package com.floragunn.searchguard.test.helper.cluster;

import com.floragunn.searchguard.SearchGuardPlugin;
import com.floragunn.searchguard.action.configupdate.ConfigUpdateAction;
import com.floragunn.searchguard.action.configupdate.ConfigUpdateRequest;
import com.floragunn.searchguard.action.configupdate.ConfigUpdateResponse;
import com.floragunn.searchguard.sgconf.impl.CType;
import com.floragunn.searchguard.support.Base64Helper;
import com.floragunn.searchguard.test.DynamicSgConfig;
import com.floragunn.searchguard.test.NodeSettingsSupplier;
import com.floragunn.searchguard.test.helper.file.FileHelper;
import com.floragunn.searchguard.test.helper.rest.RestHelper;
import com.floragunn.searchguard.user.AuthCredentials;
import com.floragunn.searchguard.user.User;
import com.floragunn.searchsupport.client.ContextHeaderDecoratorClient;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.atomic.AtomicLong;
import org.apache.http.HttpException;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.nio.conn.ssl.SSLIOSessionStrategy;
import org.apache.http.protocol.HttpContext;
import org.elasticsearch.action.admin.indices.create.CreateIndexRequest;
import org.elasticsearch.action.get.GetRequest;
import org.elasticsearch.action.get.GetResponse;
import org.elasticsearch.action.index.IndexRequest;
import org.elasticsearch.client.Client;
import org.elasticsearch.client.RestClient;
import org.elasticsearch.client.RestHighLevelClient;
import org.elasticsearch.client.transport.TransportClient;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.node.PluginAwareNode;
import org.elasticsearch.painless.PainlessPlugin;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.transport.Netty4Plugin;
import org.junit.Assert;
import org.junit.rules.ExternalResource;

/* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/LocalCluster.class */
public class LocalCluster extends ExternalResource implements AutoCloseable {
    protected static final AtomicLong num = new AtomicLong();
    protected ClusterHelper clusterHelper;
    protected ClusterInfo clusterInfo;
    protected final String resourceFolder;
    private List<Class<? extends Plugin>> plugins;

    /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/LocalCluster$Builder.class */
    public static class Builder {
        private boolean sslEnabled;
        private String resourceFolder;
        private String httpKeystoreFilepath = "node-0-keystore.jks";
        private String httpTruststoreFilepath = "truststore.jks";
        private ClusterConfiguration clusterConfiguration = ClusterConfiguration.DEFAULT;
        private Settings.Builder nodeOverrideSettingsBuilder = Settings.builder();
        private List<Class<? extends Plugin>> plugins = new ArrayList();

        public Builder sslEnabled() {
            this.sslEnabled = true;
            return this;
        }

        public Builder resources(String str) {
            this.resourceFolder = str;
            return this;
        }

        public Builder clusterConfiguration(ClusterConfiguration clusterConfiguration) {
            this.clusterConfiguration = clusterConfiguration;
            return this;
        }

        public Builder singleNode() {
            this.clusterConfiguration = ClusterConfiguration.SINGLENODE;
            return this;
        }

        public Builder nodeSettings(Object... objArr) {
            for (int i = 0; i < objArr.length - 1; i += 2) {
                this.nodeOverrideSettingsBuilder.put(String.valueOf(objArr[i]), String.valueOf(objArr[i + 1]));
            }
            return this;
        }

        public Builder plugin(Class<? extends Plugin> cls) {
            this.plugins.add(cls);
            return this;
        }

        public Builder remote(String str, LocalCluster localCluster) {
            this.nodeOverrideSettingsBuilder.putList("cluster.remote." + str + ".seeds", new String[]{localCluster.clusterInfo.nodeHost + ":" + localCluster.clusterInfo.nodePort});
            return this;
        }

        public LocalCluster build() {
            try {
                if (this.sslEnabled) {
                    this.nodeOverrideSettingsBuilder.put("searchguard.ssl.http.enabled", true).put("searchguard.ssl.http.keystore_filepath", FileHelper.getAbsoluteFilePathFromClassPath(this.resourceFolder != null ? this.resourceFolder + "/" + this.httpKeystoreFilepath : this.httpKeystoreFilepath)).put("searchguard.ssl.http.truststore_filepath", FileHelper.getAbsoluteFilePathFromClassPath(this.resourceFolder != null ? this.resourceFolder + "/" + this.httpTruststoreFilepath : this.httpTruststoreFilepath));
                }
                return new LocalCluster(this.resourceFolder, new DynamicSgConfig(), this.nodeOverrideSettingsBuilder.build(), this.clusterConfiguration, this.plugins);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:com/floragunn/searchguard/test/helper/cluster/LocalCluster$TransportClientImpl.class */
    public static class TransportClientImpl extends TransportClient {
        public TransportClientImpl(Settings settings, Collection<Class<? extends Plugin>> collection) {
            super(settings, collection);
        }

        public TransportClientImpl(Settings settings, Settings settings2, Collection<Class<? extends Plugin>> collection) {
            super(settings, settings2, collection, (TransportClient.HostFailureListener) null);
        }
    }

    public LocalCluster(String str, ClusterConfiguration clusterConfiguration, List<Class<? extends Plugin>> list) throws Exception {
        this(str, new DynamicSgConfig(), Settings.EMPTY, clusterConfiguration, list);
    }

    public LocalCluster(String str, DynamicSgConfig dynamicSgConfig, Settings settings, ClusterConfiguration clusterConfiguration, List<Class<? extends Plugin>> list) {
        this.clusterHelper = new ClusterHelper("lc_utest_n" + num.incrementAndGet() + "_f" + System.getProperty("forkno") + "_t" + System.nanoTime());
        this.resourceFolder = str;
        this.plugins = list;
        setup(Settings.EMPTY, dynamicSgConfig, settings, true, clusterConfiguration);
    }

    protected void after() {
        if (this.clusterInfo != null) {
            try {
                Thread.sleep(1234L);
                this.clusterHelper.stopCluster();
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    }

    @Override // java.lang.AutoCloseable
    public void close() throws Exception {
        if (this.clusterInfo != null) {
            try {
                Thread.sleep(100L);
                this.clusterHelper.stopCluster();
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    }

    public RestHelper restHelper() {
        return new RestHelper(this.clusterInfo, getResourceFolder());
    }

    public RestHelper restHelper(String str) {
        RestHelper restHelper = restHelper();
        restHelper.keystore = str;
        restHelper.sendHTTPClientCertificate = true;
        return restHelper;
    }

    public RestHelper nonSslRestHelper() {
        return new RestHelper(this.clusterInfo, false, false, getResourceFolder());
    }

    public <X> X getInjectable(Class<X> cls) {
        return (X) this.clusterHelper.node().injector().getInstance(cls);
    }

    public PluginAwareNode node() {
        return this.clusterHelper.node();
    }

    public List<PluginAwareNode> allNodes() {
        return this.clusterHelper.allNodes();
    }

    public Client getInternalClient() {
        String str = getResourceFolder() == null ? "" : getResourceFolder() + "/";
        TransportClientImpl transportClientImpl = new TransportClientImpl(Settings.builder().put("cluster.name", this.clusterInfo.clustername).put("searchguard.ssl.transport.truststore_filepath", FileHelper.getAbsoluteFilePathFromClassPath(str + "truststore.jks")).put("searchguard.ssl.transport.enforce_hostname_verification", false).put("searchguard.ssl.transport.keystore_filepath", FileHelper.getAbsoluteFilePathFromClassPath(str + "kirk-keystore.jks")).build(), Arrays.asList(Netty4Plugin.class, SearchGuardPlugin.class));
        transportClientImpl.addTransportAddress(new TransportAddress(new InetSocketAddress(this.clusterInfo.nodeHost, this.clusterInfo.nodePort)));
        return transportClientImpl;
    }

    public Client getNodeClient() {
        String str = getResourceFolder() == null ? "" : getResourceFolder() + "/";
        TransportClientImpl transportClientImpl = new TransportClientImpl(Settings.builder().put("cluster.name", this.clusterInfo.clustername).put("searchguard.ssl.transport.truststore_filepath", FileHelper.getAbsoluteFilePathFromClassPath(str + "truststore.jks")).put("searchguard.ssl.transport.enforce_hostname_verification", false).put("searchguard.ssl.transport.keystore_filepath", FileHelper.getAbsoluteFilePathFromClassPath(str + "node-0-keystore.jks")).build(), Arrays.asList(Netty4Plugin.class, SearchGuardPlugin.class));
        transportClientImpl.addTransportAddress(new TransportAddress(new InetSocketAddress(this.clusterInfo.nodeHost, this.clusterInfo.nodePort)));
        return transportClientImpl;
    }

    public RestHighLevelClient getRestHighLevelClient(String str, String str2) {
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(str, str2));
        return new RestHighLevelClient(RestClient.builder(new HttpHost[]{new HttpHost(this.clusterInfo.httpHost, this.clusterInfo.httpPort, "https")}).setHttpClientConfigCallback(httpAsyncClientBuilder -> {
            return httpAsyncClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider).setSSLStrategy(getSSLIOSessionStrategy());
        }));
    }

    public RestHighLevelClient getRestHighLevelClient(String str, String str2, String str3) {
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(str, str2));
        return new RestHighLevelClient(RestClient.builder(new HttpHost[]{new HttpHost(this.clusterInfo.httpHost, this.clusterInfo.httpPort, "https")}).setHttpClientConfigCallback(httpAsyncClientBuilder -> {
            return httpAsyncClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider).setSSLStrategy(getSSLIOSessionStrategy()).addInterceptorLast(new HttpRequestInterceptor() { // from class: com.floragunn.searchguard.test.helper.cluster.LocalCluster.1
                @Override // org.apache.http.HttpRequestInterceptor
                public void process(HttpRequest httpRequest, HttpContext httpContext) throws HttpException, IOException {
                    httpRequest.setHeader("sgtenant", str3);
                }
            });
        }));
    }

    public Client getNodeClientWithMockUser(User user) {
        Client nodeClient = getNodeClient();
        if (user != null) {
            nodeClient = new ContextHeaderDecoratorClient(nodeClient, new String[]{"_sg_user_header", Base64Helper.serializeObject(user)});
        }
        return nodeClient;
    }

    public Client getNodeClientWithMockUser(String str, String... strArr) {
        return getNodeClientWithMockUser(new User(str, Arrays.asList(strArr), (AuthCredentials) null));
    }

    public Client getPrivilegedConfigNodeClient() {
        return new ContextHeaderDecoratorClient(getNodeClient(), new String[]{"_sg_conf_request", "true"});
    }

    private void setup(Settings settings, DynamicSgConfig dynamicSgConfig, Settings settings2, boolean z, ClusterConfiguration clusterConfiguration) {
        painlessWhitelistKludge();
        try {
            this.clusterInfo = this.clusterHelper.startCluster(minimumSearchGuardSettings(ccs(settings2)), clusterConfiguration, this.plugins, 10, null);
            if (!z || dynamicSgConfig == null) {
                return;
            }
            initialize(dynamicSgConfig);
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    private void painlessWhitelistKludge() {
        try {
            try {
                PainlessPlugin painlessPlugin = new PainlessPlugin();
                try {
                    painlessPlugin.reloadSPI(getClass().getClassLoader());
                    painlessPlugin.close();
                } catch (Throwable th) {
                    try {
                        painlessPlugin.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } catch (NoClassDefFoundError e) {
            }
        } catch (Exception e2) {
            e2.printStackTrace();
        }
    }

    protected void initialize(DynamicSgConfig dynamicSgConfig) {
        Client internalClient = getInternalClient();
        try {
            try {
                internalClient.admin().indices().create(new CreateIndexRequest("searchguard")).actionGet();
            } catch (Throwable th) {
                if (internalClient != null) {
                    try {
                        internalClient.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (Exception e) {
        }
        Iterator<IndexRequest> it = dynamicSgConfig.getDynamicConfig(getResourceFolder()).iterator();
        while (it.hasNext()) {
            internalClient.index(it.next()).actionGet();
        }
        ConfigUpdateResponse configUpdateResponse = (ConfigUpdateResponse) internalClient.execute(ConfigUpdateAction.INSTANCE, new ConfigUpdateRequest((String[]) CType.lcStringValues().toArray(new String[0]))).actionGet();
        Assert.assertFalse(configUpdateResponse.failures().toString(), configUpdateResponse.hasFailures());
        Assert.assertEquals(this.clusterInfo.numNodes, configUpdateResponse.getNodes().size());
        Assert.assertTrue(((GetResponse) internalClient.get(new GetRequest("searchguard", "config")).actionGet()).isExists());
        Assert.assertTrue(((GetResponse) internalClient.get(new GetRequest("searchguard", "internalusers")).actionGet()).isExists());
        Assert.assertTrue(((GetResponse) internalClient.get(new GetRequest("searchguard", "roles")).actionGet()).isExists());
        Assert.assertTrue(((GetResponse) internalClient.get(new GetRequest("searchguard", "rolesmapping")).actionGet()).isExists());
        Assert.assertTrue(((GetResponse) internalClient.get(new GetRequest("searchguard", "actiongroups")).actionGet()).isExists());
        Assert.assertFalse(((GetResponse) internalClient.get(new GetRequest("searchguard", "rolesmapping_xcvdnghtu165759i99465")).actionGet()).isExists());
        Assert.assertTrue(((GetResponse) internalClient.get(new GetRequest("searchguard", "config")).actionGet()).isExists());
        if (internalClient != null) {
            internalClient.close();
        }
    }

    private Settings ccs(Settings settings) throws Exception {
        return settings;
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x006d A[Catch: Exception -> 0x00a1, TryCatch #2 {Exception -> 0x00a1, blocks: (B:2:0x0000, B:5:0x0028, B:27:0x0056, B:29:0x0061, B:9:0x0065, B:11:0x006d, B:12:0x0090, B:22:0x007c, B:20:0x008f, B:25:0x0086, B:30:0x0012), top: B:1:0x0000, inners: #0, #1 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private javax.net.ssl.SSLContext getSSLContext() {
        /*
            r5 = this;
            java.lang.String r0 = "JKS"
            r6 = r0
            java.lang.String r0 = "changeit"
            r7 = r0
            r0 = r5
            java.lang.String r0 = r0.getResourceFolder()     // Catch: java.lang.Exception -> La1
            if (r0 != 0) goto L12
            java.lang.String r0 = ""
            goto L28
        L12:
            java.lang.StringBuilder r0 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> La1
            r1 = r0
            r1.<init>()     // Catch: java.lang.Exception -> La1
            r1 = r5
            java.lang.String r1 = r1.getResourceFolder()     // Catch: java.lang.Exception -> La1
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Exception -> La1
            java.lang.String r1 = "/"
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Exception -> La1
            java.lang.String r0 = r0.toString()     // Catch: java.lang.Exception -> La1
        L28:
            r8 = r0
            r0 = r6
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0)     // Catch: java.lang.Exception -> La1
            r9 = r0
            java.lang.StringBuilder r0 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> La1
            r1 = r0
            r1.<init>()     // Catch: java.lang.Exception -> La1
            r1 = r8
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Exception -> La1
            java.lang.String r1 = "truststore.jks"
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Exception -> La1
            java.lang.String r0 = r0.toString()     // Catch: java.lang.Exception -> La1
            java.nio.file.Path r0 = com.floragunn.searchguard.test.helper.file.FileHelper.getAbsoluteFilePathFromClassPath(r0)     // Catch: java.lang.Exception -> La1
            r1 = 0
            java.nio.file.OpenOption[] r1 = new java.nio.file.OpenOption[r1]     // Catch: java.lang.Exception -> La1
            java.io.InputStream r0 = java.nio.file.Files.newInputStream(r0, r1)     // Catch: java.lang.Exception -> La1
            r10 = r0
            r0 = r9
            r1 = r10
            r2 = r7
            if (r2 == 0) goto L5d
            r2 = r7
            int r2 = r2.length()     // Catch: java.lang.Throwable -> L75 java.lang.Exception -> La1
            if (r2 != 0) goto L61
        L5d:
            r2 = 0
            goto L65
        L61:
            r2 = r7
            char[] r2 = r2.toCharArray()     // Catch: java.lang.Throwable -> L75 java.lang.Exception -> La1
        L65:
            r0.load(r1, r2)     // Catch: java.lang.Throwable -> L75 java.lang.Exception -> La1
            r0 = r10
            if (r0 == 0) goto L90
            r0 = r10
            r0.close()     // Catch: java.lang.Exception -> La1
            goto L90
        L75:
            r11 = move-exception
            r0 = r10
            if (r0 == 0) goto L8d
            r0 = r10
            r0.close()     // Catch: java.lang.Throwable -> L84 java.lang.Exception -> La1
            goto L8d
        L84:
            r12 = move-exception
            r0 = r11
            r1 = r12
            r0.addSuppressed(r1)     // Catch: java.lang.Exception -> La1
        L8d:
            r0 = r11
            throw r0     // Catch: java.lang.Exception -> La1
        L90:
            org.apache.http.ssl.SSLContextBuilder r0 = org.apache.http.ssl.SSLContexts.custom()     // Catch: java.lang.Exception -> La1
            r1 = r9
            r2 = 0
            org.apache.http.ssl.SSLContextBuilder r0 = r0.loadTrustMaterial(r1, r2)     // Catch: java.lang.Exception -> La1
            r10 = r0
            r0 = r10
            javax.net.ssl.SSLContext r0 = r0.build()     // Catch: java.lang.Exception -> La1
            return r0
        La1:
            r6 = move-exception
            java.lang.RuntimeException r0 = new java.lang.RuntimeException
            r1 = r0
            java.lang.String r2 = "Error while building SSLContext"
            r3 = r6
            r1.<init>(r2, r3)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.floragunn.searchguard.test.helper.cluster.LocalCluster.getSSLContext():javax.net.ssl.SSLContext");
    }

    private SSLIOSessionStrategy getSSLIOSessionStrategy() {
        return new SSLIOSessionStrategy(getSSLContext(), (String[]) null, (String[]) null, NoopHostnameVerifier.INSTANCE);
    }

    protected Settings.Builder minimumSearchGuardSettingsBuilder(int i, boolean z) {
        String str = getResourceFolder() == null ? "" : getResourceFolder() + "/";
        Settings.Builder put = Settings.builder().put("searchguard.ssl.http.enable_openssl_if_available", false).put("searchguard.ssl.transport.enable_openssl_if_available", false).put("searchguard.ssl.transport.keystore_alias", "node-0").put("searchguard.ssl.transport.keystore_filepath", FileHelper.getAbsoluteFilePathFromClassPath(str + "node-0-keystore.jks")).put("searchguard.ssl.transport.truststore_filepath", FileHelper.getAbsoluteFilePathFromClassPath(str + "truststore.jks")).put("searchguard.ssl.transport.enforce_hostname_verification", false);
        if (!z) {
            put.putList("searchguard.authcz.admin_dn", new String[]{"CN=kirk,OU=client,O=client,l=tEst, C=De"});
            put.put("searchguard.background_init_if_sgindex_not_exist", false);
        }
        return put;
    }

    protected NodeSettingsSupplier minimumSearchGuardSettings(final Settings settings) {
        return new NodeSettingsSupplier() { // from class: com.floragunn.searchguard.test.helper.cluster.LocalCluster.2
            @Override // com.floragunn.searchguard.test.NodeSettingsSupplier
            public Settings get(int i) {
                return LocalCluster.this.minimumSearchGuardSettingsBuilder(i, false).put(settings).build();
            }
        };
    }

    protected NodeSettingsSupplier minimumSearchGuardSettingsSslOnly(final Settings settings) {
        return new NodeSettingsSupplier() { // from class: com.floragunn.searchguard.test.helper.cluster.LocalCluster.3
            @Override // com.floragunn.searchguard.test.NodeSettingsSupplier
            public Settings get(int i) {
                return LocalCluster.this.minimumSearchGuardSettingsBuilder(i, true).put(settings).build();
            }
        };
    }

    public String getResourceFolder() {
        return this.resourceFolder;
    }
}
