package org.springframework.boot.autoconfigure.neo4j;

import java.io.File;
import java.net.URI;
import java.time.Duration;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.TimeUnit;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import org.neo4j.driver.AuthToken;
import org.neo4j.driver.AuthTokens;
import org.neo4j.driver.Config;
import org.neo4j.driver.Driver;
import org.neo4j.driver.GraphDatabase;
import org.neo4j.driver.internal.Scheme;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.neo4j.Neo4jProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.context.properties.source.InvalidConfigurationPropertyValueException;
import org.springframework.context.annotation.Bean;
import org.springframework.core.env.Environment;
import org.springframework.util.StringUtils;

@EnableConfigurationProperties({Neo4jProperties.class})
@AutoConfiguration
@ConditionalOnClass({Driver.class})
/* loaded from: input_file:BOOT-INF/lib/spring-boot-autoconfigure-2.7.10.jar:org/springframework/boot/autoconfigure/neo4j/Neo4jAutoConfiguration.class */
public class Neo4jAutoConfiguration {
    private static final URI DEFAULT_SERVER_URI = URI.create("bolt://localhost:7687");

    @ConditionalOnMissingBean
    @Bean
    public Driver neo4jDriver(Neo4jProperties neo4jProperties, Environment environment, ObjectProvider<ConfigBuilderCustomizer> objectProvider) {
        return GraphDatabase.driver(determineServerUri(neo4jProperties, environment), mapAuthToken(neo4jProperties.getAuthentication(), environment), mapDriverConfig(neo4jProperties, (List) objectProvider.orderedStream().collect(Collectors.toList())));
    }

    URI determineServerUri(Neo4jProperties neo4jProperties, Environment environment) {
        return (URI) getOrFallback(neo4jProperties.getUri(), () -> {
            URI uri = (URI) environment.getProperty("spring.data.neo4j.uri", URI.class);
            return uri != null ? uri : DEFAULT_SERVER_URI;
        });
    }

    AuthToken mapAuthToken(Neo4jProperties.Authentication authentication, Environment environment) {
        String str = (String) getOrFallback(authentication.getUsername(), () -> {
            return (String) environment.getProperty("spring.data.neo4j.username", String.class);
        });
        String str2 = (String) getOrFallback(authentication.getPassword(), () -> {
            return (String) environment.getProperty("spring.data.neo4j.password", String.class);
        });
        String kerberosTicket = authentication.getKerberosTicket();
        String realm = authentication.getRealm();
        boolean hasText = StringUtils.hasText(str);
        boolean hasText2 = StringUtils.hasText(str2);
        boolean hasText3 = StringUtils.hasText(kerberosTicket);
        if (hasText && hasText3) {
            throw new IllegalStateException(String.format("Cannot specify both username ('%s') and kerberos ticket ('%s')", str, kerberosTicket));
        }
        return (hasText && hasText2) ? AuthTokens.basic(str, str2, realm) : hasText3 ? AuthTokens.kerberos(kerberosTicket) : AuthTokens.none();
    }

    private <T> T getOrFallback(T t, Supplier<T> supplier) {
        return t != null ? t : supplier.get();
    }

    Config mapDriverConfig(Neo4jProperties neo4jProperties, List<ConfigBuilderCustomizer> list) {
        Config.ConfigBuilder builder = Config.builder();
        configurePoolSettings(builder, neo4jProperties.getPool());
        URI uri = neo4jProperties.getUri();
        configureDriverSettings(builder, neo4jProperties, isSimpleScheme(uri != null ? uri.getScheme() : "bolt"));
        builder.withLogging(new Neo4jSpringJclLogging());
        list.forEach(configBuilderCustomizer -> {
            configBuilderCustomizer.customize(builder);
        });
        return builder.build();
    }

    private boolean isSimpleScheme(String str) {
        String lowerCase = str.toLowerCase(Locale.ENGLISH);
        try {
            Scheme.validateScheme(lowerCase);
            return lowerCase.equals("bolt") || lowerCase.equals("neo4j");
        } catch (IllegalArgumentException e) {
            throw new IllegalArgumentException(String.format("'%s' is not a supported scheme.", str));
        }
    }

    private void configurePoolSettings(Config.ConfigBuilder configBuilder, Neo4jProperties.Pool pool) {
        if (pool.isLogLeakedSessions()) {
            configBuilder.withLeakedSessionsLogging();
        }
        configBuilder.withMaxConnectionPoolSize(pool.getMaxConnectionPoolSize());
        Duration idleTimeBeforeConnectionTest = pool.getIdleTimeBeforeConnectionTest();
        if (idleTimeBeforeConnectionTest != null) {
            configBuilder.withConnectionLivenessCheckTimeout(idleTimeBeforeConnectionTest.toMillis(), TimeUnit.MILLISECONDS);
        }
        configBuilder.withMaxConnectionLifetime(pool.getMaxConnectionLifetime().toMillis(), TimeUnit.MILLISECONDS);
        configBuilder.withConnectionAcquisitionTimeout(pool.getConnectionAcquisitionTimeout().toMillis(), TimeUnit.MILLISECONDS);
        if (pool.isMetricsEnabled()) {
            configBuilder.withDriverMetrics();
        } else {
            configBuilder.withoutDriverMetrics();
        }
    }

    private void configureDriverSettings(Config.ConfigBuilder configBuilder, Neo4jProperties neo4jProperties, boolean z) {
        if (z) {
            applyEncryptionAndTrustSettings(configBuilder, neo4jProperties.getSecurity());
        }
        configBuilder.withConnectionTimeout(neo4jProperties.getConnectionTimeout().toMillis(), TimeUnit.MILLISECONDS);
        configBuilder.withMaxTransactionRetryTime(neo4jProperties.getMaxTransactionRetryTime().toMillis(), TimeUnit.MILLISECONDS);
    }

    private void applyEncryptionAndTrustSettings(Config.ConfigBuilder configBuilder, Neo4jProperties.Security security) {
        if (security.isEncrypted()) {
            configBuilder.withEncryption();
        } else {
            configBuilder.withoutEncryption();
        }
        configBuilder.withTrustStrategy(mapTrustStrategy(security));
    }

    private Config.TrustStrategy mapTrustStrategy(Neo4jProperties.Security security) {
        Config.TrustStrategy createTrustStrategy = createTrustStrategy(security, "spring.neo4j.security.trust-strategy", security.getTrustStrategy());
        if (security.isHostnameVerificationEnabled()) {
            createTrustStrategy.withHostnameVerification();
        } else {
            createTrustStrategy.withoutHostnameVerification();
        }
        return createTrustStrategy;
    }

    private Config.TrustStrategy createTrustStrategy(Neo4jProperties.Security security, String str, Neo4jProperties.Security.TrustStrategy trustStrategy) {
        switch (trustStrategy) {
            case TRUST_ALL_CERTIFICATES:
                return Config.TrustStrategy.trustAllCertificates();
            case TRUST_SYSTEM_CA_SIGNED_CERTIFICATES:
                return Config.TrustStrategy.trustSystemCertificates();
            case TRUST_CUSTOM_CA_SIGNED_CERTIFICATES:
                File certFile = security.getCertFile();
                if (certFile == null || !certFile.isFile()) {
                    throw new InvalidConfigurationPropertyValueException(str, trustStrategy.name(), "Configured trust strategy requires a certificate file.");
                }
                return Config.TrustStrategy.trustCustomCertificateSignedBy(new File[]{certFile});
            default:
                throw new InvalidConfigurationPropertyValueException(str, trustStrategy.name(), "Unknown strategy.");
        }
    }
}
