package com.mapr.fs.cldbs3server.creds;

import com.mapr.baseutils.audit.AuditRecord;
import com.mapr.fs.RpcCallContext;
import com.mapr.fs.cldbs3server.S3Server;
import com.mapr.fs.cldbs3server.S3ServerUtil;
import com.mapr.fs.cldbs3server.S3Status;
import com.mapr.fs.proto.CLDBS3ServerProto;
import java.util.HashSet;
import java.util.Set;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:com/mapr/fs/cldbs3server/creds/S3CredsManager.class */
public class S3CredsManager {
    private static final Logger LOG = LogManager.getLogger(S3CredsManager.class);
    private static S3CredsManager s_instance = null;
    public static final long PERMANENT_KEY_EXP_TIME = 3153600000000L;
    public static final long TEMP_KEY_VALIDITY_MILLIS = 3600000;
    private CredsHelper credsHelper = CredsHelper.getInstance();
    Set<String> inProgressAccessKeys = new HashSet();

    public static S3CredsManager getInstance() throws Exception {
        if (s_instance == null) {
            synchronized (S3CredsManager.class) {
                if (s_instance == null) {
                    s_instance = new S3CredsManager();
                }
            }
        }
        return s_instance;
    }

    public boolean addAccount(int i, String str) throws Exception {
        return this.credsHelper.addAccount(i, str);
    }

    public void removeAccount(int i, S3Status s3Status) {
        this.credsHelper.removeAccount(i, s3Status);
    }

    public boolean finalizeAccount(int i) throws Exception {
        return this.credsHelper.finalizeAccount(i);
    }

    public boolean init() throws Exception {
        return this.credsHelper.init();
    }

    public CLDBS3ServerProto.S3KeyPair getNewKeyPair(S3Status s3Status) {
        s3Status.resetStatus();
        while (true) {
            String generateAccessKey = this.credsHelper.generateAccessKey();
            verifyNewKeyUniqueness(generateAccessKey, s3Status);
            if (s3Status.getStatus() == 0) {
                return CLDBS3ServerProto.S3KeyPair.newBuilder().setAccessKey(generateAccessKey).setSecretKey(this.credsHelper.generateSecretKey()).build();
            }
            if (s3Status.getStatus() != 17) {
                return null;
            }
            LOG.debug("Conflicting(on disk) access key: {} generated, retrying generation", generateAccessKey);
        }
    }

    private void verifyNewKeyUniqueness(String str, S3Status s3Status) {
        this.credsHelper.lockCredsTable();
        try {
            if (this.inProgressAccessKeys.contains(str)) {
                s3Status.setStatus(17);
                this.credsHelper.unlockCredsTable();
                return;
            }
            try {
                CredsRow fetchCredsRow = this.credsHelper.fetchCredsRow(str, s3Status);
                if (s3Status.getStatus() == 0) {
                    LOG.debug("AccessKey: {} is not unique, present on disk", fetchCredsRow);
                    s3Status.setStatus(17);
                    this.credsHelper.unlockCredsTable();
                } else {
                    if (s3Status.getStatus() != 2) {
                        this.credsHelper.unlockCredsTable();
                        return;
                    }
                    s3Status.setStatus(0);
                    this.inProgressAccessKeys.add(str);
                    this.credsHelper.unlockCredsTable();
                }
            } catch (Exception e) {
                String str2 = "Excpetion: " + e + " while verifying uniqueness for access key: " + str;
                LOG.debug(str2);
                s3Status.setStatus(5);
                s3Status.setMsg(str2);
                this.credsHelper.unlockCredsTable();
            }
        } catch (Throwable th) {
            this.credsHelper.unlockCredsTable();
            throw th;
        }
    }

    public void addPermAccessKey(CLDBS3ServerProto.CLDBS3CredsRow cLDBS3CredsRow, S3Status s3Status) {
        s3Status.setStatus(0);
        CredsRow rowForPermCredsCreate = this.credsHelper.getRowForPermCredsCreate(cLDBS3CredsRow);
        this.credsHelper.lockCredsTable();
        try {
            try {
                this.credsHelper.putCredsRow(rowForPermCredsCreate, s3Status);
                this.inProgressAccessKeys.remove(rowForPermCredsCreate.getAccessKey());
                LOG.info("Successfully added access key {}", cLDBS3CredsRow.getAccessKey());
                this.credsHelper.unlockCredsTable();
            } catch (Exception e) {
                String str = "Excpetion: " + e + " while adding creds row for key: " + cLDBS3CredsRow.getAccessKey();
                LOG.error(str);
                s3Status.setStatus(5);
                s3Status.setMsg(str);
                this.credsHelper.unlockCredsTable();
            }
        } catch (Throwable th) {
            this.credsHelper.unlockCredsTable();
            throw th;
        }
    }

    public void delPermAccessKey(CLDBS3ServerProto.CLDBS3CredsRow cLDBS3CredsRow, S3Status s3Status) {
        s3Status.setStatus(0);
        CredsRow rowForPermCredsDelete = this.credsHelper.getRowForPermCredsDelete(cLDBS3CredsRow);
        this.credsHelper.lockCredsTable();
        try {
            try {
                this.credsHelper.deleteCredsRow(rowForPermCredsDelete, s3Status);
                LOG.info("Successfully deleted access key {}", cLDBS3CredsRow.getAccessKey());
                this.credsHelper.unlockCredsTable();
            } catch (Exception e) {
                String str = "Excpetion: " + e + " while deleting creds row for key: " + cLDBS3CredsRow.getAccessKey();
                LOG.error(str);
                s3Status.setStatus(5);
                s3Status.setMsg(str);
                this.credsHelper.unlockCredsTable();
            }
        } catch (Throwable th) {
            this.credsHelper.unlockCredsTable();
            throw th;
        }
    }

    public void addTempAccessKey(CLDBS3ServerProto.CLDBS3CredsRow cLDBS3CredsRow, S3Status s3Status) {
        s3Status.setStatus(0);
        CredsRow rowForTempCredsCreate = this.credsHelper.getRowForTempCredsCreate(cLDBS3CredsRow);
        this.credsHelper.lockCredsTable();
        try {
            try {
                this.credsHelper.putCredsRow(rowForTempCredsCreate, s3Status);
                this.inProgressAccessKeys.remove(rowForTempCredsCreate.getAccessKey());
                LOG.info("Successfully added temporary access key {}", rowForTempCredsCreate);
                this.credsHelper.unlockCredsTable();
            } catch (Exception e) {
                String str = "Excpetion: " + e + " while adding temporary row for key: " + rowForTempCredsCreate;
                LOG.error(str);
                s3Status.setStatus(5);
                s3Status.setMsg(str);
                this.credsHelper.unlockCredsTable();
            }
        } catch (Throwable th) {
            this.credsHelper.unlockCredsTable();
            throw th;
        }
    }

    public CLDBS3ServerProto.CLDBS3CredsRow fetchAccessKey(String str, S3Status s3Status) {
        CredsRow fetchCredsRow = this.credsHelper.fetchCredsRow(str, s3Status);
        if (s3Status.getStatus() != 0) {
            return null;
        }
        return fetchCredsRow.getOnDiskRow();
    }

    public CLDBS3ServerProto.CLDBS3CredsRow updateVersion(S3Status s3Status) {
        CLDBS3ServerProto.CLDBS3CredsRow updateVersionNonRetry;
        while (true) {
            try {
                updateVersionNonRetry = updateVersionNonRetry(s3Status);
            } catch (Exception e) {
                LOG.debug("Exception {} in creds version update, retrying..", e);
                S3ServerUtil.sleepForSeconds(2);
            }
            if (s3Status.getStatus() == 0) {
                return updateVersionNonRetry;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CLDBS3ServerProto.CLDBS3CredsRow updateVersionNonRetry(S3Status s3Status) throws Exception {
        s3Status.resetStatus();
        this.credsHelper.lockCredsTable();
        try {
            CredsRow fetchVersionRow = this.credsHelper.fetchVersionRow(s3Status);
            if (s3Status.getStatus() != 0) {
                return null;
            }
            CredsRow updatedVersionRow = this.credsHelper.getUpdatedVersionRow(fetchVersionRow, s3Status);
            if (s3Status.getStatus() != 0) {
                this.credsHelper.unlockCredsTable();
                return null;
            }
            this.credsHelper.putCredsRow(updatedVersionRow, s3Status);
            if (s3Status.getStatus() != 0) {
                this.credsHelper.unlockCredsTable();
                return null;
            }
            CLDBS3ServerProto.CLDBS3CredsRow onDiskRow = updatedVersionRow.getOnDiskRow();
            this.credsHelper.unlockCredsTable();
            return onDiskRow;
        } finally {
            this.credsHelper.unlockCredsTable();
        }
    }

    public CLDBS3ServerProto.S3SetAccessKeyStatusResponse setAccessKeyStatus(RpcCallContext rpcCallContext, CLDBS3ServerProto.S3SetAccessKeyStatusRequest s3SetAccessKeyStatusRequest) {
        CLDBS3ServerProto.S3SetAccessKeyStatusResponse.Builder newBuilder = CLDBS3ServerProto.S3SetAccessKeyStatusResponse.newBuilder();
        if (!s3SetAccessKeyStatusRequest.hasAccessKey()) {
            return newBuilder.setStatus(22).setErrString("No access key provided for set Status").build();
        }
        String accessKey = s3SetAccessKeyStatusRequest.getAccessKey();
        if (!s3SetAccessKeyStatusRequest.hasMarkIsActive()) {
            return newBuilder.setStatus(0).setErrString("No state to modify for accesskey: " + accessKey).build();
        }
        S3Server.addAuditRecord(S3Server.getUserCreds(rpcCallContext, s3SetAccessKeyStatusRequest.hasCreds() ? s3SetAccessKeyStatusRequest.getCreds() : null), AuditRecord.Op.s3SetAccessKeyStatus, accessKey);
        if (s3SetAccessKeyStatusRequest.hasMarkIsActive()) {
            S3Server.getInstance().getAuditRecord().setValues("markIsActive", (String) null, Boolean.toString(s3SetAccessKeyStatusRequest.getMarkIsActive()));
        }
        LOG.info("Access Key state successfully updated for accessKey: {}", setAccessKeyStatus(accessKey, s3SetAccessKeyStatusRequest.getMarkIsActive(), new S3Status()));
        return newBuilder.setStatus(0).setErrString("Access Key state successfully updated").build();
    }

    private CredsRow setAccessKeyStatus(String str, boolean z, S3Status s3Status) {
        s3Status.resetStatus();
        this.credsHelper.lockCredsTable();
        try {
            try {
                CredsRow fetchCredsRow = this.credsHelper.fetchCredsRow(str, s3Status);
                if (s3Status.getStatus() != 0) {
                    this.credsHelper.unlockCredsTable();
                    return null;
                }
                if (fetchCredsRow.isActive() == z) {
                    s3Status.setMsg("AccessKey: " + str + " already set to status: " + z);
                    this.credsHelper.unlockCredsTable();
                    return fetchCredsRow;
                }
                CredsRow rowForMarkActive = this.credsHelper.getRowForMarkActive(fetchCredsRow, z);
                this.credsHelper.putCredsRow(rowForMarkActive, s3Status);
                this.credsHelper.unlockCredsTable();
                return rowForMarkActive;
            } catch (Exception e) {
                String str2 = "Excpetion: " + e + " while updating mark active row for key: " + str;
                LOG.error(str2);
                s3Status.setStatus(5);
                s3Status.setMsg(str2);
                this.credsHelper.unlockCredsTable();
                return null;
            }
        } catch (Throwable th) {
            this.credsHelper.unlockCredsTable();
            throw th;
        }
    }
}
