package org.apache.hadoop.hdds.protocolPB;

import com.google.protobuf.RpcController;
import com.google.protobuf.ServiceException;
import java.io.Closeable;
import java.io.IOException;
import java.security.cert.CRLException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.function.Consumer;
import org.apache.hadoop.hdds.protocol.SCMSecurityProtocol;
import org.apache.hadoop.hdds.protocol.proto.HddsProtos;
import org.apache.hadoop.hdds.protocol.proto.SCMSecurityProtocolProtos;
import org.apache.hadoop.hdds.scm.proxy.SCMSecurityProtocolFailoverProxyProvider;
import org.apache.hadoop.hdds.security.exception.SCMSecurityException;
import org.apache.hadoop.hdds.security.x509.crl.CRLInfo;
import org.apache.hadoop.hdds.tracing.TracingUtil;
import org.apache.hadoop.io.retry.RetryProxy;
import org.apache.hadoop.ipc.ProtobufHelper;
import org.apache.hadoop.ipc.ProtocolTranslator;
import org.apache.hadoop.ipc.RPC;

/* loaded from: input_file:org/apache/hadoop/hdds/protocolPB/SCMSecurityProtocolClientSideTranslatorPB.class */
public class SCMSecurityProtocolClientSideTranslatorPB implements SCMSecurityProtocol, ProtocolTranslator, Closeable {
    private static final RpcController NULL_RPC_CONTROLLER = null;
    private final SCMSecurityProtocolPB rpcProxy;

    public SCMSecurityProtocolClientSideTranslatorPB(SCMSecurityProtocolFailoverProxyProvider sCMSecurityProtocolFailoverProxyProvider) {
        Objects.requireNonNull(sCMSecurityProtocolFailoverProxyProvider, "failoverProxyProvider == null");
        this.rpcProxy = (SCMSecurityProtocolPB) RetryProxy.create(SCMSecurityProtocolPB.class, sCMSecurityProtocolFailoverProxyProvider, sCMSecurityProtocolFailoverProxyProvider.getRetryPolicy());
    }

    private SCMSecurityProtocolProtos.SCMSecurityResponse submitRequest(SCMSecurityProtocolProtos.Type type, Consumer<SCMSecurityProtocolProtos.SCMSecurityRequest.Builder> consumer) throws IOException {
        try {
            SCMSecurityProtocolProtos.SCMSecurityRequest.Builder traceID = SCMSecurityProtocolProtos.SCMSecurityRequest.newBuilder().setCmdType(type).setTraceID(TracingUtil.exportCurrentSpan());
            consumer.accept(traceID);
            SCMSecurityProtocolProtos.SCMSecurityResponse submitRequest = this.rpcProxy.submitRequest(NULL_RPC_CONTROLLER, traceID.build());
            handleError(submitRequest);
            return submitRequest;
        } catch (ServiceException e) {
            throw ProtobufHelper.getRemoteException(e);
        }
    }

    private SCMSecurityProtocolProtos.SCMSecurityResponse handleError(SCMSecurityProtocolProtos.SCMSecurityResponse sCMSecurityResponse) throws SCMSecurityException {
        if (sCMSecurityResponse.getStatus() != SCMSecurityProtocolProtos.Status.OK) {
            throw new SCMSecurityException(sCMSecurityResponse.getMessage(), SCMSecurityException.ErrorCode.values()[sCMSecurityResponse.getStatus().ordinal()]);
        }
        return sCMSecurityResponse;
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        RPC.stopProxy(this.rpcProxy);
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public String getDataNodeCertificate(HddsProtos.DatanodeDetailsProto datanodeDetailsProto, String str) throws IOException {
        return getDataNodeCertificateChain(datanodeDetailsProto, str).getX509Certificate();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public String getOMCertificate(HddsProtos.OzoneManagerDetailsProto ozoneManagerDetailsProto, String str) throws IOException {
        return getOMCertChain(ozoneManagerDetailsProto, str).getX509Certificate();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public String getCertificate(HddsProtos.NodeDetailsProto nodeDetailsProto, String str) throws IOException {
        return getCertificateChain(nodeDetailsProto, str).getX509Certificate();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public String getSCMCertificate(HddsProtos.ScmNodeDetailsProto scmNodeDetailsProto, String str) throws IOException {
        return getSCMCertChain(scmNodeDetailsProto, str, false).getX509Certificate();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public String getSCMCertificate(HddsProtos.ScmNodeDetailsProto scmNodeDetailsProto, String str, boolean z) throws IOException {
        return getSCMCertChain(scmNodeDetailsProto, str, z).getX509Certificate();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getSCMCertChain(HddsProtos.ScmNodeDetailsProto scmNodeDetailsProto, String str, boolean z) throws IOException {
        SCMSecurityProtocolProtos.SCMGetSCMCertRequestProto build = SCMSecurityProtocolProtos.SCMGetSCMCertRequestProto.newBuilder().setCSR(str).setScmDetails(scmNodeDetailsProto).setRenew(z).build();
        return submitRequest(SCMSecurityProtocolProtos.Type.GetSCMCertificate, builder -> {
            builder.setGetSCMCertificateRequest(build);
        }).getGetCertResponseProto();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getOMCertChain(HddsProtos.OzoneManagerDetailsProto ozoneManagerDetailsProto, String str) throws IOException {
        SCMSecurityProtocolProtos.SCMGetOMCertRequestProto build = SCMSecurityProtocolProtos.SCMGetOMCertRequestProto.newBuilder().setCSR(str).setOmDetails(ozoneManagerDetailsProto).build();
        return submitRequest(SCMSecurityProtocolProtos.Type.GetOMCertificate, builder -> {
            builder.setGetOMCertRequest(build);
        }).getGetCertResponseProto();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public String getCertificate(String str) throws IOException {
        SCMSecurityProtocolProtos.SCMGetCertificateRequestProto build = SCMSecurityProtocolProtos.SCMGetCertificateRequestProto.newBuilder().setCertSerialId(str).build();
        return submitRequest(SCMSecurityProtocolProtos.Type.GetCertificate, builder -> {
            builder.setGetCertificateRequest(build);
        }).getGetCertResponseProto().getX509Certificate();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getDataNodeCertificateChain(HddsProtos.DatanodeDetailsProto datanodeDetailsProto, String str) throws IOException {
        SCMSecurityProtocolProtos.SCMGetDataNodeCertRequestProto build = SCMSecurityProtocolProtos.SCMGetDataNodeCertRequestProto.newBuilder().setCSR(str).setDatanodeDetails(datanodeDetailsProto).build();
        return submitRequest(SCMSecurityProtocolProtos.Type.GetDataNodeCertificate, builder -> {
            builder.setGetDataNodeCertRequest(build);
        }).getGetCertResponseProto();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getCertificateChain(HddsProtos.NodeDetailsProto nodeDetailsProto, String str) throws IOException {
        SCMSecurityProtocolProtos.SCMGetCertRequestProto build = SCMSecurityProtocolProtos.SCMGetCertRequestProto.newBuilder().setCSR(str).setNodeDetails(nodeDetailsProto).build();
        return submitRequest(SCMSecurityProtocolProtos.Type.GetCert, builder -> {
            builder.setGetCertRequest(build);
        }).getGetCertResponseProto();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public String getCACertificate() throws IOException {
        return getCACert().getX509Certificate();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getCACert() throws IOException {
        SCMSecurityProtocolProtos.SCMGetCACertificateRequestProto defaultInstance = SCMSecurityProtocolProtos.SCMGetCACertificateRequestProto.getDefaultInstance();
        return submitRequest(SCMSecurityProtocolProtos.Type.GetCACertificate, builder -> {
            builder.setGetCACertificateRequest(defaultInstance);
        }).getGetCertResponseProto();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public List<String> listCertificate(HddsProtos.NodeType nodeType, long j, int i, boolean z) throws IOException {
        SCMSecurityProtocolProtos.SCMListCertificateRequestProto build = SCMSecurityProtocolProtos.SCMListCertificateRequestProto.newBuilder().setRole(nodeType).setStartCertId(j).setCount(i).setIsRevoked(z).build();
        return submitRequest(SCMSecurityProtocolProtos.Type.ListCertificate, builder -> {
            builder.setListCertificateRequest(build);
        }).getListCertificateResponseProto().getCertificatesList();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public String getRootCACertificate() throws IOException {
        SCMSecurityProtocolProtos.SCMGetCACertificateRequestProto defaultInstance = SCMSecurityProtocolProtos.SCMGetCACertificateRequestProto.getDefaultInstance();
        return submitRequest(SCMSecurityProtocolProtos.Type.GetRootCACertificate, builder -> {
            builder.setGetCACertificateRequest(defaultInstance);
        }).getGetCertResponseProto().getX509RootCACertificate();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public List<String> listCACertificate() throws IOException {
        SCMSecurityProtocolProtos.SCMListCACertificateRequestProto defaultInstance = SCMSecurityProtocolProtos.SCMListCACertificateRequestProto.getDefaultInstance();
        return submitRequest(SCMSecurityProtocolProtos.Type.ListCACertificate, builder -> {
            builder.setListCACertificateRequestProto(defaultInstance);
        }).getListCertificateResponseProto().getCertificatesList();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public List<CRLInfo> getCrls(List<Long> list) throws IOException {
        SCMSecurityProtocolProtos.SCMGetCrlsRequestProto build = SCMSecurityProtocolProtos.SCMGetCrlsRequestProto.newBuilder().addAllCrlId(list).build();
        List crlInfosList = submitRequest(SCMSecurityProtocolProtos.Type.GetCrls, builder -> {
            builder.setGetCrlsRequest(build);
        }).getGetCrlsResponseProto().getCrlInfosList();
        ArrayList arrayList = new ArrayList();
        Iterator it = crlInfosList.iterator();
        while (it.hasNext()) {
            try {
                arrayList.add(CRLInfo.fromProtobuf((HddsProtos.CRLInfoProto) it.next()));
            } catch (CRLException e) {
                throw new SCMSecurityException("Fail to parse CRL info", e);
            }
        }
        return arrayList;
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public long getLatestCrlId() throws IOException {
        SCMSecurityProtocolProtos.SCMGetLatestCrlIdRequestProto defaultInstance = SCMSecurityProtocolProtos.SCMGetLatestCrlIdRequestProto.getDefaultInstance();
        return submitRequest(SCMSecurityProtocolProtos.Type.GetLatestCrlId, builder -> {
            builder.setGetLatestCrlIdRequest(defaultInstance);
        }).getGetLatestCrlIdResponseProto().getCrlId();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public long revokeCertificates(List<String> list, int i, long j) throws IOException {
        SCMSecurityProtocolProtos.SCMRevokeCertificatesRequestProto build = SCMSecurityProtocolProtos.SCMRevokeCertificatesRequestProto.newBuilder().addAllCertIds(list).setReason(SCMSecurityProtocolProtos.SCMRevokeCertificatesRequestProto.Reason.valueOf(i)).setRevokeTime(j).build();
        return submitRequest(SCMSecurityProtocolProtos.Type.RevokeCertificates, builder -> {
            builder.setRevokeCertificatesRequest(build);
        }).getRevokeCertificatesResponseProto().getCrlId();
    }

    public Object getUnderlyingProxyObject() {
        return this.rpcProxy;
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public List<String> getAllRootCaCertificates() throws IOException {
        SCMSecurityProtocolProtos.SCMGetAllRootCaCertificatesRequestProto defaultInstance = SCMSecurityProtocolProtos.SCMGetAllRootCaCertificatesRequestProto.getDefaultInstance();
        return submitRequest(SCMSecurityProtocolProtos.Type.GetAllRootCaCertificates, builder -> {
            builder.setGetAllRootCaCertificatesRequestProto(defaultInstance);
        }).getAllRootCaCertificatesResponseProto().getAllX509RootCaCertificatesList();
    }

    @Override // org.apache.hadoop.hdds.protocol.SCMSecurityProtocol
    public List<String> removeExpiredCertificates() throws IOException {
        SCMSecurityProtocolProtos.SCMRemoveExpiredCertificatesRequestProto defaultInstance = SCMSecurityProtocolProtos.SCMRemoveExpiredCertificatesRequestProto.getDefaultInstance();
        return submitRequest(SCMSecurityProtocolProtos.Type.RemoveExpiredCertificates, builder -> {
            builder.setRemoveExpiredCertificatesRequestProto(defaultInstance);
        }).getRemoveExpiredCertificatesResponseProto().getRemovedExpiredCertificatesList();
    }
}
