package org.jclouds.scriptbuilder.statements.login;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Charsets;
import com.google.common.base.Function;
import com.google.common.base.Preconditions;
import com.google.common.base.Predicates;
import com.google.common.base.Supplier;
import com.google.common.base.Throwables;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.google.common.io.Files;
import java.io.File;
import java.io.IOException;
import java.util.Map;
import org.jclouds.domain.Credentials;
import org.jclouds.javax.annotation.Nullable;
import org.jclouds.scriptbuilder.domain.OsFamily;
import org.jclouds.scriptbuilder.domain.Statement;
import org.jclouds.scriptbuilder.domain.StatementList;
import org.jclouds.scriptbuilder.statements.login.UserAdd;
import org.jclouds.scriptbuilder.statements.ssh.SshStatements;

/* loaded from: input_file:WEB-INF/lib/jclouds-scriptbuilder-1.6.2-incubating.jar:org/jclouds/scriptbuilder/statements/login/AdminAccess.class */
public class AdminAccess implements Statement {

    @VisibleForTesting
    Config config;

    /* loaded from: input_file:WEB-INF/lib/jclouds-scriptbuilder-1.6.2-incubating.jar:org/jclouds/scriptbuilder/statements/login/AdminAccess$Builder.class */
    public static class Builder {
        private Function<String, String> cryptFunction;
        private String adminUsername;
        private String adminFullName;
        private String adminHome;
        private String adminPublicKey;
        private File adminPublicKeyFile;
        private String adminPrivateKey;
        private File adminPrivateKeyFile;
        private String adminPassword;
        private String loginPassword;
        private boolean lockSsh = true;
        private boolean grantSudoToAdminUser = true;
        private boolean authorizeAdminPublicKey = true;
        private boolean installAdminPrivateKey = false;
        private boolean resetLoginPassword = true;

        public Builder cryptFunction(Function<String, String> function) {
            this.cryptFunction = function;
            return this;
        }

        public Builder adminUsername(String str) {
            this.adminUsername = AdminAccess.checkNotRoot(str);
            return this;
        }

        public Builder adminFullName(String str) {
            this.adminFullName = str;
            return this;
        }

        public Builder adminHome(String str) {
            this.adminHome = str;
            return this;
        }

        public Builder adminPassword(String str) {
            this.adminPassword = str;
            return this;
        }

        public Builder loginPassword(String str) {
            this.loginPassword = str;
            return this;
        }

        public Builder lockSsh(boolean z) {
            this.lockSsh = z;
            return this;
        }

        public Builder resetLoginPassword(boolean z) {
            this.resetLoginPassword = z;
            return this;
        }

        public Builder authorizeAdminPublicKey(boolean z) {
            this.authorizeAdminPublicKey = z;
            return this;
        }

        public Builder installAdminPrivateKey(boolean z) {
            this.installAdminPrivateKey = z;
            return this;
        }

        public Builder grantSudoToAdminUser(boolean z) {
            this.grantSudoToAdminUser = z;
            return this;
        }

        public Builder adminPublicKey(File file) {
            this.adminPublicKeyFile = file;
            this.adminPublicKey = null;
            return this;
        }

        public Builder adminPublicKey(String str) {
            this.adminPublicKey = str;
            this.adminPublicKeyFile = null;
            return this;
        }

        public Builder adminPrivateKey(File file) {
            this.adminPrivateKeyFile = file;
            this.adminPrivateKey = null;
            return this;
        }

        public Builder adminPrivateKey(String str) {
            this.adminPrivateKey = str;
            this.adminPrivateKeyFile = null;
            return this;
        }

        public Builder from(AdminAccessBuilderSpec adminAccessBuilderSpec) {
            return adminAccessBuilderSpec.copyTo(this);
        }

        public Builder from(String str) {
            return from(AdminAccessBuilderSpec.parse(str));
        }

        public AdminAccess build() {
            return new AdminAccess(buildConfig());
        }

        protected Config buildConfig() {
            try {
                String str = this.adminPublicKey;
                if (str == null && this.adminPublicKeyFile != null) {
                    str = Files.toString(this.adminPublicKeyFile, Charsets.UTF_8);
                }
                String str2 = this.adminPrivateKey;
                if (str2 == null && this.adminPrivateKeyFile != null) {
                    str2 = Files.toString(this.adminPrivateKeyFile, Charsets.UTF_8);
                }
                return new Config(this.adminUsername, this.adminFullName, this.adminHome, str, str2, this.adminPassword, this.loginPassword, this.lockSsh, this.grantSudoToAdminUser, this.authorizeAdminPublicKey, this.installAdminPrivateKey, this.resetLoginPassword, this.cryptFunction);
            } catch (IOException e) {
                throw Throwables.propagate(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:WEB-INF/lib/jclouds-scriptbuilder-1.6.2-incubating.jar:org/jclouds/scriptbuilder/statements/login/AdminAccess$Config.class */
    public static class Config {
        private final String adminUsername;
        private final String adminFullName;
        private final String adminHome;
        private final String adminPublicKey;
        private final String adminPrivateKey;
        private final String adminPassword;
        private final String loginPassword;
        private final boolean grantSudoToAdminUser;
        private final boolean installAdminPrivateKey;
        private final boolean resetLoginPassword;
        private final Function<String, String> cryptFunction;
        private final Credentials adminCredentials;
        private boolean authorizeAdminPublicKey;
        private boolean lockSsh;

        protected Config(@Nullable String str, @Nullable String str2, @Nullable String str3, @Nullable String str4, @Nullable String str5, @Nullable String str6, @Nullable String str7, boolean z, boolean z2, boolean z3, boolean z4, boolean z5, Function<String, String> function) {
            this.adminUsername = str;
            this.adminFullName = str2;
            this.adminHome = str3;
            this.adminPublicKey = str4;
            this.adminPrivateKey = str5;
            this.adminPassword = str6;
            this.loginPassword = str7;
            this.lockSsh = z;
            this.grantSudoToAdminUser = z2;
            this.authorizeAdminPublicKey = z3;
            this.installAdminPrivateKey = z4;
            this.resetLoginPassword = z5;
            this.cryptFunction = function;
            if (str != null && z3 && str5 != null) {
                this.adminCredentials = new Credentials(str, str5);
                return;
            }
            if (str == null || str6 == null) {
                this.adminCredentials = null;
                return;
            }
            this.adminCredentials = new Credentials(str, str6);
            this.authorizeAdminPublicKey = false;
            this.lockSsh = false;
        }

        public String getAdminUsername() {
            return this.adminUsername;
        }

        public String getAdminFullName() {
            return this.adminFullName;
        }

        public String getAdminHome() {
            return this.adminHome;
        }

        public String getAdminPublicKey() {
            return this.adminPublicKey;
        }

        public String getAdminPrivateKey() {
            return this.adminPrivateKey;
        }

        public String getAdminPassword() {
            return this.adminPassword;
        }

        public String getLoginPassword() {
            return this.loginPassword;
        }

        public boolean shouldLockSsh() {
            return this.lockSsh;
        }

        public boolean shouldGrantSudoToAdminUser() {
            return this.grantSudoToAdminUser;
        }

        public boolean shouldAuthorizeAdminPublicKey() {
            return this.authorizeAdminPublicKey;
        }

        public boolean shouldInstallAdminPrivateKey() {
            return this.installAdminPrivateKey;
        }

        public boolean shouldResetLoginPassword() {
            return this.resetLoginPassword;
        }

        public Function<String, String> getCryptFunction() {
            return this.cryptFunction;
        }

        public Credentials getAdminCredentials() {
            return this.adminCredentials;
        }

        public String toString() {
            StringBuilder sb = new StringBuilder();
            sb.append("Config [adminUsername=").append(this.adminUsername).append(", adminFullName=").append(this.adminFullName).append(", adminHome=").append(this.adminHome).append(", adminPublicKey=").append(this.adminPublicKey == null ? "null" : "present").append(", adminPrivateKey=").append(this.adminPrivateKey == null ? "null" : "present").append(", adminPassword=").append(this.adminPassword == null ? "null" : "present").append(", loginPassword=").append(this.loginPassword == null ? "null" : "present").append(", lockSsh=").append(this.lockSsh).append(", grantSudoToAdminUser=").append(this.grantSudoToAdminUser).append(", authorizeAdminPublicKey=").append(this.authorizeAdminPublicKey).append(", installAdminPrivateKey=").append(this.installAdminPrivateKey).append(", resetLoginPassword=").append(this.resetLoginPassword).append(", cryptFunction=").append(this.cryptFunction).append(", adminCredentials=").append(this.adminCredentials).append("]");
            return sb.toString();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jclouds-scriptbuilder-1.6.2-incubating.jar:org/jclouds/scriptbuilder/statements/login/AdminAccess$Configuration.class */
    public interface Configuration {
        Supplier<String> defaultAdminUsername();

        Supplier<Map<String, String>> defaultAdminSshKeys();

        Supplier<String> passwordGenerator();

        Function<String, String> cryptFunction();
    }

    public static Builder builder() {
        return new Builder();
    }

    public static AdminAccess standard() {
        return new Builder().build();
    }

    protected AdminAccess(Config config) {
        this.config = (Config) Preconditions.checkNotNull(config, "in");
    }

    @Nullable
    public Credentials getAdminCredentials() {
        return this.config.getAdminCredentials();
    }

    @Nullable
    public String getAdminPassword() {
        return this.config.getAdminPassword();
    }

    public boolean shouldGrantSudoToAdminUser() {
        return this.config.shouldGrantSudoToAdminUser();
    }

    @Override // org.jclouds.scriptbuilder.domain.Statement
    public Iterable<String> functionDependencies(OsFamily osFamily) {
        return ImmutableList.of();
    }

    public AdminAccess init(Configuration configuration) {
        Builder builder = builder();
        builder.cryptFunction(this.config.getCryptFunction() != null ? this.config.getCryptFunction() : configuration.cryptFunction());
        builder.adminUsername(this.config.getAdminUsername() != null ? this.config.getAdminUsername() : configuration.defaultAdminUsername().get());
        builder.adminFullName(this.config.getAdminFullName() != null ? this.config.getAdminFullName() : builder.adminUsername);
        builder.adminHome(this.config.getAdminHome());
        builder.adminPassword(this.config.getAdminPassword() != null ? this.config.getAdminPassword() : configuration.passwordGenerator().get());
        Map<String, String> of = (this.config.getAdminPublicKey() == null || this.config.getAdminPrivateKey() == null) ? configuration.defaultAdminSshKeys().get() : ImmutableMap.of("public", this.config.getAdminPublicKey(), "private", this.config.getAdminPrivateKey());
        builder.adminPublicKey(of.get("public"));
        builder.adminPrivateKey(of.get("private"));
        builder.loginPassword(this.config.getLoginPassword() != null ? this.config.getLoginPassword() : configuration.passwordGenerator().get());
        builder.grantSudoToAdminUser(this.config.shouldGrantSudoToAdminUser());
        builder.authorizeAdminPublicKey(this.config.shouldAuthorizeAdminPublicKey());
        builder.installAdminPrivateKey(this.config.shouldInstallAdminPrivateKey());
        builder.lockSsh(this.config.shouldLockSsh());
        builder.resetLoginPassword(this.config.shouldResetLoginPassword());
        this.config = builder.buildConfig();
        return this;
    }

    @Override // org.jclouds.scriptbuilder.domain.Statement
    public String render(OsFamily osFamily) {
        Preconditions.checkNotNull(osFamily, "family");
        if (osFamily == OsFamily.WINDOWS) {
            throw new UnsupportedOperationException("windows not yet implemented");
        }
        Preconditions.checkState(!Iterables.any(Lists.newArrayList(this.config.getAdminUsername(), this.config.getAdminPassword(), this.config.getAdminPublicKey(), this.config.getAdminPrivateKey(), this.config.getLoginPassword()), Predicates.isNull()), "please call init() first");
        checkNotRoot(this.config.getAdminUsername());
        Preconditions.checkNotNull(this.config.getAdminPassword(), "adminPassword");
        Preconditions.checkNotNull(this.config.getAdminPublicKey(), "adminPublicKey");
        Preconditions.checkNotNull(this.config.getAdminPrivateKey(), "adminPrivateKey");
        Preconditions.checkNotNull(this.config.getLoginPassword(), "loginPassword");
        ImmutableList.Builder builder = ImmutableList.builder();
        UserAdd.Builder builder2 = UserAdd.builder();
        builder2.login(this.config.getAdminUsername());
        builder2.fullName(this.config.getAdminFullName());
        if (this.config.getAdminHome() != null) {
            builder2.home(this.config.getAdminHome());
        }
        if (this.config.shouldAuthorizeAdminPublicKey()) {
            builder2.authorizeRSAPublicKey(this.config.getAdminPublicKey());
        }
        builder2.password(this.config.getAdminPassword());
        if (this.config.shouldInstallAdminPrivateKey()) {
            builder2.installRSAPrivateKey(this.config.getAdminPrivateKey());
        }
        if (this.config.shouldGrantSudoToAdminUser()) {
            builder.add((ImmutableList.Builder) SudoStatements.createWheel());
            builder2.group("wheel");
        }
        builder.add((ImmutableList.Builder) builder2.cryptFunction(this.config.getCryptFunction()).build());
        if (this.config.shouldLockSsh()) {
            builder.add((ImmutableList.Builder) SshStatements.lockSshd());
        }
        if (this.config.shouldResetLoginPassword()) {
            builder.add((ImmutableList.Builder) ShadowStatements.resetLoginUserPasswordTo(this.config.getCryptFunction(), this.config.getLoginPassword()));
        }
        return new StatementList(builder.build()).render(osFamily);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String checkNotRoot(String str) {
        Preconditions.checkArgument(!"root".equals(Preconditions.checkNotNull(str, "adminUsername")), "cannot create admin user 'root'; ensure jclouds is not running as root, or specify an explicit non-root username in AdminAccess");
        return str;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("AdminAccess [config=").append(this.config).append(", getAdminCredentials()=").append(getAdminCredentials()).append(", shouldGrantSudoToAdminUser()=").append(shouldGrantSudoToAdminUser()).append("]");
        return sb.toString();
    }
}
