package org.apache.nifi.toolkit.tls.standalone;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.IntStream;
import java.util.stream.Stream;
import org.apache.commons.cli.CommandLine;
import org.apache.nifi.toolkit.tls.commandLine.BaseCommandLine;
import org.apache.nifi.toolkit.tls.commandLine.CommandLineParseException;
import org.apache.nifi.toolkit.tls.commandLine.ExitCode;
import org.apache.nifi.toolkit.tls.configuration.InstanceDefinition;
import org.apache.nifi.toolkit.tls.configuration.StandaloneConfig;
import org.apache.nifi.toolkit.tls.configuration.TlsConfig;
import org.apache.nifi.toolkit.tls.properties.NiFiPropertiesWriterFactory;
import org.apache.nifi.toolkit.tls.service.client.TlsCertificateAuthorityClientCommandLine;
import org.apache.nifi.toolkit.tls.service.server.TlsCertificateAuthorityServiceCommandLine;
import org.apache.nifi.toolkit.tls.util.PasswordUtil;
import org.apache.nifi.util.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/nifi/toolkit/tls/standalone/TlsToolkitStandaloneCommandLine.class */
public class TlsToolkitStandaloneCommandLine extends BaseCommandLine {
    public static final String OUTPUT_DIRECTORY_ARG = "outputDirectory";
    public static final String NIFI_PROPERTIES_FILE_ARG = "nifiPropertiesFile";
    public static final String KEY_STORE_PASSWORD_ARG = "keyStorePassword";
    public static final String TRUST_STORE_PASSWORD_ARG = "trustStorePassword";
    public static final String KEY_PASSWORD_ARG = "keyPassword";
    public static final String HOSTNAMES_ARG = "hostnames";
    public static final String OVERWRITE_ARG = "isOverwrite";
    public static final String CLIENT_CERT_DN_ARG = "clientCertDn";
    public static final String CLIENT_CERT_PASSWORD_ARG = "clientCertPassword";
    public static final String GLOBAL_PORT_SEQUENCE_ARG = "globalPortSequence";
    public static final String NIFI_DN_PREFIX_ARG = "nifiDnPrefix";
    public static final String NIFI_DN_SUFFIX_ARG = "nifiDnSuffix";
    public static final String DEFAULT_OUTPUT_DIRECTORY = "../" + Paths.get(TlsCertificateAuthorityClientCommandLine.DEFAULT_CERTIFICATE_DIRECTORY, new String[0]).toAbsolutePath().normalize().getFileName().toString();
    public static final String DESCRIPTION = "Creates certificates and config files for nifi cluster.";
    private final Logger logger;
    private final PasswordUtil passwordUtil;
    private File baseDir;
    private List<InstanceDefinition> instanceDefinitions;
    private NiFiPropertiesWriterFactory niFiPropertiesWriterFactory;
    private List<String> clientDns;
    private List<String> clientPasswords;
    private boolean clientPasswordsGenerated;
    private boolean overwrite;
    private String dnPrefix;
    private String dnSuffix;

    public TlsToolkitStandaloneCommandLine() {
        this(new PasswordUtil());
    }

    protected TlsToolkitStandaloneCommandLine(PasswordUtil passwordUtil) {
        super(DESCRIPTION);
        this.logger = LoggerFactory.getLogger(TlsToolkitStandaloneCommandLine.class);
        this.passwordUtil = passwordUtil;
        addOptionWithArg("o", OUTPUT_DIRECTORY_ARG, "The directory to output keystores, truststore, config files.", DEFAULT_OUTPUT_DIRECTORY);
        addOptionWithArg("n", HOSTNAMES_ARG, "Comma separated list of hostnames.");
        addOptionWithArg("f", NIFI_PROPERTIES_FILE_ARG, "Base nifi.properties file to update. (Embedded file identical to the one in a default NiFi install will be used if not specified.)");
        addOptionWithArg("S", KEY_STORE_PASSWORD_ARG, "Keystore password to use.  Must either be one value or one for each host. (autogenerate if not specified)");
        addOptionWithArg("K", KEY_PASSWORD_ARG, "Key password to use.  Must either be one value or one for each host. (autogenerate if not specified)");
        addOptionWithArg("P", TRUST_STORE_PASSWORD_ARG, "Keystore password to use.  Must either be one value or one for each host. (autogenerate if not specified)");
        addOptionWithArg("C", CLIENT_CERT_DN_ARG, "Generate client certificate suitable for use in browser with specified DN. (Can be specified multiple times.)");
        addOptionWithArg("B", CLIENT_CERT_PASSWORD_ARG, "Password for client certificate.  Must either be one value or one for each client DN. (autogenerate if not specified)");
        addOptionWithArg("G", GLOBAL_PORT_SEQUENCE_ARG, "Use sequential ports that are calculated for all hosts according to the provided hostname expressions. (Can be specified multiple times, MUST BE SAME FROM RUN TO RUN.)");
        addOptionWithArg(null, NIFI_DN_PREFIX_ARG, "String to prepend to hostname(s) when determining DN.", TlsConfig.DEFAULT_DN_PREFIX);
        addOptionWithArg(null, NIFI_DN_SUFFIX_ARG, "String to append to hostname(s) when determining DN.", TlsConfig.DEFAULT_DN_SUFFIX);
        addOptionNoArg("O", OVERWRITE_ARG, "Overwrite existing host output.");
    }

    public static void main(String[] strArr) {
        TlsToolkitStandaloneCommandLine tlsToolkitStandaloneCommandLine = new TlsToolkitStandaloneCommandLine();
        try {
            tlsToolkitStandaloneCommandLine.parse(strArr);
        } catch (CommandLineParseException e) {
            System.exit(e.getExitCode().ordinal());
        }
        try {
            new TlsToolkitStandalone().createNifiKeystoresAndTrustStores(tlsToolkitStandaloneCommandLine.createConfig());
        } catch (Exception e2) {
            tlsToolkitStandaloneCommandLine.printUsage("Error creating generating tls configuration. (" + e2.getMessage() + ")");
            System.exit(ExitCode.ERROR_GENERATING_CONFIG.ordinal());
        }
        System.exit(ExitCode.SUCCESS.ordinal());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.nifi.toolkit.tls.commandLine.BaseCommandLine
    public CommandLine doParse(String... strArr) throws CommandLineParseException {
        CommandLine doParse = super.doParse(strArr);
        this.baseDir = new File(doParse.getOptionValue(OUTPUT_DIRECTORY_ARG, DEFAULT_OUTPUT_DIRECTORY));
        this.dnPrefix = doParse.getOptionValue(NIFI_DN_PREFIX_ARG, TlsConfig.DEFAULT_DN_PREFIX);
        this.dnSuffix = doParse.getOptionValue(NIFI_DN_SUFFIX_ARG, TlsConfig.DEFAULT_DN_SUFFIX);
        Stream stream = null;
        if (doParse.hasOption(GLOBAL_PORT_SEQUENCE_ARG)) {
            stream = Arrays.stream(doParse.getOptionValues(GLOBAL_PORT_SEQUENCE_ARG)).flatMap(str -> {
                return Arrays.stream(str.split(","));
            }).map((v0) -> {
                return v0.trim();
            });
        }
        if (doParse.hasOption(HOSTNAMES_ARG)) {
            this.instanceDefinitions = Collections.unmodifiableList(InstanceDefinition.createDefinitions(stream, Arrays.stream(doParse.getOptionValues(HOSTNAMES_ARG)).flatMap(str2 -> {
                return Arrays.stream(str2.split(",")).map((v0) -> {
                    return v0.trim();
                });
            }), parsePasswordSupplier(doParse, KEY_STORE_PASSWORD_ARG, this.passwordUtil.passwordSupplier()), parsePasswordSupplier(doParse, KEY_PASSWORD_ARG, doParse.hasOption(BaseCommandLine.DIFFERENT_KEY_AND_KEYSTORE_PASSWORDS_ARG) ? this.passwordUtil.passwordSupplier() : null), parsePasswordSupplier(doParse, TRUST_STORE_PASSWORD_ARG, this.passwordUtil.passwordSupplier())));
        } else {
            this.instanceDefinitions = Collections.emptyList();
        }
        String[] optionValues = doParse.getOptionValues(CLIENT_CERT_DN_ARG);
        if (optionValues != null) {
            this.clientDns = Collections.unmodifiableList((List) Arrays.stream(optionValues).collect(Collectors.toList()));
        } else {
            this.clientDns = Collections.emptyList();
        }
        this.clientPasswords = Collections.unmodifiableList(getPasswords(CLIENT_CERT_PASSWORD_ARG, doParse, this.clientDns.size(), CLIENT_CERT_DN_ARG));
        this.clientPasswordsGenerated = doParse.getOptionValues(CLIENT_CERT_PASSWORD_ARG) == null;
        this.overwrite = doParse.hasOption(OVERWRITE_ARG);
        String optionValue = doParse.getOptionValue(NIFI_PROPERTIES_FILE_ARG, "");
        try {
            if (StringUtils.isEmpty(optionValue)) {
                this.logger.info("No nifiPropertiesFile specified, using embedded one.");
                this.niFiPropertiesWriterFactory = new NiFiPropertiesWriterFactory();
            } else {
                this.logger.info("Using " + optionValue + " as template.");
                this.niFiPropertiesWriterFactory = new NiFiPropertiesWriterFactory(new FileInputStream(optionValue));
            }
        } catch (IOException e) {
            printUsageAndThrow("Unable to read nifi.properties from " + (StringUtils.isEmpty(optionValue) ? "classpath" : optionValue), ExitCode.ERROR_READING_NIFI_PROPERTIES);
        }
        return doParse;
    }

    private List<String> getPasswords(String str, CommandLine commandLine, int i, String str2) throws CommandLineParseException {
        String[] optionValues = commandLine.getOptionValues(str);
        return optionValues == null ? (List) IntStream.range(0, i).mapToObj(i2 -> {
            return this.passwordUtil.generatePassword();
        }).collect(Collectors.toList()) : optionValues.length == 1 ? (List) IntStream.range(0, i).mapToObj(i3 -> {
            return optionValues[0];
        }).collect(Collectors.toList()) : optionValues.length == i ? (List) Arrays.stream(optionValues).collect(Collectors.toList()) : (List) printUsageAndThrow("Expected either 1 value or " + i + " (the number of " + str2 + ") values for " + str, ExitCode.ERROR_INCORRECT_NUMBER_OF_PASSWORDS);
    }

    private Supplier<String> parsePasswordSupplier(CommandLine commandLine, String str, Supplier<String> supplier) {
        if (!commandLine.hasOption(str)) {
            return supplier;
        }
        String[] optionValues = commandLine.getOptionValues(str);
        return optionValues.length == 1 ? PasswordUtil.passwordSupplier(optionValues[0]) : PasswordUtil.passwordSupplier("Provided " + str + " exhausted, please don't specify " + str + ", specify one value to be used for all NiFi instances, or specify one value for each NiFi instance.", optionValues);
    }

    public StandaloneConfig createConfig() {
        StandaloneConfig standaloneConfig = new StandaloneConfig();
        standaloneConfig.setBaseDir(this.baseDir);
        standaloneConfig.setNiFiPropertiesWriterFactory(this.niFiPropertiesWriterFactory);
        standaloneConfig.setInstanceDefinitions(this.instanceDefinitions);
        standaloneConfig.setOverwrite(this.overwrite);
        standaloneConfig.setClientDns(this.clientDns);
        standaloneConfig.setClientPasswords(this.clientPasswords);
        standaloneConfig.setClientPasswordsGenerated(this.clientPasswordsGenerated);
        standaloneConfig.setCaHostname(getCertificateAuthorityHostname());
        standaloneConfig.setKeyStore(TlsCertificateAuthorityServiceCommandLine.NIFI_CA_KEYSTORE + getKeyStoreType().toLowerCase());
        standaloneConfig.setKeyStoreType(getKeyStoreType());
        standaloneConfig.setKeySize(getKeySize());
        standaloneConfig.setKeyPairAlgorithm(getKeyAlgorithm());
        standaloneConfig.setSigningAlgorithm(getSigningAlgorithm());
        standaloneConfig.setDays(getDays());
        standaloneConfig.setDnPrefix(this.dnPrefix);
        standaloneConfig.setDnSuffix(this.dnSuffix);
        standaloneConfig.initDefaults();
        return standaloneConfig;
    }
}
