package org.apache.kerby.kerberos.kerb.client;

import java.io.File;
import java.io.IOException;
import org.apache.hive.org.slf4j.Logger;
import org.apache.hive.org.slf4j.LoggerFactory;
import org.apache.kerby.KOptions;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.ccache.Credential;
import org.apache.kerby.kerberos.kerb.ccache.CredentialCache;
import org.apache.kerby.kerberos.kerb.client.impl.DefaultInternalKrbClient;
import org.apache.kerby.kerberos.kerb.client.impl.InternalKrbClient;
import org.apache.kerby.kerberos.kerb.type.kdc.EncAsRepPart;
import org.apache.kerby.kerberos.kerb.type.ticket.SgtTicket;
import org.apache.kerby.kerberos.kerb.type.ticket.TgtTicket;

/* loaded from: input_file:org/apache/kerby/kerberos/kerb/client/KrbClientBase.class */
public class KrbClientBase {
    private final KrbConfig krbConfig;
    private final KOptions commonOptions;
    private final KrbSetting krbSetting;
    private InternalKrbClient innerClient;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) KrbClientBase.class);

    public KrbClientBase() throws KrbException {
        this.krbConfig = ClientUtil.getDefaultConfig();
        this.commonOptions = new KOptions();
        this.krbSetting = new KrbSetting(this.commonOptions, this.krbConfig);
    }

    public KrbClientBase(KrbConfig krbConfig) {
        this.krbConfig = krbConfig;
        this.commonOptions = new KOptions();
        this.krbSetting = new KrbSetting(this.commonOptions, krbConfig);
    }

    public KrbClientBase(File file) throws KrbException {
        this.commonOptions = new KOptions();
        this.krbConfig = ClientUtil.getConfig(file);
        this.krbSetting = new KrbSetting(this.commonOptions, this.krbConfig);
    }

    public KrbClientBase(KrbClientBase krbClientBase) {
        this.commonOptions = krbClientBase.commonOptions;
        this.krbConfig = krbClientBase.krbConfig;
        this.krbSetting = krbClientBase.krbSetting;
        this.innerClient = krbClientBase.innerClient;
    }

    public void setKdcRealm(String str) {
        this.commonOptions.add(KrbOption.KDC_REALM, str);
    }

    public void setKdcHost(String str) {
        this.commonOptions.add(KrbOption.KDC_HOST, str);
    }

    public void setKdcTcpPort(int i) {
        if (i < 1) {
            throw new IllegalArgumentException("Invalid port");
        }
        this.commonOptions.add(KrbOption.KDC_TCP_PORT, Integer.valueOf(i));
        setAllowTcp(true);
    }

    public void setAllowUdp(boolean z) {
        this.commonOptions.add(KrbOption.ALLOW_UDP, Boolean.valueOf(z));
    }

    public void setAllowTcp(boolean z) {
        this.commonOptions.add(KrbOption.ALLOW_TCP, Boolean.valueOf(z));
    }

    public void setKdcUdpPort(int i) {
        if (i < 1) {
            throw new IllegalArgumentException("Invalid port");
        }
        this.commonOptions.add(KrbOption.KDC_UDP_PORT, Integer.valueOf(i));
        setAllowUdp(true);
    }

    public void setTimeout(int i) {
        this.commonOptions.add(KrbOption.CONN_TIMEOUT, Integer.valueOf(i));
    }

    public void init() throws KrbException {
        this.innerClient = new DefaultInternalKrbClient(this.krbSetting);
        this.innerClient.init();
    }

    public KrbSetting getSetting() {
        return this.krbSetting;
    }

    public KrbConfig getKrbConfig() {
        return this.krbConfig;
    }

    public TgtTicket requestTgt(KOptions kOptions) throws KrbException {
        if (kOptions == null) {
            throw new IllegalArgumentException("Null requestOptions specified");
        }
        return this.innerClient.requestTgt(kOptions);
    }

    public SgtTicket requestSgt(TgtTicket tgtTicket, String str) throws KrbException {
        KOptions kOptions = new KOptions();
        kOptions.add(KrbOption.USE_TGT, tgtTicket);
        kOptions.add(KrbOption.SERVER_PRINCIPAL, str);
        return this.innerClient.requestSgt(kOptions);
    }

    public SgtTicket requestSgt(KOptions kOptions) throws KrbException {
        return this.innerClient.requestSgt(kOptions);
    }

    public SgtTicket requestSgt(File file, String str) throws KrbException {
        Credential credentialFromFile = getCredentialFromFile(file);
        TgtTicket tgtTicketFromCredential = getTgtTicketFromCredential(credentialFromFile);
        KOptions kOptions = new KOptions();
        if (str == null) {
            kOptions.add(KrbKdcOption.RENEW);
            str = credentialFromFile.getServicePrincipal().getName();
        }
        kOptions.add(KrbOption.USE_TGT, tgtTicketFromCredential);
        kOptions.add(KrbOption.SERVER_PRINCIPAL, str);
        SgtTicket requestSgt = this.innerClient.requestSgt(kOptions);
        requestSgt.setClientPrincipal(tgtTicketFromCredential.getClientPrincipal());
        return requestSgt;
    }

    public void storeTicket(TgtTicket tgtTicket, File file) throws KrbException {
        LOG.info("Storing the tgt to the credential cache file.");
        if (!file.exists()) {
            createCacheFile(file);
        }
        if (!file.exists() || !file.canWrite()) {
            throw new IllegalArgumentException("Invalid ccache file, not exist or writable: " + file.getAbsolutePath());
        }
        try {
            new CredentialCache(tgtTicket).store(file);
        } catch (IOException e) {
            throw new KrbException("Failed to store tgt", e);
        }
    }

    public void storeTicket(SgtTicket sgtTicket, File file) throws KrbException {
        CredentialCache credentialCache;
        LOG.info("Storing the sgt to the credential cache file.");
        boolean z = !file.exists() || file.length() == 0;
        if (z) {
            createCacheFile(file);
        }
        if (!file.exists() || !file.canWrite()) {
            throw new IllegalArgumentException("Invalid ccache file, not exist or writable: " + file.getAbsolutePath());
        }
        try {
            if (z) {
                credentialCache = new CredentialCache(sgtTicket);
            } else {
                credentialCache = new CredentialCache();
                credentialCache.load(file);
                credentialCache.addCredential(new Credential(sgtTicket, sgtTicket.getClientPrincipal()));
            }
            credentialCache.store(file);
        } catch (IOException e) {
            throw new KrbException("Failed to store sgt", e);
        }
    }

    public void renewTicket(SgtTicket sgtTicket, File file) throws KrbException {
        LOG.info("Renewing the ticket to the credential cache file.");
        if (!file.exists()) {
            createCacheFile(file);
        }
        if (!file.exists() || !file.canWrite()) {
            throw new IllegalArgumentException("Invalid ccache file, not exist or writable: " + file.getAbsolutePath());
        }
        try {
            new CredentialCache(sgtTicket).store(file);
        } catch (IOException e) {
            throw new KrbException("Failed to renew ticket", e);
        }
    }

    private void createCacheFile(File file) throws KrbException {
        try {
            if (!file.createNewFile()) {
                throw new KrbException("Failed to create ccache file " + file.getAbsolutePath());
            }
            file.setReadable(true, true);
            if (!file.setWritable(true, true)) {
                throw new KrbException("Cache file is not readable.");
            }
        } catch (IOException e) {
            throw new KrbException("Failed to create ccache file " + file.getAbsolutePath(), e);
        }
    }

    public TgtTicket getTgtTicketFromCredential(Credential credential) {
        EncAsRepPart encAsRepPart = new EncAsRepPart();
        encAsRepPart.setAuthTime(credential.getAuthTime());
        encAsRepPart.setCaddr(credential.getClientAddresses());
        encAsRepPart.setEndTime(credential.getEndTime());
        encAsRepPart.setFlags(credential.getTicketFlags());
        encAsRepPart.setKey(credential.getKey());
        encAsRepPart.setRenewTill(credential.getRenewTill());
        encAsRepPart.setSname(credential.getServerName());
        encAsRepPart.setSrealm(credential.getServerName().getRealm());
        encAsRepPart.setStartTime(credential.getStartTime());
        return new TgtTicket(credential.getTicket(), encAsRepPart, credential.getClientName());
    }

    public Credential getCredentialFromFile(File file) throws KrbException {
        try {
            return resolveCredCache(file).getCredentials().iterator().next();
        } catch (IOException e) {
            throw new KrbException("Failed to load armor cache file");
        }
    }

    public CredentialCache resolveCredCache(File file) throws IOException {
        CredentialCache credentialCache = new CredentialCache();
        credentialCache.load(file);
        return credentialCache;
    }
}
