package co.cask.cdap.shell.command;

import co.cask.cdap.client.PingClient;
import co.cask.cdap.client.exception.UnAuthorizedAccessTokenException;
import co.cask.cdap.common.conf.CConfiguration;
import co.cask.cdap.common.conf.Constants;
import co.cask.cdap.security.authentication.client.AccessToken;
import co.cask.cdap.security.authentication.client.Credential;
import co.cask.cdap.security.authentication.client.basic.BasicAuthenticationClient;
import co.cask.cdap.shell.AbstractCommand;
import co.cask.cdap.shell.CLIConfig;
import co.cask.cdap.shell.util.SocketUtil;
import com.google.common.base.Charsets;
import com.google.common.base.Joiner;
import com.google.common.io.Files;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.net.URI;
import java.util.Properties;
import javax.inject.Inject;
import jline.console.ConsoleReader;

/* loaded from: input_file:co/cask/cdap/shell/command/ConnectCommand.class */
public class ConnectCommand extends AbstractCommand {
    private static final String ENV_HOME = System.getProperty("user.home");
    private final CLIConfig cliConfig;

    @Inject
    public ConnectCommand(CLIConfig cLIConfig) {
        super("connect", "<cdap-hostname>", "Connects to a CDAP instance. <credential(s)> parameter(s) could be used if authentication is enabled in the gateway server.");
        this.cliConfig = cLIConfig;
    }

    @Override // co.cask.cdap.shell.AbstractCommand, co.cask.cdap.shell.Command
    public void process(String[] strArr, PrintStream printStream) throws Exception {
        super.process(strArr, printStream);
        String str = strArr[0];
        if (!str.contains("://")) {
            str = "http://" + str;
        }
        URI create = URI.create(str);
        String host = create.getHost();
        boolean equals = "https".equals(create.getScheme());
        int port = create.getPort();
        if (port == -1) {
            port = equals ? this.cliConfig.getSslPort() : this.cliConfig.getPort();
        }
        tryConnect(printStream, host, port, equals, getAccessToken(host), true);
    }

    public void tryDefaultConnection(PrintStream printStream, boolean z) {
        CConfiguration create = CConfiguration.create();
        boolean z2 = create.getBoolean(Constants.Security.SSL_ENABLED, false);
        String str = create.get(Constants.Router.ADDRESS, "localhost");
        try {
            tryConnect(printStream, str, z2 ? create.getInt(Constants.Router.ROUTER_SSL_PORT, 10443) : create.getInt(Constants.Router.ROUTER_PORT, Constants.Gateway.DEFAULT_PORT), z2, getAccessToken(str), z);
        } catch (Exception e) {
        }
    }

    private void tryConnect(PrintStream printStream, String str, int i, boolean z, String str2, boolean z2) throws Exception {
        if (!SocketUtil.isAvailable(str, i)) {
            throw new IOException(String.format("Host %s on port %d could not be reached", str, Integer.valueOf(i)));
        }
        BasicAuthenticationClient basicAuthenticationClient = new BasicAuthenticationClient();
        basicAuthenticationClient.setConnectionInfo(str, i, z);
        Properties properties = new Properties();
        properties.put(BasicAuthenticationClient.VERIFY_SSL_CERT_PROP_NAME, String.valueOf(this.cliConfig.isVerifySSLCert()));
        if (basicAuthenticationClient.isAuthEnabled()) {
            if (str2 != null) {
                this.cliConfig.setConnection(str, i, z);
                this.cliConfig.getClientConfig().setAccessToken(new AccessToken(str2, -1L, null));
                try {
                    new PingClient(this.cliConfig.getClientConfig()).ping();
                    return;
                } catch (UnAuthorizedAccessTokenException e) {
                }
            }
            printStream.printf("Authentication is enabled in the CDAP instance: %s.\n", str);
            ConsoleReader consoleReader = new ConsoleReader();
            for (Credential credential : basicAuthenticationClient.getRequiredCredentials()) {
                String str3 = "Please, specify " + credential.getDescription() + "> ";
                properties.put(credential.getName(), credential.isSecret() ? consoleReader.readLine(str3, '*') : consoleReader.readLine(str3));
            }
            basicAuthenticationClient.configure(properties);
            AccessToken accessToken = basicAuthenticationClient.getAccessToken();
            if (accessToken == null) {
                printStream.printf("Invalid credentials\n", new Object[0]);
                return;
            }
            if (saveAccessToken(accessToken, str) && z2) {
                printStream.printf("Saved access token to %s\n", getAccessTokenFile(str).getAbsolutePath());
            }
            this.cliConfig.getClientConfig().setAccessToken(accessToken);
        }
        this.cliConfig.setConnection(str, i, z);
        if (z2) {
            printStream.printf("Successfully connected CDAP instance at %s:%d\n", str, Integer.valueOf(i));
        }
    }

    private String getAccessToken(String str) {
        File accessTokenFile = getAccessTokenFile(str);
        if (!accessTokenFile.exists() || !accessTokenFile.canRead()) {
            return null;
        }
        try {
            return Joiner.on("").join((Iterable<?>) Files.readLines(accessTokenFile, Charsets.UTF_8));
        } catch (IOException e) {
            return null;
        }
    }

    private File getAccessTokenFile(String str) {
        String str2 = System.getenv(CLIConfig.ENV_ACCESSTOKEN);
        return str2 != null ? new File(str2) : new File(new File(ENV_HOME), ".cdap.accesstoken." + str);
    }

    private boolean saveAccessToken(AccessToken accessToken, String str) {
        File accessTokenFile = getAccessTokenFile(str);
        try {
            if (!accessTokenFile.createNewFile()) {
                return false;
            }
            Files.write(accessToken.getValue(), accessTokenFile, Charsets.UTF_8);
            return true;
        } catch (IOException e) {
            return false;
        }
    }
}
