package org.apache.ranger.biz;

import java.io.File;
import java.net.URL;
import java.net.URLClassLoader;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.TimeUnit;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.security.SecureClientLogin;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.TimedExecutor;
import org.apache.ranger.plugin.client.HadoopConfigHolder;
import org.apache.ranger.plugin.client.HadoopException;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.service.RangerBaseService;
import org.apache.ranger.plugin.service.ResourceLookupContext;
import org.apache.ranger.plugin.store.ServiceStore;
import org.apache.ranger.service.RangerServiceService;
import org.apache.ranger.services.tag.RangerServiceTag;
import org.apache.ranger.view.VXMessage;
import org.apache.ranger.view.VXResponse;
import org.eclipse.persistence.jpa.jpql.parser.Expression;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/classes/org/apache/ranger/biz/ServiceMgr.class */
public class ServiceMgr {
    private static final String LOOKUP_PRINCIPAL = "ranger.lookup.kerberos.principal";
    private static final String LOOKUP_KEYTAB = "ranger.lookup.kerberos.keytab";
    private static final String ADMIN_USER_PRINCIPAL = "ranger.admin.kerberos.principal";
    private static final String ADMIN_USER_KEYTAB = "ranger.admin.kerberos.keytab";
    private static final String AUTHENTICATION_TYPE = "hadoop.security.authentication";
    private static final String KERBEROS_TYPE = "kerberos";
    static final String NAME_RULES = "hadoop.security.auth_to_local";
    static final String HOST_NAME = "ranger.service.host";

    @Autowired
    RangerServiceService rangerSvcService;

    @Autowired
    ServiceDBStore svcDBStore;

    @Autowired
    TagDBStore tagStore;

    @Autowired
    TimedExecutor timedExecutor;
    static final long _DefaultTimeoutValue_Lookp = 1000;
    static final long _DefaultTimeoutValue_ValidateConfig = 10000;
    private static final Log LOG = LogFactory.getLog(ServiceMgr.class);
    private static Map<String, Class<RangerBaseService>> serviceTypeClassMap = new HashMap();
    private static String RANGER_DEFAULT_SERVICE_NAME = "org.apache.ranger.plugin.service.RangerDefaultService";

    /* loaded from: input_file:WEB-INF/classes/org/apache/ranger/biz/ServiceMgr$LookupCallable.class */
    static class LookupCallable extends TimedCallable<List<String>> {
        final ResourceLookupContext context;

        public LookupCallable(RangerBaseService rangerBaseService, ResourceLookupContext resourceLookupContext) {
            super(rangerBaseService);
            this.context = resourceLookupContext;
        }

        public String toString() {
            return String.format("lookup resource[%s] for service[%s], ", this.context.toString(), this.svc.getServiceName());
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.apache.ranger.biz.ServiceMgr.TimedCallable
        public List<String> actualCall() throws Exception {
            return this.svc.lookupResource(this.context);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/classes/org/apache/ranger/biz/ServiceMgr$TimedCallable.class */
    public static abstract class TimedCallable<T> implements Callable<T> {
        final RangerBaseService svc;
        final Date creation = new Date();

        public TimedCallable(RangerBaseService rangerBaseService) {
            this.svc = rangerBaseService;
        }

        @Override // java.util.concurrent.Callable
        public T call() throws Exception {
            Date date = null;
            if (ServiceMgr.LOG.isDebugEnabled()) {
                date = new Date();
                ServiceMgr.LOG.debug("==> TimedCallable: " + toString());
            }
            ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
            try {
                try {
                    Thread.currentThread().setContextClassLoader(this.svc.getClass().getClassLoader());
                    T actualCall = actualCall();
                    Thread.currentThread().setContextClassLoader(contextClassLoader);
                    if (ServiceMgr.LOG.isDebugEnabled()) {
                        ServiceMgr.LOG.debug(String.format("<== TimedCallable: %s: wait time[%d ms], execution time [%d ms]", toString(), Long.valueOf(date.getTime() - this.creation.getTime()), Long.valueOf(new Date().getTime() - date.getTime())));
                    }
                    return actualCall;
                } catch (Exception e) {
                    ServiceMgr.LOG.error("TimedCallable.call: Error:" + e);
                    throw e;
                }
            } catch (Throwable th) {
                Thread.currentThread().setContextClassLoader(contextClassLoader);
                if (ServiceMgr.LOG.isDebugEnabled()) {
                    ServiceMgr.LOG.debug(String.format("<== TimedCallable: %s: wait time[%d ms], execution time [%d ms]", toString(), Long.valueOf(date.getTime() - this.creation.getTime()), Long.valueOf(new Date().getTime() - date.getTime())));
                }
                throw th;
            }
        }

        abstract T actualCall() throws Exception;
    }

    /* loaded from: input_file:WEB-INF/classes/org/apache/ranger/biz/ServiceMgr$ValidateCallable.class */
    static class ValidateCallable extends TimedCallable<Map<String, Object>> {
        public ValidateCallable(RangerBaseService rangerBaseService) {
            super(rangerBaseService);
        }

        public String toString() {
            return String.format("validate config for service[%s]", this.svc.getServiceName());
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.apache.ranger.biz.ServiceMgr.TimedCallable
        public Map<String, Object> actualCall() throws Exception {
            return this.svc.validateConfig();
        }
    }

    public List<String> lookupResource(String str, ResourceLookupContext resourceLookupContext, ServiceStore serviceStore) throws Exception {
        List<String> list = null;
        RangerService serviceByName = this.svcDBStore.getServiceByName(str);
        String property = PropertiesUtil.getProperty("hadoop.security.authentication");
        String principal = SecureClientLogin.getPrincipal(PropertiesUtil.getProperty(LOOKUP_PRINCIPAL), PropertiesUtil.getProperty(HOST_NAME));
        String property2 = PropertiesUtil.getProperty(LOOKUP_KEYTAB);
        String property3 = PropertiesUtil.getProperty("hadoop.security.auth_to_local");
        String principal2 = SecureClientLogin.getPrincipal(PropertiesUtil.getProperty(ADMIN_USER_PRINCIPAL), PropertiesUtil.getProperty(HOST_NAME));
        String property4 = PropertiesUtil.getProperty(ADMIN_USER_KEYTAB);
        if (!StringUtils.isEmpty(property) && "kerberos".equalsIgnoreCase(property.trim()) && SecureClientLogin.isKerberosCredentialExists(principal, property2) && serviceByName != null && serviceByName.getConfigs() != null) {
            serviceByName.getConfigs().put(HadoopConfigHolder.RANGER_LOOKUP_PRINCIPAL, principal);
            serviceByName.getConfigs().put(HadoopConfigHolder.RANGER_LOOKUP_KEYTAB, property2);
            serviceByName.getConfigs().put(HadoopConfigHolder.RANGER_NAME_RULES, property3);
            serviceByName.getConfigs().put(HadoopConfigHolder.RANGER_AUTH_TYPE, property);
        }
        if (!StringUtils.isEmpty(property) && "kerberos".equalsIgnoreCase(property.trim()) && SecureClientLogin.isKerberosCredentialExists(principal2, property4) && serviceByName != null && serviceByName.getConfigs() != null) {
            serviceByName.getConfigs().put(HadoopConfigHolder.RANGER_PRINCIPAL, principal2);
            serviceByName.getConfigs().put(HadoopConfigHolder.RANGER_KEYTAB, property4);
            serviceByName.getConfigs().put(HadoopConfigHolder.RANGER_NAME_RULES, property3);
            serviceByName.getConfigs().put(HadoopConfigHolder.RANGER_AUTH_TYPE, property);
        }
        serviceByName.setConfigs(this.rangerSvcService.getConfigsWithDecryptedPassword(serviceByName));
        RangerBaseService rangerServiceByService = getRangerServiceByService(serviceByName, serviceStore);
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ServiceMgr.lookupResource for Service: (" + rangerServiceByService + "Context: " + resourceLookupContext + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        if (rangerServiceByService != null) {
            if (StringUtils.equals(rangerServiceByService.getServiceDef().getName(), "tag")) {
                list = rangerServiceByService.lookupResource(resourceLookupContext);
            } else {
                list = (List) this.timedExecutor.timedTask(new LookupCallable(rangerServiceByService, resourceLookupContext), getTimeoutValueForLookupInMilliSeconds(rangerServiceByService), TimeUnit.MILLISECONDS);
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ServiceMgr.lookupResource for Response: (" + list + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        return list;
    }

    public VXResponse validateConfig(RangerService rangerService, ServiceStore serviceStore) throws Exception {
        VXResponse vXResponse = new VXResponse();
        String property = PropertiesUtil.getProperty("hadoop.security.authentication");
        String principal = SecureClientLogin.getPrincipal(PropertiesUtil.getProperty(LOOKUP_PRINCIPAL), PropertiesUtil.getProperty(HOST_NAME));
        String property2 = PropertiesUtil.getProperty(LOOKUP_KEYTAB);
        String property3 = PropertiesUtil.getProperty("hadoop.security.auth_to_local");
        String principal2 = SecureClientLogin.getPrincipal(PropertiesUtil.getProperty(ADMIN_USER_PRINCIPAL), PropertiesUtil.getProperty(HOST_NAME));
        String property4 = PropertiesUtil.getProperty(ADMIN_USER_KEYTAB);
        if (!StringUtils.isEmpty(property) && "kerberos".equalsIgnoreCase(property.trim()) && SecureClientLogin.isKerberosCredentialExists(principal, property2) && rangerService != null && rangerService.getConfigs() != null) {
            rangerService.getConfigs().put(HadoopConfigHolder.RANGER_LOOKUP_PRINCIPAL, principal);
            rangerService.getConfigs().put(HadoopConfigHolder.RANGER_LOOKUP_KEYTAB, property2);
            rangerService.getConfigs().put(HadoopConfigHolder.RANGER_NAME_RULES, property3);
            rangerService.getConfigs().put(HadoopConfigHolder.RANGER_AUTH_TYPE, property);
        }
        if (!StringUtils.isEmpty(property) && "kerberos".equalsIgnoreCase(property.trim()) && SecureClientLogin.isKerberosCredentialExists(principal2, property4) && rangerService != null && rangerService.getConfigs() != null) {
            rangerService.getConfigs().put(HadoopConfigHolder.RANGER_PRINCIPAL, principal2);
            rangerService.getConfigs().put(HadoopConfigHolder.RANGER_KEYTAB, property4);
            rangerService.getConfigs().put(HadoopConfigHolder.RANGER_NAME_RULES, property3);
            rangerService.getConfigs().put(HadoopConfigHolder.RANGER_AUTH_TYPE, property);
        }
        RangerBaseService rangerBaseService = null;
        if (rangerService != null) {
            rangerService.setConfigs(this.rangerSvcService.getConfigsWithDecryptedPassword(rangerService));
            rangerBaseService = getRangerServiceByService(rangerService, serviceStore);
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ServiceMgr.validateConfig for Service: (" + rangerBaseService + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        if (rangerBaseService != null) {
            try {
                vXResponse = generateResponseForTestConn((Map) this.timedExecutor.timedTask(new ValidateCallable(rangerBaseService), getTimeoutValueForValidateConfigInMilliSeconds(rangerBaseService), TimeUnit.MILLISECONDS), "");
            } catch (Exception e) {
                String str = "Unable to connect repository with given config for " + rangerBaseService.getServiceName();
                HashMap<String, Object> hashMap = new HashMap<>();
                if (e instanceof HadoopException) {
                    hashMap = ((HadoopException) e).getResponseData();
                }
                vXResponse = generateResponseForTestConn(hashMap, str);
                LOG.error("==> ServiceMgr.validateConfig Error:" + e);
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ServiceMgr.validateConfig for Response: (" + vXResponse + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        return vXResponse;
    }

    public RangerBaseService getRangerServiceByName(String str, ServiceStore serviceStore) throws Exception {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ServiceMgr.getRangerServiceByName(" + str + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        RangerBaseService rangerBaseService = null;
        RangerService serviceByName = serviceStore == null ? null : serviceStore.getServiceByName(str);
        if (serviceByName != null) {
            rangerBaseService = getRangerServiceByService(serviceByName, serviceStore);
        } else {
            LOG.warn("ServiceMgr.getRangerServiceByName(" + str + "): could not find the service");
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== ServiceMgr.getRangerServiceByName(" + str + "): " + rangerBaseService);
        }
        return rangerBaseService;
    }

    public RangerBaseService getRangerServiceByService(RangerService rangerService, ServiceStore serviceStore) throws Exception {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ServiceMgr.getRangerServiceByService(" + rangerService + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        RangerBaseService rangerBaseService = null;
        String type = rangerService == null ? null : rangerService.getType();
        if (StringUtils.isEmpty(type)) {
            LOG.warn("ServiceMgr.getRangerServiceByService(" + rangerService + "): could not find the service-type '" + type + Expression.QUOTE);
        } else {
            RangerServiceDef serviceDefByName = serviceStore == null ? null : serviceStore.getServiceDefByName(type);
            if (serviceDefByName != null) {
                Class<RangerBaseService> classForServiceType = getClassForServiceType(serviceDefByName);
                if (classForServiceType != null) {
                    rangerBaseService = classForServiceType.newInstance();
                    rangerBaseService.init(serviceDefByName, rangerService);
                    if (rangerBaseService instanceof RangerServiceTag) {
                        ((RangerServiceTag) rangerBaseService).setTagStore(this.tagStore);
                    }
                } else {
                    LOG.warn("ServiceMgr.getRangerServiceByService(" + rangerService + "): could not find service class '" + serviceDefByName.getImplClass() + "' for the service type '" + type + Expression.QUOTE);
                }
            } else {
                LOG.warn("ServiceMgr.getRangerServiceByService(" + rangerService + "): could not find the service-def for the service type '" + type + Expression.QUOTE);
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== ServiceMgr.getRangerServiceByService(" + rangerService + "): " + rangerBaseService);
        }
        return rangerBaseService;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private Class<RangerBaseService> getClassForServiceType(RangerServiceDef rangerServiceDef) throws Exception {
        Class<?> cls;
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ServiceMgr.getClassForServiceType(" + rangerServiceDef + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        Class<?> cls2 = null;
        if (rangerServiceDef != null) {
            String name = rangerServiceDef.getName();
            cls2 = serviceTypeClassMap.get(name);
            if (cls2 == null) {
                synchronized (serviceTypeClassMap) {
                    cls2 = serviceTypeClassMap.get(name);
                    if (cls2 == null) {
                        String implClass = rangerServiceDef.getImplClass();
                        if (LOG.isDebugEnabled()) {
                            LOG.debug("ServiceMgr.getClassForServiceType(" + name + "): service-class " + implClass + " not found in cache");
                        }
                        try {
                            if (StringUtils.isEmpty(implClass)) {
                                if (LOG.isDebugEnabled()) {
                                    LOG.debug("No service-class configured for service-type:[" + name + "], using RangerDefaultService");
                                }
                                implClass = RANGER_DEFAULT_SERVICE_NAME;
                                cls = Class.forName(implClass);
                            } else {
                                cls = Class.forName(implClass, true, new URLClassLoader(getPluginFilesForServiceType(name), Thread.currentThread().getContextClassLoader()));
                            }
                            cls2 = cls;
                            serviceTypeClassMap.put(name, cls2);
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("ServiceMgr.getClassForServiceType(" + name + "): service-class " + implClass + " added to cache");
                            }
                        } catch (Exception e) {
                            LOG.warn("ServiceMgr.getClassForServiceType(" + name + "): failed to find service-class '" + implClass + "'. Resource lookup will not be available", e);
                            throw new Exception(name + " failed to find service class " + implClass + ". Resource lookup will not be available. Please make sure plugin jar is in the correct place.");
                        }
                    } else if (LOG.isDebugEnabled()) {
                        LOG.debug("ServiceMgr.getClassForServiceType(" + name + "): service-class " + cls2.getCanonicalName() + " found in cache");
                    }
                }
            } else if (LOG.isDebugEnabled()) {
                LOG.debug("ServiceMgr.getClassForServiceType(" + name + "): service-class " + cls2.getCanonicalName() + " found in cache");
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== ServiceMgr.getClassForServiceType(" + rangerServiceDef + "): " + cls2);
        }
        return cls2;
    }

    private URL[] getPluginFilesForServiceType(String str) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ServiceMgr.getPluginFilesForServiceType(" + str + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        ArrayList arrayList = new ArrayList();
        getFilesInDirectory("ranger-plugins/" + str, arrayList);
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== ServiceMgr.getPluginFilesForServiceType(" + str + "): " + arrayList.size() + " files");
        }
        return (URL[]) arrayList.toArray(new URL[0]);
    }

    private void getFilesInDirectory(String str, List<URL> list) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ServiceMgr.getFilesInDirectory(" + str + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
        URL resource = getClass().getClassLoader().getResource(str);
        if (resource == null || !"file".equals(resource.getProtocol())) {
            LOG.warn("getFilesInDirectory('" + str + "'): could not find directory in CLASSPATH");
        } else {
            try {
                File[] listFiles = new File(resource.toURI()).listFiles();
                if (listFiles != null) {
                    for (File file : listFiles) {
                        try {
                            URL url = file.toURI().toURL();
                            LOG.warn("getFilesInDirectory('" + str + "'): adding " + file.getAbsolutePath());
                            list.add(url);
                        } catch (Exception e) {
                            LOG.warn("getFilesInDirectory('" + str + "'): failed to get URI for file " + file.getAbsolutePath(), e);
                        }
                    }
                }
            } catch (Exception e2) {
                LOG.warn("getFilesInDirectory('" + str + "'): error", e2);
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== ServiceMgr.getFilesInDirectory(" + str + DefaultExpressionEngine.DEFAULT_INDEX_END);
        }
    }

    private VXResponse generateResponseForTestConn(Map<String, Object> map, String str) {
        VXResponse vXResponse = new VXResponse();
        Long l = null;
        boolean z = false;
        int i = 1;
        String str2 = str;
        String str3 = str;
        String str4 = null;
        if (map != null) {
            if (map.get("objectId") != null) {
                l = Long.valueOf(Long.parseLong(map.get("objectId").toString()));
            }
            if (map.get("connectivityStatus") != null) {
                z = Boolean.parseBoolean(map.get("connectivityStatus").toString());
            }
            if (z) {
                i = 0;
            }
            if (map.get("message") != null) {
                str2 = map.get("message").toString();
            }
            if (map.get("description") != null) {
                str3 = map.get("description").toString();
            }
            if (map.get("fieldName") != null) {
                str4 = map.get("fieldName").toString();
            }
        }
        VXMessage vXMessage = new VXMessage();
        ArrayList arrayList = new ArrayList();
        vXMessage.setFieldName(str4);
        vXMessage.setMessage(str2);
        vXMessage.setObjectId(l);
        arrayList.add(vXMessage);
        vXResponse.setMessageList(arrayList);
        vXResponse.setMsgDesc(str3);
        vXResponse.setStatusCode(i);
        return vXResponse;
    }

    long getTimeoutValueForLookupInMilliSeconds(RangerBaseService rangerBaseService) {
        return getTimeoutValueInMilliSeconds("resource.lookup", rangerBaseService, 1000L);
    }

    long getTimeoutValueForValidateConfigInMilliSeconds(RangerBaseService rangerBaseService) {
        return getTimeoutValueInMilliSeconds("validate.config", rangerBaseService, 10000L);
    }

    long getTimeoutValueInMilliSeconds(String str, RangerBaseService rangerBaseService, long j) {
        if (LOG.isDebugEnabled()) {
            LOG.debug(String.format("==> ServiceMgr.getTimeoutValueInMilliSeconds (%s, %s)", str, rangerBaseService));
        }
        String str2 = str + ".timeout.value.in.ms";
        Long l = null;
        Map<String, String> configs = rangerBaseService.getConfigs();
        if (configs != null && configs.containsKey(str2)) {
            l = parseLong(configs.get(str2));
        }
        if (l != null) {
            LOG.debug("Found override in service config!");
        } else {
            String[] strArr = {"ranger.service." + rangerBaseService.getServiceName() + "." + str2, "ranger.servicetype." + rangerBaseService.getServiceType() + "." + str2, "ranger." + str2};
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str3 = strArr[i];
                String property = PropertiesUtil.getProperty(str3);
                if (property != null) {
                    l = parseLong(property);
                    if (l != null) {
                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Using the value[" + property + "] found in property[" + str3 + "]");
                        }
                    }
                }
                i++;
            }
        }
        if (l == null) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("No overrides found in service config of properties file.  Using supplied default of[" + j + "]!");
            }
            l = Long.valueOf(j);
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug(String.format("<== ServiceMgr.getTimeoutValueInMilliSeconds (%s, %s): %s", str, rangerBaseService, l));
        }
        return l.longValue();
    }

    Long parseLong(String str) {
        try {
            return Long.valueOf(str);
        } catch (NumberFormatException e) {
            if (!LOG.isDebugEnabled()) {
                return null;
            }
            LOG.debug("ServiceMgr.parseLong: could not parse [" + str + "] as Long! Returning null");
            return null;
        }
    }
}
