package org.eclipse.vorto.repository.server.config.config;

import com.amazonaws.auth.AWS4Signer;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
import com.amazonaws.http.AWSRequestSigningApacheInterceptor;
import com.google.common.base.Strings;
import java.io.IOException;
import java.security.KeyStore;
import java.util.Optional;
import javax.annotation.PreDestroy;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.log4j.Logger;
import org.eclipse.vorto.repository.core.IModelRepositoryFactory;
import org.eclipse.vorto.repository.search.ElasticSearchService;
import org.eclipse.vorto.repository.tenant.ITenantService;
import org.elasticsearch.client.RestClient;
import org.elasticsearch.client.RestClientBuilder;
import org.elasticsearch.client.RestHighLevelClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;

@Profile({"prod", "int", "local-docker"})
@Configuration
/* loaded from: input_file:org/eclipse/vorto/repository/server/config/config/ElasticSearchConfiguration.class */
public class ElasticSearchConfiguration {

    @Value("${server.config.skipSslVerification:false}")
    private boolean skipSslVerification;

    @Value("${http.proxyHost:#{null}}")
    private String proxyHost;

    @Value("${http.proxyPort:8080}")
    protected int proxyPort;

    @Value("${http.proxyUser:#{null}}")
    private String proxyUsername;

    @Value("${http.proxyPassword:#{null}}")
    private String proxyPassword;

    @Value("${aws.region:eu-central-1}")
    private String region;

    @Value("${aws.aesEndpoint:https://search-vorto-test-i566tsfta74oi6s6hbzfwproui.eu-central-1.es.amazonaws.com}")
    private String aesEndpoint;
    private static Logger logger = Logger.getLogger(ElasticSearchConfiguration.class);

    @Autowired
    private RestHighLevelClient client;

    @Autowired
    private IModelRepositoryFactory repositoryFactory;

    @Autowired
    private ITenantService tenantService;
    private String serviceName = "es";
    private AWSCredentialsProvider credentialsProvider = new DefaultAWSCredentialsProviderChain();

    @Profile({"prod", "int", "local-docker"})
    @Bean
    public ElasticSearchService elasticSearch() {
        return new ElasticSearchService(this.client, this.repositoryFactory, this.tenantService);
    }

    @Profile({"local-docker"})
    @Bean
    public RestHighLevelClient indexingClient() {
        return new RestHighLevelClient(RestClient.builder(new HttpHost[]{new HttpHost("localhost", 9200, "http"), new HttpHost("localhost", 9201, "http")}));
    }

    @Profile({"prod", "int"})
    @Bean
    public RestHighLevelClient awsIndexingClient() {
        logger.info("Creating an elastic server client with config(serviceName=" + this.serviceName + " region=" + this.region + " aesEndpoint=" + this.aesEndpoint);
        AWS4Signer aWS4Signer = new AWS4Signer();
        aWS4Signer.setServiceName(this.serviceName);
        aWS4Signer.setRegionName(this.region);
        return new RestHighLevelClient(RestClient.builder(new HttpHost[]{HttpHost.create(this.aesEndpoint)}).setHttpClientConfigCallback(httpClientConfig(getProxy(), new AWSRequestSigningApacheInterceptor(this.serviceName, aWS4Signer, this.credentialsProvider))));
    }

    private RestClientBuilder.HttpClientConfigCallback httpClientConfig(Optional<HttpHost> optional, HttpRequestInterceptor httpRequestInterceptor) {
        return httpAsyncClientBuilder -> {
            httpAsyncClientBuilder.addInterceptorLast(httpRequestInterceptor);
            if (optional.isPresent()) {
                httpAsyncClientBuilder.setProxy((HttpHost) optional.get());
                Optional<CredentialsProvider> credentialsProvider = getCredentialsProvider((HttpHost) optional.get());
                if (credentialsProvider.isPresent()) {
                    httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider.get());
                }
            }
            if (this.skipSslVerification) {
                try {
                    httpAsyncClientBuilder.setSSLContext(new SSLContextBuilder().loadTrustMaterial((KeyStore) null, (x509CertificateArr, str) -> {
                        return true;
                    }).build());
                    httpAsyncClientBuilder.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE);
                } catch (Exception e) {
                    logger.error("Error while trying to skip SSL verification", e);
                }
            }
            return httpAsyncClientBuilder;
        };
    }

    private Optional<HttpHost> getProxy() {
        return !Strings.isNullOrEmpty(this.proxyHost) ? Optional.of(new HttpHost(this.proxyHost, this.proxyPort, "http")) : Optional.empty();
    }

    private Optional<CredentialsProvider> getCredentialsProvider(HttpHost httpHost) {
        if (Strings.isNullOrEmpty(this.proxyUsername)) {
            return Optional.empty();
        }
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(new AuthScope(httpHost.getHostName(), httpHost.getPort()), new UsernamePasswordCredentials(this.proxyUsername, this.proxyPassword));
        return Optional.of(basicCredentialsProvider);
    }

    @PreDestroy
    public void deinit() {
        try {
            this.client.close();
        } catch (IOException e) {
            logger.error("Not able to close indexing client", e);
        }
    }
}
