package org.logstash.secret.cli;

import java.util.Collections;
import java.util.EnumSet;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import org.logstash.ackedqueue.io.MmapPageIOV2;
import org.logstash.secret.SecretIdentifier;
import org.logstash.secret.store.SecretStore;
import org.logstash.secret.store.SecretStoreFactory;
import org.logstash.secret.store.SecretStoreUtil;
import org.logstash.secret.store.SecureConfig;

/* loaded from: input_file:org/logstash/secret/cli/SecretStoreCli.class */
public class SecretStoreCli {
    private final Terminal terminal;
    private final SecretStoreFactory secretStoreFactory;

    /* renamed from: org.logstash.secret.cli.SecretStoreCli$1, reason: invalid class name */
    /* loaded from: input_file:org/logstash/secret/cli/SecretStoreCli$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$logstash$secret$cli$SecretStoreCli$Command = new int[Command.values().length];

        static {
            try {
                $SwitchMap$org$logstash$secret$cli$SecretStoreCli$Command[Command.CREATE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$logstash$secret$cli$SecretStoreCli$Command[Command.LIST.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$logstash$secret$cli$SecretStoreCli$Command[Command.ADD.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$logstash$secret$cli$SecretStoreCli$Command[Command.REMOVE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$logstash$secret$cli$SecretStoreCli$Command[Command.HELP.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    /* loaded from: input_file:org/logstash/secret/cli/SecretStoreCli$Command.class */
    enum Command {
        CREATE("create"),
        LIST("list"),
        ADD("add"),
        REMOVE("remove"),
        HELP("--help");

        private final String option;

        Command(String str) {
            this.option = str;
        }

        static Optional<Command> fromString(String str) {
            return EnumSet.allOf(Command.class).stream().filter(command -> {
                return command.option.equals(str);
            }).findFirst();
        }
    }

    public SecretStoreCli(Terminal terminal) {
        this(terminal, SecretStoreFactory.fromEnvironment());
    }

    SecretStoreCli(Terminal terminal, SecretStoreFactory secretStoreFactory) {
        this.terminal = terminal;
        this.secretStoreFactory = secretStoreFactory;
    }

    public void command(String str, SecureConfig secureConfig, String str2) {
        this.terminal.writeLine("");
        Command orElse = Command.fromString(str).orElse(Command.HELP);
        boolean equals = Command.HELP.equals(Command.fromString(str2).orElse(null));
        switch (AnonymousClass1.$SwitchMap$org$logstash$secret$cli$SecretStoreCli$Command[orElse.ordinal()]) {
            case 1:
                if (equals) {
                    this.terminal.writeLine("Creates a new keystore. For example: 'bin/logstash-keystore create'");
                    return;
                }
                if (!this.secretStoreFactory.exists(secureConfig.m101clone())) {
                    create(secureConfig);
                    return;
                }
                this.terminal.write("An Logstash keystore already exists. Overwrite ? [y/N] ");
                if (isYes(this.terminal.readLine())) {
                    create(secureConfig);
                    return;
                }
                return;
            case MmapPageIOV2.VERSION_TWO /* 2 */:
                if (equals) {
                    this.terminal.writeLine("List all secret identifiers from the keystore. For example: `bin/logstash-keystore list`. Note - only the identifiers will be listed, not the secrets.");
                    return;
                }
                List list = (List) this.secretStoreFactory.load(secureConfig).list().stream().filter(secretIdentifier -> {
                    return !secretIdentifier.equals(SecretStoreFactory.LOGSTASH_MARKER);
                }).map(secretIdentifier2 -> {
                    return secretIdentifier2.getKey();
                }).collect(Collectors.toList());
                Collections.sort(list);
                Terminal terminal = this.terminal;
                terminal.getClass();
                list.forEach(terminal::writeLine);
                return;
            case 3:
                if (equals) {
                    this.terminal.writeLine("Adds a new secret to the keystore. For example: `bin/logstash-keystore add my-secret`, at the prompt enter your secret. You will use the identifier ${my-secret} in your Logstash configuration.");
                    return;
                }
                if (str2 == null || str2.isEmpty()) {
                    this.terminal.writeLine("ERROR: You must supply a identifier to add. (e.g. bin/logstash-keystore add my-secret)");
                    return;
                }
                if (!this.secretStoreFactory.exists(secureConfig.m101clone())) {
                    this.terminal.writeLine(String.format("ERROR: Logstash keystore not found. Use 'create' command to create one.", new Object[0]));
                    return;
                }
                SecretIdentifier secretIdentifier3 = new SecretIdentifier(str2);
                SecretStore load = this.secretStoreFactory.load(secureConfig);
                byte[] retrieveSecret = load.retrieveSecret(secretIdentifier3);
                if (retrieveSecret != null) {
                    SecretStoreUtil.clearBytes(retrieveSecret);
                    this.terminal.write(String.format("%s already exists. Overwrite ? [y/N] ", str2));
                    if (isYes(this.terminal.readLine())) {
                        this.terminal.write(String.format("Enter value for %s: ", str2));
                        add(load, secretIdentifier3, SecretStoreUtil.asciiCharToBytes(this.terminal.readSecret()));
                        return;
                    }
                    return;
                }
                this.terminal.write(String.format("Enter value for %s: ", str2));
                char[] readSecret = this.terminal.readSecret();
                if (readSecret == null || readSecret.length == 0) {
                    this.terminal.writeLine("ERROR: You must supply a identifier to add. (e.g. bin/logstash-keystore add my-secret)");
                    return;
                } else {
                    add(load, secretIdentifier3, SecretStoreUtil.asciiCharToBytes(readSecret));
                    return;
                }
            case 4:
                if (equals) {
                    this.terminal.writeLine("Removes a secret from the keystore. For example: `bin/logstash-keystore remove my-secret`");
                    return;
                }
                if (str2 == null || str2.isEmpty()) {
                    this.terminal.writeLine("ERROR: You must supply a value to remove. (e.g. bin/logstash-keystore remove my-secret)");
                    return;
                }
                SecretIdentifier secretIdentifier4 = new SecretIdentifier(str2);
                SecretStore load2 = this.secretStoreFactory.load(secureConfig);
                byte[] retrieveSecret2 = load2.retrieveSecret(secretIdentifier4);
                if (retrieveSecret2 == null) {
                    this.terminal.writeLine(String.format("ERROR: '%s' does not exist in the Logstash keystore.", str2));
                    return;
                }
                SecretStoreUtil.clearBytes(retrieveSecret2);
                load2.purgeSecret(secretIdentifier4);
                this.terminal.writeLine(String.format("Removed '%s' from the Logstash keystore.", secretIdentifier4.getKey()));
                return;
            case 5:
                this.terminal.writeLine("Usage:");
                this.terminal.writeLine("--------");
                this.terminal.writeLine("bin/logstash-keystore [option] command [argument]");
                this.terminal.writeLine("");
                this.terminal.writeLine("Commands:");
                this.terminal.writeLine("--------");
                this.terminal.writeLine("create - Creates a new Logstash keystore  (e.g. bin/logstash-keystore create)");
                this.terminal.writeLine("list   - List entries in the keystore  (e.g. bin/logstash-keystore list)");
                this.terminal.writeLine("add    - Add a value to the keystore (e.g. bin/logstash-keystore add my-secret)");
                this.terminal.writeLine("remove - Remove a value from the keystore  (e.g. bin/logstash-keystore remove my-secret)");
                this.terminal.writeLine("");
                this.terminal.writeLine("Argument:");
                this.terminal.writeLine("--------");
                this.terminal.writeLine("--help - Display command specific help  (e.g. bin/logstash-keystore add --help)");
                this.terminal.writeLine("");
                this.terminal.writeLine("Options:");
                this.terminal.writeLine("--------");
                this.terminal.writeLine("--path.settings - Set the directory for the keystore. This is should be the same directory as the logstash.yml settings file. The default is the config directory under Logstash home. (e.g. bin/logstash-keystore --path.settings /tmp/foo create)");
                this.terminal.writeLine("");
                return;
            default:
                return;
        }
    }

    private void add(SecretStore secretStore, SecretIdentifier secretIdentifier, byte[] bArr) {
        secretStore.persistSecret(secretIdentifier, bArr);
        this.terminal.writeLine(String.format("Added '%s' to the Logstash keystore.", secretIdentifier.getKey()));
        SecretStoreUtil.clearBytes(bArr);
    }

    private void create(SecureConfig secureConfig) {
        if (System.getenv(SecretStoreFactory.ENVIRONMENT_PASS_KEY) != null) {
            deleteThenCreate(secureConfig);
            return;
        }
        this.terminal.write(String.format("WARNING: The keystore password is not set. Please set the environment variable `%s`. Failure to do so will result in reduced security. Continue without password protection on the keystore? [y/N] ", SecretStoreFactory.ENVIRONMENT_PASS_KEY));
        if (isYes(this.terminal.readLine())) {
            deleteThenCreate(secureConfig);
        }
    }

    private void deleteThenCreate(SecureConfig secureConfig) {
        this.secretStoreFactory.delete(secureConfig.m101clone());
        this.secretStoreFactory.create(secureConfig.m101clone());
        char[] plainText = secureConfig.getPlainText("keystore.file");
        this.terminal.writeLine("Created Logstash keystore" + (plainText == null ? "." : " at " + new String(plainText)));
    }

    private static boolean isYes(String str) {
        return "y".equalsIgnoreCase(str) || "yes".equalsIgnoreCase(str);
    }
}
