package org.apache.hadoop.crypto.key.kms.server;

import com.codahale.metrics.JmxReporter;
import com.codahale.metrics.Meter;
import com.codahale.metrics.MetricRegistry;
import java.io.File;
import java.net.URI;
import java.net.URL;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.crypto.key.CachingKeyProvider;
import org.apache.hadoop.crypto.key.KeyProvider;
import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension;
import org.apache.hadoop.crypto.key.KeyProviderFactory;
import org.apache.hadoop.crypto.key.kms.server.KeyAuthorizationKeyProvider;
import org.apache.hadoop.security.authorize.AccessControlList;
import org.apache.hadoop.util.VersionInfo;
import org.apache.log4j.PropertyConfigurator;
import org.mortbay.log.Log;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.bridge.SLF4JBridgeHandler;

@InterfaceAudience.Private
/* loaded from: input_file:org/apache/hadoop/crypto/key/kms/server/KMSWebApp.class */
public class KMSWebApp implements ServletContextListener {
    private static final String LOG4J_PROPERTIES = "kms-log4j.properties";
    private static final String METRICS_PREFIX = "hadoop.kms.";
    private static final String ADMIN_CALLS_METER = "hadoop.kms.admin.calls.meter";
    private static final String KEY_CALLS_METER = "hadoop.kms.key.calls.meter";
    private static final String INVALID_CALLS_METER = "hadoop.kms.invalid.calls.meter";
    private static final String UNAUTHORIZED_CALLS_METER = "hadoop.kms.unauthorized.calls.meter";
    private static final String UNAUTHENTICATED_CALLS_METER = "hadoop.kms.unauthenticated.calls.meter";
    private static final String GENERATE_EEK_METER = "hadoop.kms.generate_eek.calls.meter";
    private static final String DECRYPT_EEK_METER = "hadoop.kms.decrypt_eek.calls.meter";
    private static Logger LOG;
    private static MetricRegistry metricRegistry;
    private JmxReporter jmxReporter;
    private static Configuration kmsConf;
    private static KeyAuthorizationKeyProvider.KeyACLs kmsAcls;
    private static Meter adminCallsMeter;
    private static Meter keyCallsMeter;
    private static Meter unauthorizedCallsMeter;
    private static Meter unauthenticatedCallsMeter;
    private static Meter decryptEEKCallsMeter;
    private static Meter generateEEKCallsMeter;
    private static Meter invalidCallsMeter;
    private static KMSAudit kmsAudit;
    private static KeyProviderCryptoExtension keyProviderCryptoExtension;

    private void initLogging(String str) {
        if (System.getProperty("log4j.configuration") != null) {
            LOG = LoggerFactory.getLogger(KMSWebApp.class);
            return;
        }
        System.setProperty("log4j.defaultInitOverride", "true");
        boolean z = true;
        File absoluteFile = new File(str, LOG4J_PROPERTIES).getAbsoluteFile();
        if (absoluteFile.exists()) {
            PropertyConfigurator.configureAndWatch(absoluteFile.getPath(), 1000L);
            z = false;
        } else {
            URL resource = Thread.currentThread().getContextClassLoader().getResource(LOG4J_PROPERTIES);
            if (resource != null) {
                PropertyConfigurator.configure(resource);
            }
        }
        LOG = LoggerFactory.getLogger(KMSWebApp.class);
        LOG.debug("KMS log starting");
        if (z) {
            LOG.warn("Log4j configuration file '{}' not found", LOG4J_PROPERTIES);
            LOG.warn("Logging with INFO level to standard output");
        }
    }

    public void contextInitialized(ServletContextEvent servletContextEvent) {
        try {
            String property = System.getProperty("kms.config.dir");
            if (property == null) {
                throw new RuntimeException("System property 'kms.config.dir' not defined");
            }
            kmsConf = KMSConfiguration.getKMSConf();
            initLogging(property);
            LOG.info("-------------------------------------------------------------");
            LOG.info("  Java runtime version : {}", System.getProperty("java.runtime.version"));
            LOG.info("  KMS Hadoop Version: " + VersionInfo.getVersion());
            LOG.info("-------------------------------------------------------------");
            kmsAcls = getAcls(kmsConf.get(KMSConfiguration.KMS_SECURITY_AUTHORIZER));
            kmsAcls.startReloader();
            metricRegistry = new MetricRegistry();
            this.jmxReporter = JmxReporter.forRegistry(metricRegistry).build();
            this.jmxReporter.start();
            generateEEKCallsMeter = metricRegistry.register(GENERATE_EEK_METER, new Meter());
            decryptEEKCallsMeter = metricRegistry.register(DECRYPT_EEK_METER, new Meter());
            adminCallsMeter = metricRegistry.register(ADMIN_CALLS_METER, new Meter());
            keyCallsMeter = metricRegistry.register(KEY_CALLS_METER, new Meter());
            invalidCallsMeter = metricRegistry.register(INVALID_CALLS_METER, new Meter());
            unauthorizedCallsMeter = metricRegistry.register(UNAUTHORIZED_CALLS_METER, new Meter());
            unauthenticatedCallsMeter = metricRegistry.register(UNAUTHENTICATED_CALLS_METER, new Meter());
            kmsAudit = new KMSAudit(kmsConf.getLong(KMSConfiguration.KMS_AUDIT_AGGREGATION_WINDOW, KMSConfiguration.KMS_AUDIT_AGGREGATION_WINDOW_DEFAULT));
            servletContextEvent.getServletContext().setAttribute("hadoop.conf", kmsConf);
            servletContextEvent.getServletContext().setAttribute("admins.acl", new AccessControlList(KMSACLs.ACL_DEFAULT));
            String str = kmsConf.get(KMSConfiguration.KEY_PROVIDER_URI);
            if (str == null) {
                throw new IllegalStateException("No KeyProvider has been defined");
            }
            Log.info("------------------ Ranger KMSWEbApp---------------------");
            Log.info("provider string = " + str);
            Log.info("URI = " + new URI(str).toString() + " scheme = " + new URI(str).getScheme());
            Log.info("kmsconf size= " + kmsConf.size() + " kms classname=" + kmsConf.getClass().getName());
            Log.info("----------------INstantiating key provider ---------------");
            KeyProvider keyProvider = KeyProviderFactory.get(new URI(str), kmsConf);
            Log.info("keyProvider = " + keyProvider.toString());
            if (kmsConf.getBoolean(KMSConfiguration.KEY_CACHE_ENABLE, true)) {
                keyProvider = new CachingKeyProvider(keyProvider, kmsConf.getLong(KMSConfiguration.KEY_CACHE_TIMEOUT_KEY, KMSConfiguration.KEY_CACHE_TIMEOUT_DEFAULT), kmsConf.getLong(KMSConfiguration.CURR_KEY_CACHE_TIMEOUT_KEY, KMSConfiguration.CURR_KEY_CACHE_TIMEOUT_DEFAULT));
            }
            LOG.info("Initialized KeyProvider " + keyProvider);
            keyProviderCryptoExtension = KeyProviderCryptoExtension.createKeyProviderCryptoExtension(keyProvider);
            keyProviderCryptoExtension = new EagerKeyGeneratorKeyProviderCryptoExtension(kmsConf, keyProviderCryptoExtension);
            if (kmsConf.getBoolean(KMSConfiguration.KEY_AUTHORIZATION_ENABLE, true)) {
                keyProviderCryptoExtension = new KeyAuthorizationKeyProvider(keyProviderCryptoExtension, kmsAcls);
            }
            LOG.info("Initialized KeyProviderCryptoExtension " + keyProviderCryptoExtension);
            LOG.info("Default key bitlength is {}", Integer.valueOf(kmsConf.getInt("hadoop.security.key.default.bitlength", 128)));
            LOG.info("Ranger KMS Started");
        } catch (Throwable th) {
            System.out.println();
            System.out.println("ERROR: Hadoop KMS could not be started");
            System.out.println();
            System.out.println("REASON: " + th.toString());
            System.out.println();
            System.out.println("Stacktrace:");
            System.out.println("---------------------------------------------------");
            th.printStackTrace(System.out);
            System.out.println("---------------------------------------------------");
            System.out.println();
            System.exit(1);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:7:0x004c A[Catch: Exception -> 0x005a, TryCatch #0 {Exception -> 0x005a, blocks: (B:13:0x0008, B:15:0x001a, B:17:0x002a, B:18:0x0044, B:7:0x004c), top: B:12:0x0008 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private org.apache.hadoop.crypto.key.kms.server.KeyAuthorizationKeyProvider.KeyACLs getAcls(java.lang.String r6) throws java.io.IOException {
        /*
            r5 = this;
            r0 = 0
            r7 = r0
            r0 = 0
            r8 = r0
            r0 = r6
            if (r0 == 0) goto L14
            r0 = r6
            java.lang.String r0 = r0.trim()     // Catch: java.lang.Exception -> L5a
            java.lang.String r1 = ""
            boolean r0 = r0.equals(r1)     // Catch: java.lang.Exception -> L5a
            if (r0 == 0) goto L1a
        L14:
            java.lang.Class<org.apache.hadoop.crypto.key.kms.server.KMSACLs> r0 = org.apache.hadoop.crypto.key.kms.server.KMSACLs.class
            r8 = r0
            goto L48
        L1a:
            r0 = r6
            java.lang.Class r0 = java.lang.Class.forName(r0)     // Catch: java.lang.Exception -> L5a
            r9 = r0
            java.lang.Class<org.apache.hadoop.crypto.key.kms.server.KeyAuthorizationKeyProvider$KeyACLs> r0 = org.apache.hadoop.crypto.key.kms.server.KeyAuthorizationKeyProvider.KeyACLs.class
            r1 = r9
            boolean r0 = r0.isAssignableFrom(r1)     // Catch: java.lang.Exception -> L5a
            if (r0 != 0) goto L45
            java.lang.RuntimeException r0 = new java.lang.RuntimeException     // Catch: java.lang.Exception -> L5a
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L5a
            r3 = r2
            r3.<init>()     // Catch: java.lang.Exception -> L5a
            r3 = r6
            java.lang.StringBuilder r2 = r2.append(r3)     // Catch: java.lang.Exception -> L5a
            java.lang.String r3 = " should implement KeyACLs"
            java.lang.StringBuilder r2 = r2.append(r3)     // Catch: java.lang.Exception -> L5a
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Exception -> L5a
            r1.<init>(r2)     // Catch: java.lang.Exception -> L5a
            throw r0     // Catch: java.lang.Exception -> L5a
        L45:
            r0 = r9
            r8 = r0
        L48:
            r0 = r8
            if (r0 == 0) goto L57
            r0 = r8
            org.apache.hadoop.conf.Configuration r1 = org.apache.hadoop.crypto.key.kms.server.KMSWebApp.kmsConf     // Catch: java.lang.Exception -> L5a
            java.lang.Object r0 = org.apache.hadoop.util.ReflectionUtils.newInstance(r0, r1)     // Catch: java.lang.Exception -> L5a
            org.apache.hadoop.crypto.key.kms.server.KeyAuthorizationKeyProvider$KeyACLs r0 = (org.apache.hadoop.crypto.key.kms.server.KeyAuthorizationKeyProvider.KeyACLs) r0     // Catch: java.lang.Exception -> L5a
            r7 = r0
        L57:
            goto L72
        L5a:
            r8 = move-exception
            org.slf4j.Logger r0 = org.apache.hadoop.crypto.key.kms.server.KMSWebApp.LOG
            java.lang.String r1 = "Unable to getAcls with an exception"
            r2 = r8
            r0.error(r1, r2)
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            r2 = r8
            java.lang.String r2 = r2.getMessage()
            r1.<init>(r2)
            throw r0
        L72:
            r0 = r7
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.hadoop.crypto.key.kms.server.KMSWebApp.getAcls(java.lang.String):org.apache.hadoop.crypto.key.kms.server.KeyAuthorizationKeyProvider$KeyACLs");
    }

    public void contextDestroyed(ServletContextEvent servletContextEvent) {
        kmsAudit.shutdown();
        kmsAcls.stopReloader();
        this.jmxReporter.stop();
        this.jmxReporter.close();
        metricRegistry = null;
        LOG.info("KMS Stopped");
    }

    public static Configuration getConfiguration() {
        return new Configuration(kmsConf);
    }

    public static KeyAuthorizationKeyProvider.KeyACLs getACLs() {
        return kmsAcls;
    }

    public static Meter getAdminCallsMeter() {
        return adminCallsMeter;
    }

    public static Meter getKeyCallsMeter() {
        return keyCallsMeter;
    }

    public static Meter getInvalidCallsMeter() {
        return invalidCallsMeter;
    }

    public static Meter getGenerateEEKCallsMeter() {
        return generateEEKCallsMeter;
    }

    public static Meter getDecryptEEKCallsMeter() {
        return decryptEEKCallsMeter;
    }

    public static Meter getUnauthorizedCallsMeter() {
        return unauthorizedCallsMeter;
    }

    public static Meter getUnauthenticatedCallsMeter() {
        return unauthenticatedCallsMeter;
    }

    public static KeyProviderCryptoExtension getKeyProvider() {
        return keyProviderCryptoExtension;
    }

    public static KMSAudit getKMSAudit() {
        return kmsAudit;
    }

    static {
        SLF4JBridgeHandler.removeHandlersForRootLogger();
        SLF4JBridgeHandler.install();
    }
}
