package co.cask.cdap.security.authorization;

import co.cask.cdap.api.security.ACL;
import co.cask.cdap.api.security.EntityId;
import co.cask.cdap.api.security.PermissionType;
import co.cask.cdap.common.discovery.RandomEndpointStrategy;
import co.cask.cdap.common.discovery.TimeLimitEndpointStrategy;
import co.cask.cdap.common.http.HttpMethod;
import co.cask.cdap.common.http.HttpRequest;
import co.cask.cdap.common.http.HttpRequests;
import co.cask.cdap.common.http.ObjectResponse;
import com.google.common.base.Preconditions;
import com.google.common.base.Supplier;
import com.google.common.reflect.TypeToken;
import com.google.gson.Gson;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.List;
import java.util.concurrent.TimeUnit;
import javax.inject.Inject;
import org.apache.twill.discovery.DiscoveryServiceClient;

/* loaded from: input_file:co/cask/cdap/security/authorization/ACLClient.class */
public class ACLClient {
    private static final Gson GSON = new Gson();
    private final Supplier<URI> baseURI;

    @Inject
    public ACLClient(final DiscoveryServiceClient discoveryServiceClient) {
        this.baseURI = new Supplier<URI>() { // from class: co.cask.cdap.security.authorization.ACLClient.1
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public URI m14get() {
                TimeLimitEndpointStrategy timeLimitEndpointStrategy = new TimeLimitEndpointStrategy(new RandomEndpointStrategy(discoveryServiceClient.discover("acl")), 5L, TimeUnit.SECONDS);
                Preconditions.checkNotNull(timeLimitEndpointStrategy.pick(), "No discoverable endpoint found for ACLService");
                InetSocketAddress socketAddress = timeLimitEndpointStrategy.pick().getSocketAddress();
                try {
                    return new URI(String.format("http://%s:%d", socketAddress.getAddress().getHostName(), Integer.valueOf(socketAddress.getPort())));
                } catch (URISyntaxException e) {
                    return null;
                }
            }
        };
    }

    public List<ACL> listAcls(EntityId entityId) throws IOException {
        return (List) ObjectResponse.fromJsonBody(HttpRequests.execute(HttpRequest.builder(HttpMethod.GET, resolveURL(String.format("/v2/admin/acls/%s/%s", entityId.getType().getPluralForm(), entityId.getId()))).build()), new TypeToken<List<ACL>>() { // from class: co.cask.cdap.security.authorization.ACLClient.2
        }).getResponseObject();
    }

    public List<ACL> listAcls(EntityId entityId, String str) throws IOException {
        return (List) ObjectResponse.fromJsonBody(HttpRequests.execute(HttpRequest.builder(HttpMethod.GET, resolveURL(String.format("/v2/admin/acls/%s/%s/user/%s", entityId.getType().getPluralForm(), entityId.getId(), str))).build()), new TypeToken<List<ACL>>() { // from class: co.cask.cdap.security.authorization.ACLClient.3
        }).getResponseObject();
    }

    public void setAclForUser(EntityId entityId, String str, List<PermissionType> list) throws IOException {
        HttpRequests.execute(HttpRequest.builder(HttpMethod.PUT, resolveURL(String.format("/v2/admin/acls/%s/%s/user/%s", entityId.getType().getPluralForm(), entityId.getId(), str))).withBody(GSON.toJson(list)).build());
    }

    public void setAclForGroup(EntityId entityId, String str, List<PermissionType> list) throws IOException {
        HttpRequests.execute(HttpRequest.builder(HttpMethod.PUT, resolveURL(String.format("/v2/admin/acls/%s/%s/group/%s", entityId.getType().getPluralForm(), entityId.getId(), str))).withBody(GSON.toJson(list)).build());
    }

    private URL resolveURL(String str) throws MalformedURLException {
        return ((URI) this.baseURI.get()).resolve(str).toURL();
    }
}
