package com.datatorrent.stram.security;

import com.datatorrent.stram.client.StramClientUtils;
import com.datatorrent.stram.util.FSUtil;
import java.io.File;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.security.PrivilegedExceptionAction;
import java.util.Iterator;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.security.Credentials;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.yarn.client.api.YarnClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/datatorrent/stram/security/StramUserLogin.class */
public class StramUserLogin {
    private static final Logger LOG = LoggerFactory.getLogger(StramUserLogin.class);
    public static final String DT_AUTH_PREFIX = "dt.authentication.";
    public static final String DT_AUTH_PRINCIPAL = "dt.authentication.principal";
    public static final String DT_AUTH_KEYTAB = "dt.authentication.keytab";
    private static String principal;
    private static String keytab;

    public static void attemptAuthentication(Configuration configuration) throws IOException {
        if (UserGroupInformation.isSecurityEnabled()) {
            authenticate(configuration);
        }
    }

    public static void authenticate(Configuration configuration) throws IOException {
        authenticate(configuration.get(DT_AUTH_PRINCIPAL), configuration.get(DT_AUTH_KEYTAB));
    }

    public static void authenticate(String str, String str2) throws IOException {
        if (str == null || str.isEmpty() || str2 == null || str2.isEmpty()) {
            return;
        }
        try {
            UserGroupInformation.loginUserFromKeytab(str, str2);
            LOG.info("Login user {}", UserGroupInformation.getCurrentUser().getUserName());
            principal = str;
            keytab = str2;
        } catch (IOException e) {
            LOG.error("Error login user with principal {}", str, e);
            throw e;
        }
    }

    public static long refreshTokens(long j, String str, String str2, final Configuration configuration, String str3, String str4, final Credentials credentials, InetSocketAddress inetSocketAddress, final boolean z) throws IOException {
        long currentTimeMillis = System.currentTimeMillis() + j;
        final String str5 = configuration.get("yarn.resourcemanager.principal");
        if (str5 == null || str5.length() == 0) {
            throw new IOException("Can't get Master Kerberos principal for the RM to use as renewer");
        }
        FileSystem newInstance = FileSystem.newInstance(configuration);
        Throwable th = null;
        try {
            try {
                File copyToLocalFileSystem = FSUtil.copyToLocalFileSystem(newInstance, str, str2, str4, configuration);
                if (newInstance != null) {
                    if (0 != 0) {
                        try {
                            newInstance.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newInstance.close();
                    }
                }
                if (str3 == null) {
                    str3 = UserGroupInformation.getCurrentUser().getUserName();
                }
                try {
                    UserGroupInformation.loginUserFromKeytabAndReturnUGI(str3, copyToLocalFileSystem.getAbsolutePath()).doAs(new PrivilegedExceptionAction<Object>() { // from class: com.datatorrent.stram.security.StramUserLogin.1
                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws Exception {
                            YarnClient yarnClient = null;
                            if (z) {
                                yarnClient = YarnClient.createYarnClient();
                                yarnClient.init(configuration);
                                yarnClient.start();
                            }
                            Credentials credentials2 = new Credentials();
                            try {
                                FileSystem newInstance2 = FileSystem.newInstance(configuration);
                                Throwable th3 = null;
                                try {
                                    try {
                                        newInstance2.addDelegationTokens(str5, credentials2);
                                        if (z) {
                                            new StramClientUtils.ClientRMHelper(yarnClient, configuration).addRMDelegationToken(str5, credentials2);
                                        }
                                        if (newInstance2 != null) {
                                            if (0 != 0) {
                                                try {
                                                    newInstance2.close();
                                                } catch (Throwable th4) {
                                                    th3.addSuppressed(th4);
                                                }
                                            } else {
                                                newInstance2.close();
                                            }
                                        }
                                        credentials.addAll(credentials2);
                                        return null;
                                    } finally {
                                    }
                                } finally {
                                }
                            } finally {
                                if (z) {
                                    yarnClient.stop();
                                }
                            }
                        }
                    });
                    UserGroupInformation.getCurrentUser().addCredentials(credentials);
                } catch (IOException e) {
                    LOG.error("Error while renewing tokens ", e);
                    currentTimeMillis = System.currentTimeMillis();
                } catch (InterruptedException e2) {
                    LOG.error("Error while renewing tokens ", e2);
                    currentTimeMillis = System.currentTimeMillis();
                }
                LOG.debug("number of tokens: {}", Integer.valueOf(credentials.getAllTokens().size()));
                Iterator it = credentials.getAllTokens().iterator();
                while (it.hasNext()) {
                    LOG.debug("updated token: {}", (Token) it.next());
                }
                copyToLocalFileSystem.delete();
                return currentTimeMillis;
            } finally {
            }
        } catch (Throwable th3) {
            if (newInstance != null) {
                if (th != null) {
                    try {
                        newInstance.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    newInstance.close();
                }
            }
            throw th3;
        }
    }

    public static String getPrincipal() {
        return principal;
    }

    public static String getKeytab() {
        return keytab;
    }
}
