package org.jclouds.digitalocean2.compute.strategy;

import java.security.PublicKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.Resource;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.jclouds.compute.config.CustomizationResponse;
import org.jclouds.compute.domain.NodeMetadata;
import org.jclouds.compute.domain.Template;
import org.jclouds.compute.functions.GroupNamingConvention;
import org.jclouds.compute.reference.ComputeServiceConstants;
import org.jclouds.compute.strategy.CreateNodeWithGroupEncodedIntoName;
import org.jclouds.compute.strategy.CustomizeNodeAndAddToGoodMapOrPutExceptionIntoBadMap;
import org.jclouds.compute.strategy.ListNodesStrategy;
import org.jclouds.compute.strategy.impl.CreateNodesWithGroupEncodedIntoNameThenAddToSet;
import org.jclouds.digitalocean2.DigitalOcean2Api;
import org.jclouds.digitalocean2.compute.options.DigitalOcean2TemplateOptions;
import org.jclouds.digitalocean2.domain.Key;
import org.jclouds.digitalocean2.ssh.DSAKeys;
import org.jclouds.digitalocean2.ssh.ECDSAKeys;
import org.jclouds.logging.Logger;
import org.jclouds.ssh.SshKeyPairGenerator;
import org.jclouds.ssh.SshKeys;
import shaded.com.google.common.base.Function;
import shaded.com.google.common.base.Preconditions;
import shaded.com.google.common.base.Strings;
import shaded.com.google.common.collect.Multimap;
import shaded.com.google.common.collect.Sets;
import shaded.com.google.common.util.concurrent.FutureCallback;
import shaded.com.google.common.util.concurrent.Futures;
import shaded.com.google.common.util.concurrent.ListenableFuture;
import shaded.com.google.common.util.concurrent.ListeningExecutorService;

@Singleton
/* loaded from: input_file:WEB-INF/lib/jclouds-shaded-2.12.jar:org/jclouds/digitalocean2/compute/strategy/CreateKeyPairsThenCreateNodes.class */
public class CreateKeyPairsThenCreateNodes extends CreateNodesWithGroupEncodedIntoNameThenAddToSet {

    @Resource
    @Named(ComputeServiceConstants.COMPUTE_LOGGER)
    protected Logger logger;
    private final DigitalOcean2Api api;
    private final SshKeyPairGenerator keyGenerator;
    private final Function<String, PublicKey> sshKeyToPublicKey;

    @Inject
    protected CreateKeyPairsThenCreateNodes(CreateNodeWithGroupEncodedIntoName createNodeWithGroupEncodedIntoName, ListNodesStrategy listNodesStrategy, GroupNamingConvention.Factory factory, @Named("jclouds.user-threads") ListeningExecutorService listeningExecutorService, CustomizeNodeAndAddToGoodMapOrPutExceptionIntoBadMap.Factory factory2, DigitalOcean2Api digitalOcean2Api, SshKeyPairGenerator sshKeyPairGenerator, Function<String, PublicKey> function) {
        super(createNodeWithGroupEncodedIntoName, listNodesStrategy, factory, listeningExecutorService, factory2);
        this.logger = Logger.NULL;
        this.api = (DigitalOcean2Api) Preconditions.checkNotNull(digitalOcean2Api, "api cannot be null");
        this.keyGenerator = (SshKeyPairGenerator) Preconditions.checkNotNull(sshKeyPairGenerator, "keyGenerator cannot be null");
        Preconditions.checkNotNull(listeningExecutorService, "userExecutor cannot be null");
        this.sshKeyToPublicKey = (Function) Preconditions.checkNotNull(function, "sshKeyToPublicKey cannot be null");
    }

    @Override // org.jclouds.compute.strategy.impl.CreateNodesWithGroupEncodedIntoNameThenAddToSet, org.jclouds.compute.strategy.CreateNodesInGroupThenAddToSet
    public Map<?, ListenableFuture<Void>> execute(String str, int i, Template template, Set<NodeMetadata> set, Map<NodeMetadata, Exception> map, Multimap<NodeMetadata, CustomizationResponse> multimap) {
        DigitalOcean2TemplateOptions digitalOcean2TemplateOptions = (DigitalOcean2TemplateOptions) template.getOptions().as(DigitalOcean2TemplateOptions.class);
        HashSet newHashSet = Sets.newHashSet();
        if (digitalOcean2TemplateOptions.getSshKeyIds().isEmpty() && digitalOcean2TemplateOptions.getAutoCreateKeyPair() && Strings.isNullOrEmpty(digitalOcean2TemplateOptions.getPublicKey())) {
            generateKeyPairAndAddKeyToSet(digitalOcean2TemplateOptions, newHashSet, str);
        }
        if (digitalOcean2TemplateOptions.getRunScript() != null && Strings.isNullOrEmpty(digitalOcean2TemplateOptions.getLoginPrivateKey())) {
            this.logger.warn(">> A runScript has been configured but no SSH key has been provided. Authentication will delegate to the ssh-agent", new Object[0]);
        }
        if (!Strings.isNullOrEmpty(digitalOcean2TemplateOptions.getPublicKey())) {
            createKeyPairForPublicKeyInOptionsAndAddToSet(digitalOcean2TemplateOptions, newHashSet);
        }
        digitalOcean2TemplateOptions.sshKeyIds(Sets.union(newHashSet, digitalOcean2TemplateOptions.getSshKeyIds()));
        Map<?, ListenableFuture<Void>> execute = super.execute(str, i, template, set, map, multimap);
        registerAutoGeneratedKeyPairCleanupCallbacks(execute, newHashSet);
        return execute;
    }

    private void createKeyPairForPublicKeyInOptionsAndAddToSet(DigitalOcean2TemplateOptions digitalOcean2TemplateOptions, Set<Integer> set) {
        this.logger.debug(">> checking if the key pair already exists...", new Object[0]);
        String computeFingerprint = computeFingerprint(this.sshKeyToPublicKey.apply(digitalOcean2TemplateOptions.getPublicKey()));
        Key key = this.api.keyApi().get(computeFingerprint);
        if (key != null) {
            this.logger.debug(">> key pair found! %s", key);
            set.add(Integer.valueOf(key.id()));
        } else {
            this.logger.debug(">> key pair not found. creating a new one...", new Object[0]);
            Key create = this.api.keyApi().create(computeFingerprint, digitalOcean2TemplateOptions.getPublicKey());
            set.add(Integer.valueOf(create.id()));
            this.logger.debug(">> key pair created! %s", create);
        }
    }

    private void generateKeyPairAndAddKeyToSet(DigitalOcean2TemplateOptions digitalOcean2TemplateOptions, Set<Integer> set, String str) {
        this.logger.debug(">> creating default keypair for node...", new Object[0]);
        Map<String, String> map = this.keyGenerator.get();
        Key create = this.api.keyApi().create(str + "-" + System.getProperty("user.name"), map.get("public"));
        set.add(Integer.valueOf(create.id()));
        this.logger.debug(">> keypair created! %s", create);
        if (Strings.isNullOrEmpty(digitalOcean2TemplateOptions.getLoginPrivateKey())) {
            digitalOcean2TemplateOptions.overrideLoginPrivateKey(map.get("private"));
        }
    }

    private void registerAutoGeneratedKeyPairCleanupCallbacks(Map<?, ListenableFuture<Void>> map, final Set<Integer> set) {
        Futures.addCallback(Futures.successfulAsList(map.values()), new FutureCallback<List<Void>>() { // from class: org.jclouds.digitalocean2.compute.strategy.CreateKeyPairsThenCreateNodes.1
            @Override // shaded.com.google.common.util.concurrent.FutureCallback
            public void onSuccess(List<Void> list) {
                cleanupAutoGeneratedKeyPairs(set);
            }

            @Override // shaded.com.google.common.util.concurrent.FutureCallback
            public void onFailure(Throwable th) {
                cleanupAutoGeneratedKeyPairs(set);
            }

            private void cleanupAutoGeneratedKeyPairs(Set<Integer> set2) {
                CreateKeyPairsThenCreateNodes.this.logger.debug(">> cleaning up auto-generated key pairs...", new Object[0]);
                for (Integer num : set2) {
                    try {
                        CreateKeyPairsThenCreateNodes.this.api.keyApi().delete(num.intValue());
                    } catch (Exception e) {
                        CreateKeyPairsThenCreateNodes.this.logger.warn(">> could not delete key pair %s: %s", num, e.getMessage());
                    }
                }
            }
        }, this.userExecutor);
    }

    private static String computeFingerprint(PublicKey publicKey) {
        if (publicKey instanceof RSAPublicKey) {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
            return SshKeys.fingerprint(rSAPublicKey.getPublicExponent(), rSAPublicKey.getModulus());
        }
        if (publicKey instanceof DSAPublicKey) {
            DSAPublicKey dSAPublicKey = (DSAPublicKey) publicKey;
            return DSAKeys.fingerprint(dSAPublicKey.getParams().getP(), dSAPublicKey.getParams().getQ(), dSAPublicKey.getParams().getG(), dSAPublicKey.getY());
        }
        if (publicKey instanceof ECPublicKey) {
            return ECDSAKeys.fingerprint((ECPublicKey) publicKey);
        }
        throw new IllegalArgumentException("Only RSA and DSA keys are supported");
    }
}
