package org.apache.hadoop.hdds.scm.protocol;

import com.google.protobuf.ProtocolMessageEnum;
import com.google.protobuf.RpcController;
import com.google.protobuf.ServiceException;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import org.apache.hadoop.hdds.protocol.SCMSecurityProtocol;
import org.apache.hadoop.hdds.protocol.proto.SCMSecurityProtocolProtos;
import org.apache.hadoop.hdds.protocolPB.SCMSecurityProtocolPB;
import org.apache.hadoop.hdds.scm.ha.RatisUtil;
import org.apache.hadoop.hdds.scm.server.StorageContainerManager;
import org.apache.hadoop.hdds.security.exception.SCMSecurityException;
import org.apache.hadoop.hdds.security.x509.crl.CRLInfo;
import org.apache.hadoop.hdds.server.OzoneProtocolMessageDispatcher;
import org.apache.hadoop.hdds.utils.ProtocolMessageMetrics;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/hdds/scm/protocol/SCMSecurityProtocolServerSideTranslatorPB.class */
public class SCMSecurityProtocolServerSideTranslatorPB implements SCMSecurityProtocolPB {
    private static final Logger LOG = LoggerFactory.getLogger(SCMSecurityProtocolServerSideTranslatorPB.class);
    private final SCMSecurityProtocol impl;
    private final StorageContainerManager scm;
    private OzoneProtocolMessageDispatcher<SCMSecurityProtocolProtos.SCMSecurityRequest, SCMSecurityProtocolProtos.SCMSecurityResponse, ProtocolMessageEnum> dispatcher;

    /* renamed from: org.apache.hadoop.hdds.scm.protocol.SCMSecurityProtocolServerSideTranslatorPB$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/hadoop/hdds/scm/protocol/SCMSecurityProtocolServerSideTranslatorPB$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type = new int[SCMSecurityProtocolProtos.Type.values().length];

        static {
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.GetCertificate.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.GetCACertificate.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.GetOMCertificate.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.GetDataNodeCertificate.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.ListCertificate.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.GetSCMCertificate.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.GetRootCACertificate.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.ListCACertificate.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.GetCrls.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.GetLatestCrlId.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.RevokeCertificates.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[SCMSecurityProtocolProtos.Type.GetCert.ordinal()] = 12;
            } catch (NoSuchFieldError e12) {
            }
        }
    }

    public SCMSecurityProtocolServerSideTranslatorPB(SCMSecurityProtocol sCMSecurityProtocol, StorageContainerManager storageContainerManager, ProtocolMessageMetrics protocolMessageMetrics) {
        this.impl = sCMSecurityProtocol;
        this.scm = storageContainerManager;
        this.dispatcher = new OzoneProtocolMessageDispatcher<>("ScmSecurityProtocol", protocolMessageMetrics, LOG);
    }

    public SCMSecurityProtocolProtos.SCMSecurityResponse submitRequest(RpcController rpcController, SCMSecurityProtocolProtos.SCMSecurityRequest sCMSecurityRequest) throws ServiceException {
        if (!sCMSecurityRequest.getCmdType().equals(SCMSecurityProtocolProtos.Type.GetSCMCertificate) && !this.scm.checkLeader()) {
            RatisUtil.checkRatisException(this.scm.getScmHAManager().getRatisServer().triggerNotLeaderException(), this.scm.getSecurityProtocolRpcPort(), this.scm.getScmId());
        }
        return (SCMSecurityProtocolProtos.SCMSecurityResponse) this.dispatcher.processRequest(sCMSecurityRequest, this::processRequest, sCMSecurityRequest.getCmdType(), sCMSecurityRequest.getTraceID());
    }

    public SCMSecurityProtocolProtos.SCMSecurityResponse processRequest(SCMSecurityProtocolProtos.SCMSecurityRequest sCMSecurityRequest) throws ServiceException {
        SCMSecurityProtocolProtos.SCMSecurityResponse.Builder status = SCMSecurityProtocolProtos.SCMSecurityResponse.newBuilder().setCmdType(sCMSecurityRequest.getCmdType()).setStatus(SCMSecurityProtocolProtos.Status.OK);
        try {
            switch (AnonymousClass1.$SwitchMap$org$apache$hadoop$hdds$protocol$proto$SCMSecurityProtocolProtos$Type[sCMSecurityRequest.getCmdType().ordinal()]) {
                case 1:
                    return status.setGetCertResponseProto(getCertificate(sCMSecurityRequest.getGetCertificateRequest())).build();
                case 2:
                    return status.setGetCertResponseProto(getCACertificate(sCMSecurityRequest.getGetCACertificateRequest())).build();
                case 3:
                    return status.setGetCertResponseProto(getOMCertificate(sCMSecurityRequest.getGetOMCertRequest())).build();
                case 4:
                    return status.setGetCertResponseProto(getDataNodeCertificate(sCMSecurityRequest.getGetDataNodeCertRequest())).build();
                case 5:
                    return status.setListCertificateResponseProto(listCertificate(sCMSecurityRequest.getListCertificateRequest())).build();
                case 6:
                    return status.setGetCertResponseProto(getSCMCertificate(sCMSecurityRequest.getGetSCMCertificateRequest())).build();
                case 7:
                    return status.setGetCertResponseProto(getRootCACertificate()).build();
                case 8:
                    return status.setListCertificateResponseProto(listCACertificate()).build();
                case 9:
                    return SCMSecurityProtocolProtos.SCMSecurityResponse.newBuilder().setCmdType(sCMSecurityRequest.getCmdType()).setGetCrlsResponseProto(getCrls(sCMSecurityRequest.getGetCrlsRequest())).build();
                case 10:
                    return SCMSecurityProtocolProtos.SCMSecurityResponse.newBuilder().setCmdType(sCMSecurityRequest.getCmdType()).setGetLatestCrlIdResponseProto(getLatestCrlId(sCMSecurityRequest.getGetLatestCrlIdRequest())).build();
                case 11:
                    return SCMSecurityProtocolProtos.SCMSecurityResponse.newBuilder().setCmdType(sCMSecurityRequest.getCmdType()).setRevokeCertificatesResponseProto(revokeCertificates(sCMSecurityRequest.getRevokeCertificatesRequest())).build();
                case 12:
                    return status.setGetCertResponseProto(getCertificate(sCMSecurityRequest.getGetCertRequest())).build();
                default:
                    throw new IllegalArgumentException("Unknown request type: " + sCMSecurityRequest.getCmdType());
            }
        } catch (IOException e) {
            RatisUtil.checkRatisException(e, this.scm.getSecurityProtocolRpcPort(), this.scm.getScmId());
            status.setSuccess(false);
            status.setStatus(exceptionToResponseStatus(e));
            if (e.getMessage() != null) {
                status.setMessage(e.getMessage());
            } else if (e.getCause() != null && e.getCause().getMessage() != null) {
                status.setMessage(e.getCause().getMessage());
            }
            return status.build();
        }
    }

    private SCMSecurityProtocolProtos.Status exceptionToResponseStatus(IOException iOException) {
        return iOException instanceof SCMSecurityException ? SCMSecurityProtocolProtos.Status.values()[((SCMSecurityException) iOException).getErrorCode().ordinal()] : SCMSecurityProtocolProtos.Status.INTERNAL_ERROR;
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getDataNodeCertificate(SCMSecurityProtocolProtos.SCMGetDataNodeCertRequestProto sCMGetDataNodeCertRequestProto) throws IOException {
        SCMSecurityProtocolProtos.SCMGetCertResponseProto.Builder x509CACertificate = SCMSecurityProtocolProtos.SCMGetCertResponseProto.newBuilder().setResponseCode(SCMSecurityProtocolProtos.SCMGetCertResponseProto.ResponseCode.success).setX509Certificate(this.impl.getDataNodeCertificate(sCMGetDataNodeCertRequestProto.getDatanodeDetails(), sCMGetDataNodeCertRequestProto.getCSR())).setX509CACertificate(this.impl.getCACertificate());
        setRootCAIfNeeded(x509CACertificate);
        return x509CACertificate.build();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getCertificate(SCMSecurityProtocolProtos.SCMGetCertRequestProto sCMGetCertRequestProto) throws IOException {
        SCMSecurityProtocolProtos.SCMGetCertResponseProto.Builder x509CACertificate = SCMSecurityProtocolProtos.SCMGetCertResponseProto.newBuilder().setResponseCode(SCMSecurityProtocolProtos.SCMGetCertResponseProto.ResponseCode.success).setX509Certificate(this.impl.getCertificate(sCMGetCertRequestProto.getNodeDetails(), sCMGetCertRequestProto.getCSR())).setX509CACertificate(this.impl.getCACertificate());
        setRootCAIfNeeded(x509CACertificate);
        return x509CACertificate.build();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getSCMCertificate(SCMSecurityProtocolProtos.SCMGetSCMCertRequestProto sCMGetSCMCertRequestProto) throws IOException {
        if (!this.scm.getScmStorageConfig().checkPrimarySCMIdInitialized()) {
            throw createNotHAException();
        }
        return SCMSecurityProtocolProtos.SCMGetCertResponseProto.newBuilder().setResponseCode(SCMSecurityProtocolProtos.SCMGetCertResponseProto.ResponseCode.success).setX509Certificate(this.impl.getSCMCertificate(sCMGetSCMCertRequestProto.getScmDetails(), sCMGetSCMCertRequestProto.getCSR())).setX509CACertificate(this.impl.getRootCACertificate()).setX509RootCACertificate(this.impl.getRootCACertificate()).build();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getOMCertificate(SCMSecurityProtocolProtos.SCMGetOMCertRequestProto sCMGetOMCertRequestProto) throws IOException {
        SCMSecurityProtocolProtos.SCMGetCertResponseProto.Builder x509CACertificate = SCMSecurityProtocolProtos.SCMGetCertResponseProto.newBuilder().setResponseCode(SCMSecurityProtocolProtos.SCMGetCertResponseProto.ResponseCode.success).setX509Certificate(this.impl.getOMCertificate(sCMGetOMCertRequestProto.getOmDetails(), sCMGetOMCertRequestProto.getCSR())).setX509CACertificate(this.impl.getCACertificate());
        setRootCAIfNeeded(x509CACertificate);
        return x509CACertificate.build();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getCertificate(SCMSecurityProtocolProtos.SCMGetCertificateRequestProto sCMGetCertificateRequestProto) throws IOException {
        return SCMSecurityProtocolProtos.SCMGetCertResponseProto.newBuilder().setResponseCode(SCMSecurityProtocolProtos.SCMGetCertResponseProto.ResponseCode.success).setX509Certificate(this.impl.getCertificate(sCMGetCertificateRequestProto.getCertSerialId())).build();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getCACertificate(SCMSecurityProtocolProtos.SCMGetCACertificateRequestProto sCMGetCACertificateRequestProto) throws IOException {
        String cACertificate = this.impl.getCACertificate();
        SCMSecurityProtocolProtos.SCMGetCertResponseProto.Builder x509CACertificate = SCMSecurityProtocolProtos.SCMGetCertResponseProto.newBuilder().setResponseCode(SCMSecurityProtocolProtos.SCMGetCertResponseProto.ResponseCode.success).setX509Certificate(cACertificate).setX509CACertificate(cACertificate);
        setRootCAIfNeeded(x509CACertificate);
        return x509CACertificate.build();
    }

    public SCMSecurityProtocolProtos.SCMListCertificateResponseProto listCertificate(SCMSecurityProtocolProtos.SCMListCertificateRequestProto sCMListCertificateRequestProto) throws IOException {
        return SCMSecurityProtocolProtos.SCMListCertificateResponseProto.newBuilder().setResponseCode(SCMSecurityProtocolProtos.SCMListCertificateResponseProto.ResponseCode.success).addAllCertificates(this.impl.listCertificate(sCMListCertificateRequestProto.getRole(), sCMListCertificateRequestProto.getStartCertId(), sCMListCertificateRequestProto.getCount(), sCMListCertificateRequestProto.getIsRevoked())).build();
    }

    public SCMSecurityProtocolProtos.SCMGetCrlsResponseProto getCrls(SCMSecurityProtocolProtos.SCMGetCrlsRequestProto sCMGetCrlsRequestProto) throws IOException {
        List crls = this.impl.getCrls(sCMGetCrlsRequestProto.getCrlIdList());
        SCMSecurityProtocolProtos.SCMGetCrlsResponseProto.Builder newBuilder = SCMSecurityProtocolProtos.SCMGetCrlsResponseProto.newBuilder();
        Iterator it = crls.iterator();
        while (it.hasNext()) {
            try {
                newBuilder.addCrlInfos(((CRLInfo) it.next()).getProtobuf());
            } catch (SCMSecurityException e) {
                LOG.error("Fail in parsing CRL info", e);
                throw new SCMSecurityException("Fail in parsing CRL info", e);
            }
        }
        return newBuilder.build();
    }

    public SCMSecurityProtocolProtos.SCMGetLatestCrlIdResponseProto getLatestCrlId(SCMSecurityProtocolProtos.SCMGetLatestCrlIdRequestProto sCMGetLatestCrlIdRequestProto) throws IOException {
        return SCMSecurityProtocolProtos.SCMGetLatestCrlIdResponseProto.newBuilder().setCrlId(this.impl.getLatestCrlId()).build();
    }

    public SCMSecurityProtocolProtos.SCMRevokeCertificatesResponseProto revokeCertificates(SCMSecurityProtocolProtos.SCMRevokeCertificatesRequestProto sCMRevokeCertificatesRequestProto) throws IOException {
        return SCMSecurityProtocolProtos.SCMRevokeCertificatesResponseProto.newBuilder().setCrlId(this.impl.revokeCertificates(sCMRevokeCertificatesRequestProto.getCertIdsList(), sCMRevokeCertificatesRequestProto.getReason().getNumber(), sCMRevokeCertificatesRequestProto.getRevokeTime())).build();
    }

    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getRootCACertificate() throws IOException {
        if (this.scm.getScmStorageConfig().checkPrimarySCMIdInitialized()) {
            throw createNotHAException();
        }
        String rootCACertificate = this.impl.getRootCACertificate();
        return SCMSecurityProtocolProtos.SCMGetCertResponseProto.newBuilder().setResponseCode(SCMSecurityProtocolProtos.SCMGetCertResponseProto.ResponseCode.success).setX509Certificate(rootCACertificate).setX509RootCACertificate(rootCACertificate).build();
    }

    public SCMSecurityProtocolProtos.SCMListCertificateResponseProto listCACertificate() throws IOException {
        return SCMSecurityProtocolProtos.SCMListCertificateResponseProto.newBuilder().setResponseCode(SCMSecurityProtocolProtos.SCMListCertificateResponseProto.ResponseCode.success).addAllCertificates(this.impl.listCACertificate()).build();
    }

    private SCMSecurityException createNotHAException() {
        return new SCMSecurityException("SCM is not Ratis enabled. Enable ozone.scm.ratis.enable config");
    }

    private void setRootCAIfNeeded(SCMSecurityProtocolProtos.SCMGetCertResponseProto.Builder builder) throws IOException {
        if (this.scm.getScmStorageConfig().checkPrimarySCMIdInitialized()) {
            builder.setX509RootCACertificate(this.impl.getRootCACertificate());
        }
    }
}
