package com.cloudera.impala.impala.api;

import com.cloudera.impala.hivecommon.AuthMech;
import com.cloudera.impala.hivecommon.HiveJDBCSettings;
import com.cloudera.impala.hivecommon.ServiceDiscoveryMode;
import com.cloudera.impala.hivecommon.TransportMode;
import com.cloudera.impala.hivecommon.core.HiveJDBCCommonDriver;
import com.cloudera.impala.hivecommon.exceptions.HiveJDBCMessageKey;
import com.cloudera.impala.impala.core.ImpalaJDBC;
import com.cloudera.impala.impala.core.ImpalaJDBCConnection;
import com.cloudera.impala.jdbc41.internal.apache.thrift.transport.TTransportException;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.AltusServiceException;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.authentication.credentials.AltusProfileCredentialsProvider;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.client.AltusClientConfigurationBuilder;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.dataware.api.DatawareClient;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.dataware.api.DatawareClientBuilder;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.dataware.model.Cluster;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.dataware.model.DescribeClusterRequest;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.dataware.model.DescribeClusterResponse;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.dataware.model.GetClusterAccessTokensRequest;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.dataware.model.GetClusterAccessTokensResponse;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.shaded.org.bouncycastle.util.io.pem.PemObject;
import com.cloudera.impala.jdbc41.internal.com.cloudera.altus.shaded.org.bouncycastle.util.io.pem.PemReader;
import com.cloudera.impala.support.ILogger;
import com.cloudera.impala.support.LogUtilities;
import com.cloudera.impala.support.exceptions.ErrorException;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.StringReader;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.UUID;

/* loaded from: input_file:com/cloudera/impala/impala/api/AltusClusterDetails.class */
public class AltusClusterDetails {
    public static final String NOT_FOUND = "NOT_FOUND";
    public static final String CREATED = "CREATED";
    public static final String COORDINATOR = "coordinator";
    private static final String DIRECTORY_SEPARATOR = "/";
    private static String TRUST_STORE_TYPE = "JKS";
    private static final String PUBLIC_IP_NONE = "none";
    private Cluster m_cluster;
    private String m_coordinatorEndpoint;
    private String m_user;
    private String m_password;
    private HiveJDBCSettings m_settings;
    private DatawareClient m_datawareClient;
    private ILogger m_logger;

    public AltusClusterDetails(String str, HiveJDBCSettings hiveJDBCSettings, ILogger iLogger) throws ErrorException {
        LogUtilities.logFunctionEntrance(iLogger, str, hiveJDBCSettings);
        this.m_logger = iLogger;
        this.m_settings = hiveJDBCSettings;
        DescribeClusterRequest describeClusterRequest = new DescribeClusterRequest();
        describeClusterRequest.setClusterName(str);
        try {
            setDatawareClient(hiveJDBCSettings);
            DescribeClusterResponse describeCluster = this.m_datawareClient.describeCluster(describeClusterRequest);
            if (!describeCluster.getCluster().getStatus().equals(CREATED)) {
                throw HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_ERROR.name(), new String[]{String.valueOf(this.m_settings.m_serviceDiscoveryMode), "Altus cluster " + str + " is not in CREATED state"});
            }
            this.m_cluster = describeCluster.getCluster();
            if (describeCluster.getCluster().getSecured() == null || !describeCluster.getCluster().getSecured().booleanValue()) {
                return;
            }
            GetClusterAccessTokensResponse altusClusterAccessCreds = getAltusClusterAccessCreds(str);
            this.m_user = altusClusterAccessCreds.getLdapTokenDetails().getUsername();
            this.m_password = altusClusterAccessCreds.getLdapTokenDetails().getPassword();
            hiveJDBCSettings.m_authMech = AuthMech.UIDPWD;
            hiveJDBCSettings.m_username = this.m_user;
            hiveJDBCSettings.m_password = this.m_password;
            hiveJDBCSettings.m_transportMode = TransportMode.SASL;
            if (hiveJDBCSettings.m_serverSSLSettings.m_sslSpecifiedByUser) {
                LogUtilities.logInfo("ssl is specified by user to " + hiveJDBCSettings.m_serverSSLSettings.m_enableSSL, iLogger);
                if (!hiveJDBCSettings.m_serverSSLSettings.m_enableSSL) {
                    LogUtilities.logWarning("Secure cluster is detected however ssl is disabled by user", iLogger);
                }
            } else {
                LogUtilities.logInfo("Setting default ssl for secured cluster", iLogger);
                hiveJDBCSettings.m_serverSSLSettings.m_enableSSL = true;
            }
            if (hiveJDBCSettings.m_serverSSLSettings.m_certNamesMismatchSpecifiedByUser) {
                LogUtilities.logInfo("CAIssuedCertNamesMismatch is specified by user to " + hiveJDBCSettings.m_serverSSLSettings.m_certNamesMismatch, iLogger);
                if (!hiveJDBCSettings.m_serverSSLSettings.m_certNamesMismatch) {
                    LogUtilities.logWarning("Secure cluster is detected however CAIssuedCertNamesMismatch is disabled by user", iLogger);
                }
            } else {
                LogUtilities.logInfo("Setting default CAIssuedCertNamesMismatch for secured cluster", iLogger);
                hiveJDBCSettings.m_serverSSLSettings.m_certNamesMismatch = true;
            }
            if (null == this.m_settings.m_serverSSLSettings.m_sslTrustStore) {
                try {
                    setupTrustStore(hiveJDBCSettings, iLogger);
                    this.m_settings.m_serverSSLSettings.m_deleteTrustStoreAtConnectionClose = true;
                } catch (Exception e) {
                    if (e instanceof ErrorException) {
                        throw ((ErrorException) e);
                    }
                    ErrorException createGeneralException = HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_ERROR.name(), new String[]{String.valueOf(hiveJDBCSettings.m_serviceDiscoveryMode), "Failed to set trust store for altus cluster: " + str});
                    createGeneralException.initCause(e);
                    throw createGeneralException;
                }
            }
        } catch (AltusServiceException e2) {
            Exception handleAltusServiceException = handleAltusServiceException(str, e2);
            if (!(handleAltusServiceException instanceof ErrorException)) {
                throw HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_ERROR.name(), new String[]{String.valueOf(hiveJDBCSettings.m_serviceDiscoveryMode), handleAltusServiceException.getMessage()});
            }
            throw ((ErrorException) handleAltusServiceException);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:12:0x005a, code lost:
    
        r8.m_coordinatorEndpoint = r0.getPublicIpAddress();
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x006a, code lost:
    
        if (r8.m_settings.m_altusUsePrivateIp != false) goto L18;
     */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x0072, code lost:
    
        if (null == r8.m_coordinatorEndpoint) goto L18;
     */
    /* JADX WARN: Code restructure failed: missing block: B:17:0x007c, code lost:
    
        if (r8.m_coordinatorEndpoint.isEmpty() != false) goto L18;
     */
    /* JADX WARN: Code restructure failed: missing block: B:19:0x0088, code lost:
    
        if (r8.m_coordinatorEndpoint.equalsIgnoreCase(com.cloudera.impala.impala.api.AltusClusterDetails.PUBLIC_IP_NONE) == false) goto L20;
     */
    /* JADX WARN: Code restructure failed: missing block: B:21:0x008b, code lost:
    
        com.cloudera.impala.support.LogUtilities.logInfo("Using private IP address for connection", r8.m_logger);
        r8.m_coordinatorEndpoint = r0.getPrivateIpAddress();
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.String getCoordinatorEndpoint() throws com.cloudera.impala.support.exceptions.ErrorException {
        /*
            Method dump skipped, instructions count: 338
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.cloudera.impala.impala.api.AltusClusterDetails.getCoordinatorEndpoint():java.lang.String");
    }

    public void setupTrustStore(HiveJDBCSettings hiveJDBCSettings, ILogger iLogger) throws ErrorException {
        LogUtilities.logFunctionEntrance(iLogger, hiveJDBCSettings, iLogger);
        hiveJDBCSettings.m_serverSSLSettings.m_sslTrustStore = createTrustDir(hiveJDBCSettings.m_altusTrustStoreDir) + this.m_cluster.getClusterName() + UUID.randomUUID();
        hiveJDBCSettings.m_serverSSLSettings.m_sslTrustStorePwd = this.m_cluster.getClusterName() + UUID.randomUUID();
        LogUtilities.logInfo("Setting Altus trust store at " + hiveJDBCSettings.m_serverSSLSettings.m_sslTrustStore, iLogger);
        char[] charArray = hiveJDBCSettings.m_serverSSLSettings.m_sslTrustStorePwd.toCharArray();
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(hiveJDBCSettings.m_serverSSLSettings.m_sslTrustStore);
            Throwable th = null;
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance(TRUST_STORE_TYPE);
                    keyStore.load(null, charArray);
                    keyStore.store(fileOutputStream, charArray);
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                    LogUtilities.logInfo("Converting root certificate in string format to X509 object.", iLogger);
                    PemReader pemReader = new PemReader(new StringReader(this.m_cluster.getRootCertificate()));
                    try {
                        try {
                            FileOutputStream fileOutputStream2 = new FileOutputStream(hiveJDBCSettings.m_serverSSLSettings.m_sslTrustStore);
                            Throwable th3 = null;
                            try {
                                PemObject readPemObject = pemReader.readPemObject();
                                if (readPemObject == null) {
                                    throw new TTransportException("Could not read root certificate of Altus cluster : " + this.m_cluster.getClusterName());
                                }
                                Certificate generateCertificate = CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(readPemObject.getContent()));
                                LogUtilities.logInfo("Storing X509 certificate to local truststore.", iLogger);
                                keyStore.setCertificateEntry(this.m_cluster.getClusterName(), generateCertificate);
                                keyStore.store(fileOutputStream2, charArray);
                                if (fileOutputStream2 != null) {
                                    if (0 != 0) {
                                        try {
                                            fileOutputStream2.close();
                                        } catch (Throwable th4) {
                                            th3.addSuppressed(th4);
                                        }
                                    } else {
                                        fileOutputStream2.close();
                                    }
                                }
                            } catch (Throwable th5) {
                                if (fileOutputStream2 != null) {
                                    if (0 != 0) {
                                        try {
                                            fileOutputStream2.close();
                                        } catch (Throwable th6) {
                                            th3.addSuppressed(th6);
                                        }
                                    } else {
                                        fileOutputStream2.close();
                                    }
                                }
                                throw th5;
                            }
                        } catch (Exception e) {
                            ImpalaJDBCConnection.deleteAltusTrustStore(this.m_settings.m_serverSSLSettings.m_sslTrustStore, this.m_logger);
                            ErrorException createGeneralException = HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_ERROR.name(), new String[]{String.valueOf(this.m_settings.m_serviceDiscoveryMode), "Error occured while setting up Altus trust store: " + e.getMessage()});
                            createGeneralException.initCause(e);
                            throw createGeneralException;
                        }
                    } finally {
                        try {
                            pemReader.close();
                        } catch (IOException e2) {
                        }
                    }
                } catch (Throwable th7) {
                    th = th7;
                    throw th7;
                }
            } finally {
            }
        } catch (Exception e3) {
            ErrorException createGeneralException2 = HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_ERROR.name(), new String[]{String.valueOf(this.m_settings.m_serviceDiscoveryMode), "Error occured while setting up Altus trust store: " + e3.getMessage()});
            createGeneralException2.initCause(e3);
            throw createGeneralException2;
        }
    }

    private GetClusterAccessTokensResponse getAltusClusterAccessCreds(String str) throws ErrorException {
        GetClusterAccessTokensRequest getClusterAccessTokensRequest = new GetClusterAccessTokensRequest();
        getClusterAccessTokensRequest.setClusterName(str);
        try {
            return this.m_datawareClient.getClusterAccessTokens(getClusterAccessTokensRequest);
        } catch (AltusServiceException e) {
            Exception handleAltusServiceException = handleAltusServiceException(str, e);
            if (handleAltusServiceException instanceof ErrorException) {
                throw ((ErrorException) handleAltusServiceException);
            }
            ErrorException createGeneralException = HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_ERROR.name(), new String[]{String.valueOf(this.m_settings.m_serviceDiscoveryMode), "Failed to get Altus cluster access tokens: " + handleAltusServiceException.getMessage()});
            createGeneralException.initCause(handleAltusServiceException);
            throw createGeneralException;
        }
    }

    private void setDatawareClient(HiveJDBCSettings hiveJDBCSettings) throws ErrorException {
        if (null == hiveJDBCSettings.m_altusCredFile) {
            this.m_datawareClient = DatawareClientBuilder.defaultBuilder().build();
            return;
        }
        try {
            try {
                this.m_datawareClient = DatawareClientBuilder.defaultBuilder().withCredentials(new AltusProfileCredentialsProvider(hiveJDBCSettings.m_altusCredFile, hiveJDBCSettings.m_altusProfileName)).withClientConfiguration(AltusClientConfigurationBuilder.defaultBuilder().build()).build();
            } catch (Exception e) {
                ErrorException createGeneralException = HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_ERROR.name(), new String[]{String.valueOf(ServiceDiscoveryMode.ALTUS), e.getMessage()});
                createGeneralException.initCause(e);
                throw createGeneralException;
            }
        } catch (Exception e2) {
            ErrorException createGeneralException2 = HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.ALTUS_CREDENTIAL_FILE_READ_ERROR.name(), new String[]{String.valueOf(hiveJDBCSettings.m_serviceDiscoveryMode), e2.getMessage()});
            createGeneralException2.initCause(e2);
            throw createGeneralException2;
        }
    }

    private static Exception handleAltusServiceException(String str, AltusServiceException altusServiceException) {
        return !altusServiceException.getStatusCode().equals(NOT_FOUND) ? new Exception(altusServiceException) : HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_ERROR.name(), new String[]{"ALTUS", "Altus cluster " + str + " does not exist"});
    }

    private static String createTrustDir(String str) throws ErrorException {
        boolean z;
        if (null == str) {
            str = ImpalaJDBC.ALTUS_DEFAULT_TRUST_DIR;
        } else if (!str.endsWith(DIRECTORY_SEPARATOR)) {
            str = str + DIRECTORY_SEPARATOR;
        }
        File file = new File(str);
        if (file.isDirectory()) {
            z = true;
        } else {
            try {
                file.mkdir();
                z = true;
            } catch (Exception e) {
                ErrorException createGeneralException = HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_GENERAL_ERROR, e.getMessage());
                createGeneralException.initCause(e);
                throw createGeneralException;
            }
        }
        if (z) {
            return str;
        }
        throw HiveJDBCCommonDriver.s_HiveMessages.createGeneralException(HiveJDBCMessageKey.CONN_DYNAMIC_DISCOVERY_GENERAL_ERROR, "Error creating directory: " + str);
    }
}
