package org.opends.server.admin.client.cli;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Comparator;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import java.util.TreeSet;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.NamingException;
import javax.naming.ldap.InitialLdapContext;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import org.opends.admin.ads.ADSContextException;
import org.opends.admin.ads.util.ApplicationKeyManager;
import org.opends.admin.ads.util.ApplicationTrustManager;
import org.opends.admin.ads.util.ConnectionUtils;
import org.opends.server.loggers.debug.DebugLogger;
import org.opends.server.loggers.debug.DebugTracer;
import org.opends.server.messages.AdminMessages;
import org.opends.server.messages.MessageHandler;
import org.opends.server.messages.ToolMessages;
import org.opends.server.tools.ToolConstants;
import org.opends.server.types.DebugLogLevel;
import org.opends.server.types.LDAPURL;
import org.opends.server.util.PasswordReader;
import org.opends.server.util.SelectableCertificateKeyManager;
import org.opends.server.util.ServerConstants;
import org.opends.server.util.StaticUtils;
import org.opends.server.util.args.Argument;
import org.opends.server.util.args.ArgumentException;
import org.opends.server.util.args.BooleanArgument;
import org.opends.server.util.args.FileBasedArgument;
import org.opends.server.util.args.IntegerArgument;
import org.opends.server.util.args.StringArgument;
import org.opends.server.util.args.SubCommand;
import org.opends.server.util.args.SubCommandArgumentParser;

/* loaded from: input_file:org/opends/server/admin/client/cli/DsFrameworkCliParser.class */
public class DsFrameworkCliParser extends SubCommandArgumentParser {
    private String EOL;
    private BooleanArgument showUsageArg;
    private BooleanArgument useSSLArg;
    private BooleanArgument startTLSArg;
    private StringArgument hostNameArg;
    private IntegerArgument portArg;
    private StringArgument bindDnArg;
    private FileBasedArgument bindPasswordFileArg;
    private StringArgument bindPasswordArg;
    private BooleanArgument verboseArg;
    private BooleanArgument trustAllArg;
    private StringArgument trustStorePathArg;
    private StringArgument trustStorePasswordArg;
    private FileBasedArgument trustStorePasswordFileArg;
    private StringArgument keyStorePathArg;
    private StringArgument keyStorePasswordArg;
    private FileBasedArgument keyStorePasswordFileArg;
    private StringArgument certNicknameArg;
    public HashSet<DsFrameworkCliSubCommandGroup> cliGroup;
    private static final DebugTracer TRACER = DebugLogger.getTracer();
    private static final Logger LOG = Logger.getLogger(DsFrameworkCliParser.class.getName());

    public DsFrameworkCliParser(String str, String str2, boolean z) {
        super(str, str2, z);
        this.EOL = System.getProperty("line.separator");
        this.showUsageArg = null;
        this.useSSLArg = null;
        this.startTLSArg = null;
        this.hostNameArg = null;
        this.portArg = null;
        this.bindDnArg = null;
        this.bindPasswordFileArg = null;
        this.bindPasswordArg = null;
        this.verboseArg = null;
        this.trustAllArg = null;
        this.trustStorePathArg = null;
        this.trustStorePasswordArg = null;
        this.trustStorePasswordFileArg = null;
        this.keyStorePathArg = null;
        this.keyStorePasswordArg = null;
        this.keyStorePasswordFileArg = null;
        this.certNicknameArg = null;
        this.cliGroup = new HashSet<>();
    }

    public void initializeParser(OutputStream outputStream) throws ArgumentException {
        initializeGlobalOption(outputStream);
        this.cliGroup.add(new DsFrameworkCliAds());
        this.cliGroup.add(new DsFrameworkCliServerGroup());
        this.cliGroup.add(new DsFrameworkCliServer());
        this.cliGroup.add(new DsFrameworkCliGlobalAdmin());
        Comparator<SubCommand> comparator = new Comparator<SubCommand>() { // from class: org.opends.server.admin.client.cli.DsFrameworkCliParser.1
            @Override // java.util.Comparator
            public int compare(SubCommand subCommand, SubCommand subCommand2) {
                return subCommand.getName().compareTo(subCommand2.getName());
            }
        };
        TreeSet treeSet = new TreeSet(comparator);
        Iterator<DsFrameworkCliSubCommandGroup> it = this.cliGroup.iterator();
        while (it.hasNext()) {
            DsFrameworkCliSubCommandGroup next = it.next();
            next.initializeCliGroup(this, this.verboseArg);
            Set<SubCommand> subCommands = next.getSubCommands();
            treeSet.addAll(subCommands);
            String groupName = next.getGroupName();
            String str = "help-" + groupName;
            Argument booleanArgument = new BooleanArgument(str, null, str, ToolMessages.MSGID_DSCFG_DESCRIPTION_SHOW_GROUP_USAGE, groupName);
            addGlobalArgument(booleanArgument);
            booleanArgument.setHidden(next.isHidden());
            TreeSet treeSet2 = new TreeSet(comparator);
            treeSet2.addAll(subCommands);
            setUsageGroupArgument(booleanArgument, treeSet2);
        }
        Argument booleanArgument2 = new BooleanArgument("help-all", null, "help-all", ToolMessages.MSGID_DSCFG_DESCRIPTION_SHOW_GROUP_USAGE_ALL, new Object[0]);
        addGlobalArgument(booleanArgument2);
        setUsageGroupArgument(booleanArgument2, treeSet);
    }

    private void initializeGlobalOption(OutputStream outputStream) throws ArgumentException {
        this.showUsageArg = new BooleanArgument("showUsage", 'H', ToolConstants.OPTION_LONG_HELP, ToolMessages.MSGID_DESCRIPTION_SHOWUSAGE, new Object[0]);
        addGlobalArgument(this.showUsageArg);
        setUsageArgument(this.showUsageArg, outputStream);
        this.useSSLArg = new BooleanArgument(ToolConstants.OPTION_LONG_USE_SSL, 'Z', ToolConstants.OPTION_LONG_USE_SSL, ToolMessages.MSGID_DESCRIPTION_USE_SSL, new Object[0]);
        addGlobalArgument(this.useSSLArg);
        this.startTLSArg = new BooleanArgument("startTLS", 'q', ToolConstants.OPTION_LONG_START_TLS, ToolMessages.MSGID_DESCRIPTION_START_TLS, new Object[0]);
        addGlobalArgument(this.startTLSArg);
        this.hostNameArg = new StringArgument("host", 'h', ToolConstants.OPTION_LONG_HOST, false, false, true, ToolConstants.OPTION_VALUE_HOST, "localhost", null, ToolMessages.MSGID_DESCRIPTION_HOST, new Object[0]);
        addGlobalArgument(this.hostNameArg);
        this.portArg = new IntegerArgument(ToolConstants.OPTION_LONG_PORT, 'p', ToolConstants.OPTION_LONG_PORT, false, false, true, ToolConstants.OPTION_VALUE_PORT, LDAPURL.DEFAULT_PORT, null, ToolMessages.MSGID_DESCRIPTION_PORT, new Object[0]);
        addGlobalArgument(this.portArg);
        this.bindDnArg = new StringArgument("bindDN", 'D', "bindDN", false, false, true, ToolConstants.OPTION_VALUE_BINDDN, "cn=Directory Manager", null, ToolMessages.MSGID_DESCRIPTION_BINDDN, new Object[0]);
        addGlobalArgument(this.bindDnArg);
        this.bindPasswordArg = new StringArgument(ToolConstants.OPTION_LONG_BINDPWD, 'w', ToolConstants.OPTION_LONG_BINDPWD, false, false, true, ToolConstants.OPTION_VALUE_BINDPWD, null, null, ToolMessages.MSGID_DESCRIPTION_BINDPASSWORD, new Object[0]);
        addGlobalArgument(this.bindPasswordArg);
        this.bindPasswordFileArg = new FileBasedArgument(ToolConstants.OPTION_LONG_BINDPWD_FILE, 'j', ToolConstants.OPTION_LONG_BINDPWD_FILE, false, false, ToolConstants.OPTION_VALUE_BINDPWD_FILE, null, null, ToolMessages.MSGID_DESCRIPTION_BINDPASSWORDFILE, new Object[0]);
        addGlobalArgument(this.bindPasswordFileArg);
        this.trustAllArg = new BooleanArgument("trustAll", 'X', "trustAll", ToolMessages.MSGID_DESCRIPTION_TRUSTALL, new Object[0]);
        addGlobalArgument(this.trustAllArg);
        this.trustStorePathArg = new StringArgument(ToolConstants.OPTION_LONG_TRUSTSTOREPATH, 'P', ToolConstants.OPTION_LONG_TRUSTSTOREPATH, false, false, true, ToolConstants.OPTION_VALUE_TRUSTSTOREPATH, null, null, ToolMessages.MSGID_DESCRIPTION_TRUSTSTOREPATH, new Object[0]);
        addGlobalArgument(this.trustStorePathArg);
        this.trustStorePasswordArg = new StringArgument(ToolConstants.OPTION_LONG_TRUSTSTORE_PWD, null, ToolConstants.OPTION_LONG_TRUSTSTORE_PWD, false, false, true, ToolConstants.OPTION_VALUE_TRUSTSTORE_PWD, null, null, ToolMessages.MSGID_DESCRIPTION_TRUSTSTOREPASSWORD, new Object[0]);
        addGlobalArgument(this.trustStorePasswordArg);
        this.trustStorePasswordFileArg = new FileBasedArgument("truststorepasswordfile", 'U', ToolConstants.OPTION_LONG_TRUSTSTORE_PWD_FILE, false, false, "{path}", null, null, ToolMessages.MSGID_DESCRIPTION_TRUSTSTOREPASSWORD_FILE, new Object[0]);
        addGlobalArgument(this.trustStorePasswordFileArg);
        this.keyStorePathArg = new StringArgument(ToolConstants.OPTION_LONG_KEYSTOREPATH, 'K', ToolConstants.OPTION_LONG_KEYSTOREPATH, false, false, true, ToolConstants.OPTION_VALUE_KEYSTOREPATH, null, null, ToolMessages.MSGID_DESCRIPTION_KEYSTOREPATH, new Object[0]);
        addGlobalArgument(this.keyStorePathArg);
        this.keyStorePasswordArg = new StringArgument(ToolConstants.OPTION_LONG_KEYSTORE_PWD, null, ToolConstants.OPTION_LONG_KEYSTORE_PWD, false, false, true, ToolConstants.OPTION_VALUE_KEYSTORE_PWD, null, null, ToolMessages.MSGID_DESCRIPTION_KEYSTOREPASSWORD, new Object[0]);
        addGlobalArgument(this.keyStorePasswordArg);
        this.keyStorePasswordFileArg = new FileBasedArgument("keystorepasswordfile", 'u', ToolConstants.OPTION_LONG_KEYSTORE_PWD_FILE, false, false, "{path}", null, null, ToolMessages.MSGID_DESCRIPTION_KEYSTOREPASSWORD_FILE, new Object[0]);
        addGlobalArgument(this.keyStorePasswordFileArg);
        this.certNicknameArg = new StringArgument("certnickname", 'N', "certNickname", false, false, true, "{nickname}", null, null, ToolMessages.MSGID_DESCRIPTION_CERT_NICKNAME, new Object[0]);
        addGlobalArgument(this.certNicknameArg);
        this.verboseArg = new BooleanArgument("verbose", 'v', "verbose", ToolMessages.MSGID_DESCRIPTION_VERBOSE, new Object[0]);
        addGlobalArgument(this.verboseArg);
    }

    public String getHostName() {
        return this.hostNameArg.isPresent() ? this.hostNameArg.getValue() : this.hostNameArg.getDefaultValue();
    }

    public String getPort() {
        return this.portArg.isPresent() ? this.portArg.getValue() : this.portArg.getDefaultValue();
    }

    public String getBindDN() {
        return this.bindDnArg.isPresent() ? this.bindDnArg.getValue() : this.bindDnArg.getDefaultValue();
    }

    public String getBindPassword(String str, OutputStream outputStream, OutputStream outputStream2) {
        if (!this.bindPasswordArg.isPresent()) {
            if (this.bindPasswordFileArg.isPresent()) {
                return this.bindPasswordFileArg.getValue();
            }
            try {
                outputStream.write(MessageHandler.getMessage(ToolMessages.MSGID_LDAPAUTH_PASSWORD_PROMPT, str).getBytes());
                return new String(PasswordReader.readPassword());
            } catch (Exception e) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e);
                }
                try {
                    outputStream2.write(StaticUtils.wrapText(e.getMessage(), ServerConstants.MAX_LINE_WIDTH).getBytes());
                    outputStream2.write(this.EOL.getBytes());
                    return null;
                } catch (IOException e2) {
                    return null;
                }
            }
        }
        String value = this.bindPasswordArg.getValue();
        if (value != null && value.equals("-")) {
            try {
                outputStream.write(MessageHandler.getMessage(ToolMessages.MSGID_LDAPAUTH_PASSWORD_PROMPT, str).getBytes());
                value = new String(PasswordReader.readPassword());
            } catch (Exception e3) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e3);
                }
                try {
                    outputStream2.write(StaticUtils.wrapText(e3.getMessage(), ServerConstants.MAX_LINE_WIDTH).getBytes());
                    outputStream2.write(this.EOL.getBytes());
                    return null;
                } catch (IOException e4) {
                    return null;
                }
            }
        }
        return value;
    }

    public DsFrameworkCliReturnCode performSubCommand(OutputStream outputStream, OutputStream outputStream2) throws ADSContextException, ArgumentException {
        SubCommand subCommand = getSubCommand();
        Iterator<DsFrameworkCliSubCommandGroup> it = this.cliGroup.iterator();
        while (it.hasNext()) {
            DsFrameworkCliSubCommandGroup next = it.next();
            if (next.isSubCommand(subCommand)) {
                return next.performSubCommand(subCommand, outputStream, outputStream2);
            }
        }
        return DsFrameworkCliReturnCode.ERROR_UNEXPECTED;
    }

    public boolean isVerbose() {
        return this.verboseArg.isPresent();
    }

    public boolean useSSL() {
        return this.useSSLArg.isPresent();
    }

    public boolean startTLS() {
        return this.startTLSArg.isPresent();
    }

    public ApplicationTrustManager getTrustManager() {
        KeyStore keyStore = null;
        if (this.trustAllArg.isPresent()) {
            return null;
        }
        if (this.trustStorePathArg.isPresent()) {
            try {
                FileInputStream fileInputStream = new FileInputStream(this.trustStorePathArg.getValue());
                String str = null;
                char[] cArr = null;
                if (this.trustStorePasswordArg.isPresent()) {
                    str = this.trustStorePasswordArg.getValue();
                } else if (this.trustStorePasswordFileArg.isPresent()) {
                    str = this.trustStorePasswordFileArg.getValue();
                }
                if (str != null) {
                    str = System.getProperty("javax.net.ssl.trustStorePassword");
                }
                if (str != null) {
                    cArr = str.toCharArray();
                }
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(fileInputStream, cArr);
                fileInputStream.close();
            } catch (IOException e) {
                LOG.log(Level.WARNING, "Error with the truststore", (Throwable) e);
            } catch (KeyStoreException e2) {
                LOG.log(Level.WARNING, "Error with the truststore", (Throwable) e2);
            } catch (NoSuchAlgorithmException e3) {
                LOG.log(Level.WARNING, "Error with the truststore", (Throwable) e3);
            } catch (CertificateException e4) {
                LOG.log(Level.WARNING, "Error with the truststore", (Throwable) e4);
            }
        }
        return new ApplicationTrustManager(keyStore);
    }

    public KeyManager getKeyManager() {
        KeyStore keyStore = null;
        String str = null;
        char[] cArr = null;
        if (!this.keyStorePathArg.isPresent()) {
            return null;
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(this.keyStorePathArg.getValue());
            if (this.keyStorePasswordArg.isPresent()) {
                str = this.keyStorePasswordArg.getValue();
            } else if (this.keyStorePasswordFileArg.isPresent()) {
                str = this.keyStorePasswordFileArg.getValue();
            }
            if (str != null) {
                cArr = str.toCharArray();
            }
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(fileInputStream, cArr);
            fileInputStream.close();
        } catch (IOException e) {
            LOG.log(Level.WARNING, "Error with the keystore", (Throwable) e);
        } catch (KeyStoreException e2) {
            LOG.log(Level.WARNING, "Error with the keystore", (Throwable) e2);
        } catch (NoSuchAlgorithmException e3) {
            LOG.log(Level.WARNING, "Error with the keystore", (Throwable) e3);
        } catch (CertificateException e4) {
            LOG.log(Level.WARNING, "Error with the keystore", (Throwable) e4);
        }
        char[] cArr2 = null;
        if (str != null) {
            cArr2 = str.toCharArray();
        }
        ApplicationKeyManager applicationKeyManager = new ApplicationKeyManager(keyStore, cArr2);
        return this.certNicknameArg.isPresent() ? new SelectableCertificateKeyManager(applicationKeyManager, this.certNicknameArg.getValue()) : applicationKeyManager;
    }

    public int validateGlobalOption(PrintStream printStream) {
        if (this.bindPasswordArg.isPresent() && this.bindPasswordFileArg.isPresent()) {
            printStream.println(StaticUtils.wrapText(MessageHandler.getMessage(ToolMessages.MSGID_TOOL_CONFLICTING_ARGS, this.bindPasswordArg.getLongIdentifier(), this.bindPasswordFileArg.getLongIdentifier()), ServerConstants.MAX_LINE_WIDTH));
            return DsFrameworkCliReturnCode.CONFLICTING_ARGS.getReturnCode();
        }
        if (this.trustAllArg.isPresent() && this.trustStorePathArg.isPresent()) {
            printStream.println(StaticUtils.wrapText(MessageHandler.getMessage(ToolMessages.MSGID_TOOL_CONFLICTING_ARGS, this.trustAllArg.getLongIdentifier(), this.trustStorePathArg.getLongIdentifier()), ServerConstants.MAX_LINE_WIDTH));
            return DsFrameworkCliReturnCode.CONFLICTING_ARGS.getReturnCode();
        }
        if (this.trustAllArg.isPresent() && this.trustStorePasswordArg.isPresent()) {
            printStream.println(StaticUtils.wrapText(MessageHandler.getMessage(ToolMessages.MSGID_TOOL_CONFLICTING_ARGS, this.trustAllArg.getLongIdentifier(), this.trustStorePasswordArg.getLongIdentifier()), ServerConstants.MAX_LINE_WIDTH));
            return DsFrameworkCliReturnCode.CONFLICTING_ARGS.getReturnCode();
        }
        if (this.trustAllArg.isPresent() && this.trustStorePasswordFileArg.isPresent()) {
            printStream.println(StaticUtils.wrapText(MessageHandler.getMessage(ToolMessages.MSGID_TOOL_CONFLICTING_ARGS, this.trustAllArg.getLongIdentifier(), this.trustStorePasswordFileArg.getLongIdentifier()), ServerConstants.MAX_LINE_WIDTH));
            return DsFrameworkCliReturnCode.CONFLICTING_ARGS.getReturnCode();
        }
        if (this.trustStorePasswordArg.isPresent() && this.trustStorePasswordFileArg.isPresent()) {
            printStream.println(StaticUtils.wrapText(MessageHandler.getMessage(ToolMessages.MSGID_TOOL_CONFLICTING_ARGS, this.trustStorePasswordArg.getLongIdentifier(), this.trustStorePasswordFileArg.getLongIdentifier()), ServerConstants.MAX_LINE_WIDTH));
            return DsFrameworkCliReturnCode.CONFLICTING_ARGS.getReturnCode();
        }
        if (!this.startTLSArg.isPresent() || !this.useSSLArg.isPresent()) {
            return DsFrameworkCliReturnCode.SUCCESSFUL_NOP.getReturnCode();
        }
        printStream.println(StaticUtils.wrapText(MessageHandler.getMessage(ToolMessages.MSGID_TOOL_CONFLICTING_ARGS, this.startTLSArg.getLongIdentifier(), this.useSSLArg.getLongIdentifier()), ServerConstants.MAX_LINE_WIDTH));
        return DsFrameworkCliReturnCode.CONFLICTING_ARGS.getReturnCode();
    }

    public InitialLdapContext getContext(OutputStream outputStream, OutputStream outputStream2) {
        InitialLdapContext createLdapContext;
        String hostName = getHostName();
        String port = getPort();
        String bindDN = getBindDN();
        String bindPassword = getBindPassword(bindDN, outputStream, outputStream2);
        if (useSSL()) {
            try {
                createLdapContext = ConnectionUtils.createLdapsContext("ldaps://" + hostName + ":" + port, bindDN, bindPassword, ConnectionUtils.getDefaultLDAPTimeout(), (Hashtable) null, getTrustManager(), getKeyManager());
            } catch (NamingException e) {
                try {
                    outputStream2.write(StaticUtils.wrapText(MessageHandler.getMessage(AdminMessages.MSGID_ADMIN_CANNOT_CONNECT_TO_ADS, hostName), ServerConstants.MAX_LINE_WIDTH).getBytes());
                    outputStream2.write(this.EOL.getBytes());
                    return null;
                } catch (IOException e2) {
                    return null;
                }
            }
        } else if (startTLS()) {
            try {
                createLdapContext = ConnectionUtils.createStartTLSContext("ldap://" + hostName + ":" + port, bindDN, bindPassword, ConnectionUtils.getDefaultLDAPTimeout(), (Hashtable) null, getTrustManager(), getKeyManager(), (HostnameVerifier) null);
            } catch (NamingException e3) {
                try {
                    outputStream2.write(StaticUtils.wrapText(MessageHandler.getMessage(AdminMessages.MSGID_ADMIN_CANNOT_CONNECT_TO_ADS, hostName), ServerConstants.MAX_LINE_WIDTH).getBytes());
                    outputStream2.write(this.EOL.getBytes());
                    return null;
                } catch (IOException e4) {
                    return null;
                }
            }
        } else {
            try {
                createLdapContext = ConnectionUtils.createLdapContext("ldap://" + hostName + ":" + port, bindDN, bindPassword, ConnectionUtils.getDefaultLDAPTimeout(), (Hashtable) null);
            } catch (NamingException e5) {
                try {
                    outputStream2.write(StaticUtils.wrapText(MessageHandler.getMessage(AdminMessages.MSGID_ADMIN_CANNOT_CONNECT_TO_ADS, hostName), ServerConstants.MAX_LINE_WIDTH).getBytes());
                    outputStream2.write(this.EOL.getBytes());
                    return null;
                } catch (IOException e6) {
                    return null;
                }
            }
        }
        return createLdapContext;
    }
}
