package org.apache.nifi.processors.azure.storage.utils;

import com.azure.core.http.ProxyOptions;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.util.Collection;
import java.util.EnumSet;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.components.DescribedValue;
import org.apache.nifi.components.PropertyDescriptor;
import org.apache.nifi.components.ValidationContext;
import org.apache.nifi.components.ValidationResult;
import org.apache.nifi.components.Validator;
import org.apache.nifi.context.PropertyContext;
import org.apache.nifi.expression.ExpressionLanguageScope;
import org.apache.nifi.flowfile.FlowFile;
import org.apache.nifi.processor.exception.ProcessException;
import org.apache.nifi.processor.util.StandardValidators;
import org.apache.nifi.proxy.ProxyConfiguration;
import org.apache.nifi.proxy.ProxySpec;
import org.apache.nifi.services.azure.storage.ADLSCredentialsService;
import org.apache.nifi.services.azure.storage.AzureStorageConflictResolutionStrategy;
import org.apache.nifi.services.azure.storage.AzureStorageCredentialsService_v12;
import org.apache.nifi.services.azure.storage.AzureStorageCredentialsType;

/* loaded from: input_file:org/apache/nifi/processors/azure/storage/utils/AzureStorageUtils.class */
public final class AzureStorageUtils {
    public static final String ACCOUNT_KEY_SECURITY_DESCRIPTION = " There are certain risks in allowing the account key to be stored as a FlowFile attribute. While it does provide for a more flexible flow by allowing the account key to be fetched dynamically from a FlowFile attribute, care must be taken to restrict access to the event provenance data (e.g., by strictly controlling the policies governing provenance for this processor). In addition, the provenance repositories may be put on encrypted disk partitions.";
    public static final String ACCOUNT_NAME_SECURITY_DESCRIPTION = " There are certain risks in allowing the account name to be stored as a FlowFile attribute. While it does provide for a more flexible flow by allowing the account name to be fetched dynamically from a FlowFile attribute, care must be taken to restrict access to the event provenance data (e.g., by strictly controlling the policies governing provenance for this processor). In addition, the provenance repositories may be put on encrypted disk partitions.";
    public static final String SAS_TOKEN_SECURITY_DESCRIPTION = " There are certain risks in allowing the SAS token to be stored as a FlowFile attribute. While it does provide for a more flexible flow by allowing the SAS token to be fetched dynamically from a FlowFile attribute, care must be taken to restrict access to the event provenance data (e.g., by strictly controlling the policies governing provenance for this processor). In addition, the provenance repositories may be put on encrypted disk partitions.";
    public static final PropertyDescriptor ADLS_CREDENTIALS_SERVICE = new PropertyDescriptor.Builder().name("adls-credentials-service").displayName("ADLS Credentials").description("Controller Service used to obtain Azure Credentials.").identifiesControllerService(ADLSCredentialsService.class).required(true).build();
    public static final PropertyDescriptor BLOB_STORAGE_CREDENTIALS_SERVICE = new PropertyDescriptor.Builder().name("storage-credentials-service").displayName("Storage Credentials").description("Controller Service used to obtain Azure Blob Storage Credentials.").identifiesControllerService(AzureStorageCredentialsService_v12.class).required(true).build();
    public static final PropertyDescriptor CREDENTIALS_TYPE = new PropertyDescriptor.Builder().name("credentials-type").displayName("Credentials Type").description("Credentials type to be used for authenticating to Azure").required(true).allowableValues(EnumSet.of(AzureStorageCredentialsType.ACCOUNT_KEY, AzureStorageCredentialsType.SAS_TOKEN, AzureStorageCredentialsType.MANAGED_IDENTITY, AzureStorageCredentialsType.SERVICE_PRINCIPAL)).defaultValue(AzureStorageCredentialsType.SAS_TOKEN).build();
    public static final PropertyDescriptor FILESYSTEM = new PropertyDescriptor.Builder().name("filesystem-name").displayName("Filesystem Name").description("Name of the Azure Storage File System (also called Container). It is assumed to be already existing.").addValidator(StandardValidators.NON_BLANK_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.FLOWFILE_ATTRIBUTES).required(true).build();
    public static final PropertyDescriptor DIRECTORY = new PropertyDescriptor.Builder().name("directory-name").displayName("Directory Name").description("Name of the Azure Storage Directory. The Directory Name cannot contain a leading '/'. The root directory can be designated by the empty string value. In case of the PutAzureDataLakeStorage processor, the directory will be created if not already existing.").addValidator(new DirectoryValidator()).expressionLanguageSupported(ExpressionLanguageScope.FLOWFILE_ATTRIBUTES).required(true).build();
    public static final PropertyDescriptor FILE = new PropertyDescriptor.Builder().name("file-name").displayName("File Name").description("The filename").addValidator(StandardValidators.NON_BLANK_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.FLOWFILE_ATTRIBUTES).required(true).defaultValue(String.format("${%s}", ADLSAttributes.ATTR_NAME_FILENAME)).build();
    public static final String STORAGE_ACCOUNT_KEY_PROPERTY_DESCRIPTOR_NAME = "storage-account-key";
    public static final String ACCOUNT_KEY_BASE_DESCRIPTION = "The storage account key. This is an admin-like password providing access to every container in this account. It is recommended one uses Shared Access Signature (SAS) token, Managed Identity or Service Principal instead for fine-grained control with policies.";
    public static final PropertyDescriptor ACCOUNT_KEY = new PropertyDescriptor.Builder().name(STORAGE_ACCOUNT_KEY_PROPERTY_DESCRIPTOR_NAME).displayName("Account Key").description(ACCOUNT_KEY_BASE_DESCRIPTION).addValidator(StandardValidators.NON_EMPTY_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.NONE).required(true).sensitive(true).dependsOn(CREDENTIALS_TYPE, AzureStorageCredentialsType.ACCOUNT_KEY, new DescribedValue[0]).build();
    public static final String STORAGE_ACCOUNT_NAME_PROPERTY_DESCRIPTOR_NAME = "storage-account-name";
    public static final String ACCOUNT_NAME_BASE_DESCRIPTION = "The storage account name.";
    public static final PropertyDescriptor ACCOUNT_NAME = new PropertyDescriptor.Builder().name(STORAGE_ACCOUNT_NAME_PROPERTY_DESCRIPTOR_NAME).displayName("Storage Account Name").description(ACCOUNT_NAME_BASE_DESCRIPTION).addValidator(StandardValidators.NON_EMPTY_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.NONE).required(true).sensitive(true).build();
    public static final String STORAGE_ENDPOINT_SUFFIX_PROPERTY_DESCRIPTOR_NAME = "storage-endpoint-suffix";
    public static final PropertyDescriptor ENDPOINT_SUFFIX = new PropertyDescriptor.Builder().name(STORAGE_ENDPOINT_SUFFIX_PROPERTY_DESCRIPTOR_NAME).displayName("Endpoint Suffix").description("Storage accounts in public Azure always use a common FQDN suffix. Override this endpoint suffix with a different suffix in certain circumstances (like Azure Stack or non-public Azure regions).").addValidator(StandardValidators.NON_BLANK_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.NONE).required(true).build();
    public static final PropertyDescriptor CONTAINER = new PropertyDescriptor.Builder().name("container-name").displayName("Container Name").description("Name of the Azure storage container. In case of PutAzureBlobStorage processor, container can be created if it does not exist.").addValidator(StandardValidators.NON_EMPTY_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.FLOWFILE_ATTRIBUTES).required(true).build();
    public static final PropertyDescriptor CREATE_CONTAINER = new PropertyDescriptor.Builder().name("create-container").displayName("Create Container").expressionLanguageSupported(ExpressionLanguageScope.NONE).required(true).addValidator(StandardValidators.BOOLEAN_VALIDATOR).allowableValues(new String[]{"true", "false"}).defaultValue("false").description("Specifies whether to check if the container exists and to automatically create it if it does not. Permission to list containers is required. If false, this check is not made, but the Put operation will fail if the container does not exist.").build();
    public static final PropertyDescriptor CONFLICT_RESOLUTION = new PropertyDescriptor.Builder().name("conflict-resolution-strategy").displayName("Conflict Resolution Strategy").expressionLanguageSupported(ExpressionLanguageScope.NONE).required(true).allowableValues(AzureStorageConflictResolutionStrategy.class).defaultValue(AzureStorageConflictResolutionStrategy.FAIL_RESOLUTION).description("Specifies whether an existing blob will have its contents replaced upon conflict.").build();
    public static final String STORAGE_SAS_TOKEN_PROPERTY_DESCRIPTOR_NAME = "storage-sas-token";
    public static final String SAS_TOKEN_BASE_DESCRIPTION = "Shared Access Signature token (the leading '?' may be included)";
    public static final PropertyDescriptor SAS_TOKEN = new PropertyDescriptor.Builder().name(STORAGE_SAS_TOKEN_PROPERTY_DESCRIPTOR_NAME).displayName("SAS Token").description(SAS_TOKEN_BASE_DESCRIPTION).required(true).expressionLanguageSupported(ExpressionLanguageScope.NONE).sensitive(true).addValidator(StandardValidators.NON_EMPTY_VALIDATOR).dependsOn(CREDENTIALS_TYPE, AzureStorageCredentialsType.SAS_TOKEN, new DescribedValue[0]).build();
    public static final PropertyDescriptor MANAGED_IDENTITY_CLIENT_ID = new PropertyDescriptor.Builder().name("managed-identity-client-id").displayName("Managed Identity Client ID").description("Client ID of the managed identity. The property is required when User Assigned Managed Identity is used for authentication. It must be empty in case of System Assigned Managed Identity.").sensitive(true).required(false).addValidator(StandardValidators.NON_BLANK_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.NONE).dependsOn(CREDENTIALS_TYPE, AzureStorageCredentialsType.MANAGED_IDENTITY, new DescribedValue[0]).build();
    public static final PropertyDescriptor SERVICE_PRINCIPAL_TENANT_ID = new PropertyDescriptor.Builder().name("service-principal-tenant-id").displayName("Service Principal Tenant ID").description("Tenant ID of the Azure Active Directory hosting the Service Principal.").sensitive(true).required(true).addValidator(StandardValidators.NON_BLANK_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.NONE).dependsOn(CREDENTIALS_TYPE, AzureStorageCredentialsType.SERVICE_PRINCIPAL, new DescribedValue[0]).build();
    public static final PropertyDescriptor SERVICE_PRINCIPAL_CLIENT_ID = new PropertyDescriptor.Builder().name("service-principal-client-id").displayName("Service Principal Client ID").description("Client ID (or Application ID) of the Client/Application having the Service Principal.").sensitive(true).required(true).addValidator(StandardValidators.NON_BLANK_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.NONE).dependsOn(CREDENTIALS_TYPE, AzureStorageCredentialsType.SERVICE_PRINCIPAL, new DescribedValue[0]).build();
    public static final PropertyDescriptor SERVICE_PRINCIPAL_CLIENT_SECRET = new PropertyDescriptor.Builder().name("service-principal-client-secret").displayName("Service Principal Client Secret").description("Password of the Client/Application.").sensitive(true).required(true).addValidator(StandardValidators.NON_BLANK_VALIDATOR).expressionLanguageSupported(ExpressionLanguageScope.NONE).dependsOn(CREDENTIALS_TYPE, AzureStorageCredentialsType.SERVICE_PRINCIPAL, new DescribedValue[0]).build();
    private static final ProxySpec[] PROXY_SPECS = {ProxySpec.HTTP, ProxySpec.SOCKS};
    public static final PropertyDescriptor PROXY_CONFIGURATION_SERVICE = new PropertyDescriptor.Builder().fromPropertyDescriptor(ProxyConfiguration.createProxyConfigPropertyDescriptor(false, PROXY_SPECS)).build();

    /* loaded from: input_file:org/apache/nifi/processors/azure/storage/utils/AzureStorageUtils$DirectoryValidator.class */
    public static class DirectoryValidator implements Validator {
        private String displayName;

        public DirectoryValidator() {
            this.displayName = null;
        }

        public DirectoryValidator(String str) {
            this.displayName = str;
        }

        public ValidationResult validate(String str, String str2, ValidationContext validationContext) {
            this.displayName = this.displayName == null ? AzureStorageUtils.DIRECTORY.getDisplayName() : this.displayName;
            ValidationResult.Builder input = new ValidationResult.Builder().subject(this.displayName).input(str2);
            if (validationContext.isExpressionLanguagePresent(str2)) {
                input.valid(true).explanation("Expression Language Present");
            } else if (str2.startsWith("/")) {
                input.valid(false).explanation(String.format("'%s' cannot contain a leading '/'", this.displayName));
            } else if (StringUtils.isNotEmpty(str2) && StringUtils.isWhitespace(str2)) {
                input.valid(false).explanation(String.format("'%s' cannot contain whitespace characters only", this.displayName));
            } else {
                input.valid(true);
            }
            return input.build();
        }
    }

    private AzureStorageUtils() {
    }

    public static void validateProxySpec(ValidationContext validationContext, Collection<ValidationResult> collection) {
        ProxyConfiguration.validateProxySpec(validationContext, collection, PROXY_SPECS);
    }

    public static String evaluateFileSystemProperty(PropertyDescriptor propertyDescriptor, PropertyContext propertyContext) {
        return evaluateFileSystemProperty(propertyDescriptor, propertyContext, (Map<String, String>) null);
    }

    public static String evaluateFileSystemProperty(PropertyDescriptor propertyDescriptor, PropertyContext propertyContext, FlowFile flowFile) {
        return evaluateFileSystemProperty(propertyDescriptor, propertyContext, (Map<String, String>) flowFile.getAttributes());
    }

    public static String evaluateFileSystemProperty(PropertyDescriptor propertyDescriptor, PropertyContext propertyContext, Map<String, String> map) {
        String evaluateProperty = evaluateProperty(propertyDescriptor, propertyContext, map);
        if (StringUtils.isBlank(evaluateProperty)) {
            throw new ProcessException(String.format("'%1$s' property evaluated to blank string. '%s' must be specified as a non-blank string.", propertyDescriptor.getDisplayName()));
        }
        return evaluateProperty;
    }

    public static String evaluateDirectoryProperty(PropertyDescriptor propertyDescriptor, PropertyContext propertyContext) {
        return evaluateDirectoryProperty(propertyDescriptor, propertyContext, (Map<String, String>) null);
    }

    public static String evaluateDirectoryProperty(PropertyDescriptor propertyDescriptor, PropertyContext propertyContext, FlowFile flowFile) {
        return evaluateDirectoryProperty(propertyDescriptor, propertyContext, (Map<String, String>) flowFile.getAttributes());
    }

    public static String evaluateDirectoryProperty(PropertyDescriptor propertyDescriptor, PropertyContext propertyContext, Map<String, String> map) {
        String evaluateProperty = evaluateProperty(propertyDescriptor, propertyContext, map);
        if (evaluateProperty.startsWith("/")) {
            throw new ProcessException(String.format("'%1$s' starts with '/'. '%s' cannot contain a leading '/'.", propertyDescriptor.getDisplayName()));
        }
        if (StringUtils.isNotEmpty(evaluateProperty) && StringUtils.isWhitespace(evaluateProperty)) {
            throw new ProcessException(String.format("'%1$s' contains whitespace characters only.", propertyDescriptor.getDisplayName()));
        }
        return evaluateProperty;
    }

    public static String evaluateFileProperty(PropertyContext propertyContext, FlowFile flowFile) {
        return evaluateFileProperty(propertyContext, (Map<String, String>) flowFile.getAttributes());
    }

    public static String evaluateFileProperty(PropertyContext propertyContext, Map<String, String> map) {
        String evaluateProperty = evaluateProperty(FILE, propertyContext, map);
        if (StringUtils.isBlank(evaluateProperty)) {
            throw new ProcessException(String.format("'%1$s' property evaluated to blank string. '%s' must be specified as a non-blank string.", FILE.getDisplayName()));
        }
        return evaluateProperty;
    }

    private static String evaluateProperty(PropertyDescriptor propertyDescriptor, PropertyContext propertyContext, Map<String, String> map) {
        return propertyContext.getProperty(propertyDescriptor).evaluateAttributeExpressions(map).getValue();
    }

    public static ProxyOptions getProxyOptions(PropertyContext propertyContext) {
        ProxyConfiguration configuration = ProxyConfiguration.getConfiguration(propertyContext);
        if (configuration == ProxyConfiguration.DIRECT_CONFIGURATION) {
            return null;
        }
        ProxyOptions proxyOptions = new ProxyOptions(getProxyType(configuration), new InetSocketAddress(configuration.getProxyServerHost(), configuration.getProxyServerPort().intValue()));
        String proxyUserName = configuration.getProxyUserName();
        String proxyUserPassword = configuration.getProxyUserPassword();
        if (proxyUserName != null && proxyUserPassword != null) {
            proxyOptions.setCredentials(proxyUserName, proxyUserPassword);
        }
        return proxyOptions;
    }

    private static ProxyOptions.Type getProxyType(ProxyConfiguration proxyConfiguration) {
        if (proxyConfiguration.getProxyType() == Proxy.Type.HTTP) {
            return ProxyOptions.Type.HTTP;
        }
        if (proxyConfiguration.getProxyType() == Proxy.Type.SOCKS) {
            return ProxyOptions.Type.valueOf(proxyConfiguration.getSocksVersion().name());
        }
        throw new IllegalArgumentException("Unsupported proxy type: " + String.valueOf(proxyConfiguration.getProxyType()));
    }
}
