package keywhiz;

import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.util.StdDateFormat;
import com.fasterxml.jackson.datatype.jdk8.Jdk8Module;
import com.fasterxml.jackson.datatype.jsr310.JSR310Module;
import com.google.common.base.Preconditions;
import com.google.common.collect.Maps;
import com.google.inject.Guice;
import com.google.inject.Injector;
import com.google.inject.Module;
import io.dropwizard.Application;
import io.dropwizard.java8.Java8Bundle;
import io.dropwizard.jersey.setup.JerseyEnvironment;
import io.dropwizard.setup.Bootstrap;
import io.dropwizard.setup.Environment;
import java.util.EnumSet;
import java.util.Locale;
import java.util.Map;
import java.util.TimeZone;
import javax.servlet.Filter;
import keywhiz.auth.mutualssl.ClientCertificateFilter;
import keywhiz.auth.xsrf.XsrfServletFilter;
import keywhiz.commands.DbSeedCommand;
import keywhiz.commands.GenerateAesKeyCommand;
import keywhiz.commands.MigrateCommand;
import keywhiz.commands.PreviewMigrateCommand;
import keywhiz.generators.SecretGenerator;
import keywhiz.generators.SecretGeneratorFactory;
import keywhiz.generators.SecretGeneratorModule;
import keywhiz.service.filters.CookieRenewingFilter;
import keywhiz.service.filters.SecurityHeadersFilter;
import keywhiz.service.providers.AuthResolver;
import keywhiz.service.providers.AutomationClientAuthFactory;
import keywhiz.service.providers.ClientAuthFactory;
import keywhiz.service.providers.UserAuthFactory;
import keywhiz.service.resources.AutomationClientResource;
import keywhiz.service.resources.AutomationEnrollClientGroupResource;
import keywhiz.service.resources.AutomationGroupResource;
import keywhiz.service.resources.AutomationSecretAccessResource;
import keywhiz.service.resources.AutomationSecretGeneratorsResource;
import keywhiz.service.resources.AutomationSecretResource;
import keywhiz.service.resources.ClientsResource;
import keywhiz.service.resources.GroupsResource;
import keywhiz.service.resources.MembershipResource;
import keywhiz.service.resources.SecretDeliveryResource;
import keywhiz.service.resources.SecretGeneratorsResource;
import keywhiz.service.resources.SecretsDeliveryResource;
import keywhiz.service.resources.SecretsResource;
import keywhiz.service.resources.SessionLoginResource;
import keywhiz.service.resources.SessionLogoutResource;
import keywhiz.service.resources.SessionMeResource;
import keywhiz.utility.SecretTemplateCompiler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:keywhiz/KeywhizService.class */
public class KeywhizService extends Application<KeywhizConfig> {
    private static final Logger logger = LoggerFactory.getLogger(KeywhizService.class);
    private final Map<String, SecretGeneratorFactory<?>> secretGeneratorFactories = Maps.newHashMap();
    private final Map<String, SecretGenerator<?>> secretGenerators = Maps.newHashMap();
    private Injector injector;

    public static void main(String[] strArr) throws Exception {
        new KeywhizService().run(strArr);
    }

    public Injector getInjector() {
        return this.injector;
    }

    public void setInjector(Injector injector) {
        this.injector = injector;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void addSecretGeneratorFactory(String str, SecretGeneratorFactory<?> secretGeneratorFactory) {
        Preconditions.checkArgument(SecretTemplateCompiler.validName(str) && !this.secretGenerators.containsKey(str));
        logger.debug("Registering SecretGeneratorFactory {} -> {}", str, secretGeneratorFactory.getClass().getSimpleName());
        this.secretGeneratorFactories.put(str, Preconditions.checkNotNull(secretGeneratorFactory));
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void addSecretGenerator(String str, SecretGenerator<?> secretGenerator) {
        Preconditions.checkArgument(SecretTemplateCompiler.validName(str) && !this.secretGeneratorFactories.containsKey(str));
        logger.debug("Registering SecretGenerator {} -> {}", str, secretGenerator.getClass().getSimpleName());
        this.secretGenerators.put(str, Preconditions.checkNotNull(secretGenerator));
    }

    public String getName() {
        return "keywhiz";
    }

    public void initialize(Bootstrap<KeywhizConfig> bootstrap) {
        customizeObjectMapper(bootstrap.getObjectMapper());
        logger.debug("Registering commands");
        bootstrap.addCommand(new PreviewMigrateCommand());
        bootstrap.addCommand(new MigrateCommand());
        bootstrap.addCommand(new DbSeedCommand());
        bootstrap.addCommand(new GenerateAesKeyCommand());
        logger.debug("Registering bundles");
        bootstrap.addBundle(new Java8Bundle());
        bootstrap.addBundle(new NamedAssetsBundle());
        bootstrap.addBundle(new UiAssetsBundle());
    }

    public void run(KeywhizConfig keywhizConfig, Environment environment) throws Exception {
        if (this.injector == null) {
            logger.debug("No existing guice injector; creating new one");
            this.injector = Guice.createInjector(new Module[]{new ServiceModule(keywhizConfig, environment), new SecretGeneratorModule(this.secretGeneratorFactories, this.secretGenerators)});
        }
        JerseyEnvironment jersey = environment.jersey();
        logger.debug("Registering resource filters");
        jersey.register(this.injector.getInstance(ClientCertificateFilter.class));
        logger.debug("Registering servlet filters");
        environment.servlets().addFilter("security-headers-filter", (Filter) this.injector.getInstance(SecurityHeadersFilter.class)).addMappingForUrlPatterns((EnumSet) null, false, new String[]{"/*"});
        jersey.register(this.injector.getInstance(CookieRenewingFilter.class));
        environment.servlets().addFilter("xsrf-filter", (Filter) this.injector.getInstance(XsrfServletFilter.class)).addMappingForUrlPatterns((EnumSet) null, false, new String[]{"/admin/*"});
        logger.debug("Registering providers");
        jersey.register(new AuthResolver.Binder((ClientAuthFactory) this.injector.getInstance(ClientAuthFactory.class), (AutomationClientAuthFactory) this.injector.getInstance(AutomationClientAuthFactory.class), (UserAuthFactory) this.injector.getInstance(UserAuthFactory.class)));
        logger.debug("Registering resources");
        jersey.register(this.injector.getInstance(ClientsResource.class));
        jersey.register(this.injector.getInstance(GroupsResource.class));
        jersey.register(this.injector.getInstance(MembershipResource.class));
        jersey.register(this.injector.getInstance(SecretsDeliveryResource.class));
        jersey.register(this.injector.getInstance(SecretsResource.class));
        jersey.register(this.injector.getInstance(SecretGeneratorsResource.class));
        jersey.register(this.injector.getInstance(SecretDeliveryResource.class));
        jersey.register(this.injector.getInstance(SessionLoginResource.class));
        jersey.register(this.injector.getInstance(SessionLogoutResource.class));
        jersey.register(this.injector.getInstance(SessionMeResource.class));
        jersey.register(this.injector.getInstance(AutomationClientResource.class));
        jersey.register(this.injector.getInstance(AutomationGroupResource.class));
        jersey.register(this.injector.getInstance(AutomationSecretResource.class));
        jersey.register(this.injector.getInstance(AutomationEnrollClientGroupResource.class));
        jersey.register(this.injector.getInstance(AutomationSecretAccessResource.class));
        jersey.register(this.injector.getInstance(AutomationSecretGeneratorsResource.class));
        logger.debug("Keywhiz configuration complete");
    }

    public static ObjectMapper customizeObjectMapper(ObjectMapper objectMapper) {
        objectMapper.registerModules(new com.fasterxml.jackson.databind.Module[]{new Jdk8Module()});
        objectMapper.registerModules(new com.fasterxml.jackson.databind.Module[]{new JSR310Module()});
        objectMapper.enable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
        objectMapper.setDateFormat(StdDateFormat.getISO8601Format(TimeZone.getTimeZone("UTC"), Locale.ENGLISH));
        objectMapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
        return objectMapper;
    }
}
