package org.apache.hadoop.lib.service.security;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.fs.http.server.HttpFSServerWebApp;
import org.apache.hadoop.hdfs.DFSConfigKeys;
import org.apache.hadoop.hdfs.web.SWebHdfsFileSystem;
import org.apache.hadoop.hdfs.web.WebHdfsFileSystem;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.lib.server.BaseService;
import org.apache.hadoop.lib.server.ServerException;
import org.apache.hadoop.lib.server.ServiceException;
import org.apache.hadoop.lib.service.DelegationTokenIdentifier;
import org.apache.hadoop.lib.service.DelegationTokenManager;
import org.apache.hadoop.lib.service.DelegationTokenManagerException;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager;

/* JADX WARN: Classes with same name are omitted:
  input_file:classes/org/apache/hadoop/lib/service/security/DelegationTokenManagerService.class
  input_file:hadoop-hdfs-httpfs-2.4.1-mapr-4.0.1-SNAPSHOT/share/hadoop/httpfs/tomcat/webapps/webhdfs/WEB-INF/classes/org/apache/hadoop/lib/service/security/DelegationTokenManagerService.class
  input_file:webhdfs.war:WEB-INF/classes/org/apache/hadoop/lib/service/security/DelegationTokenManagerService.class
 */
@InterfaceAudience.Private
/* loaded from: input_file:webhdfs/WEB-INF/classes/org/apache/hadoop/lib/service/security/DelegationTokenManagerService.class */
public class DelegationTokenManagerService extends BaseService implements DelegationTokenManager {
    private static final String PREFIX = "delegation.token.manager";
    private static final String UPDATE_INTERVAL = "update.interval";
    private static final String MAX_LIFETIME = "max.lifetime";
    private static final String RENEW_INTERVAL = "renew.interval";
    private static final long HOUR = 3600000;
    private static final long DAY = 86400000;
    DelegationTokenSecretManager secretManager;
    private Text tokenKind;

    /* JADX WARN: Classes with same name are omitted:
      input_file:classes/org/apache/hadoop/lib/service/security/DelegationTokenManagerService$DelegationTokenSecretManager.class
      input_file:hadoop-hdfs-httpfs-2.4.1-mapr-4.0.1-SNAPSHOT/share/hadoop/httpfs/tomcat/webapps/webhdfs/WEB-INF/classes/org/apache/hadoop/lib/service/security/DelegationTokenManagerService$DelegationTokenSecretManager.class
      input_file:webhdfs.war:WEB-INF/classes/org/apache/hadoop/lib/service/security/DelegationTokenManagerService$DelegationTokenSecretManager.class
     */
    /* loaded from: input_file:webhdfs/WEB-INF/classes/org/apache/hadoop/lib/service/security/DelegationTokenManagerService$DelegationTokenSecretManager.class */
    private static class DelegationTokenSecretManager extends AbstractDelegationTokenSecretManager<DelegationTokenIdentifier> {
        private Text tokenKind;

        public DelegationTokenSecretManager(Text text, long j, long j2, long j3, long j4) {
            super(j, j2, j3, j4);
            this.tokenKind = text;
        }

        @Override // org.apache.hadoop.security.token.SecretManager
        public DelegationTokenIdentifier createIdentifier() {
            return new DelegationTokenIdentifier(this.tokenKind);
        }
    }

    public DelegationTokenManagerService() {
        super(PREFIX);
        this.secretManager = null;
    }

    @Override // org.apache.hadoop.lib.server.BaseService
    protected void init() throws ServiceException {
        long j = getServiceConfig().getLong(UPDATE_INTERVAL, 86400000L);
        long j2 = getServiceConfig().getLong(MAX_LIFETIME, DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT);
        long j3 = getServiceConfig().getLong(RENEW_INTERVAL, 86400000L);
        this.tokenKind = HttpFSServerWebApp.get().isSslEnabled() ? SWebHdfsFileSystem.TOKEN_KIND : WebHdfsFileSystem.TOKEN_KIND;
        this.secretManager = new DelegationTokenSecretManager(this.tokenKind, j, j2, j3, 3600000L);
        try {
            this.secretManager.startThreads();
        } catch (IOException e) {
            throw new ServiceException(ServerException.ERROR.S12, DelegationTokenManager.class.getSimpleName(), e.toString(), e);
        }
    }

    @Override // org.apache.hadoop.lib.server.BaseService, org.apache.hadoop.lib.server.Service
    public void destroy() {
        this.secretManager.stopThreads();
        super.destroy();
    }

    @Override // org.apache.hadoop.lib.server.Service
    public Class getInterface() {
        return DelegationTokenManager.class;
    }

    @Override // org.apache.hadoop.lib.service.DelegationTokenManager
    public Token<DelegationTokenIdentifier> createToken(UserGroupInformation userGroupInformation, String str) throws DelegationTokenManagerException {
        String shortUserName = str == null ? userGroupInformation.getShortUserName() : str;
        Text text = new Text(userGroupInformation.getUserName());
        Text text2 = null;
        if (userGroupInformation.getRealUser() != null) {
            text2 = new Text(userGroupInformation.getRealUser().getUserName());
        }
        Token<DelegationTokenIdentifier> token = new Token<>(new DelegationTokenIdentifier(this.tokenKind, text, new Text(shortUserName), text2), this.secretManager);
        try {
            SecurityUtil.setTokenService(token, HttpFSServerWebApp.get().getAuthority());
            return token;
        } catch (ServerException e) {
            throw new DelegationTokenManagerException(DelegationTokenManagerException.ERROR.DT04, e.toString(), e);
        }
    }

    @Override // org.apache.hadoop.lib.service.DelegationTokenManager
    public long renewToken(Token<DelegationTokenIdentifier> token, String str) throws DelegationTokenManagerException {
        try {
            return this.secretManager.renewToken(token, str);
        } catch (IOException e) {
            throw new DelegationTokenManagerException(DelegationTokenManagerException.ERROR.DT02, e.toString(), e);
        }
    }

    @Override // org.apache.hadoop.lib.service.DelegationTokenManager
    public void cancelToken(Token<DelegationTokenIdentifier> token, String str) throws DelegationTokenManagerException {
        try {
            this.secretManager.cancelToken(token, str);
        } catch (IOException e) {
            throw new DelegationTokenManagerException(DelegationTokenManagerException.ERROR.DT03, e.toString(), e);
        }
    }

    @Override // org.apache.hadoop.lib.service.DelegationTokenManager
    public UserGroupInformation verifyToken(Token<DelegationTokenIdentifier> token) throws DelegationTokenManagerException {
        DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(token.getIdentifier()));
        DelegationTokenIdentifier delegationTokenIdentifier = new DelegationTokenIdentifier(this.tokenKind);
        try {
            delegationTokenIdentifier.readFields(dataInputStream);
            dataInputStream.close();
            this.secretManager.verifyToken(delegationTokenIdentifier, token.getPassword());
            return delegationTokenIdentifier.getUser();
        } catch (Exception e) {
            throw new DelegationTokenManagerException(DelegationTokenManagerException.ERROR.DT01, e.toString(), e);
        }
    }
}
