package com.floragunn.searchguard.test.helper.cluster;

import com.floragunn.searchguard.action.configupdate.ConfigUpdateAction;
import com.floragunn.searchguard.action.configupdate.ConfigUpdateRequest;
import com.floragunn.searchguard.action.configupdate.ConfigUpdateResponse;
import com.floragunn.searchguard.sgconf.impl.CType;
import com.floragunn.searchguard.test.helper.cluster.NestedValueMap;
import com.floragunn.searchguard.test.helper.file.FileHelper;
import com.floragunn.searchguard.tools.Hasher;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.elasticsearch.action.admin.indices.create.CreateIndexRequest;
import org.elasticsearch.action.index.IndexRequest;
import org.elasticsearch.action.support.WriteRequest;
import org.elasticsearch.client.Client;
import org.elasticsearch.common.bytes.BytesReference;

/* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/TestSgConfig.class */
public class TestSgConfig {
    private static final Logger log = LogManager.getLogger(TestSgConfig.class);
    private NestedValueMap overrideSgConfigSettings;
    private NestedValueMap overrideUserSettings;
    private NestedValueMap overrideRoleSettings;
    private String resourceFolder = null;
    private String indexName = "searchguard";

    /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/TestSgConfig$AuthFailureListener.class */
    public static class AuthFailureListener {
        private final String id;
        private final String type;
        private int allowedTries;
        private int timeWindowSeconds;
        private int blockExpirySeconds;

        public AuthFailureListener(String str, String str2) {
            this.timeWindowSeconds = 3600;
            this.blockExpirySeconds = 600;
            this.id = str;
            this.type = str2;
            this.allowedTries = 3;
        }

        public AuthFailureListener(String str, String str2, int i) {
            this.timeWindowSeconds = 3600;
            this.blockExpirySeconds = 600;
            this.id = str;
            this.type = str2;
            this.allowedTries = i;
        }

        NestedValueMap toMap() {
            NestedValueMap nestedValueMap = new NestedValueMap();
            nestedValueMap.put("type", (Object) this.type);
            nestedValueMap.put("allowed_tries", (Object) Integer.valueOf(this.allowedTries));
            nestedValueMap.put("time_window_seconds", (Object) Integer.valueOf(this.timeWindowSeconds));
            nestedValueMap.put("block_expiry_seconds", (Object) Integer.valueOf(this.blockExpirySeconds));
            return NestedValueMap.of(this.id, (Object) nestedValueMap);
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/TestSgConfig$AuthcDomain.class */
    public static class AuthcDomain {
        private final String id;
        private int order;
        private HttpAuthenticator httpAuthenticator;
        private AuthenticationBackend authenticationBackend;
        private boolean enabled = true;
        private boolean transportEnabled = true;
        private List<String> skipUsers = new ArrayList();
        private List<String> enabledOnlyForIps = null;

        /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/TestSgConfig$AuthcDomain$AuthenticationBackend.class */
        public static class AuthenticationBackend {
            private final String type;
            private NestedValueMap config = new NestedValueMap();

            public AuthenticationBackend(String str) {
                this.type = str;
            }

            public AuthenticationBackend config(Map<String, Object> map) {
                this.config.putAllFromAnyMap(map);
                return this;
            }

            public AuthenticationBackend config(String str, Object obj) {
                this.config.put(NestedValueMap.Path.parse(str), obj);
                return this;
            }

            NestedValueMap toMap() {
                NestedValueMap nestedValueMap = new NestedValueMap();
                nestedValueMap.put("type", (Object) this.type);
                nestedValueMap.put("config", (Map<?, ?>) this.config);
                return nestedValueMap;
            }
        }

        /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/TestSgConfig$AuthcDomain$HttpAuthenticator.class */
        public static class HttpAuthenticator {
            private final String type;
            private boolean challenge;
            private NestedValueMap config = new NestedValueMap();

            public HttpAuthenticator(String str) {
                this.type = str;
            }

            public HttpAuthenticator challenge(boolean z) {
                this.challenge = z;
                return this;
            }

            public HttpAuthenticator config(Map<String, Object> map) {
                this.config.putAllFromAnyMap(map);
                return this;
            }

            public HttpAuthenticator config(String str, Object obj) {
                this.config.put(NestedValueMap.Path.parse(str), obj);
                return this;
            }

            NestedValueMap toMap() {
                NestedValueMap nestedValueMap = new NestedValueMap();
                nestedValueMap.put("type", (Object) this.type);
                nestedValueMap.put("challenge", (Object) Boolean.valueOf(this.challenge));
                nestedValueMap.put("config", (Map<?, ?>) this.config);
                return nestedValueMap;
            }
        }

        public AuthcDomain(String str, int i) {
            this.id = str;
            this.order = i;
        }

        public AuthcDomain httpAuthenticator(String str) {
            this.httpAuthenticator = new HttpAuthenticator(str);
            return this;
        }

        public AuthcDomain challengingAuthenticator(String str) {
            this.httpAuthenticator = new HttpAuthenticator(str).challenge(true);
            return this;
        }

        public AuthcDomain httpAuthenticator(HttpAuthenticator httpAuthenticator) {
            this.httpAuthenticator = httpAuthenticator;
            return this;
        }

        public AuthcDomain backend(String str) {
            this.authenticationBackend = new AuthenticationBackend(str);
            return this;
        }

        public AuthcDomain backend(AuthenticationBackend authenticationBackend) {
            this.authenticationBackend = authenticationBackend;
            return this;
        }

        public AuthcDomain skipUsers(String... strArr) {
            this.skipUsers.addAll(Arrays.asList(strArr));
            return this;
        }

        public AuthcDomain enabledOnlyForIps(String... strArr) {
            if (this.enabledOnlyForIps == null) {
                this.enabledOnlyForIps = new ArrayList();
            }
            this.enabledOnlyForIps.addAll(Arrays.asList(strArr));
            return this;
        }

        NestedValueMap toMap() {
            NestedValueMap nestedValueMap = new NestedValueMap();
            nestedValueMap.put(new NestedValueMap.Path(this.id, "http_enabled"), (Object) Boolean.valueOf(this.enabled));
            nestedValueMap.put(new NestedValueMap.Path(this.id, "transport_enabled"), (Object) Boolean.valueOf(this.transportEnabled));
            nestedValueMap.put(new NestedValueMap.Path(this.id, "order"), (Object) Integer.valueOf(this.order));
            if (this.httpAuthenticator != null) {
                nestedValueMap.put(new NestedValueMap.Path(this.id, "http_authenticator"), (Object) this.httpAuthenticator.toMap());
            }
            if (this.authenticationBackend != null) {
                nestedValueMap.put(new NestedValueMap.Path(this.id, "authentication_backend"), (Object) this.authenticationBackend.toMap());
            }
            if (this.enabledOnlyForIps != null) {
                nestedValueMap.put(new NestedValueMap.Path(this.id, "enabled_only_for_ips"), (Object) this.enabledOnlyForIps);
            }
            if (this.skipUsers != null && this.skipUsers.size() > 0) {
                nestedValueMap.put(new NestedValueMap.Path(this.id, "skip_users"), (Object) this.skipUsers);
            }
            return nestedValueMap;
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/TestSgConfig$ExcludedIndexPermission.class */
    public static class ExcludedIndexPermission {
        private List<String> actions;
        private List<String> indexPatterns;
        private Role role;

        ExcludedIndexPermission(Role role, String... strArr) {
            this.actions = Arrays.asList(strArr);
            this.role = role;
        }

        public Role on(String... strArr) {
            this.indexPatterns = Arrays.asList(strArr);
            this.role.excludedIndexPermissions.add(this);
            return this.role;
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/TestSgConfig$IndexPermission.class */
    public static class IndexPermission {
        private List<String> allowedActions;
        private List<String> indexPatterns;
        private Role role;
        private String dlsQuery;
        private List<String> fls;
        private List<String> maskedFields;

        IndexPermission(Role role, String... strArr) {
            this.allowedActions = Arrays.asList(strArr);
            this.role = role;
        }

        public IndexPermission dls(String str) {
            this.dlsQuery = str;
            return this;
        }

        public IndexPermission fls(String... strArr) {
            this.fls = Arrays.asList(strArr);
            return this;
        }

        public IndexPermission maskedFields(String... strArr) {
            this.maskedFields = Arrays.asList(strArr);
            return this;
        }

        public Role on(String... strArr) {
            this.indexPatterns = Arrays.asList(strArr);
            this.role.indexPermissions.add(this);
            return this.role;
        }

        public NestedValueMap toJsonMap() {
            NestedValueMap nestedValueMap = new NestedValueMap();
            nestedValueMap.put("index_patterns", (Object) this.indexPatterns);
            nestedValueMap.put("allowed_actions", (Object) this.allowedActions);
            if (this.dlsQuery != null) {
                nestedValueMap.put("dls", (Object) this.dlsQuery);
            }
            if (this.fls != null) {
                nestedValueMap.put("fls", (Object) this.fls);
            }
            if (this.maskedFields != null) {
                nestedValueMap.put("masked_fields", (Object) this.maskedFields);
            }
            return nestedValueMap;
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/TestSgConfig$Role.class */
    public static class Role {
        private String name;
        private List<String> clusterPermissions = new ArrayList();
        private List<String> excludedClusterPermissions = new ArrayList();
        private List<IndexPermission> indexPermissions = new ArrayList();
        private List<ExcludedIndexPermission> excludedIndexPermissions = new ArrayList();

        public Role(String str) {
            this.name = str;
        }

        public Role clusterPermissions(String... strArr) {
            this.clusterPermissions.addAll(Arrays.asList(strArr));
            return this;
        }

        public Role excludeClusterPermissions(String... strArr) {
            this.excludedClusterPermissions.addAll(Arrays.asList(strArr));
            return this;
        }

        public IndexPermission indexPermissions(String... strArr) {
            return new IndexPermission(this, strArr);
        }

        public ExcludedIndexPermission excludeIndexPermissions(String... strArr) {
            return new ExcludedIndexPermission(this, strArr);
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/TestSgConfig$User.class */
    public static class User {
        private String name;
        private Role[] roles;
        private String[] roleNames;
        private Map<String, Object> attributes = new HashMap();
        private String password = "secret";

        public User(String str) {
            this.name = str;
        }

        public User password(String str) {
            this.password = str;
            return this;
        }

        public User roles(Role... roleArr) {
            this.roles = roleArr;
            return this;
        }

        public User roles(String... strArr) {
            this.roleNames = strArr;
            return this;
        }

        public User attr(String str, Object obj) {
            this.attributes.put(str, obj);
            return this;
        }

        public String getName() {
            return this.name;
        }

        public String getPassword() {
            return this.password;
        }
    }

    public TestSgConfig resources(String str) {
        this.resourceFolder = str;
        return this;
    }

    public TestSgConfig sgConfigSettings(String str, Object obj, Object... objArr) {
        if (this.overrideSgConfigSettings == null) {
            this.overrideSgConfigSettings = new NestedValueMap();
        }
        this.overrideSgConfigSettings.put(NestedValueMap.Path.parse(str), obj);
        for (int i = 0; i < objArr.length - 1; i += 2) {
            this.overrideSgConfigSettings.put(NestedValueMap.Path.parse(String.valueOf(objArr[i])), objArr[i + 1]);
        }
        return this;
    }

    public TestSgConfig authc(AuthcDomain authcDomain) {
        if (this.overrideSgConfigSettings == null) {
            this.overrideSgConfigSettings = new NestedValueMap();
        }
        this.overrideSgConfigSettings.put(new NestedValueMap.Path("sg_config", "dynamic", "authc"), (Object) authcDomain.toMap());
        return this;
    }

    public TestSgConfig xff(String str) {
        if (this.overrideSgConfigSettings == null) {
            this.overrideSgConfigSettings = new NestedValueMap();
        }
        this.overrideSgConfigSettings.put(new NestedValueMap.Path("sg_config", "dynamic", "http", "xff"), (Object) NestedValueMap.of("enabled", (Object) true, "internalProxies", (Object) str));
        return this;
    }

    public TestSgConfig user(User user) {
        return user.roleNames != null ? user(user.name, user.password, user.attributes, user.roleNames) : user(user.name, user.password, user.attributes, user.roles);
    }

    public TestSgConfig user(String str, String str2, String... strArr) {
        return user(str, str2, (Map<String, Object>) null, strArr);
    }

    public TestSgConfig user(String str, String str2, Map<String, Object> map, String... strArr) {
        if (this.overrideUserSettings == null) {
            this.overrideUserSettings = new NestedValueMap();
        }
        this.overrideUserSettings.put(new NestedValueMap.Path(str, "hash"), (Object) Hasher.hash(str2.toCharArray()));
        if (strArr != null && strArr.length > 0) {
            this.overrideUserSettings.put(new NestedValueMap.Path(str, "search_guard_roles"), (Object) strArr);
        }
        if (map != null && map.size() != 0) {
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                this.overrideUserSettings.put(new NestedValueMap.Path(str, "attributes", entry.getKey()), entry.getValue());
            }
        }
        return this;
    }

    public TestSgConfig user(String str, String str2, Role... roleArr) {
        return user(str, str2, (Map<String, Object>) null, roleArr);
    }

    public TestSgConfig user(String str, String str2, Map<String, Object> map, Role... roleArr) {
        if (this.overrideUserSettings == null) {
            this.overrideUserSettings = new NestedValueMap();
        }
        this.overrideUserSettings.put(new NestedValueMap.Path(str, "hash"), (Object) Hasher.hash(str2.toCharArray()));
        if (roleArr != null && roleArr.length > 0) {
            String str3 = "user_" + str + "__";
            this.overrideUserSettings.put(new NestedValueMap.Path(str, "search_guard_roles"), Arrays.asList(roleArr).stream().map(role -> {
                return str3 + role.name;
            }).collect(Collectors.toList()));
            roles(str3, roleArr);
        }
        if (map != null && map.size() != 0) {
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                this.overrideUserSettings.put(new NestedValueMap.Path(str, "attributes", entry.getKey()), entry.getValue());
            }
        }
        return this;
    }

    public TestSgConfig roles(Role... roleArr) {
        return roles("", roleArr);
    }

    public TestSgConfig roles(String str, Role... roleArr) {
        if (this.overrideRoleSettings == null) {
            this.overrideRoleSettings = new NestedValueMap();
        }
        for (Role role : roleArr) {
            String str2 = str + role.name;
            if (role.clusterPermissions.size() > 0) {
                this.overrideRoleSettings.put(new NestedValueMap.Path(str2, "cluster_permissions"), (Object) role.clusterPermissions);
            }
            if (role.indexPermissions.size() > 0) {
                this.overrideRoleSettings.put(new NestedValueMap.Path(str2, "index_permissions"), role.indexPermissions.stream().map(indexPermission -> {
                    return indexPermission.toJsonMap();
                }).collect(Collectors.toList()));
            }
            if (role.excludedClusterPermissions.size() > 0) {
                this.overrideRoleSettings.put(new NestedValueMap.Path(str2, "exclude_cluster_permissions"), (Object) role.excludedClusterPermissions);
            }
            if (role.excludedIndexPermissions.size() > 0) {
                this.overrideRoleSettings.put(new NestedValueMap.Path(str2, "exclude_index_permissions"), role.excludedIndexPermissions.stream().map(excludedIndexPermission -> {
                    return NestedValueMap.of("index_patterns", (Object) excludedIndexPermission.indexPatterns, "actions", (Object) excludedIndexPermission.actions);
                }).collect(Collectors.toList()));
            }
        }
        return this;
    }

    public TestSgConfig authFailureListener(AuthFailureListener authFailureListener) {
        if (this.overrideSgConfigSettings == null) {
            this.overrideSgConfigSettings = new NestedValueMap();
        }
        this.overrideSgConfigSettings.put(new NestedValueMap.Path("sg_config", "dynamic", "auth_failure_listeners"), (Object) authFailureListener.toMap());
        return this;
    }

    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public TestSgConfig m43clone() {
        TestSgConfig testSgConfig = new TestSgConfig();
        testSgConfig.resourceFolder = this.resourceFolder;
        testSgConfig.indexName = this.indexName;
        testSgConfig.overrideRoleSettings = this.overrideRoleSettings != null ? this.overrideRoleSettings.clone() : null;
        testSgConfig.overrideSgConfigSettings = this.overrideSgConfigSettings != null ? this.overrideSgConfigSettings.clone() : null;
        testSgConfig.overrideUserSettings = this.overrideUserSettings != null ? this.overrideUserSettings.clone() : null;
        return testSgConfig;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void initIndex(Client client) {
        client.admin().indices().create(new CreateIndexRequest("searchguard")).actionGet();
        writeConfigToIndex(client, CType.CONFIG, "sg_config.yml", this.overrideSgConfigSettings);
        writeConfigToIndex(client, CType.ROLES, "sg_roles.yml", this.overrideRoleSettings);
        writeConfigToIndex(client, CType.INTERNALUSERS, "sg_internal_users.yml", this.overrideUserSettings);
        writeConfigToIndex(client, CType.ROLESMAPPING, "sg_roles_mapping.yml", null);
        writeConfigToIndex(client, CType.ACTIONGROUPS, "sg_action_groups.yml", null);
        writeConfigToIndex(client, CType.TENANTS, "sg_roles_tenants.yml", null);
        writeConfigToIndex(client, CType.BLOCKS, "sg_blocks.yml", null);
        ConfigUpdateResponse configUpdateResponse = (ConfigUpdateResponse) client.execute(ConfigUpdateAction.INSTANCE, new ConfigUpdateRequest((String[]) CType.lcStringValues().toArray(new String[0]))).actionGet();
        if (configUpdateResponse.hasFailures()) {
            throw new RuntimeException("ConfigUpdateResponse produced failures: " + configUpdateResponse.failures());
        }
    }

    private void writeConfigToIndex(Client client, CType cType, String str, NestedValueMap nestedValueMap) {
        try {
            NestedValueMap fromYaml = this.resourceFolder != null ? NestedValueMap.fromYaml(openFile(str)) : NestedValueMap.of(new NestedValueMap.Path("_sg_meta", "type"), (Object) cType.toLCString(), new NestedValueMap.Path("_sg_meta", "config_version"), (Object) 2);
            if (nestedValueMap != null) {
                fromYaml.overrideLeafs(nestedValueMap);
            }
            log.info("Writing " + cType + "\n:" + fromYaml.toJsonString());
            client.index(new IndexRequest(this.indexName).id(cType.toLCString()).setRefreshPolicy(WriteRequest.RefreshPolicy.IMMEDIATE).source(new Object[]{cType.toLCString(), BytesReference.fromByteBuffer(ByteBuffer.wrap(fromYaml.toJsonString().getBytes("utf-8")))})).actionGet();
        } catch (Exception e) {
            throw new RuntimeException("Error while initializing config for " + this.indexName, e);
        }
    }

    private InputStream openFile(String str) throws IOException {
        String str2 = (this.resourceFolder == null || this.resourceFolder.length() == 0 || this.resourceFolder.equals("/")) ? "/" + str : "/" + this.resourceFolder + "/" + str;
        InputStream resourceAsStream = FileHelper.class.getResourceAsStream(str2);
        if (resourceAsStream == null) {
            throw new FileNotFoundException("Could not find resource in class path: " + str2);
        }
        return resourceAsStream;
    }

    public static NestedValueMap fromYaml(String str) {
        try {
            return NestedValueMap.fromYaml(str);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }
}
