package org.apache.hadoop.hdfs.tools;

import java.io.BufferedReader;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.URI;
import java.net.URL;
import java.security.PrivilegedExceptionAction;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.hdfs.DistributedFileSystem;
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
import org.apache.hadoop.hdfs.server.namenode.CancelDelegationTokenServlet;
import org.apache.hadoop.hdfs.server.namenode.GetDelegationTokenServlet;
import org.apache.hadoop.hdfs.server.namenode.RenewDelegationTokenServlet;
import org.apache.hadoop.io.IOUtils;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.Credentials;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.util.StringUtils;
import org.apache.log4j.spi.LocationInfo;

/* loaded from: input_file:org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.class */
public class DelegationTokenFetcher {
    private static final String USAGE = "fetchdt retrieves delegation tokens (optionally over http)\nand writes them to specified file.\nUsage: fetchdt [--webservice <namenode http addr>] <output filename>";
    private final DistributedFileSystem dfs;
    private final UserGroupInformation ugi;
    private final DataOutputStream out;
    private final Configuration conf;
    private static final Log LOG = LogFactory.getLog(DelegationTokenFetcher.class);

    public static void main(final String[] strArr) throws Exception {
        UserGroupInformation.getCurrentUser().doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.hdfs.tools.DelegationTokenFetcher.1
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                if (strArr.length == 3 && "--webservice".equals(strArr[0])) {
                    DelegationTokenFetcher.getDTfromRemoteIntoFile(strArr[1], strArr[2]);
                    return null;
                }
                if (strArr.length == 1 && "--webservice".equals(strArr[0])) {
                    System.out.println(DelegationTokenFetcher.USAGE);
                    return null;
                }
                if (strArr.length != 1 || strArr[0].isEmpty()) {
                    System.out.println(DelegationTokenFetcher.USAGE);
                    return null;
                }
                DataOutputStream dataOutputStream = null;
                try {
                    try {
                        Configuration configuration = new Configuration();
                        DistributedFileSystem distributedFileSystem = (DistributedFileSystem) FileSystem.get(configuration);
                        dataOutputStream = new DataOutputStream(new FileOutputStream(strArr[0]));
                        new DelegationTokenFetcher(distributedFileSystem, dataOutputStream, UserGroupInformation.getCurrentUser(), configuration).go();
                        dataOutputStream.flush();
                        System.out.println("Succesfully wrote token of size " + dataOutputStream.size() + " bytes to " + strArr[0]);
                        if (dataOutputStream == null) {
                            return null;
                        }
                        dataOutputStream.close();
                        return null;
                    } catch (IOException e) {
                        System.out.println("Exception encountered:\n" + StringUtils.stringifyException(e));
                        if (dataOutputStream == null) {
                            return null;
                        }
                        dataOutputStream.close();
                        return null;
                    }
                } catch (Throwable th) {
                    if (dataOutputStream != null) {
                        dataOutputStream.close();
                    }
                    throw th;
                }
            }
        });
    }

    public DelegationTokenFetcher(DistributedFileSystem distributedFileSystem, DataOutputStream dataOutputStream, UserGroupInformation userGroupInformation, Configuration configuration) {
        checkNotNull("dfs", distributedFileSystem);
        this.dfs = distributedFileSystem;
        checkNotNull("out", dataOutputStream);
        this.out = dataOutputStream;
        checkNotNull("ugi", userGroupInformation);
        this.ugi = userGroupInformation;
        checkNotNull("conf", configuration);
        this.conf = configuration;
    }

    private void checkNotNull(String str, Object obj) {
        if (obj == null) {
            throw new IllegalArgumentException(str + " cannot be null.");
        }
    }

    public void go() throws IOException {
        String userName = this.ugi.getUserName();
        String shortUserName = this.ugi.getShortUserName();
        Token<DelegationTokenIdentifier> delegationToken = this.dfs.getDelegationToken(new Text(userName));
        URI defaultUri = FileSystem.getDefaultUri(this.conf);
        delegationToken.setService(new Text(InetAddress.getByName(defaultUri.getHost()).getHostAddress() + ":" + defaultUri.getPort()));
        Credentials credentials = new Credentials();
        credentials.addToken(new Text(shortUserName), delegationToken);
        credentials.writeTokenStorageToStream(this.out);
    }

    public static Credentials getDTfromRemote(String str, String str2) throws IOException {
        DataInputStream dataInputStream = null;
        try {
            try {
                StringBuffer stringBuffer = new StringBuffer();
                if (str2 != null) {
                    stringBuffer.append(str).append(GetDelegationTokenServlet.PATH_SPEC).append(LocationInfo.NA).append(GetDelegationTokenServlet.RENEWER).append("=").append(str2);
                } else {
                    stringBuffer.append(str).append(GetDelegationTokenServlet.PATH_SPEC);
                }
                System.out.println("Retrieving token from: " + ((Object) stringBuffer));
                URL url = new URL(stringBuffer.toString());
                SecurityUtil.fetchServiceTicket(url);
                InputStream inputStream = url.openConnection().getInputStream();
                Credentials credentials = new Credentials();
                dataInputStream = new DataInputStream(inputStream);
                credentials.readFields(dataInputStream);
                if (dataInputStream != null) {
                    dataInputStream.close();
                }
                return credentials;
            } catch (Exception e) {
                throw new IOException("Unable to obtain remote token", e);
            }
        } catch (Throwable th) {
            if (dataInputStream != null) {
                dataInputStream.close();
            }
            throw th;
        }
    }

    public static long renewDelegationToken(String str, Token<DelegationTokenIdentifier> token) throws IOException {
        BufferedReader bufferedReader = null;
        try {
            URL url = new URL(str + RenewDelegationTokenServlet.PATH_SPEC + LocationInfo.NA + "token=" + token.encodeToUrlString());
            SecurityUtil.fetchServiceTicket(url);
            bufferedReader = new BufferedReader(new InputStreamReader(url.openConnection().getInputStream()));
            long parseLong = Long.parseLong(bufferedReader.readLine());
            bufferedReader.close();
            return parseLong;
        } catch (IOException e) {
            IOUtils.cleanup(LOG, bufferedReader);
            throw e;
        }
    }

    public static void cancelDelegationToken(String str, Token<DelegationTokenIdentifier> token) throws IOException {
        try {
            URL url = new URL(str + CancelDelegationTokenServlet.PATH_SPEC + LocationInfo.NA + "token=" + token.encodeToUrlString());
            SecurityUtil.fetchServiceTicket(url);
            HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
            if (httpURLConnection.getResponseCode() != 200) {
                throw new IOException("Error cancelling token:" + httpURLConnection.getResponseMessage());
            }
        } catch (IOException e) {
            IOUtils.cleanup(LOG, null);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void getDTfromRemoteIntoFile(String str, String str2) throws IOException {
        Credentials dTfromRemote = getDTfromRemote(str, null);
        DataOutputStream dataOutputStream = new DataOutputStream(new FileOutputStream(str2));
        dTfromRemote.writeTokenStorageToStream(dataOutputStream);
        dataOutputStream.flush();
        System.out.println("Successfully wrote token of " + dataOutputStream.size() + " bytes  to " + str2);
    }

    static {
        System.setProperty("https.cipherSuites", "TLS_KRB5_WITH_3DES_EDE_CBC_SHA");
    }
}
