package org.jclouds.openstack.nova.v2_0.compute.functions;

import com.google.common.base.Function;
import com.google.common.base.Optional;
import com.google.common.base.Preconditions;
import com.google.common.collect.Iterables;
import java.util.Iterator;
import javax.annotation.Resource;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.jclouds.compute.reference.ComputeServiceConstants;
import org.jclouds.logging.Logger;
import org.jclouds.openstack.nova.v2_0.NovaApi;
import org.jclouds.openstack.nova.v2_0.domain.Ingress;
import org.jclouds.openstack.nova.v2_0.domain.IpProtocol;
import org.jclouds.openstack.nova.v2_0.domain.SecurityGroup;
import org.jclouds.openstack.nova.v2_0.domain.zonescoped.SecurityGroupInZone;
import org.jclouds.openstack.nova.v2_0.domain.zonescoped.ZoneSecurityGroupNameAndPorts;
import org.jclouds.openstack.nova.v2_0.extensions.SecurityGroupApi;
import org.jclouds.openstack.nova.v2_0.predicates.SecurityGroupPredicates;

@Singleton
/* loaded from: input_file:WEB-INF/lib/openstack-nova-1.5.0-beta.11.jar:org/jclouds/openstack/nova/v2_0/compute/functions/CreateSecurityGroupIfNeeded.class */
public class CreateSecurityGroupIfNeeded implements Function<ZoneSecurityGroupNameAndPorts, SecurityGroupInZone> {

    @Resource
    @Named(ComputeServiceConstants.COMPUTE_LOGGER)
    protected Logger logger = Logger.NULL;
    protected final NovaApi novaApi;

    @Inject
    public CreateSecurityGroupIfNeeded(NovaApi novaApi) {
        this.novaApi = (NovaApi) Preconditions.checkNotNull(novaApi, "novaApi");
    }

    @Override // com.google.common.base.Function
    public SecurityGroupInZone apply(ZoneSecurityGroupNameAndPorts zoneSecurityGroupNameAndPorts) {
        Preconditions.checkNotNull(zoneSecurityGroupNameAndPorts, "zoneSecurityGroupNameAndPorts");
        String zone = zoneSecurityGroupNameAndPorts.getZone();
        Optional<? extends SecurityGroupApi> securityGroupExtensionForZone = this.novaApi.getSecurityGroupExtensionForZone(zone);
        Preconditions.checkArgument(securityGroupExtensionForZone.isPresent(), "Security groups are required, but the extension is not availablein zone %s!", zone);
        this.logger.debug(">> creating securityGroup %s", zoneSecurityGroupNameAndPorts);
        try {
            SecurityGroup createSecurityGroupWithNameAndDescription = securityGroupExtensionForZone.get().createSecurityGroupWithNameAndDescription(zoneSecurityGroupNameAndPorts.getName(), zoneSecurityGroupNameAndPorts.getName());
            this.logger.debug("<< created securityGroup(%s)", createSecurityGroupWithNameAndDescription);
            Iterator<Integer> it = zoneSecurityGroupNameAndPorts.getPorts().iterator();
            while (it.hasNext()) {
                authorizeGroupToItselfAndAllIPsToTCPPort(securityGroupExtensionForZone.get(), createSecurityGroupWithNameAndDescription, it.next().intValue());
            }
            return new SecurityGroupInZone(securityGroupExtensionForZone.get().getSecurityGroup(createSecurityGroupWithNameAndDescription.getId()), zone);
        } catch (IllegalStateException e) {
            this.logger.trace("<< trying to find securityGroup(%s): %s", zoneSecurityGroupNameAndPorts, e.getMessage());
            SecurityGroup securityGroup = (SecurityGroup) Iterables.find(securityGroupExtensionForZone.get().listSecurityGroups(), SecurityGroupPredicates.nameEquals(zoneSecurityGroupNameAndPorts.getName()));
            this.logger.debug("<< reused securityGroup(%s)", securityGroup.getId());
            return new SecurityGroupInZone(securityGroup, zone);
        }
    }

    /* JADX WARN: Type inference failed for: r2v3, types: [org.jclouds.openstack.nova.v2_0.domain.Ingress$Builder] */
    private void authorizeGroupToItselfAndAllIPsToTCPPort(SecurityGroupApi securityGroupApi, SecurityGroup securityGroup, int i) {
        this.logger.debug(">> authorizing securityGroup(%s) permission to 0.0.0.0/0 on port %d", securityGroup, Integer.valueOf(i));
        securityGroupApi.createSecurityGroupRuleAllowingCidrBlock(securityGroup.getId(), Ingress.builder().ipProtocol(IpProtocol.TCP).fromPort(i).toPort(i).build(), "0.0.0.0/0");
        this.logger.debug("<< authorized securityGroup(%s) permission to 0.0.0.0/0 on port %d", securityGroup, Integer.valueOf(i));
    }
}
