package com.cloudera.cmf.command;

import com.cloudera.cmf.command.GenerateHostCertsCommand;
import com.cloudera.cmf.command.flow.AbstractCmdWork;
import com.cloudera.cmf.command.flow.CmdWorkCtx;
import com.cloudera.cmf.command.flow.WorkOutput;
import com.cloudera.cmf.command.flow.WorkOutputs;
import com.cloudera.cmf.model.DbCertificate;
import com.cloudera.cmf.service.scm.ScmHandler;
import com.cloudera.cmf.service.scm.ScmParamTrackerStore;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.enterprise.MessageWithArgs;
import com.cloudera.server.cmf.node.HostCertConfigurator;
import com.cloudera.server.cmf.node.HostCertConfiguratorService;
import com.google.common.annotations.VisibleForTesting;
import net.schmizz.sshj.xfer.LocalSourceFile;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.exception.ExceptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/cmf/command/GenerateHostCertsCmdWork.class */
public class GenerateHostCertsCmdWork extends AbstractCmdWork {
    private static Logger LOG = LoggerFactory.getLogger(GenerateHostCertsCmdWork.class);
    private static final int MAX_CONFIGURE_ATTEMPTS = 3;
    private final String hostname;
    private final int port;
    private final String user;
    private final String password;
    private final String passphrase;
    private final String privateKey;
    private final String publicKey = null;
    private final ScmParamTrackerStore scmParamTrackerStore;

    public GenerateHostCertsCmdWork(String str, GenerateHostCertsCommandArgs generateHostCertsCommandArgs, ScmParamTrackerStore scmParamTrackerStore) {
        this.hostname = str;
        this.port = generateHostCertsCommandArgs.getSshPort();
        this.user = generateHostCertsCommandArgs.getUserName();
        this.password = generateHostCertsCommandArgs.getPassword();
        this.passphrase = generateHostCertsCommandArgs.getPassphrase();
        this.privateKey = generateHostCertsCommandArgs.getPrivateKey();
        this.scmParamTrackerStore = scmParamTrackerStore;
    }

    @Override // com.cloudera.cmf.command.flow.CmdWork
    public WorkOutput doWork(CmdWorkCtx cmdWorkCtx) {
        LocalSourceFile buildCertTarFile;
        LOG.info("Generating host certs for host: {}", this.hostname);
        if (this.user == null || (this.password == null && this.privateKey == null)) {
            return WorkOutputs.failure(cmdWorkCtx.getCommandId(), GenerateHostCertsCommand.I18nKeys.NO_SSH_ARGS.getKey(), new String[0]);
        }
        String str = (String) ScmHandler.getScmConfigValue(ScmParams.HOST_CERT_GENERATOR, cmdWorkCtx.getCmfEM().getScmConfigProvider());
        if (StringUtils.isBlank(str)) {
            LOG.error("No host certificate generator is set.");
            return WorkOutputs.failure(cmdWorkCtx.getCommandId(), GenerateHostCertsCommand.I18nKeys.NO_HOST_CERT_GEN.getKey(), new String[0]);
        }
        try {
            byte[] retrieveCustomCertTar = HostCertConfigurator.retrieveCustomCertTar(cmdWorkCtx.getCmfEM(), this.hostname);
            if (retrieveCustomCertTar != null) {
                buildCertTarFile = HostCertConfigurator.buildCertTarFileFromBytes(retrieveCustomCertTar);
            } else {
                DbCertificate findCertificate = cmdWorkCtx.getCmfEM().findCertificate("__root__");
                byte[] bArr = null;
                if (findCertificate != null) {
                    bArr = findCertificate.getCerttar();
                    if (bArr == null) {
                        throw new IllegalStateException(String.format("Invalid CMCA in database: missing cert data", this.hostname));
                    }
                }
                LOG.info("Using host certificate generator command: " + str);
                buildCertTarFile = buildCertTarFile(str, bArr);
            }
            if (buildCertTarFile == null) {
                LOG.error("Failed to run host cert generator command");
                return WorkOutputs.failure(cmdWorkCtx.getCommandId(), GenerateHostCertsCommand.I18nKeys.FAILURE.getKey(), new String[0]);
            }
            HostCertConfigurator newConfigurator = StringUtils.isBlank(this.privateKey) ? HostCertConfiguratorService.newConfigurator(this.hostname, this.port, this.user, this.password, this.privateKey, this.publicKey, buildCertTarFile) : HostCertConfiguratorService.newConfigurator(this.hostname, this.port, this.user, this.passphrase, this.privateKey, this.publicKey, buildCertTarFile);
            long j = 2000;
            for (int i = 1; i <= 3; i++) {
                try {
                    newConfigurator.configure();
                    break;
                } catch (IllegalStateException e) {
                    if (i == 3) {
                        throw e;
                    }
                    LOG.warn(String.format("Error generating certificates. Retrying in %d ms.", Long.valueOf(j)));
                    try {
                        Thread.sleep(j);
                        j = (long) (j * 1.5d);
                    } catch (InterruptedException e2) {
                        LOG.error("Interrupted while retrying. Exiting early.");
                        return WorkOutputs.failure(cmdWorkCtx.getCommandId(), GenerateHostCertsCommand.I18nKeys.FAILURE.getKey(), new String[0]);
                    }
                }
            }
            return WorkOutputs.success(GenerateHostCertsCommand.I18nKeys.SUCCESS.getKey(), new String[0]);
        } catch (IllegalStateException e3) {
            LOG.error("Error generating certificates: " + ExceptionUtils.getStackTrace(e3));
            return WorkOutputs.failure(cmdWorkCtx.getCommandId(), GenerateHostCertsCommand.I18nKeys.FAILURE.getKey(), new String[0]);
        }
    }

    @Override // com.cloudera.cmf.command.flow.CmdWork
    public MessageWithArgs getDescription(CmdWorkCtx cmdWorkCtx) {
        return MessageWithArgs.of(GenerateHostCertsCommand.I18nKeys.SSH_HELP, new String[0]);
    }

    @Override // com.cloudera.cmf.command.flow.CmdWork
    public void onFinish(WorkOutput workOutput, CmdWorkCtx cmdWorkCtx) {
    }

    @VisibleForTesting
    protected LocalSourceFile buildCertTarFile(String str, byte[] bArr) {
        return HostCertConfigurator.buildCertTarFile(str, this.hostname, true, bArr);
    }
}
