package org.apache.drill.exec.rpc.security.maprsasl;

import com.mapr.security.callback.MaprSaslCallbackHandler;
import com.mapr.security.maprsasl.MaprSaslProvider;
import java.io.IOException;
import java.lang.reflect.UndeclaredThrowableException;
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.security.Security;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.drill.exec.rpc.security.AuthenticatorFactory;
import org.apache.drill.exec.rpc.security.FastSaslClientFactory;
import org.apache.drill.exec.rpc.security.FastSaslServerFactory;
import org.apache.drill.exec.rpc.security.SecurityConfiguration;
import org.apache.hadoop.security.UserGroupInformation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/drill/exec/rpc/security/maprsasl/MapRSaslFactory.class */
public class MapRSaslFactory implements AuthenticatorFactory {
    private static final Logger logger = LoggerFactory.getLogger(MapRSaslFactory.class);
    public static final String SIMPLE_NAME = "MAPRSASL";
    private static final String MECHANISM_NAME = "MAPR-SECURITY";
    private static final String SASL_DEFAULT_REALM = "default";

    public String getSimpleName() {
        return SIMPLE_NAME;
    }

    public UserGroupInformation createAndLoginUser(Map<String, ?> map) throws IOException {
        SecurityConfiguration securityConfiguration = new SecurityConfiguration();
        securityConfiguration.set("hadoop.security.authentication", "CUSTOM");
        securityConfiguration.set("hadoop.login", "maprsasl");
        UserGroupInformation.setConfiguration(securityConfiguration);
        try {
            return UserGroupInformation.getCurrentUser();
        } catch (IOException e) {
            Throwable cause = e.getCause();
            if (cause instanceof LoginException) {
                throw new SaslException("Failed to login.", cause);
            }
            throw new SaslException("Unexpected failure trying to login.", cause);
        }
    }

    public SaslServer createSaslServer(UserGroupInformation userGroupInformation, final Map<String, ?> map) throws SaslException {
        try {
            final String shortUserName = userGroupInformation.getShortUserName();
            SaslServer saslServer = (SaslServer) userGroupInformation.doAs(new PrivilegedExceptionAction<SaslServer>() { // from class: org.apache.drill.exec.rpc.security.maprsasl.MapRSaslFactory.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public SaslServer run() throws Exception {
                    return FastSaslServerFactory.getInstance().createSaslServer(MapRSaslFactory.MECHANISM_NAME, (String) null, MapRSaslFactory.SASL_DEFAULT_REALM, map, new MaprSaslCallbackHandler(Subject.getSubject(AccessController.getContext()), shortUserName));
                }
            });
            logger.trace("MapRSasl SaslServer created.");
            return saslServer;
        } catch (IOException | InterruptedException e) {
            if (e instanceof SaslException) {
                throw e;
            }
            throw new SaslException("Unexpected failure trying to authenticate using MapRSasl", e);
        } catch (UndeclaredThrowableException e2) {
            throw new SaslException("Unexpected failure trying to authenticate using MapRSasl", e2.getCause());
        }
    }

    public SaslClient createSaslClient(UserGroupInformation userGroupInformation, final Map<String, ?> map) throws SaslException {
        try {
            SaslClient saslClient = (SaslClient) userGroupInformation.doAs(new PrivilegedExceptionAction<SaslClient>() { // from class: org.apache.drill.exec.rpc.security.maprsasl.MapRSaslFactory.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public SaslClient run() throws Exception {
                    return FastSaslClientFactory.getInstance().createSaslClient(new String[]{MapRSaslFactory.MECHANISM_NAME}, (String) null, (String) null, (String) null, map, new CallbackHandler() { // from class: org.apache.drill.exec.rpc.security.maprsasl.MapRSaslFactory.2.1
                        @Override // javax.security.auth.callback.CallbackHandler
                        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                            throw new UnsupportedCallbackException(callbackArr[0]);
                        }
                    });
                }
            });
            logger.trace("MapRSasl SaslClient created.");
            return saslClient;
        } catch (IOException | InterruptedException e) {
            if (e instanceof SaslException) {
                throw e;
            }
            throw new SaslException("Unexpected failure trying to authenticate using MapRSasl", e);
        } catch (UndeclaredThrowableException e2) {
            throw new SaslException("Unexpected failure trying to authenticate using MapRSasl", e2.getCause());
        }
    }

    public void close() throws Exception {
    }

    static {
        Security.addProvider(new MaprSaslProvider());
    }
}
