package org.apache.gobblin.util;

import com.google.common.base.Optional;
import com.google.common.base.Preconditions;
import com.google.common.io.Closer;
import java.beans.ConstructorProperties;
import java.io.IOException;
import java.net.URI;
import java.security.PrivilegedExceptionAction;
import java.util.Properties;
import lombok.NonNull;
import org.apache.gobblin.configuration.ConfigurationKeys;
import org.apache.gobblin.configuration.State;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.LocalFileSystem;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.io.SequenceFile;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.Token;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/gobblin-utility-0.12.0.jar:org/apache/gobblin/util/ProxiedFileSystemUtils.class */
public class ProxiedFileSystemUtils {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) ProxiedFileSystemUtils.class);
    public static final String AUTH_TYPE_KEY = "gobblin.utility.user.proxy.auth.type";
    public static final String AUTH_TOKEN_PATH = "gobblin.utility.proxy.auth.token.path";

    /* loaded from: input_file:WEB-INF/lib/gobblin-utility-0.12.0.jar:org/apache/gobblin/util/ProxiedFileSystemUtils$AuthType.class */
    public enum AuthType {
        TOKEN,
        KEYTAB
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/gobblin-utility-0.12.0.jar:org/apache/gobblin/util/ProxiedFileSystemUtils$ProxiedFileSystem.class */
    public static class ProxiedFileSystem implements PrivilegedExceptionAction<FileSystem> {

        @NonNull
        private URI fsURI;

        @NonNull
        private Configuration conf;

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedExceptionAction
        public FileSystem run() throws IOException {
            ProxiedFileSystemUtils.log.info("Creating a filesystem for user: " + UserGroupInformation.getCurrentUser());
            return FileSystem.get(this.fsURI, this.conf);
        }

        @ConstructorProperties({"fsURI", "conf"})
        public ProxiedFileSystem(@NonNull URI uri, @NonNull Configuration configuration) {
            if (uri == null) {
                throw new NullPointerException("fsURI");
            }
            if (configuration == null) {
                throw new NullPointerException("conf");
            }
            this.fsURI = uri;
            this.conf = configuration;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static FileSystem createProxiedFileSystem(@NonNull String str, Properties properties, URI uri, Configuration configuration) throws IOException {
        if (str == null) {
            throw new NullPointerException("userNameToProxyAs");
        }
        Preconditions.checkArgument(properties.containsKey(AUTH_TYPE_KEY));
        switch (AuthType.valueOf(properties.getProperty(AUTH_TYPE_KEY))) {
            case TOKEN:
                Preconditions.checkArgument(properties.containsKey(AUTH_TOKEN_PATH));
                Optional<Token<?>> tokenFromSeqFile = getTokenFromSeqFile(str, new Path(properties.getProperty(AUTH_TOKEN_PATH)));
                if (!tokenFromSeqFile.isPresent()) {
                    throw new IOException("No delegation token found for proxy user " + str);
                }
                try {
                    return createProxiedFileSystemUsingToken(str, tokenFromSeqFile.get(), uri, configuration);
                } catch (InterruptedException e) {
                    throw new IOException("Failed to proxy as user " + str, e);
                }
            case KEYTAB:
                Preconditions.checkArgument(properties.containsKey(ConfigurationKeys.SUPER_USER_NAME_TO_PROXY_AS_OTHERS) && properties.containsKey(ConfigurationKeys.SUPER_USER_KEY_TAB_LOCATION));
                try {
                    return createProxiedFileSystemUsingKeytab(str, properties.getProperty(ConfigurationKeys.SUPER_USER_NAME_TO_PROXY_AS_OTHERS), new Path(properties.getProperty(ConfigurationKeys.SUPER_USER_KEY_TAB_LOCATION)), uri, configuration);
                } catch (InterruptedException e2) {
                    throw new IOException("Failed to proxy as user " + str, e2);
                }
            default:
                throw new IOException("User proxy auth type " + properties.getProperty(AUTH_TYPE_KEY) + " not recognized.");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static FileSystem createProxiedFileSystemUsingKeytab(String str, String str2, Path path, URI uri, Configuration configuration) throws IOException, InterruptedException {
        return (FileSystem) loginAndProxyAsUser(str, str2, path).doAs(new ProxiedFileSystem(uri, configuration));
    }

    static FileSystem createProxiedFileSystemUsingKeytab(State state, URI uri, Configuration configuration) throws IOException, InterruptedException {
        Preconditions.checkArgument(state.contains(ConfigurationKeys.FS_PROXY_AS_USER_NAME));
        Preconditions.checkArgument(state.contains(ConfigurationKeys.SUPER_USER_NAME_TO_PROXY_AS_OTHERS));
        Preconditions.checkArgument(state.contains(ConfigurationKeys.SUPER_USER_KEY_TAB_LOCATION));
        return createProxiedFileSystemUsingKeytab(state.getProp(ConfigurationKeys.FS_PROXY_AS_USER_NAME), state.getProp(ConfigurationKeys.SUPER_USER_NAME_TO_PROXY_AS_OTHERS), new Path(state.getProp(ConfigurationKeys.SUPER_USER_KEY_TAB_LOCATION)), uri, configuration);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static FileSystem createProxiedFileSystemUsingToken(@NonNull String str, @NonNull Token<?> token, URI uri, Configuration configuration) throws IOException, InterruptedException {
        if (str == null) {
            throw new NullPointerException("userNameToProxyAs");
        }
        if (token == null) {
            throw new NullPointerException("userNameToken");
        }
        UserGroupInformation createProxyUser = UserGroupInformation.createProxyUser(str, UserGroupInformation.getLoginUser());
        createProxyUser.addToken(token);
        return (FileSystem) createProxyUser.doAs(new ProxiedFileSystem(uri, configuration));
    }

    public static boolean canProxyAs(String str, String str2, Path path) {
        try {
            loginAndProxyAsUser(str, str2, path);
            return true;
        } catch (IOException e) {
            return false;
        }
    }

    public static Optional<Token<?>> getTokenFromSeqFile(String str, Path path) throws IOException {
        log.info("Reading tokens from sequence file " + path);
        Closer create = Closer.create();
        Throwable th = null;
        try {
            try {
                LocalFileSystem local = FileSystem.getLocal(new Configuration());
                SequenceFile.Reader reader = (SequenceFile.Reader) create.register(new SequenceFile.Reader(local, path, local.getConf()));
                Text text = new Text();
                Token token = new Token();
                while (reader.next(text, token)) {
                    log.debug("Found token for user: " + text);
                    if (text.toString().equals(str)) {
                        Optional<Token<?>> of = Optional.of(token);
                        if (create != null) {
                            if (0 != 0) {
                                try {
                                    create.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                create.close();
                            }
                        }
                        return of;
                    }
                }
                if (create != null) {
                    if (0 != 0) {
                        try {
                            create.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        create.close();
                    }
                }
                log.warn("Did not find any tokens for user " + str);
                return Optional.absent();
            } finally {
            }
        } catch (Throwable th4) {
            if (create != null) {
                if (th != null) {
                    try {
                        create.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    create.close();
                }
            }
            throw th4;
        }
    }

    private static UserGroupInformation loginAndProxyAsUser(@NonNull String str, @NonNull String str2, Path path) throws IOException {
        if (str == null) {
            throw new NullPointerException("userNameToProxyAs");
        }
        if (str2 == null) {
            throw new NullPointerException("superUserName");
        }
        if (!UserGroupInformation.getLoginUser().getUserName().equals(str2)) {
            Preconditions.checkNotNull(path);
            UserGroupInformation.loginUserFromKeytab(str2, path.toString());
        }
        return UserGroupInformation.createProxyUser(str, UserGroupInformation.getLoginUser());
    }
}
