package org.apache.nifi.toolkit.config.command;

import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.util.Collections;
import java.util.Set;
import org.apache.nifi.properties.ApplicationProperties;
import org.apache.nifi.properties.ApplicationPropertiesProtector;
import org.apache.nifi.registry.properties.NiFiRegistryPropertiesLoader;
import org.apache.nifi.registry.properties.ProtectedNiFiRegistryProperties;
import org.apache.nifi.toolkit.config.transformer.ApplicationPropertiesFileTransformer;
import org.apache.nifi.toolkit.config.transformer.XmlFileTransformer;
import picocli.CommandLine;

@CommandLine.Command
/* loaded from: input_file:org/apache/nifi/toolkit/config/command/RegistryEncryptConfig.class */
public class RegistryEncryptConfig extends SharedEncryptConfig implements Runnable {
    static final String BOOTSTRAP_ROOT_KEY_PROPERTY = "nifi.registry.bootstrap.sensitive.key";

    @CommandLine.Option(names = {"-r", "--nifiRegistryProperties"}, description = {"Path to file containing Application Properties [nifi-registry.properties] that will be updated unless the output argument is provided"})
    Path applicationPropertiesPath;

    @CommandLine.Option(names = {"-R", "--outputNiFiProperties"}, description = {"Path to output file for Application Properties [nifi-registry.properties] with property protection applied"})
    Path outputApplicationPropertiesPath;

    @CommandLine.Option(names = {"-i", "--identityProviders"}, description = {"Path to file containing Identity Providers [identity-providers.xml] configuration that will be updated unless the output argument is provided"})
    Path identityProvidersPath;

    @CommandLine.Option(names = {"-I", "--outputIdentityProviders"}, description = {"Path to output file for Identity Providers [identity-providers.xml] with property protection applied"})
    Path outputIdentityProvidersPath;

    @Override // java.lang.Runnable
    public void run() {
        ApplicationProperties loadApplicationProperties = loadApplicationProperties();
        processBootstrapConf(BOOTSTRAP_ROOT_KEY_PROPERTY);
        processApplicationProperties(loadApplicationProperties);
        processAuthorizers();
        processIdentityProviders();
    }

    private ApplicationProperties loadApplicationProperties() {
        ApplicationProperties load;
        if (this.applicationPropertiesPath == null) {
            load = new ApplicationProperties(Collections.emptyMap());
            if (this.verboseModeEnabled) {
                this.logger.info("Application Properties [nifi-registry.properties] not specified");
            }
        } else {
            if (Files.notExists(this.applicationPropertiesPath, new LinkOption[0])) {
                throw new IllegalArgumentException(String.format("Application Properties [nifi-registry.properties] not found [%s]", this.applicationPropertiesPath));
            }
            NiFiRegistryPropertiesLoader niFiRegistryPropertiesLoader = new NiFiRegistryPropertiesLoader();
            String inputRootKey = getInputRootKey();
            niFiRegistryPropertiesLoader.setKeyHex(inputRootKey == null ? getRootKey() : inputRootKey);
            load = niFiRegistryPropertiesLoader.load(this.applicationPropertiesPath.toFile());
        }
        return load;
    }

    private void processApplicationProperties(ApplicationProperties applicationProperties) {
        if (this.applicationPropertiesPath == null) {
            if (this.verboseModeEnabled) {
                this.logger.info("Application Properties [nifi-registry.properties] not specified");
            }
        } else {
            this.logger.info("Started processing Application Properties [{}]", this.applicationPropertiesPath);
            runFileTransformer(new ApplicationPropertiesFileTransformer(applicationProperties, getSensitivePropertyProviderFactory().getProvider(this.protectionScheme), getSensitivePropertyNames()), this.applicationPropertiesPath, this.outputApplicationPropertiesPath);
            this.logger.info("Completed processing Application Properties [{}]", this.applicationPropertiesPath);
        }
    }

    private void processIdentityProviders() {
        if (this.identityProvidersPath == null) {
            if (this.verboseModeEnabled) {
                this.logger.info("Identity Providers not specified");
            }
        } else {
            this.logger.info("Started processing Identity Providers [{}]", this.identityProvidersPath);
            runFileTransformer(new XmlFileTransformer(getInputSensitivePropertyProvider(), getSensitivePropertyProviderFactory(), this.protectionScheme), this.identityProvidersPath, this.outputIdentityProvidersPath);
            this.logger.info("Completed processing Identity Providers [{}]", this.identityProvidersPath);
        }
    }

    private Set<String> getSensitivePropertyNames() {
        return Set.copyOf(new ApplicationPropertiesProtector(new ProtectedNiFiRegistryProperties()).getSensitivePropertyKeys());
    }
}
