package com.cloudera.cmf.security;

import com.cloudera.api.dao.impl.RedirectLinkGenerator;
import com.cloudera.cmf.Environment;
import com.cloudera.cmf.security.components.SecurityUtils;
import com.cloudera.cmf.service.ServiceDataProvider;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.server.web.cmf.AppContext;
import com.cloudera.server.web.common.I18n;
import com.google.common.collect.Maps;
import com.google.common.io.Files;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/cmf/security/KerberosCredentialsReader.class */
public class KerberosCredentialsReader {
    private static final Logger LOGGER = LoggerFactory.getLogger(KerberosCredentialsReader.class);
    private static final String CMF_KEYTAB_FILE_NAME = "cmf.keytab";
    private static final String CMF_PRINCIPAL_FILE_NAME = "cmf.principal";
    public static final String CMF_REALM_KEY = "CMF_REALM";
    public static final String CMF_KEYTAB_FILE_KEY = "CMF_KEYTAB_FILE";
    public static final String CMF_PRINCIPAL_KEY = "CMF_PRINCIPAL";
    public static final String DELETE_ADMIN_KEYTAB_AT_END = "DELETE_ADMIN_KEYTAB_AT_END";
    public static final String SIMPLE_AUTH_PASSWORD_KEY = "SIMPLE_AUTH_PASSWORD_KEY";
    public static final String USE_SIMPLE_AUTH_KEY = "USE_SIMPLE_AUTH";
    private ServiceDataProvider serviceDataProvider;

    public KerberosCredentialsReader(ServiceDataProvider serviceDataProvider) {
        this.serviceDataProvider = serviceDataProvider;
    }

    public Map<String, String> readAdminCredentials() throws IOException {
        HashMap newHashMap = Maps.newHashMap();
        if (Environment.getDevMode()) {
            return newHashMap;
        }
        String confDir = Environment.getConfDir();
        if (confDir != null) {
            File file = new File(new File(confDir), CMF_KEYTAB_FILE_NAME);
            File file2 = new File(confDir, CMF_PRINCIPAL_FILE_NAME);
            if (file.exists() && file2.exists()) {
                LOGGER.info("Reading CM Account Manager credentials from " + confDir);
                newHashMap.put(CMF_PRINCIPAL_KEY, Files.toString(file2, Charset.forName(RedirectLinkGenerator.ENCODE_SCHEME)).trim());
                newHashMap.put(CMF_KEYTAB_FILE_KEY, file.getAbsolutePath());
                newHashMap.put(DELETE_ADMIN_KEYTAB_AT_END, Boolean.FALSE.toString());
                return newHashMap;
            }
        }
        String str = (String) this.serviceDataProvider.getScmParamTrackerStore().get(ScmParams.KDC_ADMIN_USER);
        String str2 = (String) this.serviceDataProvider.getScmParamTrackerStore().get(ScmParams.KDC_ADMIN_PASSWORD);
        if (str2 == null || str == null) {
            throw new KerberosCredentialsNotAvailableRuntimeException(I18n.t("error.missingKdcCreds", confDir));
        }
        newHashMap.put(CMF_PRINCIPAL_KEY, str);
        if (ScmParams.AD_KDC.equals(this.serviceDataProvider.getScmParamTrackerStore().get(ScmParams.KDC_TYPE)) && ((Boolean) this.serviceDataProvider.getScmParamTrackerStore().get(ScmParams.AD_USE_SIMPLE_AUTH)).booleanValue()) {
            LOGGER.info("Using simple authentication with AD to delete credentials");
            newHashMap.put(USE_SIMPLE_AUTH_KEY, Boolean.TRUE.toString());
            newHashMap.put("SIMPLE_AUTH_PASSWORD_KEY", str2);
            newHashMap.put(DELETE_ADMIN_KEYTAB_AT_END, Boolean.FALSE.toString());
        } else {
            byte[] decodeBase64 = Base64.decodeBase64(str2);
            File createTempFile = getUtils().createTempFile("cmf", ".keytab");
            getUtils().setOwnerOnlyReadWrite(createTempFile);
            FileOutputStream fileOutputStream = new FileOutputStream(createTempFile.getAbsolutePath());
            fileOutputStream.write(decodeBase64);
            fileOutputStream.flush();
            fileOutputStream.close();
            newHashMap.put(CMF_KEYTAB_FILE_KEY, createTempFile.getAbsolutePath());
            newHashMap.put(DELETE_ADMIN_KEYTAB_AT_END, Boolean.TRUE.toString());
        }
        newHashMap.put(CMF_REALM_KEY, this.serviceDataProvider.getScmParamTrackerStore().get(ScmParams.SECURITY_REALM));
        return newHashMap;
    }

    private static SecurityUtils getUtils() {
        return (SecurityUtils) AppContext.getBeanByClass(SecurityUtils.class);
    }
}
