package org.apache.nifi.toolkit.tls.standalone;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.IntStream;
import org.apache.commons.cli.CommandLine;
import org.apache.nifi.toolkit.tls.commandLine.BaseCommandLine;
import org.apache.nifi.toolkit.tls.commandLine.CommandLineParseException;
import org.apache.nifi.toolkit.tls.commandLine.ExitCode;
import org.apache.nifi.toolkit.tls.configuration.TlsConfig;
import org.apache.nifi.toolkit.tls.properties.NiFiPropertiesWriterFactory;
import org.apache.nifi.toolkit.tls.service.client.TlsCertificateAuthorityClientCommandLine;
import org.apache.nifi.toolkit.tls.service.server.TlsCertificateAuthorityServiceCommandLine;
import org.apache.nifi.toolkit.tls.util.PasswordUtil;
import org.apache.nifi.toolkit.tls.util.TlsHelper;
import org.apache.nifi.util.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/nifi/toolkit/tls/standalone/TlsToolkitStandaloneCommandLine.class */
public class TlsToolkitStandaloneCommandLine extends BaseCommandLine {
    public static final String OUTPUT_DIRECTORY_ARG = "outputDirectory";
    public static final String NIFI_PROPERTIES_FILE_ARG = "nifiPropertiesFile";
    public static final String KEY_STORE_PASSWORD_ARG = "keyStorePassword";
    public static final String TRUST_STORE_PASSWORD_ARG = "trustStorePassword";
    public static final String KEY_PASSWORD_ARG = "keyPassword";
    public static final String HOSTNAMES_ARG = "hostnames";
    public static final String HTTPS_PORT_ARG = "httpsPort";
    public static final String DEFAULT_OUTPUT_DIRECTORY = "../" + Paths.get(TlsCertificateAuthorityClientCommandLine.DEFAULT_CERTIFICATE_DIRECTORY, new String[0]).toAbsolutePath().normalize().getFileName().toString();
    public static final int DEFAULT_HTTPS_PORT = 10443;
    public static final String DESCRIPTION = "Creates certificates and config files for nifi cluster.";
    private final Logger logger;
    private final PasswordUtil passwordUtil;
    private File baseDir;
    private List<String> hostnames;
    private int httpsPort;
    private NiFiPropertiesWriterFactory niFiPropertiesWriterFactory;
    private List<String> keyStorePasswords;
    private List<String> keyPasswords;
    private List<String> trustStorePasswords;

    public TlsToolkitStandaloneCommandLine() {
        this(new PasswordUtil());
    }

    protected TlsToolkitStandaloneCommandLine(PasswordUtil passwordUtil) {
        super(DESCRIPTION);
        this.logger = LoggerFactory.getLogger(TlsToolkitStandaloneCommandLine.class);
        this.passwordUtil = passwordUtil;
        addOptionWithArg("o", OUTPUT_DIRECTORY_ARG, "The directory to output keystores, truststore, config files.", DEFAULT_OUTPUT_DIRECTORY);
        addOptionWithArg("n", HOSTNAMES_ARG, "Comma separated list of hostnames.", TlsConfig.DEFAULT_HOSTNAME);
        addOptionWithArg("p", HTTPS_PORT_ARG, "Https port to use.", Integer.valueOf(DEFAULT_HTTPS_PORT));
        addOptionWithArg("f", NIFI_PROPERTIES_FILE_ARG, "Base nifi.properties file to update. (Embedded file identical to the one in a default NiFi install will be used if not specified.)");
        addOptionWithArg("S", KEY_STORE_PASSWORD_ARG, "Keystore password to use.  Must either be one value or one for each host. (autogenerate if not specified)");
        addOptionWithArg("K", KEY_PASSWORD_ARG, "Key password to use.  Must either be one value or one for each host. (autogenerate if not specified)");
        addOptionWithArg("P", TRUST_STORE_PASSWORD_ARG, "Keystore password to use.  Must either be one value or one for each host. (autogenerate if not specified)");
    }

    public static void main(String[] strArr) {
        TlsHelper.addBouncyCastleProvider();
        TlsToolkitStandaloneCommandLine tlsToolkitStandaloneCommandLine = new TlsToolkitStandaloneCommandLine();
        try {
            tlsToolkitStandaloneCommandLine.parse(strArr);
        } catch (CommandLineParseException e) {
            System.exit(e.getExitCode());
        }
        try {
            new TlsToolkitStandalone().createNifiKeystoresAndTrustStores(tlsToolkitStandaloneCommandLine.getBaseDir(), tlsToolkitStandaloneCommandLine.createConfig(), tlsToolkitStandaloneCommandLine.getNiFiPropertiesWriterFactory(), tlsToolkitStandaloneCommandLine.getHostnames(), tlsToolkitStandaloneCommandLine.getKeyStorePasswords(), tlsToolkitStandaloneCommandLine.getKeyPasswords(), tlsToolkitStandaloneCommandLine.getTrustStorePasswords(), tlsToolkitStandaloneCommandLine.getHttpsPort());
        } catch (Exception e2) {
            tlsToolkitStandaloneCommandLine.printUsage("Error creating generating tls configuration. (" + e2.getMessage() + ")");
            System.exit(ExitCode.ERROR_GENERATING_CONFIG.ordinal());
        }
        System.exit(ExitCode.SUCCESS.ordinal());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.nifi.toolkit.tls.commandLine.BaseCommandLine
    public CommandLine doParse(String... strArr) throws CommandLineParseException {
        CommandLine doParse = super.doParse(strArr);
        this.baseDir = new File(doParse.getOptionValue(OUTPUT_DIRECTORY_ARG, DEFAULT_OUTPUT_DIRECTORY));
        this.hostnames = (List) Arrays.stream(doParse.getOptionValue(HOSTNAMES_ARG, TlsConfig.DEFAULT_HOSTNAME).split(",")).map((v0) -> {
            return v0.trim();
        }).collect(Collectors.toList());
        this.httpsPort = getIntValue(doParse, HTTPS_PORT_ARG, DEFAULT_HTTPS_PORT);
        int size = this.hostnames.size();
        this.keyStorePasswords = Collections.unmodifiableList(getPasswords(KEY_STORE_PASSWORD_ARG, doParse, size));
        this.keyPasswords = Collections.unmodifiableList(getKeyPasswords(doParse, this.keyStorePasswords));
        this.trustStorePasswords = Collections.unmodifiableList(getPasswords(TRUST_STORE_PASSWORD_ARG, doParse, size));
        String optionValue = doParse.getOptionValue(NIFI_PROPERTIES_FILE_ARG, "");
        try {
            if (StringUtils.isEmpty(optionValue)) {
                this.logger.info("No nifiPropertiesFile specified, using embedded one.");
                this.niFiPropertiesWriterFactory = new NiFiPropertiesWriterFactory();
            } else {
                this.logger.info("Using " + optionValue + " as template.");
                this.niFiPropertiesWriterFactory = new NiFiPropertiesWriterFactory(new FileInputStream(optionValue));
            }
        } catch (IOException e) {
            printUsageAndThrow("Unable to read nifi.properties from " + (StringUtils.isEmpty(optionValue) ? "classpath" : optionValue), ExitCode.ERROR_READING_NIFI_PROPERTIES);
        }
        return doParse;
    }

    private List<String> getPasswords(String str, CommandLine commandLine, int i) throws CommandLineParseException {
        String[] optionValues = commandLine.getOptionValues(str);
        return optionValues == null ? (List) IntStream.range(0, i).mapToObj(i2 -> {
            return this.passwordUtil.generatePassword();
        }).collect(Collectors.toList()) : optionValues.length == 1 ? (List) IntStream.range(0, i).mapToObj(i3 -> {
            return optionValues[0];
        }).collect(Collectors.toList()) : optionValues.length == i ? (List) Arrays.stream(optionValues).collect(Collectors.toList()) : (List) printUsageAndThrow("Expected either 1 value or " + i + " (the number of hostnames) values for " + str, ExitCode.ERROR_INCORRECT_NUMBER_OF_PASSWORDS);
    }

    private List<String> getKeyPasswords(CommandLine commandLine, List<String> list) throws CommandLineParseException {
        return (differentPasswordForKeyAndKeystore() || commandLine.hasOption(KEY_PASSWORD_ARG)) ? getPasswords(KEY_PASSWORD_ARG, commandLine, list.size()) : new ArrayList(list);
    }

    public File getBaseDir() {
        return this.baseDir;
    }

    public List<String> getHostnames() {
        return this.hostnames;
    }

    public int getHttpsPort() {
        return this.httpsPort;
    }

    public NiFiPropertiesWriterFactory getNiFiPropertiesWriterFactory() {
        return this.niFiPropertiesWriterFactory;
    }

    public List<String> getKeyStorePasswords() {
        return this.keyStorePasswords;
    }

    public List<String> getKeyPasswords() {
        return this.keyPasswords;
    }

    public List<String> getTrustStorePasswords() {
        return this.trustStorePasswords;
    }

    public TlsConfig createConfig() throws IOException {
        TlsConfig tlsConfig = new TlsConfig();
        tlsConfig.setCaHostname(getCertificateAuthorityHostname());
        tlsConfig.setKeyStore(TlsCertificateAuthorityServiceCommandLine.NIFI_CA_KEYSTORE + getKeyStoreType().toLowerCase());
        tlsConfig.setKeyStoreType(getKeyStoreType());
        tlsConfig.setKeySize(getKeySize());
        tlsConfig.setKeyPairAlgorithm(getKeyAlgorithm());
        tlsConfig.setSigningAlgorithm(getSigningAlgorithm());
        tlsConfig.setDays(getDays());
        tlsConfig.initDefaults();
        return tlsConfig;
    }
}
