package com.floragunn.searchguard.authc.transport;

import com.floragunn.codova.config.net.CacheConfig;
import com.floragunn.codova.documents.DocNode;
import com.floragunn.codova.documents.Document;
import com.floragunn.codova.documents.UnexpectedDocumentStructureException;
import com.floragunn.codova.validation.ConfigValidationException;
import com.floragunn.codova.validation.ValidatingDocNode;
import com.floragunn.codova.validation.ValidationErrors;
import com.floragunn.codova.validation.ValidationResult;
import com.floragunn.fluent.collections.ImmutableList;
import com.floragunn.searchguard.authc.AuthenticationDomain;
import com.floragunn.searchguard.authc.base.IPAddressAcceptanceRules;
import com.floragunn.searchguard.authc.transport.TransportAuthenticationDomain;
import com.floragunn.searchguard.configuration.ConfigurationRepository;
import com.floragunn.searchguard.configuration.Destroyable;
import com.floragunn.searchsupport.cstate.metrics.MetricsLevel;
import java.util.Iterator;

/* loaded from: input_file:com/floragunn/searchguard/authc/transport/TransportAuthcConfig.class */
public class TransportAuthcConfig implements Document<TransportAuthcConfig>, Destroyable {
    private final DocNode source;
    private final ImmutableList<AuthenticationDomain<TransportAuthenticationDomain.TransportAuthenticationFrontend>> authenticationDomains;
    private final boolean debugEnabled;
    private final CacheConfig userCacheConfig;
    private final Network network;

    /* loaded from: input_file:com/floragunn/searchguard/authc/transport/TransportAuthcConfig$Network.class */
    public static class Network {
        private final IPAddressAcceptanceRules ipAddressAcceptanceRules;

        public Network(IPAddressAcceptanceRules iPAddressAcceptanceRules) {
            this.ipAddressAcceptanceRules = iPAddressAcceptanceRules;
        }

        static Network parse(DocNode docNode) throws ConfigValidationException {
            ValidationErrors validationErrors = new ValidationErrors();
            ValidatingDocNode validatingDocNode = new ValidatingDocNode(docNode, validationErrors);
            IPAddressAcceptanceRules iPAddressAcceptanceRules = new IPAddressAcceptanceRules((IPAddressAcceptanceRules.Criteria) validatingDocNode.get("accept").by(IPAddressAcceptanceRules.Criteria::parse), (IPAddressAcceptanceRules.Criteria) validatingDocNode.get("deny").by(IPAddressAcceptanceRules.Criteria::parse));
            validatingDocNode.checkForUnusedAttributes();
            validationErrors.throwExceptionForPresentErrors();
            return new Network(iPAddressAcceptanceRules);
        }

        public IPAddressAcceptanceRules getIpAddressAcceptanceRules() {
            return this.ipAddressAcceptanceRules;
        }
    }

    public TransportAuthcConfig(DocNode docNode, ImmutableList<AuthenticationDomain<TransportAuthenticationDomain.TransportAuthenticationFrontend>> immutableList, Network network, CacheConfig cacheConfig, boolean z) {
        this.source = docNode;
        this.authenticationDomains = immutableList;
        this.userCacheConfig = cacheConfig;
        this.debugEnabled = z;
        this.network = network;
    }

    public Object toBasicObject() {
        return this.source;
    }

    public static ValidationResult<TransportAuthcConfig> parse(DocNode docNode, ConfigurationRepository.Context context) {
        try {
            ValidatingDocNode validatingDocNode = new ValidatingDocNode(docNode.splitDottedAttributeNamesToTree(), new ValidationErrors());
            MetricsLevel asEnum = validatingDocNode.get("metrics").withDefault(MetricsLevel.BASIC).asEnum(MetricsLevel.class);
            ImmutableList asList = validatingDocNode.get("auth_domains").asList(docNode2 -> {
                return TransportAuthenticationDomain.parse(docNode2, context, asEnum);
            });
            boolean asBoolean = validatingDocNode.get("debug").withDefault(false).asBoolean();
            CacheConfig cacheConfig = (CacheConfig) validatingDocNode.get("user_cache").withDefault(CacheConfig.DEFAULT).by(CacheConfig::new);
            Network network = (Network) validatingDocNode.get("network").by(Network::parse);
            validatingDocNode.checkForUnusedAttributes();
            return new ValidationResult<>(new TransportAuthcConfig(docNode, ImmutableList.of(asList), network, cacheConfig, asBoolean));
        } catch (UnexpectedDocumentStructureException e) {
            return new ValidationResult<>(e.getValidationErrors());
        }
    }

    public ImmutableList<AuthenticationDomain<TransportAuthenticationDomain.TransportAuthenticationFrontend>> getAuthenticators() {
        return this.authenticationDomains;
    }

    public boolean isDebugEnabled() {
        return this.debugEnabled;
    }

    public CacheConfig getUserCacheConfig() {
        return this.userCacheConfig;
    }

    public Network getNetwork() {
        return this.network;
    }

    @Override // com.floragunn.searchguard.configuration.Destroyable
    public void destroy() {
        Iterator it = this.authenticationDomains.iterator();
        while (it.hasNext()) {
            AuthenticationDomain authenticationDomain = (AuthenticationDomain) it.next();
            if (authenticationDomain instanceof Destroyable) {
                ((Destroyable) authenticationDomain).destroy();
            }
        }
    }
}
