVaultEndpointProvider.of(VaultEndpoint.from(new URI(map.get(HashicorpVaultAliasService.VAULT_ADDRESS_KEY)))), ClientHttpRequestFactoryFactory.create(new ClientOptions(), SslConfiguration.unconfigured()));
    }
}
