package com.atlassian.elasticsearch.buckler;

import com.atlassian.elasticsearch.buckler.config.BucklerConfig;
import com.atlassian.elasticsearch.buckler.config.ConfigRestHandler;
import com.atlassian.elasticsearch.buckler.security.AuthRateLimiter;
import com.atlassian.elasticsearch.buckler.security.TimeProvider;
import java.io.IOException;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.function.Supplier;
import java.util.function.UnaryOperator;
import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver;
import org.elasticsearch.cluster.node.DiscoveryNodes;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.io.stream.NamedWriteableRegistry;
import org.elasticsearch.common.network.NetworkService;
import org.elasticsearch.common.settings.ClusterSettings;
import org.elasticsearch.common.settings.IndexScopedSettings;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsFilter;
import org.elasticsearch.common.util.BigArrays;
import org.elasticsearch.common.util.PageCacheRecycler;
import org.elasticsearch.common.util.concurrent.ThreadContext;
import org.elasticsearch.common.xcontent.NamedXContentRegistry;
import org.elasticsearch.http.HttpServerTransport;
import org.elasticsearch.indices.breaker.CircuitBreakerService;
import org.elasticsearch.plugins.ActionPlugin;
import org.elasticsearch.plugins.NetworkPlugin;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.rest.RestController;
import org.elasticsearch.rest.RestHandler;
import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.transport.Transport;
import org.elasticsearch.transport.TransportInterceptor;

/* loaded from: input_file:com/atlassian/elasticsearch/buckler/BucklerPlugin.class */
public class BucklerPlugin extends Plugin implements NetworkPlugin, ActionPlugin {
    private static final Setting<Boolean> AUTH_BASIC_HTTP_ENABLED_SETTING = Setting.boolSetting("auth.basic.http.enabled", false, new Setting.Property[]{Setting.Property.NodeScope});
    private static final Setting<Boolean> AUTH_BASIC_TCP_ENABLED_SETTING = Setting.boolSetting("auth.basic.tcp.enabled", false, new Setting.Property[]{Setting.Property.NodeScope});
    private static final Setting<String> AUTH_BASIC_USERNAME_SETTING = Setting.simpleString("auth.basic.username", new Setting.Property[]{Setting.Property.NodeScope});
    private static final Setting<String> AUTH_BASIC_PASSWORD_SETTING = Setting.simpleString("auth.basic.password", new Setting.Property[]{Setting.Property.NodeScope});
    private static final Setting<Boolean> TLS_HTTP_ENABLED_SETTING = Setting.boolSetting("tls.http.enabled", false, new Setting.Property[]{Setting.Property.NodeScope});
    private static final Setting<Boolean> TLS_TCP_ENABLED_SETTING = Setting.boolSetting("tls.tcp.enabled", false, new Setting.Property[]{Setting.Property.NodeScope});
    private static final Setting<String> TLS_KEYSTORE_PATH_SETTING = Setting.simpleString("tls.keystore.path", new Setting.Property[]{Setting.Property.NodeScope});
    private static final Setting<String> TLS_KEYSTORE_PASSWORD_SETTING = Setting.simpleString("tls.keystore.password", new Setting.Property[]{Setting.Property.NodeScope});
    private final AuthRateLimiter limiter;
    private final BucklerConfig bucklerConfig;

    @Inject
    public BucklerPlugin(Settings settings, Path path) throws IOException {
        this.bucklerConfig = new BucklerConfig(settings, path);
        this.limiter = new AuthRateLimiter(this.bucklerConfig, new TimeProvider());
    }

    public Map<String, Supplier<HttpServerTransport>> getHttpTransports(Settings settings, ThreadPool threadPool, BigArrays bigArrays, CircuitBreakerService circuitBreakerService, NamedWriteableRegistry namedWriteableRegistry, NamedXContentRegistry namedXContentRegistry, NetworkService networkService, HttpServerTransport.Dispatcher dispatcher) {
        return Collections.singletonMap("buckler", () -> {
            return new SecureHttpServerTransport(settings, networkService, bigArrays, this.bucklerConfig, threadPool, namedXContentRegistry, dispatcher);
        });
    }

    public UnaryOperator<RestHandler> getRestHandlerWrapper(ThreadContext threadContext) {
        return restHandler -> {
            return new RestAuthenticationHandler(restHandler, this.bucklerConfig, this.limiter);
        };
    }

    public List<RestHandler> getRestHandlers(Settings settings, RestController restController, ClusterSettings clusterSettings, IndexScopedSettings indexScopedSettings, SettingsFilter settingsFilter, IndexNameExpressionResolver indexNameExpressionResolver, Supplier<DiscoveryNodes> supplier) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new ConfigRestHandler(settings, restController, this.bucklerConfig));
        return arrayList;
    }

    public List<Setting<?>> getSettings() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(AUTH_BASIC_HTTP_ENABLED_SETTING);
        arrayList.add(AUTH_BASIC_PASSWORD_SETTING);
        arrayList.add(AUTH_BASIC_TCP_ENABLED_SETTING);
        arrayList.add(AUTH_BASIC_USERNAME_SETTING);
        arrayList.add(TLS_HTTP_ENABLED_SETTING);
        arrayList.add(TLS_KEYSTORE_PASSWORD_SETTING);
        arrayList.add(TLS_KEYSTORE_PATH_SETTING);
        arrayList.add(TLS_TCP_ENABLED_SETTING);
        return arrayList;
    }

    public List<TransportInterceptor> getTransportInterceptors(NamedWriteableRegistry namedWriteableRegistry, ThreadContext threadContext) {
        return Collections.singletonList(new AuthTransportInterceptor(this.limiter, this.bucklerConfig, threadContext));
    }

    public Map<String, Supplier<Transport>> getTransports(Settings settings, ThreadPool threadPool, PageCacheRecycler pageCacheRecycler, CircuitBreakerService circuitBreakerService, NamedWriteableRegistry namedWriteableRegistry, NetworkService networkService) {
        return Collections.singletonMap("buckler", () -> {
            return new SecureTransport(settings, threadPool, networkService, pageCacheRecycler, this.bucklerConfig, namedWriteableRegistry, circuitBreakerService);
        });
    }
}
