package com.floragunn.searchguard.test;

import com.floragunn.codova.config.temporal.DurationFormat;
import com.floragunn.codova.documents.DocNode;
import com.floragunn.codova.documents.DocWriter;
import com.floragunn.codova.documents.Document;
import com.floragunn.codova.documents.DocumentParseException;
import com.floragunn.codova.documents.Format;
import com.floragunn.codova.documents.patch.MergePatch;
import com.floragunn.fluent.collections.ImmutableList;
import com.floragunn.fluent.collections.ImmutableMap;
import com.floragunn.fluent.collections.ImmutableSet;
import com.floragunn.searchguard.action.configupdate.ConfigUpdateAction;
import com.floragunn.searchguard.action.configupdate.ConfigUpdateRequest;
import com.floragunn.searchguard.action.configupdate.ConfigUpdateResponse;
import com.floragunn.searchguard.configuration.CType;
import com.floragunn.searchguard.configuration.variables.ConfigVarRefreshAction;
import com.floragunn.searchguard.test.helper.cluster.EsClientProvider;
import com.floragunn.searchguard.test.helper.cluster.FileHelper;
import com.floragunn.searchguard.test.helper.cluster.NestedValueMap;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.ByteBuffer;
import java.security.SecureRandom;
import java.time.Duration;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
import org.elasticsearch.action.ActionListener;
import org.elasticsearch.action.admin.indices.create.CreateIndexRequest;
import org.elasticsearch.action.bulk.BulkRequest;
import org.elasticsearch.action.index.IndexRequest;
import org.elasticsearch.action.support.WriteRequest;
import org.elasticsearch.client.Client;
import org.elasticsearch.common.bytes.BytesReference;

/* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig.class */
public class TestSgConfig {
    private static final Logger log = LogManager.getLogger(TestSgConfig.class);
    private NestedValueMap overrideSgConfigSettings;
    private NestedValueMap overrideUserSettings;
    private NestedValueMap overrideRoleSettings;
    private NestedValueMap overrideRoleMappingSettings;
    private NestedValueMap overrideFrontendConfigSettings;
    private Authc authc;
    private DlsFls dlsFls;
    private Privileges privileges;
    private Sessions sessions;
    private AuthTokenService authTokenService;
    private String resourceFolder = null;
    private String indexName = ".searchguard";
    private Map<String, Supplier<Object>> variableSuppliers = new HashMap();

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$AuthFailureListener.class */
    public static class AuthFailureListener {
        private final String id;
        private final String type;
        private int allowedTries;
        private int timeWindowSeconds;
        private int blockExpirySeconds;

        public AuthFailureListener(String str, String str2) {
            this.timeWindowSeconds = 3600;
            this.blockExpirySeconds = 600;
            this.id = str;
            this.type = str2;
            this.allowedTries = 3;
        }

        public AuthFailureListener(String str, String str2, int i) {
            this.timeWindowSeconds = 3600;
            this.blockExpirySeconds = 600;
            this.id = str;
            this.type = str2;
            this.allowedTries = i;
        }

        NestedValueMap toMap() {
            NestedValueMap nestedValueMap = new NestedValueMap();
            nestedValueMap.put("type", (Object) this.type);
            nestedValueMap.put("allowed_tries", (Object) Integer.valueOf(this.allowedTries));
            nestedValueMap.put("time_window_seconds", (Object) Integer.valueOf(this.timeWindowSeconds));
            nestedValueMap.put("block_expiry_seconds", (Object) Integer.valueOf(this.blockExpirySeconds));
            return NestedValueMap.of(this.id, (Object) nestedValueMap);
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$AuthTokenService.class */
    public static class AuthTokenService implements Document<AuthTokenService> {
        private Boolean enabled;
        private String metrics;
        private String jwtSigningKeyHs512;

        public AuthTokenService enabled(boolean z) {
            this.enabled = Boolean.valueOf(z);
            return this;
        }

        public AuthTokenService metrics(String str) {
            this.metrics = str;
            return this;
        }

        public AuthTokenService jwtSigningKeyHs512(String str) {
            this.jwtSigningKeyHs512 = str;
            return this;
        }

        public Object toBasicObject() {
            return ImmutableMap.of("default", ImmutableMap.ofNonNull("enabled", this.enabled, "metrics", this.metrics, "jwt_signing_key_hs512", this.jwtSigningKeyHs512));
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$Authc.class */
    public static class Authc implements Document<Authc> {
        private List<Domain> domains;
        private List<String> trustedProxies;

        /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$Authc$Domain.class */
        public static class Domain implements Document<Domain> {
            private final String type;
            private String id;
            private String description;
            private List<String> acceptIps = null;
            private List<String> skipIps = null;
            private List<String> acceptUsers = null;
            private List<String> skipUsers = null;
            private List<AdditionalUserInformation> additionalUserInformation = null;
            private UserMapping userMapping;
            private DocNode backendConfig;
            private DocNode frontendConfig;

            /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$Authc$Domain$AdditionalUserInformation.class */
            public static class AdditionalUserInformation implements Document<AdditionalUserInformation> {
                private String type;
                private DocNode config;

                public AdditionalUserInformation(String str) {
                    this.type = str;
                    this.config = null;
                }

                public AdditionalUserInformation(String str, DocNode docNode) {
                    this.type = str;
                    this.config = docNode;
                }

                public Object toBasicObject() {
                    return ImmutableMap.ofNonNull("type", this.type, this.type, this.config);
                }
            }

            /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$Authc$Domain$UserMapping.class */
            public static class UserMapping implements Document<UserMapping> {
                private List<DocNode> userNameFrom = new ArrayList();
                private List<String> userNameStatic = new ArrayList();
                private List<DocNode> userNameFromBackend = new ArrayList();
                private List<DocNode> rolesFrom = new ArrayList();
                private List<DocNode> rolesFromCommaSeparatedString = new ArrayList();
                private List<String> rolesStatic = new ArrayList();
                private Map<String, String> attrsFrom = new HashMap();
                private Map<String, String> attrsStatic = new HashMap();

                public UserMapping userNameFrom(String str) {
                    this.userNameFrom.add(DocNode.wrap(str));
                    return this;
                }

                public UserMapping userNameFrom(DocNode docNode) {
                    this.userNameFrom.add(docNode);
                    return this;
                }

                public UserMapping userNameStatic(String str) {
                    this.userNameStatic.add(str);
                    return this;
                }

                public UserMapping userNameFromBackend(String str) {
                    this.userNameFromBackend.add(DocNode.wrap(str));
                    return this;
                }

                public UserMapping userNameFromBackend(DocNode docNode) {
                    this.userNameFromBackend.add(docNode);
                    return this;
                }

                public UserMapping rolesFrom(String str) {
                    this.rolesFrom.add(DocNode.wrap(str));
                    return this;
                }

                public UserMapping rolesFromCommaSeparatedString(String str) {
                    this.rolesFromCommaSeparatedString.add(DocNode.wrap(str));
                    return this;
                }

                public UserMapping rolesFrom(DocNode docNode) {
                    this.rolesFrom.add(docNode);
                    return this;
                }

                public UserMapping rolesStatic(String... strArr) {
                    this.rolesStatic.addAll(Arrays.asList(strArr));
                    return this;
                }

                public UserMapping attrsFrom(String str, String str2) {
                    this.attrsFrom.put(str, str2);
                    return this;
                }

                public UserMapping attrsStatic(String str, String str2) {
                    this.attrsStatic.put(str, str2);
                    return this;
                }

                public Object toBasicObject() {
                    LinkedHashMap linkedHashMap = new LinkedHashMap();
                    if (this.userNameFrom.size() != 0 || this.userNameStatic.size() != 0 || this.userNameFromBackend.size() != 0) {
                        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
                        if (this.userNameFrom.size() == 1) {
                            linkedHashMap2.put("from", this.userNameFrom.get(0));
                        } else if (this.userNameFrom.size() > 1) {
                            linkedHashMap2.put("from", this.userNameFrom);
                        }
                        if (this.userNameStatic.size() == 1) {
                            linkedHashMap2.put("static", this.userNameStatic.get(0));
                        } else if (this.userNameStatic.size() > 1) {
                            linkedHashMap2.put("static", this.userNameStatic);
                        }
                        if (this.userNameFromBackend.size() == 1) {
                            linkedHashMap2.put("from_backend", this.userNameFromBackend.get(0));
                        } else if (this.userNameFromBackend.size() > 1) {
                            linkedHashMap2.put("from_backend", this.userNameFromBackend);
                        }
                        linkedHashMap.put("user_name", linkedHashMap2);
                    }
                    if (this.rolesFrom.size() != 0 || this.rolesStatic.size() != 0 || this.rolesFromCommaSeparatedString.size() != 0) {
                        LinkedHashMap linkedHashMap3 = new LinkedHashMap();
                        if (this.rolesFrom.size() == 1) {
                            linkedHashMap3.put("from", this.rolesFrom.get(0));
                        } else if (this.rolesFrom.size() > 1) {
                            linkedHashMap3.put("from", this.rolesFrom);
                        }
                        if (this.rolesFromCommaSeparatedString.size() == 1) {
                            linkedHashMap3.put("from_comma_separated_string", this.rolesFromCommaSeparatedString.get(0));
                        } else if (this.rolesFromCommaSeparatedString.size() > 1) {
                            linkedHashMap3.put("from_comma_separated_string", this.rolesFromCommaSeparatedString);
                        }
                        if (this.rolesStatic.size() == 1) {
                            linkedHashMap3.put("static", this.rolesStatic.get(0));
                        } else if (this.rolesStatic.size() > 1) {
                            linkedHashMap3.put("static", this.rolesStatic);
                        }
                        linkedHashMap.put("roles", linkedHashMap3);
                    }
                    if (this.attrsFrom.size() != 0 || this.attrsStatic.size() != 0) {
                        LinkedHashMap linkedHashMap4 = new LinkedHashMap();
                        if (this.attrsFrom.size() != 0) {
                            linkedHashMap4.put("from", this.attrsFrom);
                        }
                        if (this.attrsStatic.size() != 0) {
                            linkedHashMap4.put("static", this.attrsStatic);
                        }
                        linkedHashMap.put("attrs", linkedHashMap4);
                    }
                    return linkedHashMap;
                }
            }

            public Domain(String str) {
                this.type = str;
            }

            public Domain id(String str) {
                this.id = str;
                return this;
            }

            public Domain description(String str) {
                this.description = str;
                return this;
            }

            public Domain frontend(DocNode docNode) {
                this.frontendConfig = docNode;
                return this;
            }

            public Domain backend(DocNode docNode) {
                this.backendConfig = docNode;
                return this;
            }

            public Domain userMapping(UserMapping userMapping) {
                this.userMapping = userMapping;
                return this;
            }

            public Domain additionalUserInformation(AdditionalUserInformation... additionalUserInformationArr) {
                if (this.additionalUserInformation == null) {
                    this.additionalUserInformation = new ArrayList(Arrays.asList(additionalUserInformationArr));
                } else {
                    this.additionalUserInformation.addAll(Arrays.asList(additionalUserInformationArr));
                }
                return this;
            }

            public Domain acceptIps(String... strArr) {
                if (this.acceptIps == null) {
                    this.acceptIps = new ArrayList(Arrays.asList(strArr));
                } else {
                    this.acceptIps.addAll(Arrays.asList(strArr));
                }
                return this;
            }

            public Domain skipIps(String... strArr) {
                if (this.skipIps == null) {
                    this.skipIps = new ArrayList(Arrays.asList(strArr));
                } else {
                    this.skipIps.addAll(Arrays.asList(strArr));
                }
                return this;
            }

            public Domain skipUsers(String... strArr) {
                this.skipUsers = Arrays.asList(strArr);
                return this;
            }

            public Domain acceptUsers(String... strArr) {
                this.acceptUsers = Arrays.asList(strArr);
                return this;
            }

            public Object toBasicObject() {
                LinkedHashMap linkedHashMap = new LinkedHashMap();
                linkedHashMap.put("type", this.type);
                if (this.id != null) {
                    linkedHashMap.put("id", this.id);
                }
                if (this.description != null) {
                    linkedHashMap.put("description", this.description);
                }
                if (this.frontendConfig != null) {
                    int indexOf = this.type.indexOf(47);
                    linkedHashMap.put(this.type.substring(0, indexOf != -1 ? indexOf : this.type.length()), this.frontendConfig);
                }
                if (this.backendConfig != null) {
                    linkedHashMap.put(this.type.substring(this.type.indexOf(47) + 1), this.backendConfig);
                }
                if (this.acceptIps != null || this.acceptUsers != null) {
                    linkedHashMap.put("accept", ImmutableMap.ofNonNull("ips", this.acceptIps, "users", this.acceptUsers));
                }
                if (this.skipIps != null || this.skipUsers != null) {
                    linkedHashMap.put("skip", ImmutableMap.ofNonNull("ips", this.skipIps, "users", this.skipUsers));
                }
                if (this.additionalUserInformation != null) {
                    linkedHashMap.put("additional_user_information", this.additionalUserInformation);
                }
                if (this.userMapping != null) {
                    linkedHashMap.put("user_mapping", this.userMapping.toBasicObject());
                }
                return linkedHashMap;
            }
        }

        public Authc(Domain... domainArr) {
            this.domains = ImmutableList.ofArray(domainArr);
        }

        public Authc trustedProxies(String... strArr) {
            this.trustedProxies = Arrays.asList(strArr);
            return this;
        }

        public Object toBasicObject() {
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            linkedHashMap.put("auth_domains", this.domains);
            if (this.trustedProxies != null) {
                linkedHashMap.put("network", ImmutableMap.of("trusted_proxies", this.trustedProxies));
            }
            return ImmutableMap.of("default", linkedHashMap);
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$DlsFls.class */
    public static class DlsFls implements Document<DlsFls> {
        private Boolean debug;
        private String metrics;
        private String useImpl;
        private Boolean dlsAllowNow;

        public DlsFls useImpl(String str) {
            this.useImpl = str;
            return this;
        }

        public DlsFls metrics(String str) {
            this.metrics = str;
            return this;
        }

        public Object toBasicObject() {
            return ImmutableMap.of("default", ImmutableMap.ofNonNull("debug", this.debug, "metrics", this.metrics, "use_impl", this.useImpl, "dls", ImmutableMap.ofNonNull("allow_now", this.dlsAllowNow)));
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$ExcludedIndexPermission.class */
    public static class ExcludedIndexPermission {
        private List<String> actions;
        private List<String> indexPatterns;
        private Role role;

        ExcludedIndexPermission(Role role, String... strArr) {
            this.actions = Arrays.asList(strArr);
            this.role = role;
        }

        public Role on(String... strArr) {
            this.indexPatterns = Arrays.asList(strArr);
            this.role.excludedIndexPermissions.add(this);
            return this.role;
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$FrontendAuthc.class */
    public static class FrontendAuthc {
        private final String type;
        private String label;
        private NestedValueMap moreProperties = new NestedValueMap();

        public FrontendAuthc(String str) {
            this.type = str;
        }

        public FrontendAuthc label(String str) {
            this.label = str;
            return this;
        }

        public FrontendAuthc config(String str, Object obj) {
            this.moreProperties.put(NestedValueMap.Path.parse(str), obj);
            return this;
        }

        public FrontendAuthc config(String str, Object obj, Object... objArr) {
            this.moreProperties.put(NestedValueMap.Path.parse(str), obj);
            if (objArr != null && objArr.length >= 2) {
                for (int i = 0; i < objArr.length; i += 2) {
                    this.moreProperties.put(NestedValueMap.Path.parse(String.valueOf(objArr[i])), objArr[i + 1]);
                }
            }
            return this;
        }

        NestedValueMap toMap() {
            NestedValueMap clone = this.moreProperties.clone();
            clone.put("type", (Object) this.type);
            clone.put("label", (Object) this.label);
            return clone;
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$IndexPermission.class */
    public static class IndexPermission {
        private List<String> allowedActions;
        private List<String> indexPatterns;
        private Role role;
        private String dlsQuery;
        private List<String> fls;
        private List<String> maskedFields;

        IndexPermission(Role role, String... strArr) {
            this.allowedActions = Arrays.asList(strArr);
            this.role = role;
        }

        public IndexPermission dls(String str) {
            this.dlsQuery = str;
            return this;
        }

        public IndexPermission dls(Map<String, Object> map) {
            this.dlsQuery = DocWriter.json().writeAsString(map);
            return this;
        }

        public IndexPermission fls(String... strArr) {
            this.fls = Arrays.asList(strArr);
            return this;
        }

        public IndexPermission maskedFields(String... strArr) {
            this.maskedFields = Arrays.asList(strArr);
            return this;
        }

        public Role on(String... strArr) {
            this.indexPatterns = Arrays.asList(strArr);
            this.role.indexPermissions.add(this);
            return this.role;
        }

        public NestedValueMap toJsonMap() {
            NestedValueMap nestedValueMap = new NestedValueMap();
            nestedValueMap.put("index_patterns", (Object) this.indexPatterns);
            nestedValueMap.put("allowed_actions", (Object) this.allowedActions);
            if (this.dlsQuery != null) {
                nestedValueMap.put("dls", (Object) this.dlsQuery);
            }
            if (this.fls != null) {
                nestedValueMap.put("fls", (Object) this.fls);
            }
            if (this.maskedFields != null) {
                nestedValueMap.put("masked_fields", (Object) this.maskedFields);
            }
            return nestedValueMap;
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$Privileges.class */
    public static class Privileges implements Document<Privileges> {
        private boolean ignoreUnauthorizedIndices = true;

        public boolean isIgnoreUnauthorizedIndices() {
            return this.ignoreUnauthorizedIndices;
        }

        public Privileges ignoreUnauthorizedIndices(boolean z) {
            this.ignoreUnauthorizedIndices = z;
            return this;
        }

        public Object toBasicObject() {
            return ImmutableMap.of("default", ImmutableMap.of("ignore_unauthorized_indices.enabled", Boolean.valueOf(this.ignoreUnauthorizedIndices)));
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$Role.class */
    public static class Role {
        public static Role ALL_ACCESS = new Role("all_access").clusterPermissions("*").indexPermissions("*").on("*");
        private String name;
        private List<String> clusterPermissions = new ArrayList();
        private List<String> excludedClusterPermissions = new ArrayList();
        private List<IndexPermission> indexPermissions = new ArrayList();
        private List<ExcludedIndexPermission> excludedIndexPermissions = new ArrayList();

        public Role(String str) {
            this.name = str;
        }

        public Role clusterPermissions(String... strArr) {
            this.clusterPermissions.addAll(Arrays.asList(strArr));
            return this;
        }

        public Role excludeClusterPermissions(String... strArr) {
            this.excludedClusterPermissions.addAll(Arrays.asList(strArr));
            return this;
        }

        public IndexPermission indexPermissions(String... strArr) {
            return new IndexPermission(this, strArr);
        }

        public ExcludedIndexPermission excludeIndexPermissions(String... strArr) {
            return new ExcludedIndexPermission(this, strArr);
        }

        public String getName() {
            return this.name;
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$RoleMapping.class */
    public static class RoleMapping {
        private String name;
        private List<String> backendRoles = new ArrayList();
        private List<String> users = new ArrayList();

        public RoleMapping(String str) {
            this.name = str;
        }

        public RoleMapping backendRoles(String... strArr) {
            this.backendRoles.addAll(Arrays.asList(strArr));
            return this;
        }

        public RoleMapping users(String... strArr) {
            this.users.addAll(Arrays.asList(strArr));
            return this;
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$Sessions.class */
    public static class Sessions implements Document<Sessions> {
        private Duration inactivityTimeout;
        private Boolean refreshSessionActivityIndex;
        private String jwtSigningKeyHs512;
        private String jwtAudience;

        public Sessions inactivityTimeout(Duration duration) {
            this.inactivityTimeout = duration;
            return this;
        }

        public Sessions refreshSessionActivityIndex(boolean z) {
            this.refreshSessionActivityIndex = Boolean.valueOf(z);
            return this;
        }

        public Sessions jwtSigningKeyHs512(String str) {
            this.jwtSigningKeyHs512 = str;
            return this;
        }

        public Sessions jwtAudience(String str) {
            this.jwtAudience = str;
            return this;
        }

        public Object toBasicObject() {
            return ImmutableMap.of("default", ImmutableMap.ofNonNull("inactivity_timeout", this.inactivityTimeout != null ? DurationFormat.INSTANCE.format(this.inactivityTimeout) : null, "refresh_session_activity_index", this.refreshSessionActivityIndex, "jwt_signing_key_hs512", this.jwtSigningKeyHs512, "jwt_audience", this.jwtAudience));
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/TestSgConfig$User.class */
    public static class User implements EsClientProvider.UserCredentialsHolder {
        private String name;
        private Role[] roles;
        private String[] roleNames;
        private Map<String, Object> attributes = new HashMap();
        private String password = "secret";

        public User(String str) {
            this.name = str;
        }

        public User password(String str) {
            this.password = str;
            return this;
        }

        public User roles(Role... roleArr) {
            this.roles = roleArr;
            return this;
        }

        public User roles(String... strArr) {
            this.roleNames = strArr;
            return this;
        }

        public User attr(String str, Object obj) {
            this.attributes.put(str, obj);
            return this;
        }

        @Override // com.floragunn.searchguard.test.helper.cluster.EsClientProvider.UserCredentialsHolder
        public String getName() {
            return this.name;
        }

        @Override // com.floragunn.searchguard.test.helper.cluster.EsClientProvider.UserCredentialsHolder
        public String getPassword() {
            return this.password;
        }

        public Set<String> getRoleNames() {
            ImmutableSet empty = ImmutableSet.empty();
            if (this.roleNames != null) {
                empty = empty.with(this.roleNames);
            }
            if (this.roles != null) {
                empty = empty.with(ImmutableSet.ofArray(this.roles).map(role -> {
                    return role.name;
                }));
            }
            return empty;
        }
    }

    public TestSgConfig configIndexName(String str) {
        this.indexName = str;
        return this;
    }

    public TestSgConfig resources(String str) {
        this.resourceFolder = str;
        return this;
    }

    public TestSgConfig var(String str, Supplier<Object> supplier) {
        this.variableSuppliers.put(str, supplier);
        return this;
    }

    public TestSgConfig sgConfigSettings(String str, Object obj, Object... objArr) {
        if (this.overrideSgConfigSettings == null) {
            this.overrideSgConfigSettings = new NestedValueMap();
        }
        this.overrideSgConfigSettings.put(NestedValueMap.Path.parse(str), obj);
        for (int i = 0; i < objArr.length - 1; i += 2) {
            this.overrideSgConfigSettings.put(NestedValueMap.Path.parse(String.valueOf(objArr[i])), objArr[i + 1]);
        }
        return this;
    }

    public TestSgConfig xff(String str) {
        if (this.overrideSgConfigSettings == null) {
            this.overrideSgConfigSettings = new NestedValueMap();
        }
        this.overrideSgConfigSettings.put(new NestedValueMap.Path("sg_config", "dynamic", "http", "xff"), (Object) NestedValueMap.of("enabled", (Object) true, "internalProxies", (Object) str));
        return this;
    }

    public TestSgConfig authc(Authc authc) {
        this.authc = authc;
        return this;
    }

    public TestSgConfig dlsFls(DlsFls dlsFls) {
        this.dlsFls = dlsFls;
        return this;
    }

    public TestSgConfig frontendAuthc(FrontendAuthc... frontendAuthcArr) {
        return frontendAuthc("default", frontendAuthcArr);
    }

    public TestSgConfig frontendAuthc(String str, FrontendAuthc... frontendAuthcArr) {
        if (this.overrideFrontendConfigSettings == null) {
            this.overrideFrontendConfigSettings = new NestedValueMap();
        }
        ArrayList arrayList = new ArrayList();
        for (FrontendAuthc frontendAuthc : frontendAuthcArr) {
            arrayList.add(NestedValueMap.copy((Map<?, ?>) frontendAuthc.toMap()));
        }
        this.overrideFrontendConfigSettings.put(new NestedValueMap.Path(str, "auth_domains"), (Object) arrayList);
        return this;
    }

    public TestSgConfig user(User user) {
        return user.roleNames != null ? user(user.name, user.password, user.attributes, user.roleNames) : user(user.name, user.password, user.attributes, user.roles);
    }

    public TestSgConfig user(String str, String str2, String... strArr) {
        return user(str, str2, (Map<String, Object>) null, strArr);
    }

    public TestSgConfig user(String str, String str2, Map<String, Object> map, String... strArr) {
        if (this.overrideUserSettings == null) {
            this.overrideUserSettings = new NestedValueMap();
        }
        this.overrideUserSettings.put(new NestedValueMap.Path(str, "hash"), (Object) hash(str2.toCharArray()));
        if (strArr != null && strArr.length > 0) {
            this.overrideUserSettings.put(new NestedValueMap.Path(str, "search_guard_roles"), (Object) strArr);
        }
        if (map != null && map.size() != 0) {
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                this.overrideUserSettings.put(new NestedValueMap.Path(str, "attributes", entry.getKey()), entry.getValue());
            }
        }
        return this;
    }

    public TestSgConfig user(String str, String str2, Role... roleArr) {
        return user(str, str2, (Map<String, Object>) null, roleArr);
    }

    public TestSgConfig user(String str, String str2, Map<String, Object> map, Role... roleArr) {
        if (this.overrideUserSettings == null) {
            this.overrideUserSettings = new NestedValueMap();
        }
        this.overrideUserSettings.put(new NestedValueMap.Path(str, "hash"), (Object) hash(str2.toCharArray()));
        if (roleArr != null && roleArr.length > 0) {
            String str3 = "user_" + str + "__";
            this.overrideUserSettings.put(new NestedValueMap.Path(str, "search_guard_roles"), Arrays.asList(roleArr).stream().map(role -> {
                return str3 + role.name;
            }).collect(Collectors.toList()));
            roles(str3, roleArr);
        }
        if (map != null && map.size() != 0) {
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                this.overrideUserSettings.put(new NestedValueMap.Path(str, "attributes", entry.getKey()), entry.getValue());
            }
        }
        return this;
    }

    public TestSgConfig roles(Role... roleArr) {
        return roles("", roleArr);
    }

    public TestSgConfig roles(String str, Role... roleArr) {
        if (this.overrideRoleSettings == null) {
            this.overrideRoleSettings = new NestedValueMap();
        }
        for (Role role : roleArr) {
            String str2 = str + role.name;
            if (role.clusterPermissions.size() > 0) {
                this.overrideRoleSettings.put(new NestedValueMap.Path(str2, "cluster_permissions"), (Object) role.clusterPermissions);
            }
            if (role.indexPermissions.size() > 0) {
                this.overrideRoleSettings.put(new NestedValueMap.Path(str2, "index_permissions"), role.indexPermissions.stream().map(indexPermission -> {
                    return indexPermission.toJsonMap();
                }).collect(Collectors.toList()));
            }
            if (role.excludedClusterPermissions.size() > 0) {
                this.overrideRoleSettings.put(new NestedValueMap.Path(str2, "exclude_cluster_permissions"), (Object) role.excludedClusterPermissions);
            }
            if (role.excludedIndexPermissions.size() > 0) {
                this.overrideRoleSettings.put(new NestedValueMap.Path(str2, "exclude_index_permissions"), role.excludedIndexPermissions.stream().map(excludedIndexPermission -> {
                    return NestedValueMap.of("index_patterns", (Object) excludedIndexPermission.indexPatterns, "actions", (Object) excludedIndexPermission.actions);
                }).collect(Collectors.toList()));
            }
        }
        return this;
    }

    public TestSgConfig roleMapping(RoleMapping... roleMappingArr) {
        if (this.overrideRoleMappingSettings == null) {
            this.overrideRoleMappingSettings = new NestedValueMap();
        }
        for (RoleMapping roleMapping : roleMappingArr) {
            String str = roleMapping.name;
            if (roleMapping.backendRoles.size() > 0) {
                this.overrideRoleMappingSettings.put(new NestedValueMap.Path(str, "backend_roles"), (Object) roleMapping.backendRoles);
            }
            if (roleMapping.users.size() > 0) {
                this.overrideRoleMappingSettings.put(new NestedValueMap.Path(str, "users"), (Object) roleMapping.users);
            }
        }
        return this;
    }

    public TestSgConfig roleToRoleMapping(Role role, String... strArr) {
        return roleMapping(new RoleMapping(role.name).backendRoles(strArr));
    }

    public TestSgConfig authFailureListener(AuthFailureListener authFailureListener) {
        if (this.overrideSgConfigSettings == null) {
            this.overrideSgConfigSettings = new NestedValueMap();
        }
        this.overrideSgConfigSettings.put(new NestedValueMap.Path("sg_config", "dynamic", "auth_failure_listeners"), (Object) authFailureListener.toMap());
        return this;
    }

    public TestSgConfig ignoreUnauthorizedIndices(boolean z) {
        if (this.privileges == null) {
            this.privileges = new Privileges();
        }
        this.privileges.ignoreUnauthorizedIndices(z);
        return this;
    }

    public TestSgConfig sessions(Sessions sessions) {
        this.sessions = sessions;
        return this;
    }

    public TestSgConfig authTokenService(AuthTokenService authTokenService) {
        this.authTokenService = authTokenService;
        return this;
    }

    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public TestSgConfig m30clone() {
        TestSgConfig testSgConfig = new TestSgConfig();
        testSgConfig.resourceFolder = this.resourceFolder;
        testSgConfig.indexName = this.indexName;
        testSgConfig.overrideRoleSettings = this.overrideRoleSettings != null ? this.overrideRoleSettings.clone() : null;
        testSgConfig.overrideSgConfigSettings = this.overrideSgConfigSettings != null ? this.overrideSgConfigSettings.clone() : null;
        testSgConfig.overrideUserSettings = this.overrideUserSettings != null ? this.overrideUserSettings.clone() : null;
        return testSgConfig;
    }

    public void initIndex(Client client) {
        HashMap hashMap = new HashMap();
        if (this.indexName.startsWith(".")) {
            hashMap.put("index.hidden", true);
        }
        client.admin().indices().create(new CreateIndexRequest(this.indexName).settings(hashMap)).actionGet();
        writeOptionalConfigToIndex(client, CType.CONFIG, "sg_config.yml", this.overrideSgConfigSettings);
        writeOptionalConfigToIndex(client, CType.ROLES, "sg_roles.yml", this.overrideRoleSettings);
        writeOptionalConfigToIndex(client, CType.INTERNALUSERS, "sg_internal_users.yml", this.overrideUserSettings);
        writeOptionalConfigToIndex(client, CType.ROLESMAPPING, "sg_roles_mapping.yml", this.overrideRoleMappingSettings);
        writeConfigToIndex(client, CType.ACTIONGROUPS, "sg_action_groups.yml");
        writeConfigToIndex(client, CType.TENANTS, "sg_tenants.yml");
        writeOptionalConfigToIndex(client, CType.BLOCKS, "sg_blocks.yml", (NestedValueMap) null);
        writeOptionalConfigToIndex(client, CType.FRONTEND_AUTHC, "sg_frontend_authc.yml", this.overrideFrontendConfigSettings);
        writeOptionalConfigToIndex(client, "frontend_multi_tenancy", "sg_frontend_multi_tenancy.yml", (NestedValueMap) null);
        if (this.authc != null) {
            writeConfigToIndex(client, CType.AUTHC, this.authc);
        } else {
            writeOptionalConfigToIndex(client, CType.AUTHC, "sg_authc.yml", (NestedValueMap) null);
        }
        if (this.privileges != null) {
            writeConfigToIndex(client, CType.AUTHZ, this.privileges);
        } else {
            writeOptionalConfigToIndex(client, CType.AUTHZ, "sg_privileges.yml", (NestedValueMap) null);
        }
        if (this.sessions != null) {
            writeConfigToIndex(client, "sessions", this.sessions);
        }
        if (this.dlsFls != null) {
            writeConfigToIndex(client, "authz_dlsfls", this.dlsFls);
        }
        if (this.authTokenService != null) {
            writeConfigToIndex(client, "auth_token_service", this.authTokenService);
        }
        if (this.variableSuppliers.size() != 0) {
            writeConfigVars(client, this.variableSuppliers);
        }
        ConfigUpdateResponse configUpdateResponse = (ConfigUpdateResponse) client.execute(ConfigUpdateAction.INSTANCE, new ConfigUpdateRequest((String[]) CType.lcStringValues().toArray(new String[0]))).actionGet();
        if (configUpdateResponse.hasFailures()) {
            throw new RuntimeException("ConfigUpdateResponse produced failures: " + configUpdateResponse.failures());
        }
    }

    private void writeConfigToIndex(Client client, CType<?> cType, String str) {
        writeConfigToIndex(client, cType, str, (NestedValueMap) null);
    }

    private void writeConfigToIndex(Client client, CType<?> cType, String str, NestedValueMap nestedValueMap) {
        try {
            NestedValueMap fromYaml = this.resourceFolder != null ? NestedValueMap.fromYaml(openFile(str)) : NestedValueMap.of(new NestedValueMap.Path("_sg_meta", "type"), (Object) cType.toLCString(), new NestedValueMap.Path("_sg_meta", "config_version"), (Object) 2);
            if (nestedValueMap != null) {
                fromYaml.overrideLeafs(nestedValueMap);
            }
            log.info("Writing " + cType + ":\n" + fromYaml.toYamlString());
            client.index(new IndexRequest(this.indexName).id(cType.toLCString()).setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(new Object[]{cType.toLCString(), BytesReference.fromByteBuffer(ByteBuffer.wrap(fromYaml.toJsonString().getBytes("utf-8")))})).actionGet();
        } catch (FileNotFoundException e) {
            throw new RuntimeException("Error while initializing config for " + this.indexName, e);
        } catch (Exception e2) {
            throw new RuntimeException("Error while initializing config for " + this.indexName, e2);
        }
    }

    private void writeOptionalConfigToIndex(Client client, CType<?> cType, String str, NestedValueMap nestedValueMap) {
        try {
            DocNode docNode = null;
            if (this.resourceFolder != null) {
                try {
                    docNode = DocNode.parse(Format.YAML).from(openFile(str));
                } catch (FileNotFoundException e) {
                }
            }
            if (docNode == null) {
                docNode = DocNode.of("_sg_meta.type", cType.toLCString(), "_sg_meta.config_version", 2);
            }
            if (nestedValueMap != null) {
                docNode = new MergePatch(DocNode.wrap(nestedValueMap)).apply(docNode);
            }
            log.info("Writing " + cType + ":\n" + docNode.toYamlString());
            client.index(new IndexRequest(this.indexName).id(cType.toLCString()).setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(new Object[]{cType.toLCString(), BytesReference.fromByteBuffer(ByteBuffer.wrap(docNode.toJsonString().getBytes("utf-8")))})).actionGet();
        } catch (Exception e2) {
            throw new RuntimeException("Error while initializing config for " + this.indexName, e2);
        }
    }

    private void writeOptionalConfigToIndex(Client client, String str, String str2, NestedValueMap nestedValueMap) {
        try {
            NestedValueMap nestedValueMap2 = null;
            if (this.resourceFolder != null) {
                try {
                    nestedValueMap2 = NestedValueMap.fromYaml(openFile(str2));
                } catch (FileNotFoundException e) {
                }
            }
            if (nestedValueMap2 == null) {
                nestedValueMap2 = NestedValueMap.of(new NestedValueMap.Path("_sg_meta", "type"), (Object) str, new NestedValueMap.Path("_sg_meta", "config_version"), (Object) 2);
            }
            if (nestedValueMap != null) {
                nestedValueMap2.overrideLeafs(nestedValueMap);
            }
            log.info("Writing " + str + ":\n" + nestedValueMap2.toYamlString());
            client.index(new IndexRequest(this.indexName).id(str).setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(new Object[]{str, BytesReference.fromByteBuffer(ByteBuffer.wrap(nestedValueMap2.toJsonString().getBytes("utf-8")))})).actionGet();
        } catch (Exception e2) {
            throw new RuntimeException("Error while initializing config for " + this.indexName, e2);
        }
    }

    private void writeConfigToIndex(Client client, CType<?> cType, Document<?> document) {
        try {
            log.info("Writing " + cType + ":\n" + document.toYamlString());
            client.index(new IndexRequest(this.indexName).id(cType.toLCString()).setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(new Object[]{cType.toLCString(), BytesReference.fromByteBuffer(ByteBuffer.wrap(document.toJsonString().getBytes("utf-8")))})).actionGet();
        } catch (Exception e) {
            throw new RuntimeException("Error while initializing config for " + this.indexName, e);
        }
    }

    private void writeConfigToIndex(Client client, String str, Document<?> document) {
        try {
            log.info("Writing " + str + ":\n" + document.toYamlString());
            client.index(new IndexRequest(this.indexName).id(str).setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(new Object[]{str, BytesReference.fromByteBuffer(ByteBuffer.wrap(document.toJsonString().getBytes("utf-8")))})).actionGet();
        } catch (Exception e) {
            throw new RuntimeException("Error while initializing config for " + this.indexName, e);
        }
    }

    private void writeConfigVars(Client client, Map<String, Supplier<Object>> map) {
        BulkRequest refreshPolicy = new BulkRequest(".searchguard_config_vars").setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE);
        for (Map.Entry<String, Supplier<Object>> entry : map.entrySet()) {
            refreshPolicy.add(new IndexRequest(".searchguard_config_vars").id(entry.getKey()).source(new Object[]{"value", entry.getValue().get(), "updated", Instant.now()}));
        }
        client.bulk(refreshPolicy).actionGet();
        ConfigVarRefreshAction.send(client, new ActionListener<ConfigVarRefreshAction.Response>() { // from class: com.floragunn.searchguard.test.TestSgConfig.1
            public void onResponse(ConfigVarRefreshAction.Response response) {
            }

            public void onFailure(Exception exc) {
                TestSgConfig.log.error("Error while refreshing secrets");
            }
        });
    }

    private InputStream openFile(String str) throws IOException {
        String str2 = (this.resourceFolder == null || this.resourceFolder.length() == 0 || this.resourceFolder.equals("/")) ? "/" + str : "/" + this.resourceFolder + "/" + str;
        InputStream resourceAsStream = FileHelper.class.getResourceAsStream(str2);
        if (resourceAsStream == null) {
            throw new FileNotFoundException("Could not find resource in class path: " + str2);
        }
        return resourceAsStream;
    }

    public static NestedValueMap fromYaml(String str) {
        try {
            return NestedValueMap.fromYaml(str);
        } catch (IOException | DocumentParseException e) {
            throw new RuntimeException(e);
        }
    }

    private static String hash(char[] cArr) {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        String generate = OpenBSDBCrypt.generate((char[]) Objects.requireNonNull(cArr), bArr, 12);
        Arrays.fill(bArr, (byte) 0);
        Arrays.fill(cArr, (char) 0);
        return generate;
    }
}
