package org.apache.airavata.gfac.provider.impl;

import com.amazonaws.AmazonClientException;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.services.ec2.AmazonEC2Client;
import com.amazonaws.services.ec2.model.AuthorizeSecurityGroupIngressRequest;
import com.amazonaws.services.ec2.model.DeleteKeyPairRequest;
import com.amazonaws.services.ec2.model.DescribeInstancesRequest;
import com.amazonaws.services.ec2.model.DescribeInstancesResult;
import com.amazonaws.services.ec2.model.DescribeKeyPairsRequest;
import com.amazonaws.services.ec2.model.GroupIdentifier;
import com.amazonaws.services.ec2.model.ImportKeyPairRequest;
import com.amazonaws.services.ec2.model.Instance;
import com.amazonaws.services.ec2.model.InstanceStateName;
import com.amazonaws.services.ec2.model.IpPermission;
import com.amazonaws.services.ec2.model.Reservation;
import com.amazonaws.services.ec2.model.RunInstancesRequest;
import com.sshtools.j2ssh.SshClient;
import com.sshtools.j2ssh.authentication.PublicKeyAuthenticationClient;
import com.sshtools.j2ssh.configuration.SshConnectionProperties;
import com.sshtools.j2ssh.connection.ChannelInputStream;
import com.sshtools.j2ssh.session.SessionChannelClient;
import com.sshtools.j2ssh.transport.HostKeyVerification;
import com.sshtools.j2ssh.transport.TransportProtocolException;
import com.sshtools.j2ssh.transport.publickey.InvalidSshKeyException;
import com.sshtools.j2ssh.transport.publickey.SshPrivateKeyFile;
import com.sshtools.j2ssh.transport.publickey.SshPublicKey;
import com.sshtools.j2ssh.util.Base64;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.StringWriter;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.airavata.commons.gfac.type.ActualParameter;
import org.apache.airavata.commons.gfac.type.ApplicationDescription;
import org.apache.airavata.gfac.Constants;
import org.apache.airavata.gfac.GFacException;
import org.apache.airavata.gfac.context.JobExecutionContext;
import org.apache.airavata.gfac.context.security.AmazonSecurityContext;
import org.apache.airavata.gfac.notification.events.EC2ProviderEvent;
import org.apache.airavata.gfac.provider.GFacProvider;
import org.apache.airavata.gfac.provider.GFacProviderException;
import org.apache.airavata.gfac.provider.utils.ProviderUtils;
import org.apache.airavata.schemas.gfac.Ec2ApplicationDeploymentType;
import org.apache.airavata.schemas.gfac.OutputParameterType;
import org.apache.airavata.schemas.gfac.StringParameterType;
import org.bouncycastle.openssl.PEMWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/airavata/gfac/provider/impl/EC2Provider.class */
public class EC2Provider implements GFacProvider {
    public static final int SLEEP_TIME_SECOND = 120;
    public static final int SOCKET_TIMEOUT = 30000;
    public static final int SSH_PORT = 22;
    private Instance instance = null;
    private AmazonSecurityContext amazonSecurityContext;
    private static final Logger log = LoggerFactory.getLogger(EC2Provider.class);
    public static final String KEY_PAIR_FILE = "ec2_rsa";
    private static final String PRIVATE_KEY_FILE_PATH = System.getProperty("user.home") + "/.ssh/" + KEY_PAIR_FILE;

    @Override // org.apache.airavata.gfac.provider.GFacProvider
    public void initialize(JobExecutionContext jobExecutionContext) throws GFacProviderException, GFacException {
        if (jobExecutionContext == null) {
            throw new GFacProviderException("Job Execution Context is null" + jobExecutionContext);
        }
        if (!(jobExecutionContext.getSecurityContext(AmazonSecurityContext.AMAZON_SECURITY_CONTEXT) instanceof AmazonSecurityContext)) {
            throw new GFacProviderException("Amazon Security Context is not set" + jobExecutionContext);
        }
        this.amazonSecurityContext = (AmazonSecurityContext) jobExecutionContext.getSecurityContext(AmazonSecurityContext.AMAZON_SECURITY_CONTEXT);
        if (log.isDebugEnabled()) {
            log.debug("ACCESS_KEY:" + this.amazonSecurityContext.getAccessKey());
            log.debug("SECRET_KEY:" + this.amazonSecurityContext.getSecretKey());
            log.debug("AMI_ID:" + this.amazonSecurityContext.getAmiId());
            log.debug("INS_ID:" + this.amazonSecurityContext.getInstanceId());
            log.debug("INS_TYPE:" + this.amazonSecurityContext.getInstanceType());
            log.debug("USERNAME:" + this.amazonSecurityContext.getUserName());
        }
        if (this.amazonSecurityContext.getAccessKey() == null || this.amazonSecurityContext.getAccessKey().isEmpty()) {
            throw new GFacProviderException("EC2 Access Key is empty", jobExecutionContext);
        }
        if (this.amazonSecurityContext.getSecretKey() == null || this.amazonSecurityContext.getSecretKey().isEmpty()) {
            throw new GFacProviderException("EC2 Secret Key is empty", jobExecutionContext);
        }
        if ((this.amazonSecurityContext.getAmiId() == null && this.amazonSecurityContext.getInstanceId() == null) || ((this.amazonSecurityContext.getAmiId() != null && this.amazonSecurityContext.getAmiId().isEmpty()) || (this.amazonSecurityContext.getInstanceId() != null && this.amazonSecurityContext.getInstanceId().isEmpty()))) {
            throw new GFacProviderException("EC2 AMI or Instance ID is empty", jobExecutionContext);
        }
        if (this.amazonSecurityContext.getUserName() == null || this.amazonSecurityContext.getUserName().isEmpty()) {
            throw new GFacProviderException("EC2 Username is empty", jobExecutionContext);
        }
        AmazonEC2Client amazonEC2Client = new AmazonEC2Client(new BasicAWSCredentials(this.amazonSecurityContext.getAccessKey(), this.amazonSecurityContext.getSecretKey()));
        initEc2Environment(jobExecutionContext, amazonEC2Client);
        checkConnection(this.instance, amazonEC2Client);
    }

    @Override // org.apache.airavata.gfac.provider.GFacProvider
    public void execute(JobExecutionContext jobExecutionContext) throws GFacProviderException {
        String createShellCmd = createShellCmd(jobExecutionContext);
        SshClient sshClient = new SshClient();
        sshClient.setSocketTimeout(SOCKET_TIMEOUT);
        SshConnectionProperties sshConnectionProperties = new SshConnectionProperties();
        sshConnectionProperties.setHost(this.instance.getPublicDnsName());
        sshConnectionProperties.setPort(22);
        try {
            OutputParameterType[] outputParametersArray = jobExecutionContext.getApplicationContext().getServiceDescription().getType().getOutputParametersArray();
            if (outputParametersArray == null) {
                throw new GFacProviderException("Output parameter name is not set. Therefore, not being able to filter the job result from standard out ", jobExecutionContext);
            }
            String parameterName = outputParametersArray[0].getParameterName();
            sshClient.connect(sshConnectionProperties, new HostKeyVerification() { // from class: org.apache.airavata.gfac.provider.impl.EC2Provider.1
                public boolean verifyHost(String str, SshPublicKey sshPublicKey) throws TransportProtocolException {
                    EC2Provider.log.debug("Verifying Host: " + str);
                    return true;
                }
            });
            PublicKeyAuthenticationClient publicKeyAuthenticationClient = new PublicKeyAuthenticationClient();
            publicKeyAuthenticationClient.setUsername("ec2-user");
            publicKeyAuthenticationClient.setKey(SshPrivateKeyFile.parse(new File(PRIVATE_KEY_FILE_PATH)).toPrivateKey(""));
            int authenticate = sshClient.authenticate(publicKeyAuthenticationClient);
            if (authenticate == 2) {
                throw new GFacProviderException("The authentication failed", jobExecutionContext);
            }
            if (authenticate == 3) {
                throw new GFacProviderException("The authentication succeeded but anotherauthentication is required", jobExecutionContext);
            }
            if (authenticate == 4) {
                log.info("ssh client authentication is complete...");
            }
            SessionChannelClient openSessionChannel = sshClient.openSessionChannel();
            log.info("ssh session successfully opened...");
            openSessionChannel.requestPseudoTerminal("vt100", 80, 25, 0, 0, "");
            openSessionChannel.startShell();
            openSessionChannel.getOutputStream().write(createShellCmd.getBytes());
            ChannelInputStream inputStream = openSessionChannel.getInputStream();
            byte[] bArr = new byte[255];
            String str = "";
            while (true) {
                int read = inputStream.read(bArr);
                if (read <= 0) {
                    break;
                }
                String str2 = new String(bArr, 0, read);
                if (str2.startsWith(parameterName)) {
                    str = str2.split("=")[1];
                    log.debug("Result found in the StandardOut ");
                    break;
                }
            }
            String replace = str.replace("\r", "").replace("\n", "");
            log.info("Result of the job : " + replace);
            for (OutputParameterType outputParameterType : outputParametersArray) {
                String parameterName2 = outputParameterType.getParameterName();
                ActualParameter actualParameter = new ActualParameter();
                actualParameter.getType().changeType(StringParameterType.type);
                actualParameter.getType().setValue(replace);
                jobExecutionContext.getOutMessageContext().addParameter(parameterName2, actualParameter);
            }
        } catch (Exception e) {
            throw new GFacProviderException("Error parsing standard out for job execution result", e);
        } catch (InvalidSshKeyException e2) {
            throw new GFacProviderException("Invalid SSH key", (Throwable) e2);
        } catch (IOException e3) {
            throw new GFacProviderException("Error in occurred during IO", e3);
        }
    }

    private String createShellCmd(JobExecutionContext jobExecutionContext) throws GFacProviderException {
        String cmdParams;
        ApplicationDescription applicationDeploymentDescription = jobExecutionContext.getApplicationContext().getApplicationDeploymentDescription();
        if (applicationDeploymentDescription.getType() instanceof Ec2ApplicationDeploymentType) {
            Ec2ApplicationDeploymentType type = applicationDeploymentDescription.getType();
            cmdParams = setCmdParams(jobExecutionContext, type.getExecutable() != null ? type.getExecutableType() + Constants.SPACE + type.getExecutable() : "sh " + type.getExecutable());
        } else {
            cmdParams = setCmdParams(jobExecutionContext, "sh " + applicationDeploymentDescription.getType().getExecutableLocation());
        }
        return cmdParams + '\n';
    }

    private String setCmdParams(JobExecutionContext jobExecutionContext, String str) throws GFacProviderException {
        try {
            Iterator<String> it = ProviderUtils.getInputParameters(jobExecutionContext).iterator();
            while (it.hasNext()) {
                str = Constants.SPACE + str + Constants.SPACE + it.next();
            }
            log.info("Command to be executed on EC2 : " + str);
            return str;
        } catch (GFacProviderException e) {
            throw new GFacProviderException("Error in extracting input values from JobExecutionContext");
        }
    }

    @Override // org.apache.airavata.gfac.provider.GFacProvider
    public void dispose(JobExecutionContext jobExecutionContext) throws GFacProviderException {
    }

    private void checkConnection(Instance instance, AmazonEC2Client amazonEC2Client) {
        for (GroupIdentifier groupIdentifier : instance.getSecurityGroups()) {
            IpPermission ipPermission = new IpPermission();
            ipPermission.setIpProtocol("tcp");
            ipPermission.setFromPort(22);
            ipPermission.setToPort(22);
            AuthorizeSecurityGroupIngressRequest withIpPermissions = new AuthorizeSecurityGroupIngressRequest().withIpPermissions(new IpPermission[]{ipPermission.withIpRanges(new String[]{"0.0.0.0/0"})});
            withIpPermissions.setGroupId(groupIdentifier.getGroupId());
            try {
                amazonEC2Client.authorizeSecurityGroupIngress(withIpPermissions);
            } catch (AmazonServiceException e) {
                if (!e.getErrorCode().equals("InvalidPermission.Duplicate")) {
                    throw e;
                }
            }
        }
    }

    private void initEc2Environment(JobExecutionContext jobExecutionContext, AmazonEC2Client amazonEC2Client) throws GFacProviderException {
        try {
            buildKeyPair(amazonEC2Client);
            if (this.amazonSecurityContext.getAmiId() != null) {
                this.instance = startInstances(amazonEC2Client, this.amazonSecurityContext.getAmiId(), this.amazonSecurityContext.getInstanceType(), jobExecutionContext).get(0);
            } else {
                DescribeInstancesResult describeInstances = amazonEC2Client.describeInstances(new DescribeInstancesRequest().withInstanceIds(new String[]{this.amazonSecurityContext.getInstanceId()}));
                if (describeInstances.getReservations().size() == 0 || ((Reservation) describeInstances.getReservations().get(0)).getInstances().size() == 0) {
                    throw new GFacProviderException("Instance not found:" + this.amazonSecurityContext.getInstanceId());
                }
                this.instance = (Instance) ((Reservation) describeInstances.getReservations().get(0)).getInstances().get(0);
                if (this.instance.getKeyName() == null || !this.instance.getKeyName().equals(KEY_PAIR_FILE)) {
                    throw new GFacProviderException("Keypair for instance:" + this.amazonSecurityContext.getInstanceId() + " is not valid");
                }
            }
            jobExecutionContext.getNotificationService().publish(new EC2ProviderEvent("EC2 Instance " + this.instance.getInstanceId() + " is running with public name " + this.instance.getPublicDnsName()));
        } catch (Exception e) {
            throw new GFacProviderException("Invalid Request", e, jobExecutionContext);
        }
    }

    private List<Instance> startInstances(AmazonEC2Client amazonEC2Client, String str, String str2, JobExecutionContext jobExecutionContext) throws AmazonServiceException {
        RunInstancesRequest runInstancesRequest = new RunInstancesRequest(str, 1, 1);
        runInstancesRequest.setKeyName(KEY_PAIR_FILE);
        runInstancesRequest.setInstanceType(str2);
        List<Instance> instances = amazonEC2Client.runInstances(runInstancesRequest).getReservation().getInstances();
        while (true) {
            List<Instance> list = instances;
            if (allInstancesStateEqual(list, InstanceStateName.Running)) {
                log.info("All amazon instances are running");
                return list;
            }
            if (anyInstancesStateEqual(list, InstanceStateName.Terminated)) {
                throw new AmazonClientException("Some Instance is terminated before running a job");
            }
            for (Instance instance : list) {
                jobExecutionContext.getNotificationService().publish(new EC2ProviderEvent("EC2 Instance " + instance.getInstanceId() + " is " + instance.getState().getName()));
            }
            try {
                Thread.sleep(120000L);
            } catch (Exception e) {
            }
            DescribeInstancesRequest describeInstancesRequest = new DescribeInstancesRequest();
            describeInstancesRequest.setInstanceIds(getInstanceIDs(list));
            instances = ((Reservation) amazonEC2Client.describeInstances(describeInstancesRequest).getReservations().get(0)).getInstances();
        }
    }

    private void buildKeyPair(AmazonEC2Client amazonEC2Client) throws NoSuchAlgorithmException, InvalidKeySpecException, AmazonServiceException, AmazonClientException, IOException {
        boolean z = false;
        File file = new File(PRIVATE_KEY_FILE_PATH);
        File file2 = new File(PRIVATE_KEY_FILE_PATH + ".pub");
        if (!file.exists()) {
            File file3 = new File(System.getProperty("user.home") + "/.ssh/");
            if (!file3.exists()) {
                file3.mkdir();
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            FileOutputStream fileOutputStream = null;
            try {
                try {
                    fileOutputStream = new FileOutputStream(PRIVATE_KEY_FILE_PATH + ".pub");
                    fileOutputStream.write(Base64.encodeBytes(genKeyPair.getPublic().getEncoded(), true).getBytes());
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                            fileOutputStream = null;
                        } catch (IOException e) {
                            throw e;
                        }
                    }
                    try {
                        try {
                            fileOutputStream = new FileOutputStream(PRIVATE_KEY_FILE_PATH);
                            StringWriter stringWriter = new StringWriter();
                            PEMWriter pEMWriter = new PEMWriter(stringWriter);
                            pEMWriter.writeObject(genKeyPair.getPrivate());
                            pEMWriter.close();
                            fileOutputStream.write(stringWriter.toString().getBytes());
                            if (fileOutputStream != null) {
                                try {
                                    fileOutputStream.close();
                                } catch (IOException e2) {
                                    throw e2;
                                }
                            }
                            file.setWritable(false, false);
                            file.setExecutable(false, false);
                            file.setReadable(false, false);
                            file.setReadable(true);
                            file.setWritable(true);
                            z = true;
                        } catch (Throwable th) {
                            if (fileOutputStream != null) {
                                try {
                                    fileOutputStream.close();
                                } catch (IOException e3) {
                                    throw e3;
                                }
                            }
                            throw th;
                        }
                    } catch (IOException e4) {
                        throw e4;
                    }
                } catch (Throwable th2) {
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (IOException e5) {
                            throw e5;
                        }
                    }
                    throw th2;
                }
            } catch (IOException e6) {
                throw e6;
            }
        }
        BufferedReader bufferedReader = null;
        try {
            try {
                bufferedReader = new BufferedReader(new FileReader(file2));
                String readLine = bufferedReader.readLine();
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e7) {
                        throw e7;
                    }
                }
                try {
                    amazonEC2Client.describeKeyPairs(new DescribeKeyPairsRequest().withKeyNames(new String[]{KEY_PAIR_FILE}));
                    if (z) {
                        amazonEC2Client.deleteKeyPair(new DeleteKeyPairRequest(KEY_PAIR_FILE));
                        amazonEC2Client.importKeyPair(new ImportKeyPairRequest(KEY_PAIR_FILE, readLine));
                    }
                } catch (AmazonServiceException e8) {
                    if (!e8.getErrorCode().equals("InvalidKeyPair.NotFound")) {
                        throw e8;
                    }
                    amazonEC2Client.importKeyPair(new ImportKeyPairRequest(KEY_PAIR_FILE, readLine));
                }
            } catch (IOException e9) {
                throw e9;
            }
        } catch (Throwable th3) {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e10) {
                    throw e10;
                }
            }
            throw th3;
        }
    }

    private boolean anyInstancesStateEqual(List<Instance> list, InstanceStateName instanceStateName) {
        Iterator<Instance> it = list.iterator();
        while (it.hasNext()) {
            if (InstanceStateName.fromValue(it.next().getState().getName()) == instanceStateName) {
                return true;
            }
        }
        return false;
    }

    private boolean allInstancesStateEqual(List<Instance> list, InstanceStateName instanceStateName) {
        Iterator<Instance> it = list.iterator();
        while (it.hasNext()) {
            if (InstanceStateName.fromValue(it.next().getState().getName()) != instanceStateName) {
                return false;
            }
        }
        return true;
    }

    private List<String> getInstanceIDs(List<Instance> list) {
        ArrayList arrayList = new ArrayList();
        Iterator<Instance> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getInstanceId());
        }
        return arrayList;
    }
}
