package com.floragunn.searchguard.signalstool;

import com.floragunn.codova.config.net.TLSConfig;
import com.floragunn.codova.documents.DocNode;
import com.floragunn.codova.documents.DocReader;
import com.floragunn.codova.documents.DocWriter;
import com.floragunn.codova.documents.Document;
import com.floragunn.codova.documents.DocumentParseException;
import com.floragunn.codova.documents.UnexpectedDocumentStructureException;
import com.floragunn.codova.validation.ConfigValidationException;
import com.floragunn.codova.validation.ValidatingDocNode;
import com.floragunn.codova.validation.ValidationErrors;
import com.floragunn.codova.validation.errors.MissingAttribute;
import com.floragunn.searchguard.signalstool.client.SearchGuardRestClient;
import com.floragunn.searchguard.signalstool.commands.AcknowledgeWatch;
import com.floragunn.searchguard.signalstool.commands.ActivateWatch;
import com.floragunn.searchguard.signalstool.commands.Connect;
import com.floragunn.searchguard.signalstool.commands.DeactivateWatch;
import com.floragunn.searchguard.signalstool.commands.DeleteSettings;
import com.floragunn.searchguard.signalstool.commands.DeleteWatch;
import com.floragunn.searchguard.signalstool.commands.GetSettings;
import com.floragunn.searchguard.signalstool.commands.GetState;
import com.floragunn.searchguard.signalstool.commands.GetWatch;
import com.floragunn.searchguard.signalstool.commands.Licenses;
import com.floragunn.searchguard.signalstool.commands.ListStates;
import com.floragunn.searchguard.signalstool.commands.ListWatches;
import com.floragunn.searchguard.signalstool.commands.UpdateSettings;
import com.floragunn.searchguard.signalstool.commands.UpdateWatch;
import com.google.common.base.Charsets;
import com.google.common.io.FileWriteMode;
import com.google.common.io.Files;
import java.io.File;
import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.net.SocketException;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import org.apache.http.HttpHost;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.cookie.ClientCookie;
import picocli.CommandLine;

@CommandLine.Command(name = "signals", subcommands = {AcknowledgeWatch.class, ActivateWatch.class, Connect.class, DeactivateWatch.class, DeleteSettings.class, GetSettings.class, DeleteWatch.class, GetState.class, GetWatch.class, Licenses.class, ListStates.class, ListWatches.class, UpdateSettings.class, UpdateWatch.class})
/* loaded from: input_file:com/floragunn/searchguard/signalstool/SignalsTool.class */
public class SignalsTool {

    /* loaded from: input_file:com/floragunn/searchguard/signalstool/SignalsTool$Profile.class */
    public static final class Profile extends Record implements Document<Profile> {
        private final String hostname;
        private final int port;
        private final TLSConfig tlsConfig;
        private final BasicAuthConfig basicAuthConfig;

        /* loaded from: input_file:com/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig.class */
        public static final class BasicAuthConfig extends Record implements Document<BasicAuthConfig> {
            private final String username;
            private final String password;

            public BasicAuthConfig(String str, String str2) {
                this.username = str;
                this.password = str2;
            }

            @Override // com.floragunn.codova.documents.Document
            public Object toBasicObject() {
                LinkedHashMap linkedHashMap = new LinkedHashMap();
                linkedHashMap.put("username", this.username);
                linkedHashMap.put("password", this.password);
                return linkedHashMap;
            }

            public UsernamePasswordCredentials toCredentials() {
                return new UsernamePasswordCredentials(this.username, this.password);
            }

            @Override // java.lang.Record
            public final String toString() {
                return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, BasicAuthConfig.class), BasicAuthConfig.class, "username;password", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig;->username:Ljava/lang/String;", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig;->password:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
            }

            @Override // java.lang.Record
            public final int hashCode() {
                return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, BasicAuthConfig.class), BasicAuthConfig.class, "username;password", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig;->username:Ljava/lang/String;", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig;->password:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
            }

            @Override // java.lang.Record
            public final boolean equals(Object obj) {
                return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, BasicAuthConfig.class, Object.class), BasicAuthConfig.class, "username;password", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig;->username:Ljava/lang/String;", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig;->password:Ljava/lang/String;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
            }

            public String username() {
                return this.username;
            }

            public String password() {
                return this.password;
            }
        }

        /* loaded from: input_file:com/floragunn/searchguard/signalstool/SignalsTool$Profile$Builder.class */
        public static class Builder {
            private final File confDir;
            private String hostname = null;
            private Integer port = null;
            private boolean customPort = false;
            private String username = null;
            private String password = null;
            private File caCert = null;
            private boolean insecure = false;
            private boolean customInsecure = false;
            private TLSConfig tlsConfig = null;
            private BasicAuthConfig basicAuthConfig = null;

            public Builder(File file) {
                this.confDir = file;
            }

            public Builder hostname(String str) {
                this.hostname = str;
                return this;
            }

            public Builder port(Integer num) {
                this.port = num;
                return this;
            }

            public Builder customPort(boolean z) {
                this.customPort = z;
                return this;
            }

            public Builder username(String str) {
                this.username = str;
                return this;
            }

            public Builder password(String str) {
                this.password = str;
                return this;
            }

            public Builder caCert(File file) {
                this.caCert = file;
                return this;
            }

            public Builder insecure(boolean z) {
                this.insecure = z;
                return this;
            }

            public Builder customInsecure(boolean z) {
                this.customInsecure = z;
                return this;
            }

            private TLSConfig readTlsConfig(DocNode docNode) throws ConfigValidationException {
                Map<String, Object> basicObject = TLSConfig.parse(docNode).toBasicObject();
                if (this.caCert != null) {
                    basicObject.remove("trusted_cas");
                    basicObject.put("trusted_cas", "#{file:" + this.caCert.getAbsolutePath() + "}");
                }
                if (this.customInsecure) {
                    basicObject.remove("verify_hostnames");
                    basicObject.put("verify_hostnames", Boolean.valueOf(!this.insecure));
                }
                return TLSConfig.parse(basicObject);
            }

            protected BasicAuthConfig readBasicAuthConfig(DocNode docNode) throws ConfigValidationException {
                ValidationErrors validationErrors = new ValidationErrors();
                ValidatingDocNode validatingDocNode = new ValidatingDocNode(docNode, validationErrors);
                String asString = validatingDocNode.get("username").required().asString();
                String asString2 = validatingDocNode.get("password").withDefault((String) null).asString();
                validationErrors.throwExceptionForPresentErrors();
                if (this.username == null) {
                    this.username = asString;
                }
                if (this.password == null) {
                    this.password = asString2;
                }
                return new BasicAuthConfig(this.username, this.password);
            }

            private void read(DocNode docNode) throws ConfigValidationException {
                ValidationErrors validationErrors = new ValidationErrors();
                ValidatingDocNode validatingDocNode = new ValidatingDocNode(docNode, validationErrors);
                String asString = validatingDocNode.get("hostname").required().asString();
                int asInt = validatingDocNode.get(ClientCookie.PORT_ATTR).required().asInt();
                try {
                    this.tlsConfig = readTlsConfig(validatingDocNode.get("tls").required().asDocNode());
                    this.basicAuthConfig = readBasicAuthConfig(validatingDocNode.get("basic_auth").required().asDocNode());
                } catch (ConfigValidationException e) {
                    validationErrors.add("tls", e);
                }
                validationErrors.throwExceptionForPresentErrors();
                if (this.hostname == null) {
                    this.hostname = asString;
                }
                if (this.customPort) {
                    return;
                }
                this.port = Integer.valueOf(asInt);
            }

            private void validate() throws ConfigValidationException {
                ValidationErrors validationErrors = new ValidationErrors();
                if (this.hostname == null) {
                    validationErrors.add(new MissingAttribute("--host"));
                }
                if (this.username == null) {
                    validationErrors.add(new MissingAttribute("--user"));
                }
                if (this.password == null) {
                    validationErrors.add(new MissingAttribute("--password"));
                }
                validationErrors.throwExceptionForPresentErrors();
            }

            public Profile build(String str) throws ToolException {
                if (Profile.profileExists(this.confDir, str)) {
                    File file = new File(this.confDir, "profile_" + str + ".yml");
                    try {
                        read(DocNode.wrap(DocReader.yaml().readObject(file)));
                    } catch (DocumentParseException | UnexpectedDocumentStructureException | IOException e) {
                        throw new ToolException("Error while reading '" + file + "'", e);
                    } catch (ConfigValidationException e2) {
                        throw new ToolException("Invalid profile '" + file + "'", e2);
                    }
                } else {
                    this.basicAuthConfig = new BasicAuthConfig(this.username, this.password);
                    try {
                        if (this.caCert != null) {
                            this.tlsConfig = new TLSConfig.Builder().trust(this.caCert).verifyHostnames(!this.insecure).build();
                        } else {
                            this.tlsConfig = new TLSConfig.Builder().verifyHostnames(!this.insecure).build();
                        }
                    } catch (ConfigValidationException e3) {
                        throw new ToolException("Error while creating tls configuration", e3);
                    }
                }
                try {
                    validate();
                    return new Profile(this.hostname, this.port.intValue(), this.tlsConfig, this.basicAuthConfig);
                } catch (ConfigValidationException e4) {
                    throw new ToolException("Invalid profile settings", e4);
                }
            }
        }

        public Profile(String str, int i, TLSConfig tLSConfig, BasicAuthConfig basicAuthConfig) {
            this.hostname = str;
            this.port = i;
            this.tlsConfig = tLSConfig;
            this.basicAuthConfig = basicAuthConfig;
        }

        public static boolean profileExists(File file, String str) {
            if (str == null || file == null) {
                return false;
            }
            return new File(file, "profile_" + str + ".yml").exists();
        }

        public static String readSelectedProfileName(File file) throws ToolException {
            File file2 = new File(file, "selected_profile.txt");
            if (!file2.exists()) {
                return null;
            }
            try {
                return Files.asCharSource(file2, Charsets.UTF_8).readFirstLine();
            } catch (IOException e) {
                throw new ToolException("Error while reading " + file2, e);
            }
        }

        public static void writeSelectedProfileName(File file, String str) throws ToolException {
            File file2 = new File(file, "selected_profile.txt");
            try {
                Files.asCharSink(file2, Charsets.UTF_8, new FileWriteMode[0]).write(str);
            } catch (IOException e) {
                throw new ToolException("Error while writing " + file2);
            }
        }

        public static void deleteSelectedProfileName(File file) throws ToolException {
            File file2 = new File(file, "selected_profile.txt");
            if (file2.exists() && !file2.delete()) {
                throw new ToolException("Error while deleting " + file2);
            }
        }

        @Override // com.floragunn.codova.documents.Document
        public Object toBasicObject() {
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            linkedHashMap.put("hostname", this.hostname);
            linkedHashMap.put(ClientCookie.PORT_ATTR, Integer.valueOf(this.port));
            linkedHashMap.put("tls", this.tlsConfig.toBasicObject());
            linkedHashMap.put("basic_auth", this.basicAuthConfig.toBasicObject());
            return linkedHashMap;
        }

        public HttpHost toHttpHost() {
            return new HttpHost(this.hostname, this.port, "https");
        }

        public void write(File file, String str) throws ToolException {
            if (!file.exists() && !file.mkdir()) {
                throw new ToolException("Could not create directory " + file + ")");
            }
            File file2 = new File(file, "profile_" + (str == null ? this.hostname : str) + ".yml");
            try {
                DocWriter.yaml().write(file2, toBasicObject());
            } catch (IOException e) {
                throw new ToolException("Could not write profile " + file2 + ")", e);
            }
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, Profile.class), Profile.class, "hostname;port;tlsConfig;basicAuthConfig", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->hostname:Ljava/lang/String;", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->port:I", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->tlsConfig:Lcom/floragunn/codova/config/net/TLSConfig;", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->basicAuthConfig:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, Profile.class), Profile.class, "hostname;port;tlsConfig;basicAuthConfig", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->hostname:Ljava/lang/String;", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->port:I", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->tlsConfig:Lcom/floragunn/codova/config/net/TLSConfig;", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->basicAuthConfig:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, Profile.class, Object.class), Profile.class, "hostname;port;tlsConfig;basicAuthConfig", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->hostname:Ljava/lang/String;", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->port:I", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->tlsConfig:Lcom/floragunn/codova/config/net/TLSConfig;", "FIELD:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile;->basicAuthConfig:Lcom/floragunn/searchguard/signalstool/SignalsTool$Profile$BasicAuthConfig;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }

        public String hostname() {
            return this.hostname;
        }

        public int port() {
            return this.port;
        }

        public TLSConfig tlsConfig() {
            return this.tlsConfig;
        }

        public BasicAuthConfig basicAuthConfig() {
            return this.basicAuthConfig;
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/signalstool/SignalsTool$ToolException.class */
    public static class ToolException extends Exception {
        private static final long serialVersionUID = -963587291045738489L;

        public static ToolException from(Exception exc) {
            return exc instanceof ToolException ? (ToolException) exc : exc instanceof SearchGuardRestClient.FailedConnectionException ? from((SearchGuardRestClient.FailedConnectionException) exc) : ((exc instanceof SearchGuardRestClient.InvalidResponseException) || (exc instanceof SearchGuardRestClient.ApiException)) ? new ToolException("Invalid response from server: " + exc.getMessage(), exc) : exc instanceof SearchGuardRestClient.ServiceUnavailableException ? new ToolException("Server is unavailable: " + exc.getMessage(), exc) : exc instanceof SearchGuardRestClient.UnauthorizedException ? new ToolException("Server rejected request as unauthorized. Please check user permissions.", exc) : new ToolException(exc);
        }

        private static ToolException from(SearchGuardRestClient.FailedConnectionException failedConnectionException) {
            String message = failedConnectionException.getMessage();
            if ((failedConnectionException.getCause() instanceof SSLHandshakeException) && failedConnectionException.getMessage().contains("unable to find valid certification path to requested target")) {
                message = "Could not validate server certificate using current CA settings. Please verify that you are using the correct CA certificates. You can specify custom CA certificates using the --ca-cert option.";
            } else if ((failedConnectionException.getCause() instanceof SSLException) && (failedConnectionException.getCause().getCause() instanceof SocketException)) {
                message = "Connection failed: " + failedConnectionException.getCause().getCause().getMessage();
            }
            return new ToolException(message, failedConnectionException);
        }

        public ToolException(String str) {
            super(str);
        }

        public ToolException(String str, Throwable th) {
            super(str, th);
        }

        public ToolException(Throwable th) {
            super(th);
        }

        public ToolException(String str, ConfigValidationException configValidationException) {
            this(str + "\n" + configValidationException.getValidationErrors(), (Throwable) configValidationException);
        }
    }

    public static int exec(String... strArr) {
        return new CommandLine(new SignalsTool()).execute(strArr);
    }

    public static void main(String... strArr) {
        System.exit(exec(strArr));
    }
}
