package io.fabric8.service.jclouds.firewall.internal;

import com.google.common.base.Optional;
import com.google.common.base.Predicate;
import com.google.common.collect.Iterables;
import io.fabric8.api.jcip.ThreadSafe;
import io.fabric8.api.scr.AbstractComponent;
import io.fabric8.service.jclouds.firewall.ApiFirewallSupport;
import java.util.ArrayList;
import java.util.Iterator;
import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Deactivate;
import org.apache.felix.scr.annotations.Service;
import org.jclouds.aws.util.AWSUtils;
import org.jclouds.compute.ComputeService;
import org.jclouds.compute.domain.NodeMetadata;
import org.jclouds.javax.annotation.Nullable;
import org.jclouds.net.domain.IpProtocol;
import org.jclouds.openstack.nova.v2_0.NovaApi;
import org.jclouds.openstack.nova.v2_0.domain.Ingress;
import org.jclouds.openstack.nova.v2_0.domain.SecurityGroup;
import org.jclouds.openstack.nova.v2_0.domain.SecurityGroupRule;
import org.jclouds.openstack.nova.v2_0.extensions.SecurityGroupApi;

/* JADX WARN: Classes with same name are omitted:
  input_file:fabric-core-agent-jclouds-1.2.0.redhat-630515.jar:io/fabric8/service/jclouds/firewall/internal/NovaFirewallSupport.class
 */
@Service({ApiFirewallSupport.class})
@ThreadSafe
@Component(name = "io.fabric8.jclouds.firewall.nova", label = "Fabric8 Firewall Support for Openstack Nova", immediate = true, metatype = false)
/* loaded from: input_file:io/fabric8/service/jclouds/firewall/internal/NovaFirewallSupport.class */
public final class NovaFirewallSupport extends AbstractComponent implements ApiFirewallSupport {
    private final ApiFirewallSupport delegate = new Ec2SupportDelegate();

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:fabric-core-agent-jclouds-1.2.0.redhat-630515.jar:io/fabric8/service/jclouds/firewall/internal/NovaFirewallSupport$Ec2SupportDelegate.class
     */
    /* loaded from: input_file:io/fabric8/service/jclouds/firewall/internal/NovaFirewallSupport$Ec2SupportDelegate.class */
    public static final class Ec2SupportDelegate implements ApiFirewallSupport {
        private Ec2SupportDelegate() {
        }

        @Override // io.fabric8.service.jclouds.firewall.ApiFirewallSupport
        public void authorize(ComputeService computeService, NodeMetadata nodeMetadata, String str, int... iArr) {
            Optional<? extends SecurityGroupApi> securityGroup = getSecurityGroup(computeService, AWSUtils.parseHandle(nodeMetadata.getId())[0]);
            if (securityGroup.isPresent()) {
                Optional<? extends SecurityGroup> securityGroupForGroup = getSecurityGroupForGroup(securityGroup.get(), "jclouds-" + nodeMetadata.getGroup());
                if (securityGroupForGroup.isPresent()) {
                    for (int i : iArr) {
                        try {
                            securityGroup.get().createRuleAllowingCidrBlock(securityGroupForGroup.get().getId(), Ingress.builder().ipProtocol(IpProtocol.TCP).fromPort(i).toPort(i).build(), str);
                        } catch (IllegalStateException e) {
                        }
                    }
                }
            }
        }

        @Override // io.fabric8.service.jclouds.firewall.ApiFirewallSupport
        public void revoke(ComputeService computeService, NodeMetadata nodeMetadata, String str, int... iArr) {
            Optional<? extends SecurityGroupApi> securityGroup = getSecurityGroup(computeService, AWSUtils.parseHandle(nodeMetadata.getId())[0]);
            if (securityGroup.isPresent()) {
                Optional<? extends SecurityGroup> securityGroupForGroup = getSecurityGroupForGroup(securityGroup.get(), "jclouds-" + nodeMetadata.getGroup());
                if (securityGroupForGroup.isPresent()) {
                    try {
                        Iterator<SecurityGroupRule> it = getAllRuleMatching(securityGroupForGroup.get(), str, iArr).iterator();
                        while (it.hasNext()) {
                            securityGroup.get().deleteRule(it.next().getId());
                        }
                    } catch (IllegalStateException e) {
                    }
                }
            }
        }

        @Override // io.fabric8.service.jclouds.firewall.ApiFirewallSupport
        public void flush(ComputeService computeService, NodeMetadata nodeMetadata) {
            Optional<? extends SecurityGroupApi> securityGroup = getSecurityGroup(computeService, AWSUtils.parseHandle(nodeMetadata.getId())[0]);
            if (securityGroup.isPresent()) {
                Optional<? extends SecurityGroup> securityGroupForGroup = getSecurityGroupForGroup(securityGroup.get(), "jclouds-" + nodeMetadata.getGroup());
                if (securityGroupForGroup.isPresent()) {
                    try {
                        Iterator it = securityGroupForGroup.get().getRules().iterator();
                        while (it.hasNext()) {
                            securityGroup.get().deleteRule(((SecurityGroupRule) it.next()).getId());
                        }
                    } catch (IllegalStateException e) {
                    }
                }
            }
            authorize(computeService, nodeMetadata, "0.0.0.0", 22);
        }

        @Override // io.fabric8.service.jclouds.firewall.ApiFirewallSupport
        public boolean supports(ComputeService computeService) {
            try {
                computeService.getContext().unwrapApi(NovaApi.class);
                return true;
            } catch (IllegalArgumentException e) {
                return false;
            }
        }

        private static Optional<? extends SecurityGroupApi> getSecurityGroup(ComputeService computeService, String str) {
            return computeService.getContext().unwrapApi(NovaApi.class).getSecurityGroupExtensionForZone(str);
        }

        private static Optional<? extends SecurityGroup> getSecurityGroupForGroup(SecurityGroupApi securityGroupApi, final String str) {
            return securityGroupApi.list().firstMatch(new Predicate<SecurityGroup>() { // from class: io.fabric8.service.jclouds.firewall.internal.NovaFirewallSupport.Ec2SupportDelegate.1
                @Override // com.google.common.base.Predicate
                public boolean apply(SecurityGroup securityGroup) {
                    return securityGroup.getName().equals(str);
                }
            });
        }

        private static Iterable<SecurityGroupRule> getAllRuleMatching(SecurityGroup securityGroup, final String str, final int... iArr) {
            return Iterables.filter(securityGroup.getRules(), new Predicate<SecurityGroupRule>() { // from class: io.fabric8.service.jclouds.firewall.internal.NovaFirewallSupport.Ec2SupportDelegate.2
                @Override // com.google.common.base.Predicate
                public boolean apply(@Nullable SecurityGroupRule securityGroupRule) {
                    return Ec2SupportDelegate.rangeFulfilled(securityGroupRule.getFromPort(), securityGroupRule.getToPort(), iArr) && securityGroupRule.getIpRange().equals(str);
                }
            });
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static boolean rangeFulfilled(int i, int i2, int... iArr) {
            boolean z = true;
            ArrayList arrayList = new ArrayList();
            for (int i3 : iArr) {
                arrayList.add(Integer.valueOf(i3));
            }
            for (int i4 = i; i4 <= i2; i4++) {
                z &= arrayList.contains(Integer.valueOf(i4));
            }
            return z;
        }
    }

    @Activate
    void activate() {
        activateComponent();
    }

    @Deactivate
    void deactivate() {
        deactivateComponent();
    }

    @Override // io.fabric8.service.jclouds.firewall.ApiFirewallSupport
    public void authorize(ComputeService computeService, NodeMetadata nodeMetadata, String str, int... iArr) {
        assertValid();
        try {
            this.delegate.authorize(computeService, nodeMetadata, str, iArr);
        } catch (NoClassDefFoundError e) {
        }
    }

    @Override // io.fabric8.service.jclouds.firewall.ApiFirewallSupport
    public void revoke(ComputeService computeService, NodeMetadata nodeMetadata, String str, int... iArr) {
        assertValid();
        try {
            this.delegate.revoke(computeService, nodeMetadata, str, iArr);
        } catch (NoClassDefFoundError e) {
        }
    }

    @Override // io.fabric8.service.jclouds.firewall.ApiFirewallSupport
    public void flush(ComputeService computeService, NodeMetadata nodeMetadata) {
        assertValid();
        this.delegate.flush(computeService, nodeMetadata);
    }

    @Override // io.fabric8.service.jclouds.firewall.ApiFirewallSupport
    public boolean supports(ComputeService computeService) {
        assertValid();
        try {
            return this.delegate.supports(computeService);
        } catch (NoClassDefFoundError e) {
            return false;
        }
    }
}
