package co.cask.cdap.gateway.auth;

import co.cask.cdap.common.conf.Constants;
import co.cask.cdap.passport.http.client.PassportClient;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.flume.source.avro.AvroFlumeEvent;
import org.jboss.netty.handler.codec.http.HttpRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:co/cask/cdap/gateway/auth/PassportVPCAuthenticator.class */
public class PassportVPCAuthenticator implements Authenticator {
    private static final Logger LOG = LoggerFactory.getLogger(PassportVPCAuthenticator.class);
    private final String clusterName;
    private final PassportClient passportClient;

    public PassportVPCAuthenticator(String str, PassportClient passportClient) {
        this.clusterName = str;
        this.passportClient = passportClient;
    }

    @Override // co.cask.cdap.gateway.auth.Authenticator
    public boolean authenticateRequest(HttpRequest httpRequest) {
        String header = httpRequest.getHeader(Constants.Gateway.API_KEY);
        if (header == null) {
            return false;
        }
        return authenticate(header);
    }

    @Override // co.cask.cdap.gateway.auth.Authenticator
    public boolean authenticateRequest(AvroFlumeEvent avroFlumeEvent) {
        for (Map.Entry entry : avroFlumeEvent.getHeaders().entrySet()) {
            if (((CharSequence) entry.getKey()).toString().equals(Constants.Gateway.API_KEY)) {
                return authenticate(((CharSequence) entry.getValue()).toString());
            }
        }
        return false;
    }

    @Override // co.cask.cdap.gateway.auth.Authenticator
    public String getAccountId(HttpRequest httpRequest) {
        String header = httpRequest.getHeader(Constants.Gateway.API_KEY);
        if (header == null) {
            throw new RuntimeException("http request was not authenticated");
        }
        return this.passportClient.getAccount(header).getAccountId();
    }

    @Override // co.cask.cdap.gateway.auth.Authenticator
    public String getAccountId(AvroFlumeEvent avroFlumeEvent) {
        for (Map.Entry entry : avroFlumeEvent.getHeaders().entrySet()) {
            if (((CharSequence) entry.getKey()).toString().equals(Constants.Gateway.API_KEY)) {
                return this.passportClient.getAccount(((CharSequence) entry.getValue()).toString()).getAccountId();
            }
        }
        throw new RuntimeException("event was not authenticated");
    }

    private boolean authenticate(String str) {
        try {
            List<String> vPCList = this.passportClient.getVPCList(str);
            if (vPCList == null || vPCList.isEmpty()) {
                return false;
            }
            Iterator<String> it = vPCList.iterator();
            while (it.hasNext()) {
                if (this.clusterName.equals(it.next())) {
                    return true;
                }
            }
            LOG.trace("Failed to authenticate request using key: " + str);
            return false;
        } catch (Exception e) {
            LOG.error("Exception authorizing with passport service", (Throwable) e);
            return false;
        }
    }

    @Override // co.cask.cdap.gateway.auth.Authenticator
    public boolean isAuthenticationRequired() {
        return true;
    }
}
