package com.mapr.security;

import com.mapr.baseutils.BaseUtilsHelper;
import com.mapr.baseutils.cldbutils.CLDBRpcCommonUtils;
import com.mapr.fs.cldb.proto.CLDBProto;
import com.mapr.fs.proto.Common;
import com.mapr.fs.proto.Security;
import com.mapr.login.common.TicketOptionalParams;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.util.Properties;
import org.apache.log4j.Logger;

/* loaded from: input_file:hadoop-client-2.7.0-mapr-1710-EBF1/share/hadoop/client/lib/maprfs-6.0.0-mapr.jar:com/mapr/security/ClusterServerTicketGeneration.class */
public class ClusterServerTicketGeneration {
    private String maprUser;
    private String maprGroup;
    private static final Logger LOG = Logger.getLogger(ClusterServerTicketGeneration.class);
    private static String maprHome = BaseUtilsHelper.getPathToMaprHome();
    private static ClusterServerTicketGeneration s_instance = new ClusterServerTicketGeneration();

    private ClusterServerTicketGeneration() {
        Properties properties = new Properties();
        String str = maprHome + "/conf/daemon.conf";
        try {
            FileReader fileReader = new FileReader(str);
            properties.load(fileReader);
            fileReader.close();
            this.maprUser = properties.getProperty("mapr.daemon.user");
            this.maprGroup = properties.getProperty("mapr.daemon.group");
        } catch (FileNotFoundException e) {
            LOG.warn("File not found: " + str);
        } catch (IOException e2) {
            LOG.warn("Exception while trying to read properties from: " + str, e2);
        } catch (Throwable th) {
            LOG.warn("Exception while trying to read properties from: " + str, th);
        }
    }

    public static ClusterServerTicketGeneration getInstance() {
        return s_instance;
    }

    public void generateTicketAndSetServerKey() throws IOException {
        String currentClusterName = CLDBRpcCommonUtils.getInstance().getCurrentClusterName();
        if (currentClusterName == null) {
            throw new IOException("Current cluster name is not found");
        }
        generateTicketAndSetServerKey(currentClusterName);
    }

    public void generateTicketAndSetServerKey(String str) throws IOException {
        String str2 = maprHome + "/conf/maprserverticket";
        if (!new File(str2).exists()) {
            throw new FileNotFoundException("Security is enabled, but userTicketFile can not be found.");
        }
        Security.SetTicketAndKeyFile(str2);
        MutableInt mutableInt = new MutableInt();
        Security.TicketAndKey GetTicketAndKeyForCluster = Security.GetTicketAndKeyForCluster(Security.ServerKeyType.CldbKey, str, mutableInt);
        if (mutableInt.GetValue() != 0) {
            throw new IOException("Could not get the ticket: " + mutableInt.GetValue());
        }
        long expiryTime = GetTicketAndKeyForCluster.getExpiryTime();
        if (expiryTime * 1000 < System.currentTimeMillis()) {
            throw new IOException("My Ticket Expired");
        }
        Security.CredentialsMsg userCreds = GetTicketAndKeyForCluster.getUserCreds();
        Security.CredentialsMsg.Builder newBuilder = Security.CredentialsMsg.newBuilder(userCreds);
        if (userCreds.getUserName() == null || userCreds.getUserName().isEmpty()) {
            if (this.maprUser != null) {
                newBuilder.setUserName(this.maprUser);
            } else {
                LOG.warn("UserName is not known and will create issues later on");
            }
        }
        CLDBProto.GetServerKeyRequest.Builder newBuilder2 = CLDBProto.GetServerKeyRequest.newBuilder();
        newBuilder2.setCreds(userCreds);
        newBuilder2.setSendBlacklistInfo(true);
        try {
            byte[] sendRequest = CLDBRpcCommonUtils.getInstance().sendRequest(str, Common.MapRProgramId.CldbProgramId.getNumber(), CLDBProto.CLDBProg.GetServerKeyProc.getNumber(), newBuilder2.build(), CLDBProto.GetServerKeyResponse.class, Security.ServerKeyType.CldbKey);
            if (sendRequest == null) {
                throw new IOException("userKey is null from CLDB!");
            }
            CLDBProto.GetServerKeyResponse parseFrom = CLDBProto.GetServerKeyResponse.parseFrom(sendRequest);
            if (parseFrom.getStatus() != 0) {
                LOG.error("Request to get ServerKey failed with error: " + com.mapr.baseutils.Errno.toString(parseFrom.getStatus()));
                throw new IOException("Request to get ServerKey failed with error: " + com.mapr.baseutils.Errno.toString(parseFrom.getStatus()));
            }
            if (!parseFrom.hasServerKey()) {
                throw new IOException("key from CLDB does not contain a server key!");
            }
            Security.Key serverKey = parseFrom.getServerKey();
            int[] iArr = new int[newBuilder.getGidsCount()];
            for (int i = 0; i < newBuilder.getGidsCount(); i++) {
                iArr[i] = newBuilder.getGids(i);
            }
            Security.SetKey(Security.ServerKeyType.ServerKey, serverKey);
            TicketOptionalParams ticketOptionalParams = new TicketOptionalParams();
            ticketOptionalParams.setIsExternal(true);
            Security.TicketAndKey GenerateTicketAndKey = Security.GenerateTicketAndKey(Security.ServerKeyType.ServerKey, newBuilder.getUserName(), newBuilder.getUid(), iArr, expiryTime, 0L, ticketOptionalParams, mutableInt);
            if (mutableInt.GetValue() != 0) {
                throw new IOException("Could not generate ticket: " + mutableInt.GetValue());
            }
            Security.SetTicketAndKey(Security.ServerKeyType.ServerKey, str, GenerateTicketAndKey);
            updateBlacklistInfo(parseFrom);
            LOG.info("Server key was cached for cluster: " + str);
        } catch (Throwable th) {
            throw new IOException("RPC Request to get ServerKey. No data returned", th);
        }
    }

    private void updateBlacklistInfo(CLDBProto.GetServerKeyResponse getServerKeyResponse) {
        int blacklistedaesCount = getServerKeyResponse.getBlacklistedaesCount();
        if (blacklistedaesCount > 0) {
            int[] iArr = new int[blacklistedaesCount];
            long[] jArr = new long[blacklistedaesCount];
            int i = 0;
            for (CLDBProto.BlacklistedAeMsg blacklistedAeMsg : getServerKeyResponse.getBlacklistedaesList()) {
                iArr[i] = blacklistedAeMsg.getId();
                jArr[i] = blacklistedAeMsg.getBlacklistTime();
                i++;
            }
            Security.BlacklistAndCloseConnections(iArr, jArr, true);
        }
    }
}
