package com.floragunn.searchguard.sgctl.client;

import com.floragunn.codova.config.net.TLSConfig;
import com.floragunn.codova.documents.DocNode;
import com.floragunn.codova.documents.DocReader;
import com.floragunn.codova.documents.DocUtils;
import com.floragunn.codova.documents.DocWriter;
import com.floragunn.codova.documents.DocumentParseException;
import com.floragunn.codova.documents.Format;
import com.floragunn.codova.documents.UnexpectedDocumentStructureException;
import com.floragunn.codova.documents.patch.DocPatch;
import com.floragunn.codova.validation.ConfigValidationException;
import com.floragunn.codova.validation.ValidatingFunction;
import com.floragunn.codova.validation.ValidationErrors;
import com.floragunn.searchguard.sgctl.client.api.AuthInfoResponse;
import com.floragunn.searchguard.sgctl.client.api.GetBulkConfigResponse;
import com.floragunn.searchguard.sgctl.client.api.GetSgLicenseResponse;
import com.floragunn.searchguard.sgctl.client.api.GetUserResponse;
import com.google.common.base.Charsets;
import com.google.common.io.CharStreams;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.ConnectException;
import java.nio.charset.Charset;
import java.nio.charset.IllegalCharsetNameException;
import java.nio.charset.UnsupportedCharsetException;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLHandshakeException;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPatch;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;

/* loaded from: input_file:com/floragunn/searchguard/sgctl/client/SearchGuardRestClient.class */
public class SearchGuardRestClient implements AutoCloseable {
    private static final Logger log = Logger.getLogger(SearchGuardRestClient.class.getName());
    private final HttpHost httpHost;
    private final TLSConfig tlsConfig;
    private CloseableHttpClient client;
    private boolean debug;

    /* loaded from: input_file:com/floragunn/searchguard/sgctl/client/SearchGuardRestClient$Response.class */
    public class Response {
        private final HttpResponse httpResponse;
        private final String bodyAsString;
        private final String contentType;
        private final String eTag;
        private final String searchGuardVersion;

        Response(HttpResponse httpResponse) throws InvalidResponseException {
            this.httpResponse = httpResponse;
            this.contentType = SearchGuardRestClient.getContentTypeFromResponse(httpResponse);
            this.eTag = httpResponse.containsHeader("ETag") ? httpResponse.getFirstHeader("ETag").getValue() : null;
            this.searchGuardVersion = httpResponse.containsHeader("X-Search-Guard-Version") ? httpResponse.getFirstHeader("X-Search-Guard-Version").getValue() : null;
            if (SearchGuardRestClient.this.debug) {
                System.out.println("------------------------------------------------");
                System.out.println(this.httpResponse.getStatusLine());
                System.out.println("Content-Type: " + this.contentType);
            }
            try {
                this.bodyAsString = SearchGuardRestClient.getEntityAsString(httpResponse);
                if (SearchGuardRestClient.this.debug && this.bodyAsString != null && this.bodyAsString.length() > 0) {
                    System.out.println(abbreviate(this.bodyAsString, 240));
                }
                if (SearchGuardRestClient.this.debug) {
                    System.out.println("------------------------------------------------");
                }
            } catch (IOException | IllegalCharsetNameException | UnsupportedCharsetException e) {
                throw new InvalidResponseException(e);
            }
        }

        private String abbreviate(String str, int i) {
            return str.length() <= i ? str : str.substring(0, i) + "...";
        }

        Map<String, Object> asMap() throws InvalidResponseException, ServiceUnavailableException, UnauthorizedException, ApiException, PreconditionFailedException {
            checkStatus();
            try {
                return DocReader.format(Format.getByContentType(this.contentType)).readObject(this.bodyAsString);
            } catch (Format.UnknownDocTypeException | UnexpectedDocumentStructureException | DocumentParseException e) {
                throw new InvalidResponseException((Throwable) e);
            }
        }

        public DocNode asDocNode() throws InvalidResponseException {
            if (this.bodyAsString == null) {
                return DocNode.EMPTY;
            }
            try {
                Format peekByContentType = Format.peekByContentType(this.contentType);
                return peekByContentType != null ? DocNode.wrap(DocReader.format(peekByContentType).read(this.bodyAsString)) : DocNode.wrap(this.bodyAsString);
            } catch (DocumentParseException e) {
                throw new InvalidResponseException((Throwable) e);
            }
        }

        public <T> T byString(ValidatingFunction<String, T> validatingFunction) throws InvalidResponseException, ServiceUnavailableException, UnauthorizedException, ApiException {
            checkStatus();
            try {
                return (T) validatingFunction.apply(this.bodyAsString);
            } catch (Exception e) {
                throw new InvalidResponseException(e);
            } catch (ConfigValidationException e2) {
                throw new InvalidResponseException((Throwable) e2);
            }
        }

        public <T> T parseResponseBy(ResponseParser<T> responseParser) throws InvalidResponseException, ServiceUnavailableException, UnauthorizedException, ApiException {
            checkStatus();
            try {
                return responseParser.apply(this);
            } catch (ConfigValidationException e) {
                throw new InvalidResponseException((Throwable) e);
            } catch (Exception e2) {
                throw new InvalidResponseException(e2);
            }
        }

        public HttpResponse getHttpResponse() {
            return this.httpResponse;
        }

        private void checkStatus() throws ServiceUnavailableException, UnauthorizedException, ApiException, InvalidResponseException {
            int statusCode = this.httpResponse.getStatusLine().getStatusCode();
            if (statusCode == 500) {
                throw new ServiceUnavailableException(getStatusMessage("Service unavailable: Internal server error"), this.httpResponse.getStatusLine(), this.httpResponse);
            }
            if (statusCode == 503) {
                throw new ServiceUnavailableException(getStatusMessage("Service temporarily unavailable; please try again later"), this.httpResponse.getStatusLine(), this.httpResponse);
            }
            if (statusCode >= 500) {
                throw new ServiceUnavailableException(getStatusMessage("Service unavailable: Error " + this.httpResponse.getStatusLine().getStatusCode()), this.httpResponse.getStatusLine(), this.httpResponse);
            }
            if (statusCode == 401) {
                throw new UnauthorizedException(getStatusMessage("Unauthorized"), this.httpResponse.getStatusLine(), this.httpResponse);
            }
            if (statusCode == 400) {
                if (!"application/json".equals(this.contentType)) {
                    throw new ApiException(getStatusMessage("Bad Request"), this.httpResponse.getStatusLine(), this.httpResponse, this.bodyAsString);
                }
                throw parseBadRequestJsonResponse();
            }
            if (statusCode == 404) {
                throw new ApiException(getStatusMessage("Not found"), this.httpResponse.getStatusLine(), this.httpResponse, this.bodyAsString);
            }
            if (statusCode == 412) {
                throw new PreconditionFailedException(getStatusMessage("Precondition failed"), this.httpResponse.getStatusLine(), this.httpResponse, this.bodyAsString);
            }
            if (statusCode > 400) {
                throw new ApiException(getStatusMessage("Bad Request"), this.httpResponse.getStatusLine(), this.httpResponse, this.bodyAsString);
            }
        }

        private String getStatusMessage(String str) {
            if ("application/json".equals(this.contentType)) {
                try {
                    Object read = DocReader.json().read(this.bodyAsString);
                    if (read instanceof Map) {
                        Object obj = ((Map) read).get("error");
                        if (obj instanceof String) {
                            return (String) obj;
                        }
                        if ((obj instanceof Map) && (((Map) obj).get("message") instanceof String)) {
                            return (String) ((Map) obj).get("message");
                        }
                        Object obj2 = ((Map) read).get("message");
                        if (obj2 != null) {
                            return obj2.toString();
                        }
                    }
                } catch (Exception e) {
                    SearchGuardRestClient.log.log(Level.WARNING, "Error while parsing JSON response", (Throwable) e);
                }
            }
            String reasonPhrase = this.httpResponse.getStatusLine().getReasonPhrase();
            return (reasonPhrase == null || reasonPhrase.length() == 0) ? str : reasonPhrase;
        }

        private ApiException parseBadRequestJsonResponse() throws InvalidResponseException {
            try {
                DocNode wrap = DocNode.wrap(DocReader.json().read(this.bodyAsString));
                String str = null;
                ValidationErrors validationErrors = null;
                if (wrap.get("error") instanceof String) {
                    str = (String) wrap.get("error");
                } else if (wrap.get("error") instanceof Map) {
                    DocNode asNode = wrap.getAsNode("error");
                    if (asNode.get("reason") instanceof String) {
                        str = (String) asNode.get("reason");
                        if (str.startsWith("Invalid index name [_searchguard]")) {
                            str = "Invalid REST endpoint";
                        }
                    }
                    if (asNode.get("message") instanceof String) {
                        str = (String) asNode.get("message");
                    }
                    if (asNode.get("details") instanceof Map) {
                        try {
                            validationErrors = ValidationErrors.parse(DocUtils.toStringKeyedMap((Map) asNode.get("details")));
                        } catch (Exception e) {
                            SearchGuardRestClient.log.log(Level.WARNING, "Error while parsing validation errors in response", (Throwable) e);
                        }
                    }
                }
                if (wrap.get("detail") instanceof Map) {
                    try {
                        validationErrors = ValidationErrors.parse(DocUtils.toStringKeyedMap((Map) wrap.get("detail")));
                    } catch (Exception e2) {
                        SearchGuardRestClient.log.log(Level.WARNING, "Error while parsing validation errors in response", (Throwable) e2);
                    }
                }
                if (str == null) {
                    str = this.httpResponse.getStatusLine().toString();
                }
                return new ApiException(str, this.httpResponse.getStatusLine(), this.httpResponse, this.bodyAsString).validationErrors(validationErrors);
            } catch (DocumentParseException e3) {
                throw new InvalidResponseException("Response contains invalid JSON: " + e3.getMessage(), e3);
            }
        }

        public String getETag() {
            return this.eTag;
        }

        public String getSearchGuardVersion() {
            return this.searchGuardVersion;
        }

        public String getContentType() {
            return this.contentType;
        }
    }

    @FunctionalInterface
    /* loaded from: input_file:com/floragunn/searchguard/sgctl/client/SearchGuardRestClient$ResponseParser.class */
    public interface ResponseParser<R> {
        R apply(Response response) throws InvalidResponseException, ConfigValidationException, ApiException;
    }

    public SearchGuardRestClient(HttpHost httpHost, TLSConfig tLSConfig) {
        this.httpHost = httpHost;
        this.tlsConfig = tLSConfig;
        this.client = HttpClientBuilder.create().setSSLSocketFactory(tLSConfig.toSSLConnectionSocketFactory()).build();
    }

    public AuthInfoResponse authInfo() throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (AuthInfoResponse) get("/_searchguard/authinfo").parseResponseBy(AuthInfoResponse::new);
    }

    public BasicResponse putConfigBulk(Map<String, Map<String, ?>> map) throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (BasicResponse) putJson("/_searchguard/config", map, new Header[0]).parseResponseBy(BasicResponse::new);
    }

    public GetBulkConfigResponse getConfigBulk() throws InvalidResponseException, ServiceUnavailableException, UnauthorizedException, ApiException, FailedConnectionException {
        return (GetBulkConfigResponse) get("/_searchguard/config").parseResponseBy(GetBulkConfigResponse::new);
    }

    public GetUserResponse getUser(String str) throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (GetUserResponse) get("/_searchguard/internal_users/" + str).parseResponseBy(GetUserResponse::new);
    }

    public BasicResponse deleteUser(String str) throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (BasicResponse) delete("/_searchguard/internal_users/" + str).parseResponseBy(BasicResponse::new);
    }

    public BasicResponse putUser(String str, Map<String, Object> map) throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (BasicResponse) putJson("/_searchguard/internal_users/" + str, map, new Header[0]).parseResponseBy(BasicResponse::new);
    }

    public BasicResponse patchUser(String str, DocPatch docPatch, Header... headerArr) throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (BasicResponse) patch("/_searchguard/internal_users/" + str, docPatch, headerArr).parseResponseBy(BasicResponse::new);
    }

    public BasicResponse putConfigVar(String str, Object obj, String str2, boolean z, Header... headerArr) throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("value", obj);
        if (str2 != null) {
            linkedHashMap.put("scope", str2);
        }
        if (z) {
            linkedHashMap.put("encrypt", true);
        }
        return (BasicResponse) putJson("/_searchguard/config/vars/" + str, linkedHashMap, headerArr).parseResponseBy(BasicResponse::new);
    }

    public BasicResponse deleteConfigVar(String str) throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (BasicResponse) delete("/_searchguard/config/vars/" + str).parseResponseBy(BasicResponse::new);
    }

    public BasicResponse getAllConfigVars() throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (BasicResponse) delete("/_searchguard/config/vars").parseResponseBy(BasicResponse::new);
    }

    public BasicResponse putSgConfig(Map<String, Object> map) throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (BasicResponse) putJson("/_searchguard/api/sg_config", map, new Header[0]).parseResponseBy(BasicResponse::new);
    }

    public BasicResponse reloadHttpCerts() throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (BasicResponse) post("/_searchguard/api/ssl/http/reloadcerts/").parseResponseBy(BasicResponse::new);
    }

    public BasicResponse reloadTransportCerts() throws InvalidResponseException, FailedConnectionException, ServiceUnavailableException, UnauthorizedException, ApiException {
        return (BasicResponse) post("/_searchguard/api/ssl/transport/reloadcerts/").parseResponseBy(BasicResponse::new);
    }

    public BasicResponse getComponentState(String str, boolean z) throws InvalidResponseException, ServiceUnavailableException, UnauthorizedException, ApiException, FailedConnectionException {
        return (BasicResponse) get("/_searchguard/component/" + (str != null ? str : "_all") + "/_health?verbose=" + z).parseResponseBy(BasicResponse::new);
    }

    public GetSgLicenseResponse getSgLicense() throws FailedConnectionException, InvalidResponseException, UnauthorizedException, ServiceUnavailableException, ApiException {
        return (GetSgLicenseResponse) get("/_searchguard/license").parseResponseBy(GetSgLicenseResponse::new);
    }

    public BasicResponse putSgLicense(Map<String, Object> map) throws FailedConnectionException, InvalidResponseException, UnauthorizedException, ServiceUnavailableException, ApiException {
        return (BasicResponse) putJson("/_searchguard/license/key", map, new Header[0]).parseResponseBy(BasicResponse::new);
    }

    public Response get(String str) throws FailedConnectionException, InvalidResponseException {
        try {
            return new Response(this.client.execute(this.httpHost, new HttpGet(str)));
        } catch (ConnectException e) {
            throw new FailedConnectionException(e.getMessage(), e);
        } catch (SSLHandshakeException e2) {
            throw new FailedConnectionException("TLS handshake failed while creating new connection: " + e2.getMessage(), e2);
        } catch (ClientProtocolException e3) {
            throw new FailedConnectionException(e3);
        } catch (IOException e4) {
            throw new FailedConnectionException(e4);
        }
    }

    public Response post(String str, String str2, ContentType contentType) throws FailedConnectionException, InvalidResponseException {
        try {
            HttpPost httpPost = new HttpPost(str);
            httpPost.setEntity(new StringEntity(str2, contentType));
            return new Response(this.client.execute(this.httpHost, httpPost));
        } catch (ConnectException e) {
            throw new FailedConnectionException(e.getMessage(), e);
        } catch (SSLHandshakeException e2) {
            throw new FailedConnectionException("TLS handshake failed while creating new connection: " + e2.getMessage(), e2);
        } catch (ClientProtocolException e3) {
            throw new FailedConnectionException(e3);
        } catch (IOException e4) {
            throw new FailedConnectionException(e4);
        }
    }

    protected Response postJson(String str, Map<String, Object> map) throws FailedConnectionException, InvalidResponseException {
        return post(str, DocWriter.json().writeAsString(map), ContentType.APPLICATION_JSON);
    }

    public Response post(String str) throws FailedConnectionException, InvalidResponseException {
        try {
            return new Response(this.client.execute(this.httpHost, new HttpPost(str)));
        } catch (ConnectException e) {
            throw new FailedConnectionException(e.getMessage(), e);
        } catch (SSLHandshakeException e2) {
            throw new FailedConnectionException("TLS handshake failed while creating new connection: " + e2.getMessage(), e2);
        } catch (ClientProtocolException e3) {
            throw new FailedConnectionException(e3);
        } catch (IOException e4) {
            throw new FailedConnectionException(e4);
        }
    }

    public Response put(String str, String str2, ContentType contentType, Header... headerArr) throws FailedConnectionException, InvalidResponseException {
        try {
            HttpPut httpPut = new HttpPut(str);
            if (headerArr != null) {
                httpPut.setHeaders(headerArr);
            }
            httpPut.setEntity(new StringEntity(str2, contentType));
            return new Response(this.client.execute(this.httpHost, httpPut));
        } catch (ConnectException e) {
            throw new FailedConnectionException(e.getMessage(), e);
        } catch (SSLHandshakeException e2) {
            throw new FailedConnectionException("TLS handshake failed while creating new connection: " + e2.getMessage(), e2);
        } catch (ClientProtocolException e3) {
            throw new FailedConnectionException(e3);
        } catch (IOException e4) {
            throw new FailedConnectionException(e4);
        }
    }

    protected Response putJson(String str, Map<String, ?> map, Header... headerArr) throws FailedConnectionException, InvalidResponseException {
        return put(str, DocWriter.json().writeAsString(map), ContentType.APPLICATION_JSON, headerArr);
    }

    public Response patch(String str, DocPatch docPatch, Header... headerArr) throws FailedConnectionException, InvalidResponseException {
        return patch(str, docPatch.toJsonString(), ContentType.create(docPatch.getMediaType()), headerArr);
    }

    public Response patch(String str, String str2, ContentType contentType, Header... headerArr) throws FailedConnectionException, InvalidResponseException {
        try {
            HttpPatch httpPatch = new HttpPatch(str);
            if (headerArr != null) {
                httpPatch.setHeaders(headerArr);
            }
            httpPatch.setEntity(new StringEntity(str2, contentType));
            return new Response(this.client.execute(this.httpHost, httpPatch));
        } catch (ConnectException e) {
            throw new FailedConnectionException(e.getMessage(), e);
        } catch (SSLHandshakeException e2) {
            throw new FailedConnectionException("TLS handshake failed while creating new connection: " + e2.getMessage(), e2);
        } catch (ClientProtocolException e3) {
            throw new FailedConnectionException(e3);
        } catch (IOException e4) {
            throw new FailedConnectionException(e4);
        }
    }

    public Response delete(String str) throws FailedConnectionException, InvalidResponseException {
        try {
            return new Response(this.client.execute(this.httpHost, new HttpDelete(str)));
        } catch (ConnectException e) {
            throw new FailedConnectionException(e.getMessage(), e);
        } catch (SSLHandshakeException e2) {
            throw new FailedConnectionException("TLS handshake failed while creating new connection: " + e2.getMessage(), e2);
        } catch (ClientProtocolException e3) {
            throw new FailedConnectionException(e3);
        } catch (IOException e4) {
            throw new FailedConnectionException(e4);
        }
    }

    public HttpHost getHttpHost() {
        return this.httpHost;
    }

    public TLSConfig getTlsConfig() {
        return this.tlsConfig;
    }

    @Override // java.lang.AutoCloseable
    public void close() {
        try {
            this.client.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getEntityAsString(HttpResponse httpResponse) throws IllegalCharsetNameException, UnsupportedCharsetException, IOException {
        if (httpResponse == null || httpResponse.getEntity() == null) {
            return null;
        }
        return CharStreams.toString(new InputStreamReader(httpResponse.getEntity().getContent(), getContentEncoding(httpResponse.getEntity())));
    }

    private static Charset getContentEncoding(HttpEntity httpEntity) throws IllegalCharsetNameException, UnsupportedCharsetException {
        return httpEntity.getContentEncoding() != null ? Charset.forName(httpEntity.getContentEncoding().getValue()) : Charsets.UTF_8;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getContentTypeFromResponse(HttpResponse httpResponse) {
        Header contentType;
        if (httpResponse.getEntity() == null || (contentType = httpResponse.getEntity().getContentType()) == null) {
            return null;
        }
        return ContentType.parse(contentType.getValue()).getMimeType().toLowerCase();
    }

    public boolean isDebug() {
        return this.debug;
    }

    public SearchGuardRestClient debug(boolean z) {
        this.debug = z;
        return this;
    }
}
