package org.apache.hadoop.security.rpcauth;

import com.mapr.security.callback.MaprSaslCallbackHandler;
import com.mapr.security.maprsasl.MaprSaslProvider;
import com.mapr.security.maprsasl.MaprSaslServer;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.security.Security;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.ipc.Server;
import org.apache.hadoop.ipc.protobuf.IpcConnectionContextProtos;
import org.apache.hadoop.security.UserGroupInformation;

/* loaded from: input_file:hadoop-client-2.5.1-mapr-1501/share/hadoop/client/lib/maprfs-4.0.2-mapr.jar:org/apache/hadoop/security/rpcauth/MaprAuthMethod.class */
public final class MaprAuthMethod extends RpcAuthMethod {
    public static final Log LOG = LogFactory.getLog(MaprAuthMethod.class);
    static final RpcAuthMethod INSTANCE = new MaprAuthMethod();
    private static final String[] LOGIN_MODULES = {"com.mapr.security.maprsasl.MaprSecurityLoginModule"};

    private MaprAuthMethod() {
        super((byte) 113, "maprsasl", MaprSaslServer.MAPR_SECURITY_MECH_NAME, UserGroupInformation.AuthenticationMethod.CUSTOM);
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public String[] loginModules() {
        return LOGIN_MODULES;
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public UserGroupInformation getUser(UserGroupInformation userGroupInformation) {
        return userGroupInformation.getRealUser() != null ? userGroupInformation.getRealUser() : userGroupInformation;
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public void writeUGI(UserGroupInformation userGroupInformation, IpcConnectionContextProtos.UserInformationProto.Builder builder) {
        builder.setEffectiveUser(userGroupInformation.getShortUserName());
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public boolean isSasl() {
        return true;
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public boolean isNegotiable() {
        return true;
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public String getProtocol() throws IOException {
        return "default";
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public String getServerId() throws IOException {
        return "";
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public SaslClient createSaslClient(Map<String, Object> map) throws IOException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Creating SASL " + this.mechanismName + " client to authenticate to SaslServer");
        }
        UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
        return Sasl.createSaslClient(new String[]{this.mechanismName}, (String) null, (String) null, "default", map, new MaprSaslCallbackHandler(currentUser.getSubject(), currentUser.getShortUserName()));
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public SaslServer createSaslServer(Server.Connection connection, final Map<String, Object> map) throws IOException, InterruptedException {
        final UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
        return (SaslServer) currentUser.doAs(new PrivilegedExceptionAction<SaslServer>() { // from class: org.apache.hadoop.security.rpcauth.MaprAuthMethod.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public SaslServer run() throws SaslException {
                return Sasl.createSaslServer(MaprAuthMethod.this.mechanismName, (String) null, "default", map, new MaprSaslCallbackHandler(Subject.getSubject(AccessController.getContext()), currentUser.getShortUserName()));
            }
        });
    }

    @Override // org.apache.hadoop.security.rpcauth.RpcAuthMethod
    public CallbackHandler createCallbackHandler() {
        try {
            return new MaprSaslCallbackHandler(Subject.getSubject(AccessController.getContext()), UserGroupInformation.getCurrentUser().getShortUserName());
        } catch (Exception e) {
            LOG.error("Creating MaprSaslCallbackhandler Error.", e);
            return null;
        }
    }

    static {
        Security.addProvider(new MaprSaslProvider());
        RpcAuthRegistry.addRpcAuthMethod(INSTANCE);
    }
}
