package org.apache.nifi.pulsar.auth;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.nifi.annotation.documentation.CapabilityDescription;
import org.apache.nifi.annotation.documentation.Tags;
import org.apache.nifi.components.PropertyDescriptor;
import org.apache.nifi.components.PropertyValue;
import org.apache.nifi.processor.util.StandardValidators;
import org.apache.pulsar.client.api.Authentication;
import org.apache.pulsar.client.api.AuthenticationFactory;
import org.apache.pulsar.client.api.PulsarClientException;
import org.apache.pulsar.client.impl.auth.AuthenticationAthenz;

@CapabilityDescription("Implementation with Athenz Authentication of the PulsarClientAuthenticationService. Provides Pulsar clients with the ability to authenticate against a secured Apache Pulsar broker endpoint.")
@Tags({"Pulsar", "client", "security", "authentication", "Athenz"})
/* loaded from: input_file:org/apache/nifi/pulsar/auth/PulsarClientAthenzAuthenticationService.class */
public class PulsarClientAthenzAuthenticationService extends AbstractPulsarClientAuntenticationService {
    public static final PropertyDescriptor TENANT_DOMAIN = new PropertyDescriptor.Builder().name("The tenant domain name").description("The domain name for this tenant").defaultValue((String) null).addValidator(StandardValidators.NON_BLANK_VALIDATOR).required(true).sensitive(false).build();
    public static final PropertyDescriptor TENANT_SERVICE = new PropertyDescriptor.Builder().name("The tenant service name").description("The service name for this tenant").defaultValue((String) null).addValidator(StandardValidators.NON_BLANK_VALIDATOR).required(true).sensitive(false).build();
    public static final PropertyDescriptor PROVIDER_DOMAIN = new PropertyDescriptor.Builder().name("The provider domain").description("The provider domain name").defaultValue((String) null).addValidator(StandardValidators.NON_BLANK_VALIDATOR).required(true).sensitive(false).build();
    public static final PropertyDescriptor TENANT_PRIVATE_KEY_FILE = new PropertyDescriptor.Builder().name("Tenants Private Key Filename").description("The fully-qualified filename of the tenant's private key.").defaultValue((String) null).addValidator(createFileExistsAndReadableValidator()).required(true).sensitive(false).build();
    public static final PropertyDescriptor TENANT_PRIVATE_KEY_ID = new PropertyDescriptor.Builder().name("Tenants Private Key Id").description("The id of tenant's private key.").defaultValue("0").addValidator(StandardValidators.NON_BLANK_VALIDATOR).required(false).sensitive(false).build();
    public static final PropertyDescriptor AUTO_PREFETCH_ENABLED = new PropertyDescriptor.Builder().name("Auto Prefetch Enabled").description("Specifies whether or not ZTS auto prefetching is enabled.").defaultValue("false").allowableValues(new String[]{"true", "false"}).required(false).sensitive(false).build();
    public static final PropertyDescriptor ATHENZ_CONF_PATH = new PropertyDescriptor.Builder().name("Pulsar Athenz Conf Path").description("The fully-qualified filename of the Pulsar Athenz configuration file.").addValidator(StandardValidators.FILE_EXISTS_VALIDATOR).required(false).sensitive(false).build();
    public static final PropertyDescriptor PRINCIPAL_HEADER = new PropertyDescriptor.Builder().name("Principal Header").description("Header name of Principal Token.").addValidator(StandardValidators.NON_BLANK_VALIDATOR).required(false).sensitive(false).build();
    public static final PropertyDescriptor ROLE_HEADER = new PropertyDescriptor.Builder().name("Role Header").description("Header name of Role Token.").addValidator(StandardValidators.NON_BLANK_VALIDATOR).required(false).sensitive(false).build();
    public static final PropertyDescriptor ZTS_URL = new PropertyDescriptor.Builder().name("ZTS URL").description("The ZTS Server URL.").addValidator(StandardValidators.NON_BLANK_VALIDATOR).required(false).sensitive(false).build();
    private static final List<PropertyDescriptor> properties;

    protected List<PropertyDescriptor> getSupportedPropertyDescriptors() {
        return properties;
    }

    @Override // org.apache.nifi.pulsar.auth.AbstractPulsarClientAuntenticationService
    public Authentication getAuthentication() {
        HashMap hashMap = new HashMap();
        putAuthParamIfSet(hashMap, "tenantDomain", this.configContext.getProperty(TENANT_DOMAIN));
        putAuthParamIfSet(hashMap, "tenantService", this.configContext.getProperty(TENANT_SERVICE));
        putAuthParamIfSet(hashMap, "providerDomain", this.configContext.getProperty(PROVIDER_DOMAIN));
        putAuthParamIfSet(hashMap, "privateKey", this.configContext.getProperty(TENANT_PRIVATE_KEY_FILE));
        putAuthParamIfSet(hashMap, "keyId", this.configContext.getProperty(TENANT_PRIVATE_KEY_ID));
        putAuthParamIfSet(hashMap, "autoPrefetchEnabled", this.configContext.getProperty(AUTO_PREFETCH_ENABLED));
        putAuthParamIfSet(hashMap, "athenzConfPath", this.configContext.getProperty(ATHENZ_CONF_PATH));
        putAuthParamIfSet(hashMap, "principalHeader", this.configContext.getProperty(PRINCIPAL_HEADER));
        putAuthParamIfSet(hashMap, "roleHeader", this.configContext.getProperty(ROLE_HEADER));
        putAuthParamIfSet(hashMap, "ztsUrl", this.configContext.getProperty(ZTS_URL));
        try {
            return AuthenticationFactory.create(AuthenticationAthenz.class.getName(), hashMap);
        } catch (PulsarClientException.UnsupportedAuthenticationException e) {
            getLogger().error("Unable to authenticate", e);
            return null;
        }
    }

    private void putAuthParamIfSet(Map<String, String> map, String str, PropertyValue propertyValue) {
        if (propertyValue.isSet()) {
            map.put(str, propertyValue.getValue());
        }
    }

    static {
        ArrayList arrayList = new ArrayList();
        arrayList.add(TRUST_CERTIFICATE);
        arrayList.add(TENANT_DOMAIN);
        arrayList.add(TENANT_SERVICE);
        arrayList.add(PROVIDER_DOMAIN);
        arrayList.add(TENANT_PRIVATE_KEY_FILE);
        arrayList.add(TENANT_PRIVATE_KEY_ID);
        arrayList.add(AUTO_PREFETCH_ENABLED);
        arrayList.add(ATHENZ_CONF_PATH);
        arrayList.add(PRINCIPAL_HEADER);
        arrayList.add(ROLE_HEADER);
        arrayList.add(ZTS_URL);
        properties = Collections.unmodifiableList(arrayList);
    }
}
