package org.wildfly.extras.creaper.commands.security.realms;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.wildfly.extras.creaper.commands.foundation.offline.xml.GroovyXmlTransform;
import org.wildfly.extras.creaper.commands.foundation.offline.xml.Subtree;
import org.wildfly.extras.creaper.commands.security.realms.AbstractAddSecurityRealmSubElement;
import org.wildfly.extras.creaper.core.ServerVersion;
import org.wildfly.extras.creaper.core.offline.OfflineCommand;
import org.wildfly.extras.creaper.core.offline.OfflineCommandContext;
import org.wildfly.extras.creaper.core.offline.OfflineManagementClient;
import org.wildfly.extras.creaper.core.online.OnlineCommandContext;
import org.wildfly.extras.creaper.core.online.operations.Address;
import org.wildfly.extras.creaper.core.online.operations.Operations;
import org.wildfly.extras.creaper.core.online.operations.Values;
import org.wildfly.extras.creaper.core.online.operations.admin.Administration;

/* loaded from: input_file:org/wildfly/extras/creaper/commands/security/realms/AddSslServerIdentity.class */
public class AddSslServerIdentity extends AbstractAddSecurityRealmSubElement {
    private final String keystorePassword;
    private final String alias;
    private final List<String> enabledCipherSuites;
    private final List<String> enabledProtocols;
    private final String keyPassword;
    private final String keystorePath;
    private final String keystoreProvider;
    private final String keystoreRelativeTo;
    private final String protocol;
    private final String generateSelfSignedCertHost;

    /* loaded from: input_file:org/wildfly/extras/creaper/commands/security/realms/AddSslServerIdentity$Builder.class */
    public static final class Builder extends AbstractAddSecurityRealmSubElement.Builder<Builder> {
        private String keystorePassword;
        private String alias;
        private List<String> enabledCipherSuites;
        private List<String> enabledProtocols;
        private String keyPassword;
        private String keystorePath;
        private String keystoreProvider;
        private String keystoreRelativeTo;
        private String protocol;
        private String generateSelfSignedCertHost;

        public Builder(String str) {
            super(str);
        }

        public Builder alias(String str) {
            this.alias = str;
            return this;
        }

        public Builder cipherSuitesToEnable(String... strArr) {
            if (this.enabledCipherSuites == null && strArr != null) {
                this.enabledCipherSuites = new ArrayList();
            }
            if (strArr != null) {
                this.enabledCipherSuites.addAll(Arrays.asList(strArr));
            }
            return this;
        }

        public Builder protocolsToEnable(String... strArr) {
            if (this.enabledProtocols == null && strArr != null) {
                this.enabledProtocols = new ArrayList();
            }
            if (strArr != null) {
                this.enabledProtocols.addAll(Arrays.asList(strArr));
            }
            return this;
        }

        public Builder keystorePassword(String str) {
            this.keystorePassword = str;
            return this;
        }

        public Builder keyPassword(String str) {
            this.keyPassword = str;
            return this;
        }

        public Builder keystorePath(String str) {
            this.keystorePath = str;
            return this;
        }

        public Builder keystoreProvider(String str) {
            this.keystoreProvider = str;
            return this;
        }

        public Builder keystoreRelativeTo(String str) {
            this.keystoreRelativeTo = str;
            return this;
        }

        public Builder protocol(String str) {
            this.protocol = str;
            return this;
        }

        public Builder generateSelfSignedCertHost(String str) {
            this.generateSelfSignedCertHost = str;
            return this;
        }

        @Override // org.wildfly.extras.creaper.commands.security.realms.AbstractAddSecurityRealmSubElement.Builder
        public AddSslServerIdentity build() {
            if (this.keystorePassword == null) {
                throw new IllegalArgumentException("keystorePassword is manadatory");
            }
            return new AddSslServerIdentity(this);
        }
    }

    public AddSslServerIdentity(Builder builder) {
        super(builder);
        this.keystorePassword = builder.keystorePassword;
        this.alias = builder.alias;
        this.enabledCipherSuites = builder.enabledCipherSuites;
        this.enabledProtocols = builder.enabledProtocols;
        this.keyPassword = builder.keyPassword;
        this.keystorePath = builder.keystorePath;
        this.keystoreProvider = builder.keystoreProvider;
        this.keystoreRelativeTo = builder.keystoreRelativeTo;
        this.protocol = builder.protocol;
        this.generateSelfSignedCertHost = builder.generateSelfSignedCertHost;
    }

    public final void apply(OfflineCommandContext offlineCommandContext) throws Exception {
        OfflineManagementClient offlineManagementClient = offlineCommandContext.client;
        OfflineCommand[] offlineCommandArr = new OfflineCommand[1];
        offlineCommandArr[0] = GroovyXmlTransform.of(AddSslServerIdentity.class).subtree("management", Subtree.management()).parameter("realmName", this.securityRealmName).parameter("alias", this.alias).parameter("enabledCipherSuites", this.enabledCipherSuites).parameter("enabledProtocols", this.enabledProtocols).parameter("keyPassword", this.keyPassword).parameter("keystorePassword", this.keystorePassword).parameter("keystorePath", this.keystorePath).parameter("keystoreProvider", this.keystoreProvider).parameter("keystoreRelativeTo", this.keystoreRelativeTo).parameter("protocol", this.protocol).parameter("replaceExisting", Boolean.valueOf(this.replaceExisting)).parameter("generateSelfSignedCertHost", offlineCommandContext.version.greaterThanOrEqualTo(ServerVersion.VERSION_4_2_0) ? this.generateSelfSignedCertHost : null).build();
        offlineManagementClient.apply(offlineCommandArr);
    }

    public final void apply(OnlineCommandContext onlineCommandContext) throws Exception {
        Address and = this.securityRealmAddress.and("server-identity", "ssl");
        Operations operations = new Operations(onlineCommandContext.client);
        if (this.replaceExisting) {
            if (operations.exists(and)) {
                operations.remove(and);
            }
            new Administration(onlineCommandContext.client).reloadIfRequired();
        }
        Values andOptional = Values.empty().andOptional("alias", this.alias).andListOptional(String.class, "enabled-cipher-suites", this.enabledCipherSuites).andListOptional(String.class, "enabled-protocols", this.enabledProtocols).andOptional("key-password", this.keyPassword).and("keystore-password", this.keystorePassword).andOptional("keystore-path", this.keystorePath).andOptional("keystore-provider", this.keystoreProvider).andOptional("keystore-relative-to", this.keystoreRelativeTo).andOptional("protocol", this.protocol);
        if (onlineCommandContext.version.greaterThanOrEqualTo(ServerVersion.VERSION_4_2_0)) {
            andOptional = andOptional.andOptional("generate-self-signed-certificate-host", this.generateSelfSignedCertHost);
        }
        operations.add(this.securityRealmAddress.and("server-identity", "ssl"), andOptional);
    }
}
