package org.apache.ranger.authorization.hadoop.agent;

import java.io.IOException;
import java.lang.instrument.ClassFileTransformer;
import java.lang.instrument.IllegalClassFormatException;
import java.security.ProtectionDomain;
import javassist.CannotCompileException;
import javassist.ClassPool;
import javassist.CtClass;
import javassist.CtMethod;
import javassist.NotFoundException;

/* loaded from: input_file:org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.class */
public class HadoopAuthClassTransformer implements ClassFileTransformer {
    volatile byte[] transformedClassByteCode = null;

    public byte[] transform(ClassLoader classLoader, String str, Class<?> cls, ProtectionDomain protectionDomain, byte[] bArr) throws IllegalClassFormatException {
        byte[] injectFSPermissionCheckerHooks;
        byte[] bArr2 = bArr;
        if (str.equals("org/apache/hadoop/hdfs/server/namenode/FSPermissionChecker")) {
            byte[] bArr3 = this.transformedClassByteCode;
            if (bArr3 == null && (injectFSPermissionCheckerHooks = injectFSPermissionCheckerHooks(str)) != null) {
                synchronized (HadoopAuthClassTransformer.class) {
                    bArr3 = this.transformedClassByteCode;
                    if (bArr3 == null) {
                        bArr3 = injectFSPermissionCheckerHooks;
                        this.transformedClassByteCode = injectFSPermissionCheckerHooks;
                    }
                }
            }
            if (bArr3 != null) {
                bArr2 = bArr3;
            }
        }
        return bArr2;
    }

    private static byte[] injectFSPermissionCheckerHooks(String str) throws IllegalClassFormatException {
        byte[] bArr = null;
        System.out.println("Injection code is Invoked in JVM [" + Runtime.getRuntime() + "] for class [" + str + "] ....");
        try {
            CtClass ctClass = getCtClass(str.replaceAll("/", "."));
            CtClass ctClass2 = getCtClass("java.lang.String");
            CtClass ctClass3 = getCtClass("java.lang.Throwable");
            CtClass ctClass4 = getCtClass("org.apache.hadoop.fs.permission.FsAction");
            CtClass ctClass5 = getCtClass("org.apache.hadoop.hdfs.server.namenode.FSDirectory");
            CtClass ctClass6 = getCtClass("org.apache.hadoop.hdfs.server.namenode.INode");
            CtClass ctClass7 = getCtClass("org.apache.hadoop.hdfs.server.namenode.INodesInPath");
            CtClass ctClass8 = getCtClass("org.apache.hadoop.security.AccessControlException");
            boolean z = false;
            CtMethod ctMethod = null;
            CtMethod ctMethod2 = null;
            if (0 == 0 && ctClass != null && ctClass6 != null && ctClass4 != null) {
                try {
                    System.out.print("looking for check(INode, int, FsAction)...");
                    ctMethod = ctClass.getDeclaredMethod("check", new CtClass[]{ctClass6, CtClass.intType, ctClass4});
                    z = true;
                    System.out.println("found");
                } catch (NotFoundException e) {
                    System.out.println("not found");
                }
            }
            if (ctMethod == null && ctClass != null && ctClass6 != null && ctClass4 != null) {
                try {
                    System.out.print("looking for check(INode, FsAction)...");
                    ctMethod = ctClass.getDeclaredMethod("check", new CtClass[]{ctClass6, ctClass4});
                    z = false;
                    System.out.println("found");
                } catch (NotFoundException e2) {
                    System.out.println("not found");
                }
            }
            if (0 == 0 && ctClass != null && ctClass7 != null && ctClass4 != null) {
                try {
                    System.out.print("looking for checkPermission(INodesInPath, boolean, FsAction, FsAction, FsAction, FsAction, boolean)...");
                    ctMethod2 = ctClass.getDeclaredMethod("checkPermission", new CtClass[]{ctClass7, CtClass.booleanType, ctClass4, ctClass4, ctClass4, ctClass4, CtClass.booleanType});
                    System.out.println("found");
                } catch (NotFoundException e3) {
                    System.out.println("not found");
                }
            }
            if (ctMethod2 == null && ctClass != null && ctClass2 != null && ctClass5 != null && ctClass4 != null) {
                try {
                    System.out.print("looking for checkPermission(String, FSDirectory, boolean, FsAction, FsAction, FsAction, FsAction, boolean, boolean)...");
                    ctMethod2 = ctClass.getDeclaredMethod("checkPermission", new CtClass[]{ctClass2, ctClass5, CtClass.booleanType, ctClass4, ctClass4, ctClass4, ctClass4, CtClass.booleanType, CtClass.booleanType});
                    System.out.println("found");
                } catch (NotFoundException e4) {
                    System.out.println("not found");
                }
            }
            if (ctClass != null) {
                if (ctMethod != null) {
                    System.out.print("injecting check() hooks...");
                    ctMethod.insertAfter("org.apache.hadoop.hdfs.server.namenode.RangerFSPermissionChecker.logHadoopEvent($1,true);");
                    ctMethod.addCatch("{ org.apache.hadoop.hdfs.server.namenode.RangerFSPermissionChecker.logHadoopEvent($1,false); throw $e; }", ctClass3);
                    if (z) {
                        ctMethod.insertBefore("{ if ( org.apache.hadoop.hdfs.server.namenode.RangerFSPermissionChecker.check(user,groups,$1,$3) ) { return; } }");
                    } else {
                        ctMethod.insertBefore("{ if ( org.apache.hadoop.hdfs.server.namenode.RangerFSPermissionChecker.check(user,groups,$1,$2) ) { return; } }");
                    }
                    System.out.println("done");
                    if (ctMethod2 != null) {
                        System.out.print("injecting checkPermission() hooks...");
                        ctMethod2.insertAfter("org.apache.hadoop.hdfs.server.namenode.RangerFSPermissionChecker.checkPermissionPost($1);");
                        ctMethod2.addCatch("{ org.apache.hadoop.hdfs.server.namenode.RangerFSPermissionChecker.checkPermissionPost($1); throw $e; }", ctClass8);
                        ctMethod2.insertBefore("org.apache.hadoop.hdfs.server.namenode.RangerFSPermissionChecker.checkPermissionPre($1);");
                        System.out.println("done");
                    }
                    bArr = ctClass.toBytecode();
                } else {
                    System.out.println("Unable to identify check() method on class: [" + str + "]. Found following methods:");
                    for (CtMethod ctMethod3 : ctClass.getDeclaredMethods()) {
                        System.err.println("  found Method: " + ctMethod3);
                    }
                    System.out.println("Injection failed. Continue without Injection");
                }
            }
        } catch (IOException e5) {
            System.err.println("IO Exception for class Name: " + str + " Exception: " + e5);
            e5.printStackTrace();
        } catch (CannotCompileException e6) {
            System.err.println("Can not compile Exception for class Name: " + str + " Exception: " + e6);
            e6.printStackTrace();
        }
        return bArr;
    }

    private static CtClass getCtClass(String str) {
        CtClass ctClass;
        try {
            ctClass = ClassPool.getDefault().get(str);
        } catch (NotFoundException e) {
            System.err.println("Unable to find Class for [" + str + "]" + e);
            ctClass = null;
        }
        return ctClass;
    }
}
