package org.apache.hadoop.ozone.s3;

import com.google.common.annotations.VisibleForTesting;
import java.io.IOException;
import java.net.URISyntaxException;
import javax.enterprise.context.RequestScoped;
import javax.enterprise.inject.Produces;
import javax.inject.Inject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.Context;
import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.ozone.OzoneSecurityUtil;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.client.OzoneClientFactory;
import org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos;
import org.apache.hadoop.ozone.s3.exception.OS3Exception;
import org.apache.hadoop.ozone.s3.exception.S3ErrorTable;
import org.apache.hadoop.ozone.security.OzoneTokenIdentifier;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.Token;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@RequestScoped
/* loaded from: input_file:org/apache/hadoop/ozone/s3/OzoneClientProducer.class */
public class OzoneClientProducer {
    private static final Logger LOG = LoggerFactory.getLogger(OzoneClientProducer.class);

    @Context
    private ContainerRequestContext context;

    @Inject
    private OzoneConfiguration ozoneConfiguration;

    @Inject
    private Text omService;

    @Produces
    public OzoneClient createClient() throws IOException {
        return getClient(this.ozoneConfiguration);
    }

    private OzoneClient getClient(OzoneConfiguration ozoneConfiguration) throws IOException {
        try {
            if (OzoneSecurityUtil.isSecurityEnabled(ozoneConfiguration)) {
                LOG.debug("Creating s3 token for client.");
                if (!this.context.getHeaderString("Authorization").startsWith("AWS4")) {
                    throw S3ErrorTable.AUTH_PROTOCOL_NOT_SUPPORTED;
                }
                try {
                    AWSV4AuthParser aWSV4AuthParser = new AWSV4AuthParser(this.context);
                    aWSV4AuthParser.parse();
                    OzoneTokenIdentifier ozoneTokenIdentifier = new OzoneTokenIdentifier();
                    ozoneTokenIdentifier.setTokenType(OzoneManagerProtocolProtos.OMTokenProto.Type.S3TOKEN);
                    ozoneTokenIdentifier.setStrToSign(aWSV4AuthParser.getStringToSign());
                    ozoneTokenIdentifier.setSignature(aWSV4AuthParser.getSignature());
                    ozoneTokenIdentifier.setAwsAccessId(aWSV4AuthParser.getAwsAccessId());
                    ozoneTokenIdentifier.setOwner(new Text(aWSV4AuthParser.getAwsAccessId()));
                    LOG.trace("Adding token for service:{}", this.omService);
                    Token token = new Token(ozoneTokenIdentifier.getBytes(), ozoneTokenIdentifier.getSignature().getBytes(AWSAuthParser.UTF_8), ozoneTokenIdentifier.getKind(), this.omService);
                    UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser(aWSV4AuthParser.getAwsAccessId());
                    createRemoteUser.addToken(token);
                    UserGroupInformation.setLoginUser(createRemoteUser);
                } catch (URISyntaxException | OS3Exception e) {
                    LOG.error("S3 token creation failed.");
                    throw S3ErrorTable.S3_TOKEN_CREATION_ERROR;
                }
            }
        } catch (Exception e2) {
            LOG.error("Error: ", e2);
        }
        return OzoneClientFactory.getClient(this.ozoneConfiguration);
    }

    @VisibleForTesting
    public void setContext(ContainerRequestContext containerRequestContext) {
        this.context = containerRequestContext;
    }

    @VisibleForTesting
    public void setOzoneConfiguration(OzoneConfiguration ozoneConfiguration) {
        this.ozoneConfiguration = ozoneConfiguration;
    }
}
