package com.floragunn.searchguard.test.helper.certificate;

import com.floragunn.searchguard.test.helper.cluster.FileHelper;
import java.io.File;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Random;
import java.util.function.Function;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:com/floragunn/searchguard/test/helper/certificate/TestCertificates.class */
public class TestCertificates {
    private static final Logger log = LogManager.getLogger(TestCertificates.class);
    private final TestCertificateFactory testCertificateFactory;
    private final TestCertificate caCertificate;
    private final List<TestCertificate> nodeCertificates;
    private final List<TestCertificate> clientCertificates;
    private final File resources;

    /* loaded from: input_file:com/floragunn/searchguard/test/helper/certificate/TestCertificates$TestCertificatesBuilder.class */
    public static class TestCertificatesBuilder {
        private static final String DEFAULT_CA_DN = "CN=root.ca.example.com,OU=Organizational Unit,O=Organization";
        private static final String DEFAULT_ONE_NODE_DN = "CN=node-0.example.com,OU=Organizational Unit,O=Organization";
        private final TestCertificateFactory testCertificateFactory;
        private TestCertificate caCertificate;
        private CertificatesDefaults certificatesDefaults = new CertificatesDefaults();
        private final List<TestCertificate> nodesCertificates = new ArrayList();
        private final List<TestCertificate> clientsCertificates = new ArrayList();
        private final File resources = FileHelper.createTempDirectory("certs");

        /* loaded from: input_file:com/floragunn/searchguard/test/helper/certificate/TestCertificates$TestCertificatesBuilder$CertificatesDefaults.class */
        public static class CertificatesDefaults {
            private int validityDays = 30;
            private String nodeOid = "1.2.3.4.5.5";
            private List<String> nodeIpList = Collections.emptyList();
            private List<String> nodeDnsList = Collections.emptyList();
            private NodeCertificateType nodeCertificateType = NodeCertificateType.transport_and_rest;

            public CertificatesDefaults setValidityDays(int i) {
                this.validityDays = i;
                return this;
            }

            public CertificatesDefaults setNodeOid(String str) {
                this.nodeOid = str;
                return this;
            }

            public CertificatesDefaults setNodeIpList(String... strArr) {
                this.nodeIpList = Arrays.asList(strArr);
                return this;
            }

            public CertificatesDefaults setNodeDnsList(String... strArr) {
                this.nodeDnsList = Arrays.asList(strArr);
                return this;
            }

            public CertificatesDefaults setNodeCertificateType(NodeCertificateType nodeCertificateType) {
                this.nodeCertificateType = nodeCertificateType;
                return this;
            }
        }

        public TestCertificatesBuilder(TestCertificateFactory testCertificateFactory) {
            this.testCertificateFactory = testCertificateFactory;
        }

        public TestCertificates build() {
            if (this.caCertificate == null) {
                ca();
            }
            if (this.nodesCertificates.isEmpty()) {
                addNodes(DEFAULT_ONE_NODE_DN);
            }
            return new TestCertificates(this.caCertificate, this.nodesCertificates, this.clientsCertificates, this.testCertificateFactory, this.resources);
        }

        public TestCertificatesBuilder defaults(Function<CertificatesDefaults, CertificatesDefaults> function) {
            this.certificatesDefaults = function.apply(this.certificatesDefaults);
            return this;
        }

        public TestCertificatesBuilder ca() {
            return ca(DEFAULT_CA_DN);
        }

        public TestCertificatesBuilder ca(String str) {
            return ca(str, this.certificatesDefaults.validityDays, (String) null);
        }

        public TestCertificatesBuilder ca(String str, Date date, Date date2) {
            if (this.caCertificate != null) {
                TestCertificates.log.error("CA certificate already generated. CA certificate can be generated only once");
                throw new RuntimeException("CA certificate already generated. CA certificate can be generated only once");
            }
            CertificateWithKeyPair createCaCertificate = this.testCertificateFactory.createCaCertificate(str, date, date2);
            this.caCertificate = new TestCertificate(createCaCertificate.getCertificate(), createCaCertificate.getKeyPair(), null, CertificateType.ca, this.resources);
            return this;
        }

        public TestCertificatesBuilder ca(String str, int i, String str2) {
            if (this.caCertificate != null) {
                TestCertificates.log.error("CA certificate already generated. CA certificate can be generated only once");
                throw new RuntimeException("CA certificate already generated. CA certificate can be generated only once");
            }
            CertificateWithKeyPair createCaCertificate = this.testCertificateFactory.createCaCertificate(str, i);
            this.caCertificate = new TestCertificate(createCaCertificate.getCertificate(), createCaCertificate.getKeyPair(), str2, CertificateType.ca, this.resources);
            return this;
        }

        public TestCertificatesBuilder addNodes(String... strArr) {
            return addNodes(Arrays.asList(strArr), this.certificatesDefaults.validityDays, this.certificatesDefaults.nodeOid, this.certificatesDefaults.nodeDnsList, this.certificatesDefaults.nodeIpList, this.certificatesDefaults.nodeCertificateType, null);
        }

        public TestCertificatesBuilder addNodes(List<String> list, int i, String str, List<String> list2, List<String> list3, NodeCertificateType nodeCertificateType, String str2) {
            validateCaCertificate();
            list.forEach(str3 -> {
                CertificateWithKeyPair createNodeCertificate = this.testCertificateFactory.createNodeCertificate(str3, i, str, list2, list3, this.caCertificate.getCertificate(), this.caCertificate.getKeyPair().getPrivate());
                this.nodesCertificates.add(new TestCertificate(createNodeCertificate.getCertificate(), createNodeCertificate.getKeyPair(), str2, nodeCertificateType.getCertificateType(), this.resources));
            });
            return this;
        }

        public TestCertificatesBuilder addClients(String... strArr) {
            return addClients(Arrays.asList(strArr), this.certificatesDefaults.validityDays, null);
        }

        public TestCertificatesBuilder addClients(List<String> list, int i, String str) {
            addClients(list, i, str, false);
            return this;
        }

        public TestCertificatesBuilder addAdminClients(String... strArr) {
            return addAdminClients(Arrays.asList(strArr), this.certificatesDefaults.validityDays, null);
        }

        public TestCertificatesBuilder addAdminClients(List<String> list, int i, String str) {
            addClients(list, i, str, true);
            return this;
        }

        private void addClients(List<String> list, int i, String str, boolean z) {
            validateCaCertificate();
            list.forEach(str2 -> {
                CertificateWithKeyPair createClientCertificate = this.testCertificateFactory.createClientCertificate(str2, i, this.caCertificate.getCertificate(), this.caCertificate.getKeyPair().getPrivate());
                this.clientsCertificates.add(new TestCertificate(createClientCertificate.getCertificate(), createClientCertificate.getKeyPair(), str, z ? CertificateType.admin_client : CertificateType.client, this.resources));
            });
        }

        private void validateCaCertificate() {
            if (this.caCertificate == null) {
                TestCertificates.log.error("Ca certificate is not generated, generate CA certificate first");
                throw new RuntimeException("Ca certificate is not generated, generate CA certificate first");
            }
        }
    }

    private TestCertificates(TestCertificate testCertificate, List<TestCertificate> list, List<TestCertificate> list2, TestCertificateFactory testCertificateFactory, File file) {
        this.caCertificate = testCertificate;
        this.nodeCertificates = list;
        this.clientCertificates = list2;
        this.testCertificateFactory = testCertificateFactory;
        this.resources = file;
    }

    public File getCaKeyFile() {
        return this.caCertificate.getPrivateKeyFile();
    }

    public File getCaCertFile() {
        return this.caCertificate.getCertificateFile();
    }

    public TestCertificate getCaCertificate() {
        return this.caCertificate;
    }

    public List<TestCertificate> getClientsCertificates() {
        return this.clientCertificates;
    }

    public TestCertificate getAnyClientCertificate() {
        return this.clientCertificates.get(0);
    }

    public List<TestCertificate> getNodesCertificates() {
        return this.nodeCertificates;
    }

    public TestCertificate getNodeCertificate() {
        return this.nodeCertificates.get(0);
    }

    public TestCertificate getAdminCertificate() {
        return this.clientCertificates.stream().filter(testCertificate -> {
            return testCertificate.getCertificateType() == CertificateType.admin_client;
        }).findFirst().orElseThrow(() -> {
            log.error("No admin client certificate configured");
            return new RuntimeException("No admin client certificate configured");
        });
    }

    public TestCertificate create(String str) {
        String str2 = "secret_" + new Random().nextInt();
        CertificateWithKeyPair createClientCertificate = this.testCertificateFactory.createClientCertificate(str, new TestCertificatesBuilder.CertificatesDefaults().validityDays, this.caCertificate.getCertificate(), this.caCertificate.getKeyPair().getPrivate());
        return new TestCertificate(createClientCertificate.getCertificate(), createClientCertificate.getKeyPair(), str2, CertificateType.other, this.resources);
    }

    public static TestCertificatesBuilder builder() {
        return builder(TestCertificateFactory.rsaBaseCertificateFactory());
    }

    public static TestCertificatesBuilder builder(TestCertificateFactory testCertificateFactory) {
        return new TestCertificatesBuilder(testCertificateFactory);
    }
}
