package org.jboss.as.cli.impl.aesh.cmd.security.ssl;

import java.io.File;
import java.io.IOException;
import org.aesh.command.Command;
import org.aesh.command.CommandDefinition;
import org.aesh.command.CommandException;
import org.aesh.command.CommandResult;
import org.aesh.command.impl.completer.FileOptionCompleter;
import org.aesh.command.option.Option;
import org.jboss.as.cli.CommandContext;
import org.jboss.as.cli.CommandFormatException;
import org.jboss.as.cli.impl.aesh.cmd.RelativeFile;
import org.jboss.as.cli.impl.aesh.cmd.RelativeFilePathConverter;
import org.jboss.as.cli.impl.aesh.cmd.security.SecurityCommand;
import org.jboss.as.cli.impl.aesh.cmd.security.model.ElytronUtil;
import org.jboss.as.cli.impl.aesh.cmd.security.model.InteractiveSecurityBuilder;
import org.jboss.as.cli.impl.aesh.cmd.security.model.KeyStoreNameSecurityBuilder;
import org.jboss.as.cli.impl.aesh.cmd.security.model.KeyStorePathSecurityBuilder;
import org.jboss.as.cli.impl.aesh.cmd.security.model.SSLSecurityBuilder;
import org.jboss.as.cli.impl.aesh.cmd.security.ssl.OptionActivators;
import org.jboss.as.cli.operation.OperationFormatException;
import org.jboss.dmr.ModelNode;
import org.wildfly.core.cli.command.DMRCommand;
import org.wildfly.core.cli.command.aesh.CLICommandInvocation;
import org.wildfly.core.cli.command.aesh.activator.DependOptionActivator;

@CommandDefinition(name = "abstract-ssl-enable", description = DependOptionActivator.ARGUMENT_NAME)
/* loaded from: input_file:org/jboss/as/cli/impl/aesh/cmd/security/ssl/AbstractEnableSSLCommand.class */
public abstract class AbstractEnableSSLCommand implements Command<CLICommandInvocation>, DMRCommand {

    @Option(name = SecurityCommand.OPT_KEY_STORE_NAME, completer = SecurityCommand.OptionCompleters.KeyStoreNameCompleter.class, activator = OptionActivators.KeyStoreNameActivator.class)
    String keystoreName;

    @Option(name = SecurityCommand.OPT_KEY_STORE_PATH, activator = OptionActivators.KeyStorePathActivator.class, converter = RelativeFilePathConverter.class, completer = FileOptionCompleter.class)
    RelativeFile keystorePath;

    @Option(name = SecurityCommand.OPT_KEY_STORE_PATH_RELATIVE_TO, activator = OptionActivators.KeyStorePathDependentActivator.class)
    String keystorePathRelativeTo;

    @Option(name = SecurityCommand.OPT_KEY_STORE_PASSWORD, activator = OptionActivators.KeyStorePathDependentActivator.class)
    String keystorePassword;

    @Option(name = SecurityCommand.OPT_TRUSTED_CERTIFICATE_PATH, activator = OptionActivators.TrustedCertificateActivator.class)
    File trustedCertificatePath;

    @Option(name = SecurityCommand.OPT_NO_TRUSTED_CERTIFICATE_VALIDATION, activator = OptionActivators.ValidateTrustedCertificateActivator.class, hasValue = false)
    boolean noTrustedCertificateValidation;

    @Option(name = SecurityCommand.OPT_TRUST_STORE_NAME, completer = SecurityCommand.OptionCompleters.KeyStoreNameCompleter.class, activator = OptionActivators.TrustStoreNameActivator.class)
    String trustStoreName;

    @Option(name = SecurityCommand.OPT_TRUST_STORE_FILE_NAME, activator = OptionActivators.TrustStoreFileNameActivator.class)
    String trustStoreFileName;

    @Option(name = SecurityCommand.OPT_NEW_TRUST_STORE_NAME, activator = OptionActivators.NewTrustStoreNameActivator.class)
    String newTrustStoreName;

    @Option(name = SecurityCommand.OPT_NEW_TRUST_MANAGER_NAME, activator = OptionActivators.NewTrustManagerNameActivator.class)
    String newTrustManagerName;

    @Option(name = SecurityCommand.OPT_TRUST_STORE_FILE_PASSWORD, activator = OptionActivators.TrustStoreFilePasswordActivator.class)
    String trustStoreFilePassword;

    @Option(name = SecurityCommand.OPT_KEY_STORE_TYPE, activator = OptionActivators.KeyStorePathDependentActivator.class, completer = SecurityCommand.OptionCompleters.KeyStoreTypeCompleter.class)
    String keyStoreType;

    @Option(name = SecurityCommand.OPT_NEW_KEY_MANAGER_NAME, activator = OptionActivators.NewKeyManagerNameActivator.class)
    String newKeyManagerName;

    @Option(name = SecurityCommand.OPT_NEW_SSL_CONTEXT_NAME, activator = OptionActivators.NewSSLContextNameActivator.class)
    String newSslContextName;

    @Option(name = SecurityCommand.OPT_NEW_KEY_STORE_NAME, activator = OptionActivators.NewKeyStoreNameActivator.class)
    String newKeystoreName;

    @Option(name = SecurityCommand.OPT_NO_RELOAD, hasValue = false, activator = OptionActivators.NoReloadActivator.class)
    boolean noReload;

    @Option(name = SecurityCommand.OPT_INTERACTIVE, hasValue = false, activator = OptionActivators.InteractiveActivator.class)
    boolean interactive;
    private final CommandContext initCtx;

    protected abstract void secure(CommandContext commandContext, SSLSecurityBuilder sSLSecurityBuilder) throws CommandException;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractEnableSSLCommand(CommandContext commandContext) {
        this.initCtx = commandContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CommandContext getCommandContext() {
        return this.initCtx;
    }

    @Override // org.wildfly.core.cli.command.DMRCommand
    public ModelNode buildRequest(CommandContext commandContext) throws CommandFormatException {
        try {
            return buildSecurityRequest(commandContext, null).buildExecutableRequest(commandContext);
        } catch (Exception e) {
            throw new CommandFormatException(e.getLocalizedMessage() == null ? e.toString() : e.getLocalizedMessage());
        }
    }

    private SSLSecurityBuilder buildSecurityRequest(CommandContext commandContext, CLICommandInvocation cLICommandInvocation) throws Exception {
        SSLSecurityBuilder validateOptions = validateOptions(commandContext);
        if (validateOptions instanceof InteractiveSecurityBuilder) {
            ((InteractiveSecurityBuilder) validateOptions).setCommandInvocation(cLICommandInvocation);
        }
        validateOptions.buildRequest(commandContext, cLICommandInvocation == null);
        secure(commandContext, validateOptions);
        return validateOptions;
    }

    protected abstract boolean isSSLEnabled(CommandContext commandContext) throws Exception;

    protected abstract String getTarget(CommandContext commandContext);

    public CommandResult execute(CLICommandInvocation cLICommandInvocation) throws CommandException, InterruptedException {
        CommandContext commandContext = cLICommandInvocation.getCommandContext();
        String target = getTarget(commandContext);
        try {
            if (isSSLEnabled(commandContext)) {
                throw new CommandException("SSL is already enabled for " + target);
            }
            try {
                SSLSecurityBuilder buildSecurityRequest = buildSecurityRequest(commandContext, cLICommandInvocation);
                try {
                    SecurityCommand.execute(commandContext, buildSecurityRequest.buildExecutableRequest(commandContext), buildSecurityRequest, this.noReload);
                    cLICommandInvocation.getCommandContext().printLine("SSL enabled for " + target);
                    cLICommandInvocation.getCommandContext().printLine("ssl-context is " + buildSecurityRequest.getServerSSLContext().getName());
                    cLICommandInvocation.getCommandContext().printLine("key-manager is " + buildSecurityRequest.getServerSSLContext().getKeyManager().getName());
                    cLICommandInvocation.getCommandContext().printLine("key-store   is " + buildSecurityRequest.getServerSSLContext().getKeyManager().getKeyStore().getName());
                    return CommandResult.SUCCESS;
                } catch (Exception e) {
                    if (e instanceof CommandException) {
                        throw e;
                    }
                    throw new CommandException(e.getLocalizedMessage());
                }
            } catch (Exception e2) {
                throw new CommandException(e2.getLocalizedMessage());
            }
        } catch (Exception e3) {
            throw new CommandException(e3.getLocalizedMessage(), e3);
        }
    }

    abstract String getDefaultKeyStoreFileName(CommandContext commandContext);

    abstract String getDefaultTrustStoreFileName(CommandContext commandContext);

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v71, types: [java.io.File] */
    private SSLSecurityBuilder validateOptions(CommandContext commandContext) throws CommandException, IOException, OperationFormatException {
        RelativeFile relativeFile;
        if (this.keystoreName == null && this.keystorePath == null && !this.interactive) {
            throw new CommandException("One of " + SecurityCommand.formatOption(SecurityCommand.OPT_INTERACTIVE) + ", " + SecurityCommand.formatOption(SecurityCommand.OPT_KEY_STORE_NAME) + ", " + SecurityCommand.formatOption(SecurityCommand.OPT_KEY_STORE_PATH) + " must be set");
        }
        SSLSecurityBuilder sSLSecurityBuilder = null;
        if (this.keystorePath != null) {
            if (this.keystoreName != null) {
                throw new CommandException(SecurityCommand.formatOption(SecurityCommand.OPT_KEY_STORE_NAME) + " can't be used with " + SecurityCommand.formatOption(SecurityCommand.OPT_KEY_STORE_PATH));
            }
            if (this.keystorePathRelativeTo != null) {
                relativeFile = new File(this.keystorePath.getOriginalPath());
            } else {
                relativeFile = this.keystorePath;
                if (!relativeFile.exists()) {
                    throw new CommandException("File " + relativeFile + " doesn't exist.");
                }
            }
            KeyStorePathSecurityBuilder keyStorePathSecurityBuilder = new KeyStorePathSecurityBuilder(relativeFile, this.keystorePassword);
            keyStorePathSecurityBuilder.setRelativeTo(this.keystorePathRelativeTo).setType(this.keyStoreType).setName(this.newKeystoreName);
            sSLSecurityBuilder = keyStorePathSecurityBuilder;
        }
        if (this.keystoreName != null) {
            if (sSLSecurityBuilder != null) {
                invalidUseCase();
            }
            if (this.newKeystoreName != null || this.keystorePassword != null || this.keyStoreType != null || this.keystorePathRelativeTo != null || this.keystorePath != null) {
                throw new CommandException("key-store file related options can't be used with " + SecurityCommand.formatOption(SecurityCommand.OPT_KEY_STORE_NAME));
            }
            if (!ElytronUtil.keyStoreExists(commandContext, this.keystoreName)) {
                throw new CommandException("key-store " + this.keystoreName + " doesn't exist");
            }
            sSLSecurityBuilder = new KeyStoreNameSecurityBuilder(this.keystoreName);
        }
        if (this.interactive) {
            if (sSLSecurityBuilder != null) {
                invalidUseCase();
            }
            checkKeyStoreOperationsSupported(commandContext, SecurityCommand.OPT_INTERACTIVE);
            sSLSecurityBuilder = new InteractiveSecurityBuilder(getDefaultKeyStoreFileName(commandContext), getDefaultTrustStoreFileName(commandContext));
        }
        if (this.trustedCertificatePath != null) {
            checkKeyStoreOperationsSupported(commandContext, SecurityCommand.OPT_TRUSTED_CERTIFICATE_PATH);
            if (!this.trustedCertificatePath.exists()) {
                throw new CommandException("The client certificate path " + this.trustedCertificatePath + " doesn't exist");
            }
            if (this.trustStoreName != null) {
                throw new CommandException(SecurityCommand.formatOption(SecurityCommand.OPT_TRUST_STORE_NAME) + " can't be used when " + SecurityCommand.formatOption(SecurityCommand.OPT_TRUSTED_CERTIFICATE_PATH) + " is in use");
            }
        }
        if (this.trustStoreName != null && !ElytronUtil.keyStoreExists(commandContext, this.trustStoreName)) {
            throw new CommandException("key-store " + this.trustStoreName + " doesn't exist");
        }
        if (sSLSecurityBuilder != null) {
            sSLSecurityBuilder.setTrustedCertificatePath(this.trustedCertificatePath);
            sSLSecurityBuilder.setValidateCertificate(!this.noTrustedCertificateValidation);
            sSLSecurityBuilder.setTrustStoreFileName(this.trustStoreFileName);
            sSLSecurityBuilder.setTrustStoreFilePassword(this.trustStoreFilePassword);
            sSLSecurityBuilder.setTrustStoreName(this.trustStoreName);
            sSLSecurityBuilder.setNewTrustStoreName(this.newTrustStoreName);
            sSLSecurityBuilder.setNewTrustManagerName(this.newTrustManagerName);
            sSLSecurityBuilder.setKeyManagerName(this.newKeyManagerName);
            sSLSecurityBuilder.setSSLContextName(this.newSslContextName);
        }
        return sSLSecurityBuilder;
    }

    private static void checkKeyStoreOperationsSupported(CommandContext commandContext, String str) throws IOException, OperationFormatException, CommandException {
        if (!ElytronUtil.isKeyStoreManagementSupported(commandContext)) {
            throw new CommandException("Operations to manage key-store are not available, the option " + SecurityCommand.formatOption(str) + " can't be used");
        }
    }

    private static void invalidUseCase() throws CommandException {
        throw new CommandException("Only one of " + SecurityCommand.formatOption(SecurityCommand.OPT_INTERACTIVE) + ", " + SecurityCommand.formatOption(SecurityCommand.OPT_KEY_STORE_NAME) + ", " + SecurityCommand.formatOption(SecurityCommand.OPT_KEY_STORE_PATH) + "must  be set");
    }
}
