package io.trino.filesystem.s3;

import com.google.inject.Inject;
import io.trino.filesystem.TrinoFileSystem;
import io.trino.filesystem.TrinoFileSystemFactory;
import io.trino.spi.security.ConnectorIdentity;
import jakarta.annotation.PreDestroy;
import java.net.URI;
import java.util.Objects;
import java.util.Optional;
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.http.apache.ApacheHttpClient;
import software.amazon.awssdk.http.apache.ProxyConfiguration;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.s3.S3Client;
import software.amazon.awssdk.services.s3.S3ClientBuilder;
import software.amazon.awssdk.services.sts.StsClient;
import software.amazon.awssdk.services.sts.StsClientBuilder;
import software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider;

/* loaded from: input_file:io/trino/filesystem/s3/S3FileSystemFactory.class */
public final class S3FileSystemFactory implements TrinoFileSystemFactory {
    private final S3Client client;
    private final S3Context context;

    @Inject
    public S3FileSystemFactory(S3FileSystemConfig s3FileSystemConfig) {
        S3ClientBuilder builder = S3Client.builder();
        if (s3FileSystemConfig.getAwsAccessKey() != null && s3FileSystemConfig.getAwsSecretKey() != null) {
            builder.credentialsProvider(StaticCredentialsProvider.create(AwsBasicCredentials.create(s3FileSystemConfig.getAwsAccessKey(), s3FileSystemConfig.getAwsSecretKey())));
        }
        Optional map = Optional.ofNullable(s3FileSystemConfig.getRegion()).map(Region::of);
        Objects.requireNonNull(builder);
        map.ifPresent(builder::region);
        Optional map2 = Optional.ofNullable(s3FileSystemConfig.getEndpoint()).map(URI::create);
        Objects.requireNonNull(builder);
        map2.ifPresent(builder::endpointOverride);
        builder.forcePathStyle(Boolean.valueOf(s3FileSystemConfig.isPathStyleAccess()));
        if (s3FileSystemConfig.getIamRole() != null) {
            StsClientBuilder builder2 = StsClient.builder();
            Optional map3 = Optional.ofNullable(s3FileSystemConfig.getStsEndpoint()).map(URI::create);
            Objects.requireNonNull(builder2);
            map3.ifPresent(builder2::endpointOverride);
            Optional map4 = Optional.ofNullable(s3FileSystemConfig.getStsRegion()).or(() -> {
                return Optional.ofNullable(s3FileSystemConfig.getRegion());
            }).map(Region::of);
            Objects.requireNonNull(builder2);
            map4.ifPresent(builder2::region);
            builder.credentialsProvider(StsAssumeRoleCredentialsProvider.builder().refreshRequest(builder3 -> {
                builder3.roleArn(s3FileSystemConfig.getIamRole()).roleSessionName(s3FileSystemConfig.getRoleSessionName()).externalId(s3FileSystemConfig.getExternalId());
            }).stsClient((StsClient) builder2.build()).asyncCredentialUpdateEnabled(true).build());
        }
        ApacheHttpClient.Builder maxConnections = ApacheHttpClient.builder().maxConnections(s3FileSystemConfig.getMaxConnections());
        if (s3FileSystemConfig.getHttpProxy() != null) {
            Object[] objArr = new Object[2];
            objArr[0] = s3FileSystemConfig.isHttpProxySecure() ? "https" : "http";
            objArr[1] = s3FileSystemConfig.getHttpProxy();
            maxConnections.proxyConfiguration((ProxyConfiguration) ProxyConfiguration.builder().endpoint(URI.create("%s://%s".formatted(objArr))).build());
        }
        builder.httpClientBuilder(maxConnections);
        this.client = (S3Client) builder.build();
        this.context = new S3Context(Math.toIntExact(s3FileSystemConfig.getStreamingPartSize().toBytes()), s3FileSystemConfig.isRequesterPays(), s3FileSystemConfig.getSseType(), s3FileSystemConfig.getSseKmsKeyId());
    }

    @PreDestroy
    public void destroy() {
        this.client.close();
    }

    public TrinoFileSystem create(ConnectorIdentity connectorIdentity) {
        return new S3FileSystem(this.client, this.context);
    }
}
