package org.apache.slider.server.appmaster.security;

import java.io.File;
import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hive.com.google.common.base.Preconditions;
import org.apache.hive.org.apache.commons.lang.StringUtils;
import org.apache.hive.org.slf4j.Logger;
import org.apache.hive.org.slf4j.LoggerFactory;
import org.apache.slider.common.SliderKeys;
import org.apache.slider.common.SliderXmlConfKeys;
import org.apache.slider.common.tools.SliderUtils;
import org.apache.slider.core.conf.AggregateConf;
import org.apache.slider.core.exceptions.SliderException;

/* loaded from: input_file:org/apache/slider/server/appmaster/security/SecurityConfiguration.class */
public class SecurityConfiguration {
    protected static final Logger log = LoggerFactory.getLogger((Class<?>) SecurityConfiguration.class);
    private final Configuration configuration;
    private final AggregateConf instanceDefinition;
    private String clusterName;

    public SecurityConfiguration(Configuration configuration, AggregateConf aggregateConf, String str) throws SliderException {
        Preconditions.checkNotNull(configuration);
        Preconditions.checkNotNull(aggregateConf);
        Preconditions.checkNotNull(str);
        this.configuration = configuration;
        this.instanceDefinition = aggregateConf;
        this.clusterName = str;
        validate();
    }

    private void validate() throws SliderException {
        if (isSecurityEnabled()) {
            if (SliderUtils.isUnset(this.instanceDefinition.getAppConfOperations().getComponent(SliderKeys.COMPONENT_AM).get((Object) SliderXmlConfKeys.KEY_KEYTAB_PRINCIPAL))) {
                try {
                    if (getLoginUser() == null) {
                        throw new SliderException(41, "No principal configured for the application and no login user found. Unable to proceed with application initialization.  Please ensure a value for %s exists in the application configuration or the login issue is addressed", SliderXmlConfKeys.KEY_KEYTAB_PRINCIPAL);
                    }
                } catch (IOException e) {
                    throw new SliderException(41, e, "No principal configured for the application and exception raised during retrieval of login user. Unable to proceed with application initialization.  Please ensure a value for %s exists in the application configuration or the login issue is addressed", SliderXmlConfKeys.KEY_KEYTAB_PRINCIPAL);
                }
            }
            String str = this.instanceDefinition.getAppConfOperations().getComponent(SliderKeys.COMPONENT_AM).get((Object) SliderXmlConfKeys.KEY_AM_KEYTAB_LOCAL_PATH);
            String str2 = this.instanceDefinition.getAppConfOperations().getComponent(SliderKeys.COMPONENT_AM).get((Object) SliderXmlConfKeys.KEY_AM_LOGIN_KEYTAB_NAME);
            if (SliderUtils.isSet(str) && SliderUtils.isSet(str2)) {
                throw new SliderException(41, "Both a keytab on the cluster host (%s) and a keytab to be retrieved from HDFS (%s) are specified.  Please configure only one keytab retrieval mechanism.", SliderXmlConfKeys.KEY_AM_KEYTAB_LOCAL_PATH, SliderXmlConfKeys.KEY_AM_LOGIN_KEYTAB_NAME);
            }
        }
    }

    protected UserGroupInformation getLoginUser() throws IOException {
        return UserGroupInformation.getLoginUser();
    }

    public boolean isSecurityEnabled() {
        return SliderUtils.isHadoopClusterSecure(this.configuration);
    }

    public String getPrincipal() throws IOException {
        String str = this.instanceDefinition.getAppConfOperations().getComponent(SliderKeys.COMPONENT_AM).get((Object) SliderXmlConfKeys.KEY_KEYTAB_PRINCIPAL);
        if (SliderUtils.isUnset(str)) {
            str = UserGroupInformation.getLoginUser().getShortUserName();
            log.info("No principal set in the slider configuration.  Will use AM login identity {} to attempt keytab-based login", str);
        }
        return str;
    }

    public boolean isKeytabProvided() {
        return StringUtils.isNotBlank(this.instanceDefinition.getAppConfOperations().getComponent(SliderKeys.COMPONENT_AM).get((Object) SliderXmlConfKeys.KEY_AM_KEYTAB_LOCAL_PATH)) || StringUtils.isNotBlank(this.instanceDefinition.getAppConfOperations().getComponent(SliderKeys.COMPONENT_AM).get((Object) SliderXmlConfKeys.KEY_AM_LOGIN_KEYTAB_NAME));
    }

    public File getKeytabFile(AggregateConf aggregateConf) throws SliderException, IOException {
        File file;
        String str = aggregateConf.getAppConfOperations().getComponent(SliderKeys.COMPONENT_AM).get(SliderXmlConfKeys.KEY_AM_KEYTAB_LOCAL_PATH);
        if (SliderUtils.isUnset(str)) {
            String str2 = aggregateConf.getAppConfOperations().getComponent(SliderKeys.COMPONENT_AM).get(SliderXmlConfKeys.KEY_AM_LOGIN_KEYTAB_NAME);
            log.info("No host keytab file path specified. Will attempt to retrieve keytab file {} as a local resource for the container", str2);
            file = new File(SliderKeys.KEYTAB_DIR, str2);
        } else {
            log.info("Using host keytab file {} for login", str);
            file = new File(str);
        }
        return file;
    }
}
