package org.apache.falcon.security;

import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.apache.commons.lang3.StringUtils;
import org.apache.falcon.service.ProxyUserService;
import org.apache.falcon.service.Services;
import org.apache.hadoop.security.UserGroupInformation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/falcon-common-0.9.jar:org/apache/falcon/security/CurrentUser.class */
public final class CurrentUser {
    private final String authenticatedUser;
    private String proxyUser;
    private static final Logger LOG = LoggerFactory.getLogger(CurrentUser.class);
    private static final Logger AUDIT = LoggerFactory.getLogger("AUDIT");
    private static final ThreadLocal<CurrentUser> CURRENT_USER = new ThreadLocal<>();
    private static ConcurrentMap<String, UserGroupInformation> userUgiMap = new ConcurrentHashMap();

    private CurrentUser(String str) {
        this.authenticatedUser = str;
        this.proxyUser = str;
    }

    public static void authenticate(String str) {
        if (StringUtils.isEmpty(str)) {
            throw new IllegalStateException("Bad user name sent for authentication");
        }
        LOG.info("Logging in {}", str);
        CURRENT_USER.set(new CurrentUser(str));
    }

    public static void proxyDoAsUser(String str, String str2) throws IOException {
        if (!isAuthenticated()) {
            throw new IllegalStateException("Authentication not done");
        }
        String str3 = CURRENT_USER.get().authenticatedUser;
        if (!StringUtils.isNotEmpty(str) || str.equalsIgnoreCase(str3)) {
            return;
        }
        if (StringUtils.isEmpty(str2)) {
            throw new IllegalArgumentException("proxy host cannot be null or empty");
        }
        try {
            ((ProxyUserService) Services.get().getService(ProxyUserService.SERVICE_NAME)).validate(str3, str2, str);
            CurrentUser currentUser = CURRENT_USER.get();
            LOG.info("Authenticated user {} is proxying doAs user {} from host {}", currentUser.authenticatedUser, str, str2);
            AUDIT.info("Authenticated user {} is proxying doAs user {} from host {}", currentUser.authenticatedUser, str, str2);
            currentUser.proxyUser = str;
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public static void proxy(String str, String str2) throws IOException {
        if (!isAuthenticated() || StringUtils.isEmpty(str)) {
            throw new IllegalStateException("Authentication not done or Bad user name");
        }
        CurrentUser currentUser = CURRENT_USER.get();
        LOG.info("Authenticated user {} is proxying entity owner {}/{}", currentUser.authenticatedUser, str, str2);
        AUDIT.info("Authenticated user {} is proxying entity owner {}/{}", currentUser.authenticatedUser, str, str2);
        currentUser.proxyUser = str;
    }

    public static void clear() {
        CURRENT_USER.remove();
    }

    public static boolean isAuthenticated() {
        CurrentUser currentUser = CURRENT_USER.get();
        return (currentUser == null || currentUser.authenticatedUser == null) ? false : true;
    }

    public static String getAuthenticatedUser() {
        CurrentUser currentUser = CURRENT_USER.get();
        if (currentUser == null || currentUser.authenticatedUser == null) {
            throw new IllegalStateException("No user logged into the system");
        }
        return currentUser.authenticatedUser;
    }

    public static UserGroupInformation getAuthenticatedUGI() throws IOException {
        return isAuthenticated() ? createProxyUGI(getAuthenticatedUser()) : UserGroupInformation.getCurrentUser();
    }

    public static String getUser() {
        CurrentUser currentUser = CURRENT_USER.get();
        if (currentUser == null || currentUser.proxyUser == null) {
            throw new IllegalStateException("No user logged into the system");
        }
        return currentUser.proxyUser;
    }

    public static UserGroupInformation createProxyUGI(String str) throws IOException {
        UserGroupInformation userGroupInformation = userUgiMap.get(str);
        if (userGroupInformation == null) {
            userGroupInformation = UserGroupInformation.createProxyUser(str, UserGroupInformation.getLoginUser());
            userUgiMap.putIfAbsent(str, userGroupInformation);
        }
        return userGroupInformation;
    }

    public static UserGroupInformation getProxyUGI() throws IOException {
        return isAuthenticated() ? createProxyUGI(getUser()) : UserGroupInformation.getCurrentUser();
    }

    public static Set<String> getGroupNames() throws IOException {
        return Collections.unmodifiableSet(new HashSet(Arrays.asList(getProxyUGI().getGroupNames())));
    }

    public static String getPrimaryGroupName() {
        try {
            String[] groupNames = getProxyUGI().getGroupNames();
            return groupNames.length > 0 ? groupNames[0] : "unknown";
        } catch (IOException e) {
            return "unknown";
        }
    }
}
