package org.jclouds.ec2.compute.functions;

import com.google.common.base.Preconditions;
import com.google.common.base.Predicate;
import com.google.common.cache.CacheLoader;
import com.google.common.collect.Iterables;
import javax.annotation.Resource;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.jclouds.compute.reference.ComputeServiceConstants;
import org.jclouds.ec2.EC2Client;
import org.jclouds.ec2.compute.domain.RegionAndName;
import org.jclouds.ec2.compute.domain.RegionNameAndIngressRules;
import org.jclouds.ec2.domain.IpProtocol;
import org.jclouds.ec2.domain.SecurityGroup;
import org.jclouds.ec2.domain.UserIdGroupPair;
import org.jclouds.ec2.services.SecurityGroupClient;
import org.jclouds.gogrid.reference.GoGridQueryParams;
import org.jclouds.logging.Logger;

/* JADX WARN: Classes with same name are omitted:
  input_file:ec2-1.3.1.jar:org/jclouds/ec2/compute/functions/CreateSecurityGroupIfNeeded.class
 */
@Singleton
/* loaded from: input_file:org/jclouds/ec2/compute/functions/CreateSecurityGroupIfNeeded.class */
public class CreateSecurityGroupIfNeeded extends CacheLoader<RegionAndName, String> {

    @Resource
    @Named(ComputeServiceConstants.COMPUTE_LOGGER)
    protected Logger logger;
    protected final SecurityGroupClient securityClient;
    protected final Predicate<RegionAndName> securityGroupEventualConsistencyDelay;

    @Inject
    public CreateSecurityGroupIfNeeded(EC2Client eC2Client, @Named("SECURITY") Predicate<RegionAndName> predicate) {
        this(((EC2Client) Preconditions.checkNotNull(eC2Client, "ec2Client")).getSecurityGroupServices(), predicate);
    }

    public CreateSecurityGroupIfNeeded(SecurityGroupClient securityGroupClient, @Named("SECURITY") Predicate<RegionAndName> predicate) {
        this.logger = Logger.NULL;
        this.securityClient = (SecurityGroupClient) Preconditions.checkNotNull(securityGroupClient, "securityClient");
        this.securityGroupEventualConsistencyDelay = (Predicate) Preconditions.checkNotNull(predicate, "securityGroupEventualConsistencyDelay");
    }

    @Override // com.google.common.cache.CacheLoader
    public String load(RegionAndName regionAndName) {
        createSecurityGroupInRegion(regionAndName.getRegion(), regionAndName.getName(), ((RegionNameAndIngressRules) RegionNameAndIngressRules.class.cast(regionAndName)).getPorts());
        return regionAndName.getName();
    }

    private void createSecurityGroupInRegion(String str, String str2, int... iArr) {
        Preconditions.checkNotNull(str, "region");
        Preconditions.checkNotNull(str2, GoGridQueryParams.NAME_KEY);
        this.logger.debug(">> creating securityGroup region(%s) name(%s)", str, str2);
        try {
            this.securityClient.createSecurityGroupInRegion(str, str2, str2);
            if (!this.securityGroupEventualConsistencyDelay.apply(new RegionAndName(str, str2))) {
                throw new RuntimeException(String.format("security group %s/%s is not available after creating", str, str2));
            }
            this.logger.debug("<< created securityGroup(%s)", str2);
            for (int i : iArr) {
                createIngressRuleForTCPPort(str, str2, i);
            }
            if (iArr.length > 0) {
                authorizeGroupToItself(str, str2);
            }
        } catch (IllegalStateException e) {
            this.logger.debug("<< reused securityGroup(%s)", str2);
        }
    }

    private void createIngressRuleForTCPPort(String str, String str2, int i) {
        this.logger.debug(">> authorizing securityGroup region(%s) name(%s) port(%s)", str, str2, Integer.valueOf(i));
        this.securityClient.authorizeSecurityGroupIngressInRegion(str, str2, IpProtocol.TCP, i, i, "0.0.0.0/0");
        this.logger.debug("<< authorized securityGroup(%s)", str2);
    }

    private void authorizeGroupToItself(String str, String str2) {
        this.logger.debug(">> authorizing securityGroup region(%s) name(%s) permission to itself", str, str2);
        this.securityClient.authorizeSecurityGroupIngressInRegion(str, str2, new UserIdGroupPair(((SecurityGroup) Iterables.get(this.securityClient.describeSecurityGroupsInRegion(str, str2), 0)).getOwnerId(), str2));
        this.logger.debug("<< authorized securityGroup(%s)", str2);
    }
}
