package com.cloudera.cmf.service.auth;

import com.cloudera.cmf.ProductState;
import com.cloudera.cmf.model.ConfigValueProvider;
import com.cloudera.cmf.model.DbProcess;
import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.AbstractDaemonRoleHandler;
import com.cloudera.cmf.service.DaemonRoleHandler;
import com.cloudera.cmf.service.SecurityParams;
import com.cloudera.cmf.service.ServiceDataProvider;
import com.cloudera.cmf.service.auth.AuthServiceHandler;
import com.cloudera.cmf.service.config.ConfigFileGenerator;
import com.cloudera.cmf.service.config.ParamParseException;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.config.PortNumberParamSpec;
import com.cloudera.cmf.service.config.PropertiesConfigFileGenerator;
import com.cloudera.cmf.service.hadoopcommon.HadoopCommonHelpers;
import com.cloudera.server.cmf.log.LogSearcher;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Maps;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/cmf/service/auth/AuthRoleHandler.class */
public class AuthRoleHandler extends AbstractDaemonRoleHandler {
    private static final Logger LOG = LoggerFactory.getLogger(AuthRoleHandler.class);
    private static final String AUTH_SCRIPT = "auth/auth.sh";
    static final String HUMANIZED_ROLE_NAME = "Authentication Server";
    private static final String LOGFILE = "auth-server.log";

    public AuthRoleHandler(AuthServiceHandler authServiceHandler, ServiceDataProvider serviceDataProvider) {
        super(authServiceHandler, serviceDataProvider);
        this.minInstanceCount = 1;
        this.maxInstanceCount = Integer.MAX_VALUE;
    }

    @Override // com.cloudera.cmf.service.RoleHandler
    public Enum<?> getRoleTypeEnum() {
        return AuthServiceHandler.RoleNames.AUTHSERVER;
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler
    public ProductState.Feature getFeature() {
        return ProductState.Feature.SINGLE_SIGN_ON;
    }

    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler
    protected Set<ParamSpec<?>> getDaemonParamSpecs(ImmutableSet<ParamSpec<?>> immutableSet) {
        ImmutableSet.Builder builder = new ImmutableSet.Builder();
        builder.addAll(immutableSet);
        builder.add(SecurityParams.jceksPasswordParamSpec(getAuthorityForPowerState()));
        builder.addAll(AuthParams.AUTHSVC_PARAMS);
        return builder.build();
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler
    protected Set<ConfigFileGenerator> getConfigFileGenerators(ImmutableSet<ConfigFileGenerator> immutableSet) {
        ImmutableSet.Builder builder = new ImmutableSet.Builder();
        builder.addAll(immutableSet);
        builder.add(new PropertiesConfigFileGenerator(AuthConfigFileDefinitions.AUTH_CONFIGS, "keycloak.properties"));
        return builder.build();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler
    public Map<String, String> getEnvironmentForRole(DbRole dbRole, Map<String, Object> map) {
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.putAll(super.getEnvironmentForRole(dbRole, map));
        newHashMap.put("KEYCLOAK_JAVA_OPTS", HadoopCommonHelpers.makeJavaOpts(AuthParams.AUTHSRV_JAVA_HEAPSIZE, AuthParams.AUTHSRV_JAVA_OPTS, getHeapDumpFile(dbRole), map, this, dbRole, dbRole.getService(), this.serviceProvider));
        return newHashMap;
    }

    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler
    public PortNumberParamSpec getWebUIHttpPortParam() {
        return AuthParams.AUTHSRV_PORT;
    }

    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler
    public PortNumberParamSpec getWebUIHttpsPortParam() {
        return getWebUIHttpPortParam();
    }

    @Override // com.cloudera.cmf.service.AbstractDaemonRoleHandler, com.cloudera.cmf.service.DaemonRoleHandler
    public boolean isWebUISSLEnabled(DbRole dbRole) {
        try {
            return AuthParams.ENABLE_TLS.extract((ConfigValueProvider) dbRole).booleanValue();
        } catch (ParamParseException e) {
            return false;
        }
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler, com.cloudera.cmf.service.RoleHandler
    public LogSearcher.LogFileType getLogFileType() {
        return LogSearcher.LogFileType.TEXT;
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler, com.cloudera.cmf.service.RoleHandler
    public String getLogFileName(DbRole dbRole) {
        return LOGFILE;
    }

    @Override // com.cloudera.cmf.service.AbstractRoleHandler, com.cloudera.cmf.service.RoleHandler
    public boolean requiresCredentials(CmfEntityManager cmfEntityManager, DbRole dbRole) {
        return false;
    }

    @Override // com.cloudera.cmf.service.DaemonRoleHandler
    public DbProcess makeProcess(DbRole dbRole, List<String> list) throws DaemonRoleHandler.ProcessSupplierException {
        Preconditions.checkArgument(list.isEmpty());
        Map<String, Object> prepareConfiguration = prepareConfiguration(dbRole);
        DbProcess dbProcess = new DbProcess(makeProcessName(dbRole));
        dbProcess.setUser(getProcessUser(prepareConfiguration));
        dbProcess.setGroup(getProcessGroup(prepareConfiguration));
        dbProcess.setProgram(AUTH_SCRIPT);
        dbProcess.setArguments(Collections.emptyList());
        dbProcess.setStatusLinks(getStatusLinks(dbRole));
        dbProcess.setConfigurationData(generateConfiguration(dbRole, prepareConfiguration));
        dbProcess.setRefreshFiles(getRefreshableConfigFiles());
        dbProcess.setEnvironment(getEnvironment(dbRole, prepareConfiguration));
        dbProcess.setResources(makeResources(dbRole, prepareConfiguration));
        dbProcess.initWithRole(dbRole);
        return dbProcess;
    }
}
