package org.apache.hadoop.hdds.scm.cli.cert;

import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import org.apache.hadoop.hdds.cli.HddsVersionProvider;
import org.apache.hadoop.hdds.protocol.SCMSecurityProtocol;
import org.apache.hadoop.hdds.protocol.proto.HddsProtos;
import org.apache.hadoop.hdds.security.x509.certificate.utils.CertificateCodec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import picocli.CommandLine;

@CommandLine.Command(name = "list", description = {"List certificates"}, mixinStandardHelpOptions = true, versionProvider = HddsVersionProvider.class)
/* loaded from: input_file:org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.class */
public class ListSubcommand extends ScmCertSubcommand {
    private static final Logger LOG = LoggerFactory.getLogger(ListSubcommand.class);

    @CommandLine.Option(names = {"-s", "--start"}, description = {"Certificate serial id to start the iteration"}, defaultValue = "0", showDefaultValue = CommandLine.Help.Visibility.ALWAYS)
    private long startSerialId;

    @CommandLine.Option(names = {"-c", "--count"}, description = {"Maximum number of certificates to list"}, defaultValue = "20", showDefaultValue = CommandLine.Help.Visibility.ALWAYS)
    private int count;

    @CommandLine.Option(names = {"-r", "--role"}, description = {"Filter certificate by the role: om/datanode"}, defaultValue = "datanode", showDefaultValue = CommandLine.Help.Visibility.ALWAYS)
    private String role;

    @CommandLine.Option(names = {"-t", "--type"}, description = {"Filter certificate by the type: valid or revoked"}, defaultValue = "valid", showDefaultValue = CommandLine.Help.Visibility.ALWAYS)
    private String type;
    private static final String OUTPUT_FORMAT = "%-17s %-30s %-30s %-110s";

    private HddsProtos.NodeType parseCertRole(String str) {
        return str.equalsIgnoreCase("om") ? HddsProtos.NodeType.OM : str.equalsIgnoreCase("scm") ? HddsProtos.NodeType.SCM : HddsProtos.NodeType.DATANODE;
    }

    private void printCert(X509Certificate x509Certificate) {
        LOG.info(String.format(OUTPUT_FORMAT, x509Certificate.getSerialNumber(), x509Certificate.getNotBefore(), x509Certificate.getNotAfter(), x509Certificate.getSubjectDN()));
    }

    @Override // org.apache.hadoop.hdds.scm.cli.cert.ScmCertSubcommand
    protected void execute(SCMSecurityProtocol sCMSecurityProtocol) throws IOException {
        List listCertificate = sCMSecurityProtocol.listCertificate(parseCertRole(this.role), this.startSerialId, this.count, this.type.equalsIgnoreCase("revoked"));
        LOG.info("Total {} {} certificates: ", Integer.valueOf(listCertificate.size()), this.type);
        LOG.info(String.format(OUTPUT_FORMAT, "SerialNumber", "Valid From", "Expiry", "Subject"));
        Iterator it = listCertificate.iterator();
        while (it.hasNext()) {
            try {
                printCert(CertificateCodec.getX509Certificate((String) it.next()));
            } catch (CertificateException e) {
                LOG.error("Failed to parse certificate.");
            }
        }
    }
}
