package org.elasticsearch.xpack.idp;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.function.Supplier;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.elasticsearch.action.ActionRequest;
import org.elasticsearch.action.ActionResponse;
import org.elasticsearch.client.Client;
import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver;
import org.elasticsearch.cluster.node.DiscoveryNodes;
import org.elasticsearch.cluster.service.ClusterService;
import org.elasticsearch.common.io.stream.NamedWriteableRegistry;
import org.elasticsearch.common.settings.ClusterSettings;
import org.elasticsearch.common.settings.IndexScopedSettings;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsFilter;
import org.elasticsearch.env.Environment;
import org.elasticsearch.env.NodeEnvironment;
import org.elasticsearch.license.XPackLicenseState;
import org.elasticsearch.plugins.ActionPlugin;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.repositories.RepositoriesService;
import org.elasticsearch.rest.RestController;
import org.elasticsearch.rest.RestHandler;
import org.elasticsearch.script.ScriptService;
import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.watcher.ResourceWatcherService;
import org.elasticsearch.xcontent.NamedXContentRegistry;
import org.elasticsearch.xpack.core.XPackPlugin;
import org.elasticsearch.xpack.core.security.SecurityContext;
import org.elasticsearch.xpack.core.ssl.X509KeyPairSettings;
import org.elasticsearch.xpack.idp.action.DeleteSamlServiceProviderAction;
import org.elasticsearch.xpack.idp.action.PutSamlServiceProviderAction;
import org.elasticsearch.xpack.idp.action.SamlInitiateSingleSignOnAction;
import org.elasticsearch.xpack.idp.action.SamlMetadataAction;
import org.elasticsearch.xpack.idp.action.SamlValidateAuthnRequestAction;
import org.elasticsearch.xpack.idp.action.TransportDeleteSamlServiceProviderAction;
import org.elasticsearch.xpack.idp.action.TransportPutSamlServiceProviderAction;
import org.elasticsearch.xpack.idp.action.TransportSamlInitiateSingleSignOnAction;
import org.elasticsearch.xpack.idp.action.TransportSamlMetadataAction;
import org.elasticsearch.xpack.idp.action.TransportSamlValidateAuthnRequestAction;
import org.elasticsearch.xpack.idp.privileges.ApplicationActionsResolver;
import org.elasticsearch.xpack.idp.privileges.UserPrivilegeResolver;
import org.elasticsearch.xpack.idp.saml.idp.SamlIdentityProvider;
import org.elasticsearch.xpack.idp.saml.idp.SamlIdentityProviderBuilder;
import org.elasticsearch.xpack.idp.saml.rest.action.RestDeleteSamlServiceProviderAction;
import org.elasticsearch.xpack.idp.saml.rest.action.RestPutSamlServiceProviderAction;
import org.elasticsearch.xpack.idp.saml.rest.action.RestSamlInitiateSingleSignOnAction;
import org.elasticsearch.xpack.idp.saml.rest.action.RestSamlMetadataAction;
import org.elasticsearch.xpack.idp.saml.rest.action.RestSamlValidateAuthenticationRequestAction;
import org.elasticsearch.xpack.idp.saml.sp.SamlServiceProviderFactory;
import org.elasticsearch.xpack.idp.saml.sp.SamlServiceProviderIndex;
import org.elasticsearch.xpack.idp.saml.sp.SamlServiceProviderResolver;
import org.elasticsearch.xpack.idp.saml.sp.ServiceProviderCacheSettings;
import org.elasticsearch.xpack.idp.saml.sp.ServiceProviderDefaults;
import org.elasticsearch.xpack.idp.saml.sp.WildcardServiceProviderResolver;
import org.elasticsearch.xpack.idp.saml.support.SamlFactory;
import org.elasticsearch.xpack.idp.saml.support.SamlInit;

/* loaded from: input_file:org/elasticsearch/xpack/idp/IdentityProviderPlugin.class */
public class IdentityProviderPlugin extends Plugin implements ActionPlugin {
    private static final Setting<Boolean> ENABLED_SETTING = Setting.boolSetting("xpack.idp.enabled", false, new Setting.Property[]{Setting.Property.NodeScope});
    private final Logger logger = LogManager.getLogger();
    private boolean enabled;
    private Settings settings;

    public Collection<Object> createComponents(Client client, ClusterService clusterService, ThreadPool threadPool, ResourceWatcherService resourceWatcherService, ScriptService scriptService, NamedXContentRegistry namedXContentRegistry, Environment environment, NodeEnvironment nodeEnvironment, NamedWriteableRegistry namedWriteableRegistry, IndexNameExpressionResolver indexNameExpressionResolver, Supplier<RepositoriesService> supplier) {
        this.settings = environment.settings();
        this.enabled = ((Boolean) ENABLED_SETTING.get(this.settings)).booleanValue();
        if (!this.enabled) {
            return Collections.emptyList();
        }
        SamlInit.initialize();
        SamlServiceProviderIndex samlServiceProviderIndex = new SamlServiceProviderIndex(client, clusterService);
        SecurityContext securityContext = new SecurityContext(this.settings, threadPool.getThreadContext());
        ServiceProviderDefaults forSettings = ServiceProviderDefaults.forSettings(this.settings);
        UserPrivilegeResolver userPrivilegeResolver = new UserPrivilegeResolver(client, securityContext, new ApplicationActionsResolver(this.settings, forSettings, client));
        SamlServiceProviderFactory samlServiceProviderFactory = new SamlServiceProviderFactory(forSettings);
        return Collections.unmodifiableList(Arrays.asList(samlServiceProviderIndex, SamlIdentityProvider.builder(new SamlServiceProviderResolver(this.settings, samlServiceProviderIndex, samlServiceProviderFactory), WildcardServiceProviderResolver.create(environment, resourceWatcherService, scriptService, samlServiceProviderFactory)).fromSettings(environment).serviceProviderDefaults(forSettings).build(), new SamlFactory(), userPrivilegeResolver));
    }

    public List<ActionPlugin.ActionHandler<? extends ActionRequest, ? extends ActionResponse>> getActions() {
        return !this.enabled ? Collections.emptyList() : Collections.unmodifiableList(Arrays.asList(new ActionPlugin.ActionHandler(SamlInitiateSingleSignOnAction.INSTANCE, TransportSamlInitiateSingleSignOnAction.class, new Class[0]), new ActionPlugin.ActionHandler(SamlValidateAuthnRequestAction.INSTANCE, TransportSamlValidateAuthnRequestAction.class, new Class[0]), new ActionPlugin.ActionHandler(SamlMetadataAction.INSTANCE, TransportSamlMetadataAction.class, new Class[0]), new ActionPlugin.ActionHandler(PutSamlServiceProviderAction.INSTANCE, TransportPutSamlServiceProviderAction.class, new Class[0]), new ActionPlugin.ActionHandler(DeleteSamlServiceProviderAction.INSTANCE, TransportDeleteSamlServiceProviderAction.class, new Class[0])));
    }

    public List<RestHandler> getRestHandlers(Settings settings, RestController restController, ClusterSettings clusterSettings, IndexScopedSettings indexScopedSettings, SettingsFilter settingsFilter, IndexNameExpressionResolver indexNameExpressionResolver, Supplier<DiscoveryNodes> supplier) {
        return !this.enabled ? Collections.emptyList() : Collections.unmodifiableList(Arrays.asList(new RestSamlInitiateSingleSignOnAction(getLicenseState()), new RestSamlValidateAuthenticationRequestAction(getLicenseState()), new RestSamlMetadataAction(getLicenseState()), new RestPutSamlServiceProviderAction(getLicenseState()), new RestDeleteSamlServiceProviderAction(getLicenseState())));
    }

    public List<Setting<?>> getSettings() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(ENABLED_SETTING);
        arrayList.addAll(SamlIdentityProviderBuilder.getSettings());
        arrayList.addAll(ServiceProviderCacheSettings.getSettings());
        arrayList.addAll(ServiceProviderDefaults.getSettings());
        arrayList.addAll(WildcardServiceProviderResolver.getSettings());
        arrayList.addAll(ApplicationActionsResolver.getSettings());
        arrayList.addAll(X509KeyPairSettings.withPrefix("xpack.idp.signing.", false).getAllSettings());
        arrayList.addAll(X509KeyPairSettings.withPrefix("xpack.idp.metadata_signing.", false).getAllSettings());
        return Collections.unmodifiableList(arrayList);
    }

    protected XPackLicenseState getLicenseState() {
        return XPackPlugin.getSharedLicenseState();
    }
}
