package be.iminds.ilabt.jfed.util;

import be.iminds.ilabt.jfed.lowlevel.GeniUser;
import be.iminds.ilabt.jfed.lowlevel.connection.JFedConnection;
import be.iminds.ilabt.jfed.rspec.model.BasicStringRspec;
import be.iminds.ilabt.jfed.util.BestNodeLoginFinder;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.Optional;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
import org.assertj.core.util.GroupFormatUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/iminds/ilabt/jfed/util/AnsibleFileWriter.class */
public class AnsibleFileWriter {
    private static final Logger LOG;
    private final BasicStringRspec basicStringRspec;
    private final List<BasicStringRspec> altBasicStringRspecs = new ArrayList();
    private final PrivateKeyHandling privateKeyHandling;
    private final File privateKeyFile;
    private final PrivateKey privateKey;
    private final PublicKey publicKey;
    private final GeniUser loggedInUser;
    private final String preferredUser;
    private final JFedConnection.SshProxyInfo proxyInfo;
    public static final String PUBLIC_KEY_FILE_BASENAME = "id_rsa.pub";
    public static final String PRIVATE_KEY_FILE_BASENAME = "id_rsa";
    public static final String PROXY_PRIVATE_KEY_FILE_TEMPLATE = "id_rsa_proxy_";
    public static final String ANSIBLE_HOSTS_FILE_BASENAME = "ansible-hosts";
    public static final String ANSIBLE_CONFIG_FILE_BASENAME = "ansible.cfg";
    public static final String FABRIC_FILE_BASENAME = "fabfile.py";
    public static final String SSH_CONFIG_FILE_BASENAME = "ssh-config";
    public static final String SSH_PROXY_KNOWN_HOST_TEMPLATE = "known_host_proxy_";
    public static final String README_FILE_BASENAME = "README.txt";
    public static final String REQUIREMENTS_FILE_BASENAME = "requirements.txt";
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:be/iminds/ilabt/jfed/util/AnsibleFileWriter$PrivateKeyHandling.class */
    public enum PrivateKeyHandling {
        COPY,
        LINK,
        DONTUSE
    }

    private AnsibleFileWriter(BasicStringRspec basicStringRspec, PrivateKeyHandling privateKeyHandling, File file, PrivateKey privateKey, PublicKey publicKey, GeniUser geniUser, JFedConnection.SshProxyInfo sshProxyInfo, String str) {
        this.basicStringRspec = basicStringRspec;
        this.privateKeyHandling = privateKeyHandling;
        this.privateKeyFile = privateKeyHandling == PrivateKeyHandling.DONTUSE ? null : file;
        this.privateKey = privateKeyHandling == PrivateKeyHandling.DONTUSE ? null : privateKey;
        this.publicKey = publicKey;
        this.loggedInUser = geniUser;
        this.preferredUser = str;
        this.proxyInfo = sshProxyInfo;
        if (privateKeyHandling == PrivateKeyHandling.LINK && !$assertionsDisabled && file == null) {
            throw new AssertionError();
        }
        if (privateKeyHandling == PrivateKeyHandling.COPY && !$assertionsDisabled && privateKey == null) {
            throw new AssertionError();
        }
    }

    public static AnsibleFileWriter createWithoutPrivateKey(BasicStringRspec basicStringRspec, File file, PublicKey publicKey, GeniUser geniUser, JFedConnection.SshProxyInfo sshProxyInfo, String str) {
        return new AnsibleFileWriter(basicStringRspec, PrivateKeyHandling.DONTUSE, file, null, publicKey, geniUser, sshProxyInfo, str);
    }

    public static AnsibleFileWriter createWithLinkedPrivateKey(BasicStringRspec basicStringRspec, File file, PublicKey publicKey, GeniUser geniUser, JFedConnection.SshProxyInfo sshProxyInfo, String str) {
        return new AnsibleFileWriter(basicStringRspec, PrivateKeyHandling.LINK, file, null, publicKey, geniUser, sshProxyInfo, str);
    }

    public static AnsibleFileWriter createWithCopiedPrivateKey(BasicStringRspec basicStringRspec, PrivateKey privateKey, PublicKey publicKey, GeniUser geniUser, JFedConnection.SshProxyInfo sshProxyInfo, String str) {
        return new AnsibleFileWriter(basicStringRspec, PrivateKeyHandling.COPY, null, privateKey, publicKey, geniUser, sshProxyInfo, str);
    }

    public void addAltBasicStringRspec(BasicStringRspec basicStringRspec) {
        this.altBasicStringRspecs.add(basicStringRspec);
    }

    public void addAltBasicStringRspec(String str) {
        this.altBasicStringRspecs.add(new BasicStringRspec(str));
    }

    public String getPublicKeyFileContent() {
        if (this.publicKey == null) {
            return null;
        }
        return KeyUtil.publicKeyToOpenSshAuthorizedKeysFormat(this.publicKey);
    }

    public String getAnsibleConfigFileContent() {
        String str;
        switch (this.privateKeyHandling) {
            case COPY:
                str = "./id_rsa";
                break;
            case LINK:
                str = this.privateKeyFile.getAbsolutePath();
                break;
            case DONTUSE:
                str = null;
                break;
            default:
                throw new RuntimeException("Unsupported privateKeyHandling -> " + this.privateKeyHandling);
        }
        return "[defaults]\n" + (str == null ? "" : "private_key_file = " + str + "\n") + "host_key_checking = false\ninventory = " + ANSIBLE_HOSTS_FILE_BASENAME + "\n\n[ssh_connection]\nssh_args = -F " + SSH_CONFIG_FILE_BASENAME + "\nscp_if_ssh = True\n";
    }

    private Optional<BasicStringRspec.LoginService> getPrimaryLoginService(BasicStringRspec.BasicNodeInfo basicNodeInfo) {
        BestNodeLoginFinder.Feedback feedback = new BestNodeLoginFinder.Feedback() { // from class: be.iminds.ilabt.jfed.util.AnsibleFileWriter.1
            @Override // be.iminds.ilabt.jfed.util.BestNodeLoginFinder.Feedback
            public void info(String str) {
                AnsibleFileWriter.LOG.info(str);
            }

            @Override // be.iminds.ilabt.jfed.util.BestNodeLoginFinder.Feedback
            public void error(String str) {
                AnsibleFileWriter.LOG.error(str);
            }

            @Override // be.iminds.ilabt.jfed.util.BestNodeLoginFinder.Feedback
            public void debug(String str) {
                AnsibleFileWriter.LOG.debug(str);
            }
        };
        BasicStringRspec.LoginService findBestLogin = new BestNodeLoginFinder(this.basicStringRspec, this.preferredUser, this.loggedInUser, feedback).findBestLogin(basicNodeInfo.getUniqueId());
        ListIterator<BasicStringRspec> listIterator = this.altBasicStringRspecs.listIterator();
        while (findBestLogin == null && listIterator.hasNext()) {
            findBestLogin = new BestNodeLoginFinder(listIterator.next(), this.preferredUser, this.loggedInUser, feedback).findBestLogin(basicNodeInfo.getUniqueId());
        }
        if (findBestLogin != null && findBestLogin.getSshProxy() == null && this.proxyInfo != null) {
            findBestLogin = new BasicStringRspec.LoginService(findBestLogin.getAuthentication(), findBestLogin.getHostname(), findBestLogin.getPort(), findBestLogin.getUsername(), this.proxyInfo);
        }
        return Optional.ofNullable(findBestLogin);
    }

    public String getAnsibleHostFileContent() {
        String str = "# Sample commands:\n# ansible nodes -m ping\n# ansible nodes -m shell -a \"uptime\"\n\n[nodes]\n";
        for (BasicStringRspec.BasicNodeInfo basicNodeInfo : this.basicStringRspec.getBasicNodeInfo()) {
            Optional<BasicStringRspec.LoginService> primaryLoginService = getPrimaryLoginService(basicNodeInfo);
            if (primaryLoginService.isPresent()) {
                BasicStringRspec.LoginService loginService = primaryLoginService.get();
                str = str + String.format("%s \tansible_ssh_host=%s\tansible_ssh_port=%s\tansible_ssh_user=%s\n", basicNodeInfo.getClientId(), loginService.getHostname(), Integer.valueOf(loginService.getPort()), loginService.getUsername());
            }
        }
        return str;
    }

    public String getFabricFileContent() {
        ArrayList<String> arrayList = new ArrayList();
        String str = "from fabric.api import env, run\n\n#For your convenience, each server has been linked to it's client-Id by means of a role:";
        for (BasicStringRspec.BasicNodeInfo basicNodeInfo : this.basicStringRspec.getBasicNodeInfo()) {
            Optional<BasicStringRspec.LoginService> primaryLoginService = getPrimaryLoginService(basicNodeInfo);
            if (primaryLoginService.isPresent()) {
                str = str + "env.roledefs['" + basicNodeInfo.getClientId() + "'] = ['" + primaryLoginService.get().getHostname() + "']\n";
                arrayList.add(primaryLoginService.get().getHostname());
            }
        }
        String str2 = str + "\nenv.roledefs['all'] = [";
        boolean z = true;
        for (String str3 : arrayList) {
            if (!z) {
                str2 = str2 + ", ";
            }
            str2 = str2 + "'" + str3 + "'";
            z = false;
        }
        String str4 = (str2 + "]\n") + "\n#Use env.hosts instead of roles if you want to execute actions on all hosts instead of being selective:\n#env.hosts = [\n";
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            str4 = str4 + "#\t\"" + ((String) it.next()) + "\",\n";
        }
        String str5 = (str4 + "#  ]\n\n") + "\n\n";
        switch (this.privateKeyHandling) {
            case COPY:
                str5 = str5 + "env.key_filename=\"./id_rsa\"\n";
                break;
            case LINK:
                str5 = str5 + "env.key_filename=\"" + this.privateKeyFile.getAbsolutePath() + "\"\n";
                break;
            case DONTUSE:
                break;
            default:
                throw new RuntimeException("Unsupported privateKeyHandling -> " + this.privateKeyHandling);
        }
        return str5 + "env.use_ssh_config = True\nenv.ssh_config_path = './ssh-config'\n\ndef pingtest():\n    run('ping -c 3 8.8.8.8')\n\ndef uptime():\n    run('uptime')\n";
    }

    public String getReadmeFileContent() throws IOException {
        return IOUtils.resourceToString("EXPORT_TOOLS_README.txt", getClass());
    }

    public String getRequirementsFileContent() throws IOException {
        return "ansible==1.9.4\n";
    }

    public String getProxySshConfigContent(JFedConnection.SshProxyInfo sshProxyInfo, int i) {
        String str;
        if (!$assertionsDisabled && sshProxyInfo.getSshKeyInfo() == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && sshProxyInfo.getSshKeyInfo().getPrivateKey() == null) {
            throw new AssertionError();
        }
        switch (this.privateKeyHandling) {
            case COPY:
                if (sshProxyInfo.getSshKeyInfo() != null && sshProxyInfo.getSshKeyInfo().getPrivateKey() != null && sshProxyInfo.getSshKeyInfo().getPrivateKey().equals(this.privateKey)) {
                    str = "./id_rsa";
                    break;
                } else {
                    str = "./id_rsa_proxy_" + i + "";
                    break;
                }
                break;
            case LINK:
                str = this.privateKeyFile.getAbsolutePath();
                break;
            case DONTUSE:
                str = null;
                break;
            default:
                throw new RuntimeException("Unsupported privateKeyHandling -> " + this.privateKeyHandling);
        }
        String format = String.format("Host %s %s\n    User %s\n    HostName %s\n    Port %s\n" + (str == null ? "" : "    IdentityFile " + str + "\n") + "    ProxyCommand none\n    BatchMode yes\n    PasswordAuthentication no\n    EscapeChar none\n", sshProxyInfo.getHostname(), "proxy" + i, sshProxyInfo.getUsername(), sshProxyInfo.getHostname(), Integer.valueOf(sshProxyInfo.getPort()));
        return ((sshProxyInfo.getHostKey() == null || sshProxyInfo.getHostKey().isEmpty()) ? (format + "    CheckHostIP no\n") + "    StrictHostKeyChecking no\n" : ((format + "    UserKnownHostsFile known_host_proxy_" + i + "\n") + "    CheckHostIP no\n") + "    StrictHostKeyChecking yes\n") + "\n";
    }

    public String getSshConfigFileContent() {
        String str;
        switch (this.privateKeyHandling) {
            case COPY:
                str = "./id_rsa";
                break;
            case LINK:
                str = this.privateKeyFile.getAbsolutePath();
                break;
            case DONTUSE:
                str = null;
                break;
            default:
                throw new RuntimeException("Unsupported privateKeyHandling -> " + this.privateKeyHandling);
        }
        HashSet hashSet = new HashSet();
        HashMap hashMap = new HashMap();
        String str2 = "";
        for (BasicStringRspec.BasicNodeInfo basicNodeInfo : this.basicStringRspec.getBasicNodeInfo()) {
            Optional<BasicStringRspec.LoginService> primaryLoginService = getPrimaryLoginService(basicNodeInfo);
            if (primaryLoginService.isPresent()) {
                BasicStringRspec.LoginService loginService = primaryLoginService.get();
                if (loginService.getSshProxy() != null && hashSet.add(loginService.getSshProxy())) {
                    str2 = str2 + getProxySshConfigContent(loginService.getSshProxy(), hashSet.size() - 1);
                    hashMap.put(loginService.getSshProxy(), Integer.valueOf(hashSet.size() - 1));
                }
                String str3 = str2 + String.format("Host %s %s\n    HostName %s\n    Port %s\n    User %s\n" + (str == null ? "" : "    IdentityFile " + str + "\n") + "    ForwardAgent yes\n", basicNodeInfo.getClientId(), loginService.getHostname(), loginService.getHostname(), Integer.valueOf(loginService.getPort()), loginService.getUsername());
                if (loginService.getSshProxy() != null) {
                    int intValue = ((Integer) hashMap.get(loginService.getSshProxy())).intValue();
                    str3 = ((SshVersionFinder.checkIfVersionSupportsNc() == Boolean.TRUE ? str3 + "    ProxyCommand            ssh -F ssh-config proxy" + intValue + " -W %h:%p\n" : str3 + "    ProxyCommand            ssh -F ssh-config proxy" + intValue + " nc -w 5 %h %p\n") + "    TCPKeepAlive            yes\n") + "    Compression             no\n";
                }
                str2 = ((str3 + "    CheckHostIP no\n") + "    StrictHostKeyChecking no\n") + "\n";
            }
        }
        return str2;
    }

    public String getKnownHostLine(JFedConnection.SshProxyInfo sshProxyInfo) {
        if (!$assertionsDisabled && sshProxyInfo.getHostKey() == null) {
            throw new AssertionError();
        }
        String trim = sshProxyInfo.getHostKey().trim();
        if (trim.split(" ").length >= 3) {
            String[] split = trim.split(" ");
            if (split[1].startsWith("ecdsa") || split[1].startsWith("ssh-")) {
                String str = "";
                for (int i = 1; i < split.length; i++) {
                    str = str + split[i] + " ";
                }
                trim = str;
            }
        }
        if (!trim.startsWith("ssh-") && !trim.startsWith("ecdsa")) {
            trim = "ssh-rsa " + trim;
        }
        return sshProxyInfo.getPort() == 22 ? sshProxyInfo.getHostname() + " " + trim + "\n" : GroupFormatUtil.DEFAULT_START + sshProxyInfo.getHostname() + "]:" + sshProxyInfo.getPort() + " " + trim + "\n";
    }

    private List<JFedConnection.SshProxyInfo> proxiesByIndex() {
        ArrayList arrayList = new ArrayList();
        HashSet hashSet = new HashSet();
        Iterator<BasicStringRspec.BasicNodeInfo> it = this.basicStringRspec.getBasicNodeInfo().iterator();
        while (it.hasNext()) {
            Optional<BasicStringRspec.LoginService> primaryLoginService = getPrimaryLoginService(it.next());
            if (primaryLoginService.isPresent()) {
                BasicStringRspec.LoginService loginService = primaryLoginService.get();
                if (loginService.getSshProxy() != null && hashSet.add(loginService.getSshProxy())) {
                    arrayList.add(loginService.getSshProxy());
                }
            }
        }
        return arrayList;
    }

    public String writeFilesToZip(File file) throws IOException {
        if (!$assertionsDisabled && this.privateKeyHandling != PrivateKeyHandling.COPY && this.privateKeyHandling != PrivateKeyHandling.DONTUSE) {
            throw new AssertionError();
        }
        ZipOutputStream zipOutputStream = new ZipOutputStream(new FileOutputStream(file));
        try {
            try {
                OutputStreamWriter outputStreamWriter = new OutputStreamWriter(zipOutputStream);
                if (this.privateKeyHandling == PrivateKeyHandling.COPY && this.privateKey != null) {
                    zipOutputStream.putNextEntry(new ZipEntry(PRIVATE_KEY_FILE_BASENAME));
                    outputStreamWriter.write(KeyUtil.privateKeyToAnyPem(this.privateKey));
                    outputStreamWriter.flush();
                    zipOutputStream.closeEntry();
                }
                if (this.publicKey != null) {
                    zipOutputStream.putNextEntry(new ZipEntry(PUBLIC_KEY_FILE_BASENAME));
                    outputStreamWriter.write(KeyUtil.publicKeyToOpenSshAuthorizedKeysFormat(this.publicKey));
                    outputStreamWriter.flush();
                    zipOutputStream.closeEntry();
                }
                zipOutputStream.putNextEntry(new ZipEntry(ANSIBLE_CONFIG_FILE_BASENAME));
                outputStreamWriter.write(getAnsibleConfigFileContent());
                outputStreamWriter.flush();
                zipOutputStream.closeEntry();
                zipOutputStream.putNextEntry(new ZipEntry(ANSIBLE_HOSTS_FILE_BASENAME));
                outputStreamWriter.write(getAnsibleHostFileContent());
                outputStreamWriter.flush();
                zipOutputStream.closeEntry();
                zipOutputStream.putNextEntry(new ZipEntry(FABRIC_FILE_BASENAME));
                outputStreamWriter.write(getFabricFileContent());
                outputStreamWriter.flush();
                zipOutputStream.closeEntry();
                zipOutputStream.putNextEntry(new ZipEntry(SSH_CONFIG_FILE_BASENAME));
                outputStreamWriter.write(getSshConfigFileContent());
                outputStreamWriter.flush();
                zipOutputStream.closeEntry();
                zipOutputStream.putNextEntry(new ZipEntry(README_FILE_BASENAME));
                outputStreamWriter.write(getReadmeFileContent());
                outputStreamWriter.flush();
                zipOutputStream.closeEntry();
                zipOutputStream.putNextEntry(new ZipEntry(REQUIREMENTS_FILE_BASENAME));
                outputStreamWriter.write(getRequirementsFileContent());
                outputStreamWriter.flush();
                zipOutputStream.closeEntry();
                int i = 0;
                for (JFedConnection.SshProxyInfo sshProxyInfo : proxiesByIndex()) {
                    if (sshProxyInfo.getHostKey() != null && !sshProxyInfo.getHostKey().isEmpty()) {
                        zipOutputStream.putNextEntry(new ZipEntry(SSH_PROXY_KNOWN_HOST_TEMPLATE + i));
                        outputStreamWriter.write(getKnownHostLine(sshProxyInfo));
                        outputStreamWriter.flush();
                        zipOutputStream.closeEntry();
                    }
                    if (this.privateKeyHandling == PrivateKeyHandling.COPY && sshProxyInfo.getSshKeyInfo() != null && sshProxyInfo.getSshKeyInfo().getPrivateKey() != null && !sshProxyInfo.getSshKeyInfo().getPrivateKey().equals(this.privateKey)) {
                        zipOutputStream.putNextEntry(new ZipEntry(PROXY_PRIVATE_KEY_FILE_TEMPLATE + i));
                        outputStreamWriter.write(KeyUtil.privateKeyToAnyPem(sshProxyInfo.getSshKeyInfo().getPrivateKey()));
                        outputStreamWriter.flush();
                        zipOutputStream.closeEntry();
                    }
                    i++;
                }
                String format = String.format("Wrote tool configuration files to '%s'", file.getAbsolutePath());
                zipOutputStream.close();
                return format;
            } catch (IOException e) {
                LOG.error("Error while writing tool configuration files", (Throwable) e);
                zipOutputStream.close();
                return "Error while writing tool configuration files";
            }
        } catch (Throwable th) {
            zipOutputStream.close();
            throw th;
        }
    }

    public void writeFilesToDir(File file) throws IOException {
        if (!$assertionsDisabled && file == null) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && !file.exists()) {
            throw new AssertionError();
        }
        IOUtils.stringToFile(new File(file, ANSIBLE_CONFIG_FILE_BASENAME), getAnsibleConfigFileContent());
        if (this.publicKey != null) {
            IOUtils.stringToFile(new File(file, PUBLIC_KEY_FILE_BASENAME), getPublicKeyFileContent());
        }
        IOUtils.stringToFile(new File(file, ANSIBLE_HOSTS_FILE_BASENAME), getAnsibleHostFileContent());
        IOUtils.stringToFile(new File(file, FABRIC_FILE_BASENAME), getFabricFileContent());
        IOUtils.stringToFile(new File(file, SSH_CONFIG_FILE_BASENAME), getSshConfigFileContent());
        IOUtils.stringToFile(new File(file, REQUIREMENTS_FILE_BASENAME), getRequirementsFileContent());
        int i = 0;
        for (JFedConnection.SshProxyInfo sshProxyInfo : proxiesByIndex()) {
            if (sshProxyInfo.getHostKey() != null && !sshProxyInfo.getHostKey().isEmpty()) {
                IOUtils.stringToFile(new File(file, SSH_PROXY_KNOWN_HOST_TEMPLATE + i), getKnownHostLine(sshProxyInfo));
            }
            if (this.privateKeyHandling == PrivateKeyHandling.COPY && sshProxyInfo.getSshKeyInfo() != null && sshProxyInfo.getSshKeyInfo().getPrivateKey() != null && !sshProxyInfo.getSshKeyInfo().getPrivateKey().equals(this.privateKey)) {
                File file2 = new File(file, PROXY_PRIVATE_KEY_FILE_TEMPLATE + i);
                IOUtils.stringToFile(file2, new String(KeyUtil.privateKeyToAnyPem(sshProxyInfo.getSshKeyInfo().getPrivateKey())));
                IOUtils.assureUserOnlyPerms(file2, true, true, false);
            }
            i++;
        }
        if (this.privateKeyHandling != PrivateKeyHandling.COPY || this.privateKey == null) {
            return;
        }
        File file3 = new File(file, PRIVATE_KEY_FILE_BASENAME);
        IOUtils.stringToFile(file3, new String(KeyUtil.privateKeyToAnyPem(this.privateKey)));
        IOUtils.assureUserOnlyPerms(file3, true, true, false);
    }

    static {
        $assertionsDisabled = !AnsibleFileWriter.class.desiredAssertionStatus();
        LOG = LoggerFactory.getLogger((Class<?>) AnsibleFileWriter.class);
    }
}
