package co.cask.cdap.cli.command;

import co.cask.cdap.cli.CLIConfig;
import co.cask.cdap.cli.util.FilePathResolver;
import co.cask.cdap.client.PingClient;
import co.cask.cdap.client.config.ClientConfig;
import co.cask.cdap.client.exception.UnAuthorizedAccessTokenException;
import co.cask.cdap.common.conf.CConfiguration;
import co.cask.cdap.common.conf.Constants;
import co.cask.cdap.security.authentication.client.AccessToken;
import co.cask.cdap.security.authentication.client.AuthenticationClient;
import co.cask.cdap.security.authentication.client.Credential;
import co.cask.cdap.security.authentication.client.basic.BasicAuthenticationClient;
import co.cask.common.cli.Arguments;
import co.cask.common.cli.Command;
import com.google.common.base.Charsets;
import com.google.common.base.Joiner;
import com.google.common.io.Files;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.net.URI;
import java.util.Properties;
import javax.inject.Inject;
import javax.net.ssl.SSLHandshakeException;
import jline.console.ConsoleReader;

/* loaded from: input_file:co/cask/cdap/cli/command/ConnectCommand.class */
public class ConnectCommand implements Command {
    private final CLIConfig cliConfig;
    private final FilePathResolver resolver;
    private final CConfiguration cConf;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:co/cask/cdap/cli/command/ConnectCommand$ConnectionInfo.class */
    public static final class ConnectionInfo {
        private final String hostname;
        private final int port;
        private final boolean sslEnabled;

        private ConnectionInfo(String str, int i, boolean z) {
            this.hostname = str;
            this.port = i;
            this.sslEnabled = z;
        }

        public String getHostname() {
            return this.hostname;
        }

        public int getPort() {
            return this.port;
        }

        public boolean isSSLEnabled() {
            return this.sslEnabled;
        }
    }

    @Inject
    public ConnectCommand(CLIConfig cLIConfig, FilePathResolver filePathResolver, CConfiguration cConfiguration) {
        this.cConf = cConfiguration;
        this.cliConfig = cLIConfig;
        this.resolver = filePathResolver;
    }

    @Override // co.cask.common.cli.Command
    public void execute(Arguments arguments, PrintStream printStream) throws Exception {
        String str = arguments.get("cdap-instance-uri");
        if (!str.contains("://")) {
            str = "http://" + str;
        }
        URI create = URI.create(str);
        String host = create.getHost();
        boolean equals = "https".equals(create.getScheme());
        int port = create.getPort();
        if (port == -1) {
            port = equals ? this.cConf.getInt(Constants.Router.ROUTER_SSL_PORT) : this.cConf.getInt(Constants.Router.ROUTER_PORT);
        }
        tryConnect(this.cliConfig.getClientConfig(), new ConnectionInfo(host, port, equals), printStream, true);
    }

    @Override // co.cask.common.cli.Command
    public String getPattern() {
        return "connect <cdap-instance-uri>";
    }

    @Override // co.cask.common.cli.Command
    public String getDescription() {
        return "Connects to a CDAP instance. <credential(s)> parameter(s) could be used if authentication is enabled in the gateway server.";
    }

    public void tryDefaultConnection(PrintStream printStream, boolean z) {
        CConfiguration create = CConfiguration.create();
        boolean z2 = create.getBoolean(Constants.Security.SSL_ENABLED);
        try {
            tryConnect(this.cliConfig.getClientConfig(), new ConnectionInfo(create.get(Constants.Router.ADDRESS), z2 ? create.getInt(Constants.Router.ROUTER_SSL_PORT) : create.getInt(Constants.Router.ROUTER_PORT), z2), printStream, z);
        } catch (Exception e) {
        }
    }

    private void tryConnect(ClientConfig clientConfig, ConnectionInfo connectionInfo, PrintStream printStream, boolean z) throws Exception {
        try {
            AccessToken acquireAccessToken = acquireAccessToken(clientConfig, connectionInfo, printStream, z);
            checkConnection(clientConfig, connectionInfo, acquireAccessToken);
            this.cliConfig.setHostname(connectionInfo.getHostname());
            this.cliConfig.setPort(connectionInfo.getPort());
            this.cliConfig.setSSLEnabled(connectionInfo.isSSLEnabled());
            this.cliConfig.setAccessToken(acquireAccessToken);
            if (z) {
                printStream.printf("Successfully connected CDAP instance at %s:%d\n", connectionInfo.getHostname(), Integer.valueOf(connectionInfo.getPort()));
            }
        } catch (SSLHandshakeException e) {
            throw e;
        } catch (IOException e2) {
            throw new IOException(String.format("Host %s on port %d could not be reached: %s", connectionInfo.getHostname(), Integer.valueOf(connectionInfo.getPort()), e2.getMessage()));
        }
    }

    private void checkConnection(ClientConfig clientConfig, ConnectionInfo connectionInfo, AccessToken accessToken) throws IOException, UnAuthorizedAccessTokenException {
        new PingClient(new ClientConfig.Builder(clientConfig).setHostname(connectionInfo.getHostname()).setPort(connectionInfo.getPort()).setSSLEnabled(connectionInfo.isSSLEnabled()).setAccessToken(accessToken).build()).ping();
    }

    private boolean isAuthenticationEnabled(ConnectionInfo connectionInfo) throws IOException {
        return getAuthenticationClient(connectionInfo).isAuthEnabled();
    }

    private AccessToken acquireAccessToken(ClientConfig clientConfig, ConnectionInfo connectionInfo, PrintStream printStream, boolean z) throws IOException {
        if (!isAuthenticationEnabled(connectionInfo)) {
            return null;
        }
        try {
            AccessToken savedAccessToken = getSavedAccessToken(connectionInfo.getHostname());
            checkConnection(clientConfig, connectionInfo, savedAccessToken);
            return savedAccessToken;
        } catch (UnAuthorizedAccessTokenException e) {
            AuthenticationClient authenticationClient = getAuthenticationClient(connectionInfo);
            Properties properties = new Properties();
            properties.put(BasicAuthenticationClient.VERIFY_SSL_CERT_PROP_NAME, String.valueOf(this.cliConfig.isVerifySSLCert()));
            printStream.printf("Authentication is enabled in the CDAP instance: %s.\n", connectionInfo.getHostname());
            ConsoleReader consoleReader = new ConsoleReader();
            for (Credential credential : authenticationClient.getRequiredCredentials()) {
                String str = "Please, specify " + credential.getDescription() + "> ";
                properties.put(credential.getName(), credential.isSecret() ? consoleReader.readLine(str, '*') : consoleReader.readLine(str));
            }
            authenticationClient.configure(properties);
            AccessToken accessToken = authenticationClient.getAccessToken();
            if (accessToken != null && saveAccessToken(accessToken, connectionInfo.getHostname()) && z) {
                printStream.printf("Saved access token to %s\n", getAccessTokenFile(connectionInfo.getHostname()).getAbsolutePath());
            }
            return accessToken;
        }
    }

    private AuthenticationClient getAuthenticationClient(ConnectionInfo connectionInfo) {
        BasicAuthenticationClient basicAuthenticationClient = new BasicAuthenticationClient();
        basicAuthenticationClient.setConnectionInfo(connectionInfo.getHostname(), connectionInfo.getPort(), connectionInfo.isSSLEnabled());
        return basicAuthenticationClient;
    }

    private AccessToken getSavedAccessToken(String str) {
        File accessTokenFile = getAccessTokenFile(str);
        if (!accessTokenFile.exists() || !accessTokenFile.canRead()) {
            return null;
        }
        try {
            return new AccessToken(Joiner.on("").join((Iterable<?>) Files.readLines(accessTokenFile, Charsets.UTF_8)), -1L, null);
        } catch (IOException e) {
            return null;
        }
    }

    private boolean saveAccessToken(AccessToken accessToken, String str) {
        File accessTokenFile = getAccessTokenFile(str);
        try {
            if (!accessTokenFile.createNewFile()) {
                return false;
            }
            Files.write(accessToken.getValue(), accessTokenFile, Charsets.UTF_8);
            return true;
        } catch (IOException e) {
            return false;
        }
    }

    private File getAccessTokenFile(String str) {
        String str2 = System.getenv(CLIConfig.ENV_ACCESSTOKEN);
        return str2 != null ? this.resolver.resolvePathToFile(str2) : this.resolver.resolvePathToFile("~/.cdap.accesstoken." + str);
    }
}
