package org.apache.nifi.minifi.bootstrap.service;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Comparator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Properties;
import java.util.Set;
import java.util.function.Predicate;
import org.apache.commons.io.output.ByteArrayOutputStream;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.commons.lang3.tuple.Triple;
import org.apache.nifi.minifi.bootstrap.configuration.ConfigurationChangeException;
import org.apache.nifi.minifi.bootstrap.util.OrderedProperties;
import org.apache.nifi.minifi.commons.api.MiNiFiProperties;

/* loaded from: input_file:org/apache/nifi/minifi/bootstrap/service/MiNiFiPropertiesGenerator.class */
public class MiNiFiPropertiesGenerator {
    public static final String PROPERTIES_FILE_APACHE_2_0_LICENSE = " Licensed to the Apache Software Foundation (ASF) under one or more\n# contributor license agreements.  See the NOTICE file distributed with\n# this work for additional information regarding copyright ownership.\n# The ASF licenses this file to You under the Apache License, Version 2.0\n# (the \"License\"); you may not use this file except in compliance with\n# the License.  You may obtain a copy of the License at\n#\n#     http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n";
    static final String DEFAULT_SENSITIVE_PROPERTIES_ENCODING_ALGORITHM = "NIFI_PBKDF2_AES_GCM_256";
    private static final int SENSITIVE_PROPERTIES_KEY_LENGTH = 24;
    private static final String C2_PROPERTY_PREFIX = "c2.";
    private static final String NIFI_PREFIX = "nifi.";
    public static final String FILE_EXTENSION_DELIMITER = ".";
    static final List<Triple<String, String, String>> NIFI_PROPERTIES_WITH_DEFAULT_VALUES_AND_COMMENTS = List.of((Object[]) new Triple[]{Triple.of("nifi.flow.configuration.archive.enabled", "false", ""), Triple.of("nifi.flow.configuration.archive.dir", "./conf/archive/", ""), Triple.of("nifi.flowcontroller.autoResumeState", "true", ""), Triple.of("nifi.flowcontroller.graceful.shutdown.period", "10 sec", ""), Triple.of("nifi.flowservice.writedelay.interval", "500 ms", ""), Triple.of("nifi.administrative.yield.duration", "30 sec", ""), Triple.of("nifi.bored.yield.duration", "10 millis", "# If a component has no work to do (is \"bored\"), how long should we wait before checking again for work"), Triple.of("nifi.login.identity.provider.configuration.file", "./conf/login-identity-providers.xml", ""), Triple.of("nifi.ui.banner.text", "", ""), Triple.of("nifi.ui.autorefresh.interval", "30 sec", ""), Triple.of("nifi.nar.library.directory", "./lib", ""), Triple.of("nifi.nar.working.directory", "./work/nar/", ""), Triple.of("nifi.nar.library.autoload.directory", "./extensions", ""), Triple.of("nifi.documentation.working.directory", "./work/docs/components", ""), Triple.of("nifi.state.management.configuration.file", "./conf/state-management.xml", "# State Management"), Triple.of("nifi.state.management.provider.local", "local-provider", "# The ID of the local state provider"), Triple.of("nifi.database.directory", "./database_repository", "# H2 Settings"), Triple.of("nifi.flowfile.repository.implementation", "org.apache.nifi.controller.repository.WriteAheadFlowFileRepository", "# FlowFile Repository"), Triple.of("nifi.flowfile.repository.directory", "./flowfile_repository", ""), Triple.of("nifi.flowfile.repository.checkpoint.interval", "20 secs", ""), Triple.of("nifi.flowfile.repository.always.sync", "false", ""), Triple.of("nifi.swap.manager.implementation", "org.apache.nifi.controller.FileSystemSwapManager", ""), Triple.of("nifi.queue.swap.threshold", "20000", ""), Triple.of("nifi.content.repository.implementation", "org.apache.nifi.controller.repository.FileSystemRepository", "# Content Repository"), Triple.of("nifi.content.claim.max.appendable.size", "50 KB", ""), Triple.of("nifi.content.repository.archive.max.retention.period", "7 days", ""), Triple.of("nifi.content.repository.archive.max.usage.percentage", "50%", ""), Triple.of("nifi.content.repository.archive.enabled", "false", ""), Triple.of("nifi.content.repository.directory..default", "./content_repository", ""), Triple.of("nifi.provenance.repository.implementation", "org.apache.nifi.provenance.NoOpProvenanceRepository", "# Provenance Repository Properties"), Triple.of("nifi.provenance.repository.rollover.time", "", ""), Triple.of("nifi.provenance.repository.index.shard.size", "", ""), Triple.of("nifi.provenance.repository.max.storage.size", "", ""), Triple.of("nifi.provenance.repository.max.storage.time", "", ""), Triple.of("nifi.components.status.repository.implementation", "org.apache.nifi.controller.status.history.VolatileComponentStatusRepository", "# Component Status Repository"), Triple.of("nifi.components.status.snapshot.frequency", "1 min", ""), Triple.of("nifi.web.http.host", "", ""), Triple.of("nifi.web.http.port", "", ""), Triple.of("nifi.web.https.host", "", ""), Triple.of("nifi.web.https.port", "", ""), Triple.of("nifi.web.jetty.working.directory", "./work/jetty", ""), Triple.of("nifi.web.jetty.threads", "200", ""), Triple.of("nifi.security.keystore", "", ""), Triple.of("nifi.security.keystoreType", "", ""), Triple.of("nifi.security.keystorePasswd", "", ""), Triple.of("nifi.security.keyPasswd", "", ""), Triple.of("nifi.security.truststore", "", ""), Triple.of("nifi.security.truststoreType", "", ""), Triple.of("nifi.security.truststorePasswd", "", ""), Triple.of("nifi.security.ocsp.responder.url", "", ""), Triple.of("nifi.security.ocsp.responder.certificate", "", ""), Triple.of("nifi.cluster.is.node", "false", ""), Triple.of("nifi.flow.configuration.file", "./conf/flow.json.gz", "")});
    static final Map<String, String> MINIFI_TO_NIFI_PROPERTY_MAPPING = Map.of(MiNiFiProperties.NIFI_MINIFI_FLOW_CONFIG.getKey(), "nifi.flow.configuration.file", MiNiFiProperties.NIFI_MINIFI_SECURITY_KEYSTORE.getKey(), "nifi.security.keystore", MiNiFiProperties.NIFI_MINIFI_SECURITY_KEYSTORE_TYPE.getKey(), "nifi.security.keystoreType", MiNiFiProperties.NIFI_MINIFI_SECURITY_KEYSTORE_PASSWD.getKey(), "nifi.security.keystorePasswd", MiNiFiProperties.NIFI_MINIFI_SECURITY_KEY_PASSWD.getKey(), "nifi.security.keyPasswd", MiNiFiProperties.NIFI_MINIFI_SECURITY_TRUSTSTORE.getKey(), "nifi.security.truststore", MiNiFiProperties.NIFI_MINIFI_SECURITY_TRUSTSTORE_TYPE.getKey(), "nifi.security.truststoreType", MiNiFiProperties.NIFI_MINIFI_SECURITY_TRUSTSTORE_PASSWD.getKey(), "nifi.security.truststorePasswd");
    private static final Base64.Encoder KEY_ENCODER = Base64.getEncoder().withoutPadding();

    public void generateMinifiProperties(String str, Properties properties) throws ConfigurationChangeException {
        Path of = Path.of(str, Path.of(MiNiFiExecCommandProvider.getMiNiFiPropertiesPath(properties, new File(str)), new String[0]).getFileName().toString());
        persistMinifiProperties(of, prepareMinifiProperties(properties, extractSensitivePropertiesConfiguration(of)));
    }

    private Map<String, String> extractSensitivePropertiesConfiguration(Path path) throws ConfigurationChangeException {
        if (!Files.exists(path, new LinkOption[0])) {
            return Map.of();
        }
        Properties properties = new Properties();
        try {
            InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
            try {
                properties.load(newInputStream);
                if (newInputStream != null) {
                    newInputStream.close();
                }
                return Map.of("nifi.sensitive.props.key", properties.getProperty("nifi.sensitive.props.key"), "nifi.sensitive.props.algorithm", properties.getProperty("nifi.sensitive.props.algorithm"));
            } finally {
            }
        } catch (IOException e) {
            throw new ConfigurationChangeException("Unable to load MiNiFi properties from " + String.valueOf(path), e);
        }
    }

    private OrderedProperties prepareMinifiProperties(Properties properties, Map<String, String> map) {
        OrderedProperties orderedProperties = new OrderedProperties();
        NIFI_PROPERTIES_WITH_DEFAULT_VALUES_AND_COMMENTS.forEach(triple -> {
            orderedProperties.setProperty((String) triple.getLeft(), (String) triple.getMiddle(), (String) triple.getRight());
        });
        getNonBlankPropertiesWithPredicate(properties, entry -> {
            return MINIFI_TO_NIFI_PROPERTY_MAPPING.containsKey(entry.getKey());
        }).forEach(pair -> {
            orderedProperties.setProperty(MINIFI_TO_NIFI_PROPERTY_MAPPING.get(pair.getKey()), (String) pair.getValue());
        });
        getSensitiveProperties(properties, map).forEach(pair2 -> {
            orderedProperties.setProperty((String) pair2.getKey(), (String) pair2.getValue());
        });
        getNonBlankPropertiesWithPredicate(properties, entry2 -> {
            return ((String) entry2.getKey()).startsWith(C2_PROPERTY_PREFIX);
        }).forEach(pair3 -> {
            orderedProperties.setProperty((String) pair3.getKey(), (String) pair3.getValue());
        });
        getNonBlankPropertiesWithPredicate(properties, entry3 -> {
            return ((String) entry3.getKey()).startsWith(NIFI_PREFIX);
        }).forEach(pair4 -> {
            orderedProperties.setProperty((String) pair4.getKey(), (String) pair4.getValue());
        });
        bootstrapFileAndLogProperties().forEach(pair5 -> {
            orderedProperties.setProperty((String) pair5.getKey(), (String) pair5.getValue());
        });
        return orderedProperties;
    }

    private List<Pair<String, String>> getNonBlankPropertiesWithPredicate(Properties properties, Predicate<Map.Entry> predicate) {
        return ((Set) Optional.ofNullable(properties).map((v0) -> {
            return v0.entrySet();
        }).orElseGet(Set::of)).stream().filter(predicate).filter(entry -> {
            return StringUtils.isNotBlank((String) entry.getValue());
        }).map(entry2 -> {
            return Pair.of((String) entry2.getKey(), (String) entry2.getValue());
        }).sorted((pair, pair2) -> {
            return Comparator.naturalOrder().compare((String) pair.getKey(), (String) pair2.getKey());
        }).toList();
    }

    private List<Pair<String, String>> getSensitiveProperties(Properties properties, Map<String, String> map) {
        return map.isEmpty() ? List.of(Pair.of("nifi.sensitive.props.key", (String) Optional.ofNullable(properties.getProperty(MiNiFiProperties.NIFI_MINIFI_SENSITIVE_PROPS_KEY.getKey())).filter((v0) -> {
            return StringUtils.isNotBlank(v0);
        }).orElseGet(this::generateSensitivePropertiesKey)), Pair.of("nifi.sensitive.props.algorithm", (String) Optional.ofNullable(properties.getProperty(MiNiFiProperties.NIFI_MINIFI_SENSITIVE_PROPS_ALGORITHM.getKey())).filter((v0) -> {
            return StringUtils.isNotBlank(v0);
        }).orElse(DEFAULT_SENSITIVE_PROPERTIES_ENCODING_ALGORITHM))) : map.entrySet().stream().map(entry -> {
            return Pair.of((String) entry.getKey(), (String) entry.getValue());
        }).toList();
    }

    private String generateSensitivePropertiesKey() {
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[SENSITIVE_PROPERTIES_KEY_LENGTH];
        secureRandom.nextBytes(bArr);
        return KEY_ENCODER.encodeToString(bArr);
    }

    private List<Pair<String, String>> bootstrapFileAndLogProperties() {
        return List.of(Pair.of("nifi.minifi.bootstrap.file", BootstrapFileProvider.getBootstrapConfFile().getAbsolutePath()), Pair.of("nifi.minifi.log.directory", System.getProperty(MiNiFiExecCommandProvider.LOG_DIR, MiNiFiExecCommandProvider.DEFAULT_LOG_DIR).trim()), Pair.of("nifi.minifi.app.log.file", String.join(FILE_EXTENSION_DELIMITER, System.getProperty(MiNiFiExecCommandProvider.APP_LOG_FILE_NAME, MiNiFiExecCommandProvider.DEFAULT_APP_LOG_FILE_NAME).trim(), System.getProperty(MiNiFiExecCommandProvider.APP_LOG_FILE_EXTENSION, MiNiFiExecCommandProvider.DEFAULT_LOG_FILE_EXTENSION).trim())), Pair.of("nifi.minifi.bootstrap.log.file", String.join(FILE_EXTENSION_DELIMITER, System.getProperty(MiNiFiExecCommandProvider.BOOTSTRAP_LOG_FILE_NAME, MiNiFiExecCommandProvider.DEFAULT_BOOTSTRAP_LOG_FILE_NAME).trim(), System.getProperty(MiNiFiExecCommandProvider.BOOTSTRAP_LOG_FILE_EXTENSION, MiNiFiExecCommandProvider.DEFAULT_LOG_FILE_EXTENSION).trim())));
    }

    private void persistMinifiProperties(Path path, OrderedProperties orderedProperties) throws ConfigurationChangeException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(path.toString());
                try {
                    orderedProperties.store((OutputStream) byteArrayOutputStream, PROPERTIES_FILE_APACHE_2_0_LICENSE);
                    byteArrayOutputStream.writeTo(fileOutputStream);
                    fileOutputStream.close();
                    byteArrayOutputStream.close();
                } catch (Throwable th) {
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } finally {
            }
        } catch (Exception e) {
            throw new ConfigurationChangeException("Failed to write MiNiFi properties to " + String.valueOf(path), e);
        }
    }
}
