package io.hops.hopsworks.common.security;

import io.hops.hopsworks.common.dao.dela.certs.ClusterCertificateFacade;
import io.hops.hopsworks.common.util.Settings;
import io.hops.hopsworks.exceptions.EncryptionMasterPasswordException;
import io.hops.hopsworks.persistence.entity.dela.certs.ClusterCertificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import javax.ejb.TransactionAttribute;
import javax.ejb.TransactionAttributeType;

@TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
@Stateless
/* loaded from: input_file:io/hops/hopsworks/common/security/DelaCertsMasterPasswordHandler.class */
public class DelaCertsMasterPasswordHandler implements MasterPasswordHandler {
    private final Logger LOGGER = Logger.getLogger(DelaCertsMasterPasswordHandler.class.getName());

    @EJB
    private ClusterCertificateFacade clusterCertificateFacade;

    @EJB
    private Settings settings;

    @Override // io.hops.hopsworks.common.security.MasterPasswordHandler
    public void pre() {
    }

    @Override // io.hops.hopsworks.common.security.MasterPasswordHandler
    public MasterPasswordChangeResult perform(String str, String str2) {
        StringBuilder sb = new StringBuilder();
        sb.append("Performing change of master password for Dela certificates\n");
        HashMap hashMap = new HashMap();
        Optional<List<ClusterCertificate>> allClusterCerts = this.clusterCertificateFacade.getAllClusterCerts();
        if (allClusterCerts.isPresent()) {
            this.LOGGER.log(Level.INFO, "Updating Dela certs with new Hopsworks master encryption password");
            String str3 = null;
            try {
                for (ClusterCertificate clusterCertificate : allClusterCerts.get()) {
                    str3 = clusterCertificate.getClusterName();
                    String certificatePassword = clusterCertificate.getCertificatePassword();
                    hashMap.putIfAbsent(str3, certificatePassword);
                    clusterCertificate.setCertificatePassword(getNewUserPassword(this.settings.getHopsSiteClusterPswd().get(), certificatePassword, str, str2));
                    this.clusterCertificateFacade.updateClusterCerts(clusterCertificate);
                    sb.append("Updated certificate: ").append(str3).append("\n");
                }
            } catch (Exception e) {
                String str4 = "Something went wrong while updating master encryption password for Cluster Certificates. Cluster certificate provoked the error was: " + str3;
                this.LOGGER.log(Level.SEVERE, str4 + " rolling back...", (Throwable) e);
                return new MasterPasswordChangeResult(hashMap, new EncryptionMasterPasswordException(str4));
            }
        }
        return new MasterPasswordChangeResult(sb, hashMap, null);
    }

    @Override // io.hops.hopsworks.common.security.MasterPasswordHandler
    public void rollback(MasterPasswordChangeResult masterPasswordChangeResult) {
        this.LOGGER.log(Level.INFO, "Rolling back Dela certificates");
        for (Map.Entry entry : ((HashMap) masterPasswordChangeResult.getRollbackItems()).entrySet()) {
            String str = (String) entry.getKey();
            String str2 = (String) entry.getValue();
            Optional<ClusterCertificate> clusterCert = this.clusterCertificateFacade.getClusterCert(str);
            if (clusterCert.isPresent()) {
                ClusterCertificate clusterCertificate = clusterCert.get();
                clusterCertificate.setCertificatePassword(str2);
                this.clusterCertificateFacade.updateClusterCerts(clusterCertificate);
            }
        }
    }

    @Override // io.hops.hopsworks.common.security.MasterPasswordHandler
    public void post() {
    }
}
