package org.apache.hadoop.yarn.service.utils;

import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.WebResource;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.security.PrivilegedExceptionAction;
import org.apache.commons.codec.binary.Base64;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/hadoop-yarn-services-core-3.3.4.207-eep-911.jar:org/apache/hadoop/yarn/service/utils/HttpUtil.class */
public class HttpUtil {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) HttpUtil.class);
    private static final Base64 BASE_64_CODEC = new Base64(0);

    protected HttpUtil() {
        throw new UnsupportedOperationException();
    }

    public static String generateToken(final String str) throws IOException, InterruptedException {
        UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
        LOG.debug("The user credential is {}", currentUser);
        return (String) currentUser.doAs(new PrivilegedExceptionAction<String>() { // from class: org.apache.hadoop.yarn.service.utils.HttpUtil.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public String run() throws Exception {
                try {
                    GSSManager gSSManager = GSSManager.getInstance();
                    GSSName createName = gSSManager.createName("HTTP@" + str, GSSName.NT_HOSTBASED_SERVICE);
                    GSSContext createContext = gSSManager.createContext(createName.canonicalize((Oid) null), (Oid) null, (GSSCredential) null, 0);
                    createContext.requestMutualAuth(true);
                    createContext.requestCredDeleg(true);
                    byte[] bArr = new byte[0];
                    byte[] initSecContext = createContext.initSecContext(bArr, 0, bArr.length);
                    createContext.dispose();
                    HttpUtil.LOG.debug("Got valid challenge for host {}", createName);
                    return new String(HttpUtil.BASE_64_CODEC.encode(initSecContext), StandardCharsets.US_ASCII);
                } catch (GSSException e) {
                    HttpUtil.LOG.error("Error: ", e);
                    throw new AuthenticationException(e);
                }
            }
        });
    }

    public static WebResource.Builder connect(String str) throws URISyntaxException, IOException, InterruptedException {
        boolean isSecurityEnabled = UserGroupInformation.isSecurityEnabled();
        URI uri = new URI(str);
        WebResource.Builder type = Client.create().resource(str).type("application/json");
        if (isSecurityEnabled) {
            String generateToken = generateToken(uri.getHost());
            type.header("Authorization", "Negotiate " + generateToken);
            LOG.debug("Authorization: Negotiate {}", generateToken);
        }
        return type;
    }
}
