package org.apache.hadoop.hdds.security.symmetric;

import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import java.io.IOException;
import java.time.Duration;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import org.apache.hadoop.hdds.conf.ConfigurationSource;
import org.apache.hadoop.hdds.protocol.SecretKeyProtocol;
import org.apache.hadoop.hdds.security.exception.SCMSecurityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/hdds/security/symmetric/DefaultSecretKeyVerifierClient.class */
public class DefaultSecretKeyVerifierClient implements SecretKeyVerifierClient {
    private static final Logger LOG = LoggerFactory.getLogger(DefaultSecretKeyVerifierClient.class);
    private final LoadingCache<UUID, Optional<ManagedSecretKey>> cache;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DefaultSecretKeyVerifierClient(final SecretKeyProtocol secretKeyProtocol, ConfigurationSource configurationSource) {
        Duration parseExpiryDuration = SecretKeyConfig.parseExpiryDuration(configurationSource);
        long millis = ((parseExpiryDuration.toMillis() / SecretKeyConfig.parseRotateDuration(configurationSource).toMillis()) + 1) * 2;
        Duration multipliedBy = parseExpiryDuration.multipliedBy(2L);
        CacheLoader<UUID, Optional<ManagedSecretKey>> cacheLoader = new CacheLoader<UUID, Optional<ManagedSecretKey>>() { // from class: org.apache.hadoop.hdds.security.symmetric.DefaultSecretKeyVerifierClient.1
            public Optional<ManagedSecretKey> load(UUID uuid) throws Exception {
                ManagedSecretKey secretKey = secretKeyProtocol.getSecretKey(uuid);
                DefaultSecretKeyVerifierClient.LOG.info("Secret key fetched from SCM: {}", secretKey);
                return Optional.ofNullable(secretKey);
            }
        };
        LOG.info("Initializing secret key cache with size {}, TTL {}", Long.valueOf(millis), parseExpiryDuration);
        this.cache = CacheBuilder.newBuilder().maximumSize(millis).expireAfterWrite(multipliedBy.toMillis(), TimeUnit.MILLISECONDS).recordStats().build(cacheLoader);
    }

    @Override // org.apache.hadoop.hdds.security.symmetric.SecretKeyVerifierClient
    public ManagedSecretKey getSecretKey(UUID uuid) throws SCMSecurityException {
        try {
            return (ManagedSecretKey) ((Optional) this.cache.get(uuid)).orElse(null);
        } catch (ExecutionException e) {
            if (!(e.getCause() instanceof IOException)) {
                throw new IllegalStateException("Unexpected exception fetching secret key " + uuid + " from SCM", e.getCause());
            }
            SCMSecurityException sCMSecurityException = (IOException) e.getCause();
            if (sCMSecurityException instanceof SCMSecurityException) {
                throw sCMSecurityException;
            }
            throw new SCMSecurityException("Error fetching secret key " + uuid + " from SCM", sCMSecurityException);
        }
    }
}
