package com.cloudera.cmf.cdhclient;

import com.cloudera.cmf.cdhclient.common.hdfs.DFSClient;
import com.cloudera.cmf.cdhclient.common.hdfs.jmx.NameNodeMXBean;
import com.cloudera.cmf.cdhclient.util.CDHUrlClassLoader;
import com.cloudera.cmf.cdhclient.util.SecurityUtil;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import com.google.common.base.Throwables;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.RemovalListener;
import com.google.common.cache.RemovalNotification;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.hash.Hasher;
import com.google.common.hash.Hashing;
import com.google.common.io.Files;
import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import javax.annotation.Nullable;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.configuration.MapConfiguration;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.SystemUtils;
import org.joda.time.Duration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/cmf/cdhclient/CdhExecutorFactory.class */
public class CdhExecutorFactory {

    @VisibleForTesting
    static final String SECURITY_CONF_FILE = "cdh-client-security.xml";
    public static final String CLOUDERA_KEYTAB_DIR_LOCATION = "cloudera.cdhclient.keytab.dir.location";

    @VisibleForTesting
    static final String[] KNOWN_BAD_OPTS;
    private final Cache<String, CDHUrlClassLoader> classLoaders;
    private final Map<CdhVersion, String> cdhPaths;
    static final Logger LOG = LoggerFactory.getLogger(CdhExecutorFactory.class);
    private static final String DEPRECATED_CONFIG_MARKER = CdhExecutorFactory.class.getName() + ".__DEPRECATED__";
    private static final String NULL_CFG_VALUE = CdhExecutorFactory.class.getName() + ".__NULL__";
    private static final Object INIT_LOCK = new Object();

    @VisibleForTesting
    static final int MAX_CACHE_SIZE = Integer.getInteger("cloudera.cdhclient.max_cache_size", 10).intValue();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/cloudera/cmf/cdhclient/CdhExecutorFactory$SecureClassLoaderSetupTask.class */
    public static class SecureClassLoaderSetupTask implements Runnable {
        private static final String KEYTAB_KEY = "cloudera.cdhclient.kerberos.keytab";
        private static final String PRINCIPAL_KEY = "cloudera.cdhclient.kerberos.principal";
        private final String principal;
        private final String keytab;

        SecureClassLoaderSetupTask(String str, String str2) {
            this.keytab = str2;
            this.principal = str;
        }

        @Override // java.lang.Runnable
        public void run() {
            CdhHadoopObjectFactory hadoopFactory = CdhContext.getCurrentContext().getHadoopFactory();
            try {
                hadoopFactory.addDefaultResource(CdhExecutorFactory.SECURITY_CONF_FILE);
                if (this.principal != null) {
                    hadoopFactory.login(ImmutableMap.of(KEYTAB_KEY, this.keytab, PRINCIPAL_KEY, this.principal), KEYTAB_KEY, PRINCIPAL_KEY);
                }
            } catch (Exception e) {
                throw Throwables.propagate(e);
            }
        }
    }

    public CdhExecutorFactory(Map<CdhVersion, String> map, Duration duration, Duration duration2) {
        this.cdhPaths = map;
        CacheBuilder removalListener = CacheBuilder.newBuilder().maximumSize(MAX_CACHE_SIZE).removalListener(new RemovalListener<String, CDHUrlClassLoader>() { // from class: com.cloudera.cmf.cdhclient.CdhExecutorFactory.1
            public void onRemoval(RemovalNotification<String, CDHUrlClassLoader> removalNotification) {
                CdhExecutorFactory.LOG.info("Class loader {} evicted from cache.", removalNotification.getKey());
                ((CDHUrlClassLoader) removalNotification.getValue()).unref();
            }
        });
        if (duration != null) {
            removalListener.expireAfterAccess(duration.getMillis(), TimeUnit.MILLISECONDS);
        }
        this.classLoaders = removalListener.build();
        if (duration2 != null) {
            LOG.info("Setting tgt renewal period to {}.", duration2);
            SecurityUtil.setTgtLoginValidityPeriodMin(duration2);
        }
    }

    private boolean needMrSubPath(CdhVersion cdhVersion) {
        return cdhVersion == CdhVersion.CDH5 && !SystemUtils.IS_JAVA_1_6;
    }

    public CdhExecutor createExecutor(final CdhVersion cdhVersion, @Nullable String str, Configuration configuration, String str2, String str3, byte[] bArr, int i) {
        final String str4 = this.cdhPaths.get(cdhVersion);
        Preconditions.checkArgument(str4 != null, "Library path for version %s not set.", cdhVersion);
        Preconditions.checkArgument(str3 == null || bArr == null, "Only one of keytab file or keytab bytes should be provided.");
        boolean isSecure = HadoopConfiguration.isSecure(configuration);
        if (configuration.getString(DEPRECATED_CONFIG_MARKER) == null) {
            Preconditions.checkArgument((isSecure && (str2 == null || (str3 == null && bArr == null))) ? false : true, "Secure service requires a principal and its keytab.");
        } else {
            Preconditions.checkArgument((isSecure && str2 == null && (str3 != null || bArr != null)) ? false : true, "Both Kerberos principal and keytab must be provided.");
        }
        final String path = str == null ? null : new File(str4, str).getPath();
        final String createLoaderKey = createLoaderKey(str4, path, configuration, str2, str3, bArr);
        Callable<CDHUrlClassLoader> callable = new Callable<CDHUrlClassLoader>() { // from class: com.cloudera.cmf.cdhclient.CdhExecutorFactory.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public CDHUrlClassLoader call() {
                CdhExecutorFactory.LOG.info(String.format("Instantiating CDH classloader: version %s, key %s, path %s, mrPath %s", cdhVersion, createLoaderKey, str4, path));
                ImmutableList.Builder builder = ImmutableList.builder();
                builder.add(str4);
                if (path != null) {
                    builder.add(path);
                }
                return new CDHUrlClassLoader(cdhVersion, builder.build(), createLoaderKey);
            }
        };
        CDHUrlClassLoader cDHUrlClassLoader = null;
        while (cDHUrlClassLoader == null) {
            try {
                cDHUrlClassLoader = (CDHUrlClassLoader) this.classLoaders.get(createLoaderKey, callable);
                cDHUrlClassLoader.ref();
                if (cDHUrlClassLoader.getState() == CDHUrlClassLoader.State.DISPOSED) {
                    LOG.info("Class loader {} not alive, discarding.", createLoaderKey);
                    cDHUrlClassLoader.unref();
                    cDHUrlClassLoader = null;
                }
            } catch (ExecutionException e) {
                LOG.error("Error fetching class loader from cache.", e);
                throw Throwables.propagate(e.getCause());
            }
        }
        CdhExecutor cdhExecutor = new CdhExecutor(cdhVersion, cDHUrlClassLoader, isSecure && str2 != null, i);
        if (cDHUrlClassLoader.getState() == CDHUrlClassLoader.State.UNINITIALIZED) {
            synchronized (INIT_LOCK) {
                if (cDHUrlClassLoader.getState() == CDHUrlClassLoader.State.UNINITIALIZED) {
                    if (isSecure) {
                        if (bArr != null) {
                            try {
                                final File createKeytabDir = createKeytabDir(configuration);
                                try {
                                    setOwnerOnlyReadWrite(createKeytabDir);
                                    File createTempFile = File.createTempFile("hadoop", ".keytab", createKeytabDir);
                                    FileUtils.writeByteArrayToFile(createTempFile, bArr);
                                    str3 = createTempFile.getAbsolutePath();
                                    cDHUrlClassLoader.setDisposeAction(new Runnable() { // from class: com.cloudera.cmf.cdhclient.CdhExecutorFactory.3
                                        @Override // java.lang.Runnable
                                        public void run() {
                                            CdhExecutorFactory.this.deleteDirQuietly(createKeytabDir);
                                        }
                                    });
                                } catch (Exception e2) {
                                    deleteDirQuietly(createKeytabDir);
                                    throw Throwables.propagate(e2);
                                }
                            } catch (Exception e3) {
                                cDHUrlClassLoader.setState(CDHUrlClassLoader.State.ERROR);
                                cdhExecutor.dispose();
                                this.classLoaders.invalidate(createLoaderKey);
                                throw Throwables.propagate(e3);
                            }
                        }
                        cdhExecutor.runTaskDirect(new SecureClassLoaderSetupTask(str2, str3)).get();
                    }
                    cDHUrlClassLoader.setState(CDHUrlClassLoader.State.READY);
                }
            }
        }
        if (cDHUrlClassLoader.getState() == CDHUrlClassLoader.State.READY) {
            return cdhExecutor;
        }
        cdhExecutor.dispose();
        throw new IllegalStateException("Class loader not successfully initialized.");
    }

    @VisibleForTesting
    static File createKeytabDir(Configuration configuration) throws IllegalStateException, IOException {
        String string = configuration.getString(CLOUDERA_KEYTAB_DIR_LOCATION, (String) null);
        return string == null ? Files.createTempDir() : SecurityUtil.createTempDir(string);
    }

    public CdhExecutor createExecutor(CdhVersion cdhVersion, Configuration configuration, String str, String str2, int i) {
        return createExecutor(cdhVersion, needMrSubPath(cdhVersion) ? CDHUrlClassLoader.MR1_SUBPATH : null, configuration, str, str2, null, i);
    }

    public CdhExecutor createExecutor(CdhVersion cdhVersion, boolean z, Configuration configuration, String str, String str2, int i) {
        String str3 = null;
        if (needMrSubPath(cdhVersion)) {
            str3 = z ? CDHUrlClassLoader.MR2_SUBPATH : CDHUrlClassLoader.MR1_SUBPATH;
        }
        return createExecutor(cdhVersion, str3, configuration, str, str2, null, i);
    }

    public CdhExecutor createExecutor(CdhVersion cdhVersion, Configuration configuration, String str, byte[] bArr, int i) {
        return createExecutor(cdhVersion, needMrSubPath(cdhVersion) ? CDHUrlClassLoader.MR1_SUBPATH : null, configuration, str, null, bArr, i);
    }

    @Deprecated
    public MapConfiguration createConfig(boolean z) {
        return new MapConfiguration(ImmutableMap.of(HadoopConfiguration.HADOOP_SEC_AUTH_KEY, z ? HadoopConfiguration.KERBEROS_AUTH_VALUE : HadoopConfiguration.SIMPLE_AUTH_VALUE, DEPRECATED_CONFIG_MARKER, DEPRECATED_CONFIG_MARKER));
    }

    @VisibleForTesting
    void clearCache() {
        this.classLoaders.invalidateAll();
    }

    @VisibleForTesting
    String createLoaderKey(String str, String str2, Configuration configuration, String str3, String str4, byte[] bArr) {
        byte[] byteArray;
        Hasher newHasher = Hashing.sha512().newHasher();
        newHasher.putString(str, StandardCharsets.UTF_8);
        if (str2 != null) {
            newHasher.putString(str2, StandardCharsets.UTF_8);
        }
        for (String str5 : KNOWN_BAD_OPTS) {
            newHasher.putString(str5, StandardCharsets.UTF_8);
            newHasher.putString(configuration.getString(str5, NULL_CFG_VALUE), StandardCharsets.UTF_8);
        }
        if (HadoopConfiguration.isSecure(configuration) && str3 != null) {
            newHasher.putString(str3, StandardCharsets.UTF_8);
            if (str4 != null) {
                try {
                    byteArray = Files.toByteArray(new File(str4));
                } catch (Exception e) {
                    throw Throwables.propagate(e);
                }
            } else {
                byteArray = bArr;
            }
            newHasher.putBytes(byteArray);
        }
        String string = configuration.getString(CdhHbaseObjectFactory.CONF_HBASE_RPC_ENGINE);
        if (HadoopConfiguration.isSecure(configuration)) {
            if (string != null && !CdhHbaseObjectFactory.CONF_SECURE_RPC_ENGINE_NAME.equals(string)) {
                newHasher.putString(CdhHbaseObjectFactory.CONF_HBASE_RPC_ENGINE, StandardCharsets.UTF_8);
                newHasher.putString(string, StandardCharsets.UTF_8);
            }
        } else if (string != null) {
            newHasher.putString(CdhHbaseObjectFactory.CONF_HBASE_RPC_ENGINE, StandardCharsets.UTF_8);
            newHasher.putString(string, StandardCharsets.UTF_8);
        }
        return newHasher.hash().toString();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void deleteDirQuietly(File file) {
        if (file != null) {
            try {
                FileUtils.deleteDirectory(file);
            } catch (Exception e) {
                LOG.warn("Failed to delete temp dir.", e);
            }
        }
    }

    private void setOwnerOnlyReadWrite(File file) {
        if (!file.setReadable(false, false) || !file.setReadable(true) || !file.setWritable(false, false) || !file.setWritable(true) || !file.setExecutable(false, false) || (file.isDirectory() && !file.setExecutable(true))) {
            throw new IllegalArgumentException("Cannot change permissions for " + file.getAbsolutePath());
        }
    }

    static {
        String[] strArr = {HadoopConfiguration.HADOOP_SEC_AUTH_KEY, DFSClient.CONF_HADOOP_RPC_PROTECTION, DEPRECATED_CONFIG_MARKER};
        String[] split = System.getProperty("cloudera.cdhclient.extra_bad_opts", NameNodeMXBean.NOT_IN_SAFE_MODE).split(",");
        if (split.length > 0) {
            LOG.info("Adding options to bad options list: {}", Joiner.on(",").join(split));
        }
        KNOWN_BAD_OPTS = new String[strArr.length + split.length];
        System.arraycopy(strArr, 0, KNOWN_BAD_OPTS, 0, strArr.length);
        System.arraycopy(split, 0, KNOWN_BAD_OPTS, strArr.length, split.length);
    }
}
