package com.cloudera.cmf.service.config;

import com.cloudera.api.fiql.FIQLParser;
import com.cloudera.cmf.service.ReplicationUtils;
import com.cloudera.cmf.service.config.transform.CredentialProviderConfigTransform;
import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import com.google.common.collect.UnmodifiableIterator;
import java.io.OutputStream;
import java.net.URI;
import java.util.LinkedHashSet;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/cmf/service/config/KeystoreFileGenerator.class */
public class KeystoreFileGenerator extends AbstractConfigFileGenerator {
    private static final Logger LOG = LoggerFactory.getLogger(KeystoreFileGenerator.class);
    private final ImmutableList<ConfigEvaluator> evaluators;
    private final ParamSpec<String> keystorePasswordPS;
    private String password;

    /* loaded from: input_file:com/cloudera/cmf/service/config/KeystoreFileGenerator$Builder.class */
    public static class Builder {
        private String keystoreFilename;
        private ParamSpec<String> keystorePasswordPS;
        private ConfigEvaluationPredicate predicate;
        private ImmutableList<ConfigEvaluator> evaluators;

        public Builder keystoreFilename(String str) {
            this.keystoreFilename = str;
            return this;
        }

        public Builder keystorePasswordPS(ParamSpec<String> paramSpec) {
            this.keystorePasswordPS = paramSpec;
            return this;
        }

        public Builder evaluators(ConfigEvaluator... configEvaluatorArr) {
            this.evaluators = ImmutableList.copyOf(configEvaluatorArr);
            return this;
        }

        public Builder predicate(ConfigEvaluationPredicate configEvaluationPredicate) {
            this.predicate = configEvaluationPredicate;
            return this;
        }

        public KeystoreFileGenerator build() {
            return new KeystoreFileGenerator(this);
        }
    }

    private KeystoreFileGenerator(Builder builder) {
        super((String) Preconditions.checkNotNull(builder.keystoreFilename), builder.predicate);
        this.evaluators = (ImmutableList) Preconditions.checkNotNull(builder.evaluators);
        this.keystorePasswordPS = (ParamSpec) Preconditions.checkNotNull(builder.keystorePasswordPS);
    }

    @Override // com.cloudera.cmf.service.config.ConfigFileGenerator
    public void generate(ConfigFile configFile, OutputStream outputStream, boolean z) throws ConfigGenException {
        if (this.password == null || configFile.getConfigs().isEmpty()) {
            return;
        }
        new GenericKeyStoreConfigFileGenerator(getOutputFileName(), this.password, new CredentialProviderConfigTransform(this.password).keyStoreType).generate(configFile, outputStream, z);
        LOG.debug(String.format("Generated Keystore=%s for configs=%s", getOutputFileName(), getConfigKeys(configFile)));
    }

    private String getConfigKeys(ConfigFile configFile) {
        LinkedHashSet newLinkedHashSet = Sets.newLinkedHashSet();
        UnmodifiableIterator it = configFile.getConfigs().iterator();
        while (it.hasNext()) {
            newLinkedHashSet.add(((EvaluatedConfig) it.next()).getName());
        }
        return Joiner.on(FIQLParser.OR).join(newLinkedHashSet);
    }

    @Override // com.cloudera.cmf.service.config.AbstractConfigFileGenerator
    protected ConfigFile generateConfigFileImpl(ConfigEvaluationContext configEvaluationContext) throws ConfigGenException {
        LinkedHashSet newLinkedHashSet = Sets.newLinkedHashSet();
        UnmodifiableIterator it = this.evaluators.iterator();
        while (it.hasNext()) {
            newLinkedHashSet.addAll(((ConfigEvaluator) it.next()).evaluateConfig(configEvaluationContext));
        }
        SimpleConfigFile simpleConfigFile = new SimpleConfigFile(getOutputFileName());
        simpleConfigFile.addAll(Lists.newArrayList(newLinkedHashSet));
        updatePasswordFrom(configEvaluationContext);
        return simpleConfigFile;
    }

    public static String toCredentialProviderURI(String str) {
        URI create = URI.create(str);
        if (!create.isAbsolute()) {
            Preconditions.checkArgument(str.startsWith(ReplicationUtils.PATH_SEPARATOR), "location does not have a scheme and is not absolute: " + str);
            return "jceks://" + str;
        }
        Preconditions.checkNotNull(create.getHost(), "null host in URI created from:" + str);
        Preconditions.checkNotNull(create.getRawPath());
        StringBuilder append = new StringBuilder().append(create.getHost());
        if (create.getPort() != -1) {
            append.append(":").append(create.getPort());
        }
        return String.format("jceks://%s@%s%s", create.getScheme(), append.toString(), create.getRawPath());
    }

    private void updatePasswordFrom(ConfigEvaluationContext configEvaluationContext) {
        this.password = this.keystorePasswordPS.extract(configEvaluationContext.getConfigs());
    }

    public static Builder builder() {
        return new Builder();
    }
}
