package com.mapr.security.client.examples;

import com.mapr.baseutils.audit.AuditConstants;
import com.mapr.fs.jni.MapRConstants;
import com.mapr.security.client.ClientSecurity;
import com.mapr.security.client.MapRClientSecurityException;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/mapr/security/client/examples/MapRClient.class */
public class MapRClient {
    private static final String EXEC = "exec";
    private static final String EXEC_HELP = "Calls the REST API given in the URL, given the token";
    private static final String GET_TOKEN = "gettoken";
    private static final String GET_TOKEN_HELP = "Performs the MapR challenge-response handshake, and retrieves an \n\t\t\tauthentication token that can be used in REST API authentication requests";
    private static final String DO_CHALLENGE_RESPONSE = "challengeresponse";
    private static final String DO_CHALLENGE_RESPONSE_HELP = "Performs the MapR challenge-response handshake only";
    private static final String AUTHTEST = "authtest";
    private static final String AUTHTEST_HELP = "test authentication as a generic client";
    private static boolean verbose = false;
    private static String clusterName;
    public static final String AUTH_COOKIE = "hadoop.auth";
    private static final String AUTH_COOKIE_EQ = "hadoop.auth=";
    private HttpURLConnection conn;
    private static ClientSecurity cs;

    /* loaded from: input_file:com/mapr/security/client/examples/MapRClient$Token.class */
    public static class Token {
        private String token;

        public Token() {
        }

        public Token(String str) {
            if (str == null) {
                throw new IllegalArgumentException("tokenStr cannot be null");
            }
            set(str);
        }

        public boolean isSet() {
            return this.token != null;
        }

        void set(String str) {
            this.token = str;
        }

        public String toString() {
            return this.token;
        }
    }

    private MapRClient() {
    }

    public static void getTokenFromResponseMessage(HttpURLConnection httpURLConnection, URL url, Token token) throws MapRClientSecurityException, IOException {
        if (httpURLConnection == null) {
            httpURLConnection = (HttpsURLConnection) url.openConnection();
        }
        String readResponse = readResponse(httpURLConnection);
        System.out.println("Obtained Base-64 encoded response " + readResponse);
        cs.validateServerResponseToChallenge(readResponse);
        if (token != null) {
            System.out.println("Extracting token from response message");
            extractToken(httpURLConnection, token);
        }
    }

    private static String readResponse(HttpURLConnection httpURLConnection) throws IOException, MapRClientSecurityException {
        int responseCode = httpURLConnection.getResponseCode();
        String headerField = httpURLConnection.getHeaderField("WWW-MAPR-Err-Authenticate");
        if (headerField != null) {
            throw new MapRClientSecurityException("Exception in server: " + headerField.trim());
        }
        if (responseCode != 200) {
            throw new MapRClientSecurityException("Incorrect status" + responseCode);
        }
        String str = null;
        List<String> list = httpURLConnection.getHeaderFields().get(ClientSecurity.AUTHORIZATION);
        if (list == null) {
            throw new MapRClientSecurityException("No header : Authorization is present");
        }
        for (String str2 : list) {
            if (str2 != null && str2.trim().startsWith("MAPR-Negotiate")) {
                str = str2;
            }
        }
        if (str == null) {
            throw new MapRClientSecurityException("Invalid sequence, incorrect header" + list);
        }
        return str.trim().substring("MAPR-Negotiate ".length()).trim();
    }

    private static void extractToken(HttpURLConnection httpURLConnection, Token token) throws IOException, MapRClientSecurityException {
        int responseCode = httpURLConnection.getResponseCode();
        if (responseCode != 200 && responseCode != 201 && responseCode != 202) {
            token.set(null);
            throw new MapRClientSecurityException("Authentication failed, status: " + httpURLConnection.getResponseCode() + ", message: " + httpURLConnection.getResponseMessage());
        }
        List<String> list = httpURLConnection.getHeaderFields().get("Set-Cookie");
        if (list != null) {
            for (String str : list) {
                if (str.startsWith(AUTH_COOKIE_EQ)) {
                    String substring = str.substring(AUTH_COOKIE_EQ.length());
                    int indexOf = substring.indexOf(";");
                    if (indexOf > -1) {
                        substring = substring.substring(0, indexOf);
                    }
                    if (substring.length() > 0) {
                        System.out.println("Found token in response message");
                        token.set(substring);
                    }
                }
            }
        }
    }

    public static void injectToken(HttpURLConnection httpURLConnection, Token token) {
        String str = token.token;
        if (str != null) {
            if (!str.startsWith(AuditConstants.QUOTE)) {
                str = AuditConstants.QUOTE + str + AuditConstants.QUOTE;
            }
            httpURLConnection.addRequestProperty("Cookie", AUTH_COOKIE_EQ + str);
        }
    }

    public boolean isNegotiate() throws IOException {
        List<String> list;
        if (this.conn.getResponseCode() == 401 && (list = this.conn.getHeaderFields().get(ClientSecurity.WWW_AUTHENTICATE)) != null) {
            for (String str : list) {
                if (str != null && str.trim().startsWith("MAPR-Negotiate")) {
                    return true;
                }
            }
        }
        return false;
    }

    private static void sendChallenge(HttpURLConnection httpURLConnection, URL url, String str) throws IOException, MapRClientSecurityException {
        System.out.println("Sending challenge to server");
        if (httpURLConnection == null) {
            httpURLConnection = (HttpsURLConnection) url.openConnection();
        }
        httpURLConnection.setRequestMethod("OPTIONS");
        httpURLConnection.setRequestProperty(ClientSecurity.AUTHORIZATION, "MAPR-Negotiate " + str);
        httpURLConnection.connect();
    }

    public static void doMaprHandshake(HttpURLConnection httpURLConnection, URL url, boolean z, Token token) throws IOException, MapRClientSecurityException {
        String generateChallenge = cs.generateChallenge();
        System.out.println("Obtained challenge string " + generateChallenge);
        sendChallenge(httpURLConnection, url, generateChallenge);
        if (z) {
            getTokenFromResponseMessage(httpURLConnection, url, token);
        } else {
            getTokenFromResponseMessage(httpURLConnection, url, null);
        }
    }

    private static void printGetTokenHelp() {
        System.out.println(GET_TOKEN + AuditConstants.NEWLINE + "\t[ -cluster mapr cluster name ]" + AuditConstants.NEWLINE + "\t[ -url rest-URL ]");
    }

    private static void printDoChallengeResponseHelp() {
        System.out.println(DO_CHALLENGE_RESPONSE + AuditConstants.NEWLINE + "\t[ -cluster mapr cluster name ]" + AuditConstants.NEWLINE + "\t[ -url rest-URL ]");
    }

    private static void printExecHelp() {
        System.out.println(EXEC + AuditConstants.NEWLINE + "\t[ -cluster mapr cluster name ]" + AuditConstants.NEWLINE + "\t[ -url rest-URL -token auth-token -request GET|POST|PUT|DELETE ]");
    }

    private static void printAuthTestHelp() {
        System.out.println(AUTHTEST + AuditConstants.NEWLINE + "\t[ -cluster mapr cluster name ]");
    }

    private static void printHelp(String str) {
        if (str.equals(GET_TOKEN)) {
            printGetTokenHelp();
            return;
        }
        if (str.equals(DO_CHALLENGE_RESPONSE)) {
            printDoChallengeResponseHelp();
            return;
        }
        if (str.equals(EXEC)) {
            printExecHelp();
        } else if (str.equals(AUTHTEST)) {
            printAuthTestHelp();
        } else {
            printUsage();
        }
    }

    private static String doHandshakeWithToken(String str, boolean z, boolean z2) {
        if (!cs.isClusterNameValid()) {
            System.out.println("ERROR: Invalid cluster name " + clusterName);
            return null;
        }
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.mapr.security.client.examples.MapRClient.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) {
            }
        }};
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        } catch (Exception e) {
            System.out.println("SSL exception: " + e.getMessage());
        }
        HttpsURLConnection.setDefaultHostnameVerifier(new DefaultHostVerifier());
        try {
            URL url = new URL(str);
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
            if (!z) {
                doMaprHandshake(httpsURLConnection, url, false, null);
                return null;
            }
            Token token = new Token();
            doMaprHandshake(httpsURLConnection, url, true, token);
            System.out.println("Obtained token: " + token.toString());
            return token.toString();
        } catch (Exception e2) {
            System.out.println("Exception occurred: " + e2.getMessage());
            return null;
        }
    }

    private static void execurl(String str, String str2, String str3, boolean z) {
        if (!cs.isClusterNameValid()) {
            System.out.println("ERROR: Invalid cluster name " + clusterName);
            return;
        }
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.mapr.security.client.examples.MapRClient.2
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str4) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str4) {
            }
        }};
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        } catch (Exception e) {
            System.out.println("SSL exception");
            e.printStackTrace();
        }
        HttpsURLConnection.setDefaultHostnameVerifier(new DefaultHostVerifier());
        try {
            Token token = new Token();
            token.set(str3);
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str).openConnection();
            httpsURLConnection.setRequestMethod(str2);
            injectToken(httpsURLConnection, token);
            httpsURLConnection.connect();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpsURLConnection.getInputStream(), MapRConstants.UTF8_ENCODING));
            StringBuilder sb = new StringBuilder();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    System.out.println(sb);
                    return;
                }
                sb.append(readLine);
            }
        } catch (Exception e2) {
            System.out.println("Exception occurred: " + e2.getMessage());
        }
    }

    private static void execute(String[] strArr) throws MapRClientSecurityException {
        String str = strArr[0];
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        String str2 = null;
        boolean z4 = false;
        String str3 = null;
        String str4 = null;
        verbose = false;
        int i = 1;
        while (i < strArr.length) {
            if (strArr[i].equals("-cluster") && i != strArr.length - 1) {
                clusterName = strArr[i + 1];
                z = true;
                i++;
            } else if (strArr[i].equals("-url") && i != strArr.length - 1) {
                str4 = strArr[i + 1];
                z2 = true;
                i++;
            } else if (strArr[i].equals("-token") && i != strArr.length - 1) {
                str3 = strArr[i + 1];
                z4 = true;
                i++;
            } else if (strArr[i].equals("-request") && i != strArr.length - 1) {
                str2 = strArr[i + 1];
                z3 = true;
                i++;
            } else if (strArr[i].equals("-v") || strArr[i].equals("--verbose")) {
                verbose = true;
            } else {
                System.out.println("Invalid option: " + strArr[i]);
                printHelp(str);
                System.exit(1);
            }
            i++;
        }
        if (z) {
            cs = new ClientSecurity(clusterName);
        } else {
            cs = new ClientSecurity();
        }
        clusterName = cs.getClusterName();
        System.out.println("Using cluster name " + clusterName);
        if (str.equals(AUTHTEST)) {
            System.out.println("Attempting to pick up credentials for cluster " + clusterName);
            System.out.println("Using ticket file at " + cs.getUserTicketAndKeyFileLocation());
            if (!cs.isClusterNameValid()) {
                System.out.println("Invalid cluster name " + clusterName);
                return;
            } else {
                if (cs.hasValidTicket()) {
                    System.out.println("Found a ticket that appears valid.");
                    return;
                }
                return;
            }
        }
        if (str.equals(DO_CHALLENGE_RESPONSE)) {
            if (verbose) {
                System.out.println("Using ticket file at " + cs.getUserTicketAndKeyFileLocation());
            }
            if (z2) {
                doHandshakeWithToken(str4, false, verbose);
                return;
            } else {
                printGetTokenHelp();
                System.exit(1);
                return;
            }
        }
        if (str.equals(GET_TOKEN)) {
            if (verbose) {
                System.out.println("Using ticket file at " + cs.getUserTicketAndKeyFileLocation());
            }
            if (z2) {
                doHandshakeWithToken(str4, true, verbose);
                return;
            } else {
                printGetTokenHelp();
                System.exit(1);
                return;
            }
        }
        if (!str.equals(EXEC)) {
            printHelp(str);
            System.exit(1);
            return;
        }
        if (verbose) {
            System.out.println("Using ticket file at " + cs.getUserTicketAndKeyFileLocation());
        }
        if (!z2 || !z4) {
            printExecHelp();
            System.exit(1);
            return;
        }
        if (!z3) {
            str2 = "GET";
        }
        if (verbose) {
            System.out.println("Using REST request " + str2 + " for URL " + str4);
        }
        execurl(str4, str2, str3, verbose);
    }

    private static void printUsage() {
        System.out.println("List of commands: \n" + AuditConstants.NEWLINE + "  challengeresponse  \t" + DO_CHALLENGE_RESPONSE_HELP + AuditConstants.NEWLINE + "  gettoken  \t\t" + GET_TOKEN_HELP + AuditConstants.NEWLINE + "  exec  \t\t" + EXEC_HELP + AuditConstants.NEWLINE + "  authtest  \t\t" + AUTHTEST_HELP);
    }

    public static void main(String[] strArr) {
        if (strArr == null || strArr.length < 1) {
            printUsage();
            return;
        }
        try {
            execute(strArr);
        } catch (MapRClientSecurityException e) {
            System.err.println(e.getMessage());
            System.exit(1);
        }
    }
}
