package io.hops.hopsworks.common.security;

import io.hops.hopsworks.common.util.Settings;
import io.hops.hopsworks.exceptions.CryptoPasswordNotFoundException;
import io.hops.security.HopsUtil;
import io.hops.security.SuperuserKeystoresLoader;
import java.io.File;
import java.io.IOException;
import java.nio.file.Paths;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.PostConstruct;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.net.HopsSSLSocketFactory;
import org.apache.hadoop.security.ssl.X509SecurityMaterial;

@Stateless
/* loaded from: input_file:io/hops/hopsworks/common/security/BaseHadoopClientsService.class */
public class BaseHadoopClientsService {

    @EJB
    private CertificateMaterializer certificateMaterializer;

    @EJB
    protected Settings settings;
    private X509SecurityMaterial securityMaterial;
    private String materialPassword;
    private final Logger LOG = Logger.getLogger(BaseHadoopClientsService.class.getName());

    @PostConstruct
    public void init() {
        String hadoopConfDir = this.settings.getHadoopConfDir();
        File file = new File(hadoopConfDir, Settings.DEFAULT_HADOOP_CONFFILE_NAME);
        if (!file.exists()) {
            handleMissingConf(Settings.DEFAULT_HADOOP_CONFFILE_NAME, hadoopConfDir);
        }
        Configuration configuration = new Configuration();
        configuration.addResource(new Path(file.getAbsolutePath()));
        try {
            this.securityMaterial = new SuperuserKeystoresLoader(configuration).loadSuperUserMaterial();
            this.materialPassword = HopsUtil.readCryptoMaterialPassword(this.securityMaterial.getPasswdLocation().toFile());
        } catch (IOException e) {
            this.LOG.log(Level.SEVERE, "Could not load super user x.509 material", (Throwable) e);
            throw new RuntimeException(e);
        }
    }

    public String getSuperKeystorePath() {
        return this.securityMaterial.getKeyStoreLocation().toString();
    }

    public String getSuperKeystorePassword() {
        return this.materialPassword;
    }

    public String getSuperTrustStorePath() {
        return this.securityMaterial.getTrustStoreLocation().toString();
    }

    public String getSuperTrustStorePassword() {
        return this.materialPassword;
    }

    public String getProjectSpecificUserCertPassword(String str) throws CryptoPasswordNotFoundException {
        if (str == null) {
            throw new RuntimeException("Username cannot be null!");
        }
        String[] split = str.split("__", 2);
        return new String(this.certificateMaterializer.getUserMaterial(split[1], split[0]).getPassword());
    }

    public void configureTlsForProjectSpecificUser(String str, String str2, Configuration configuration) throws CryptoPasswordNotFoundException {
        String projectSpecificUserCertPassword = getProjectSpecificUserCertPassword(str);
        String path = Paths.get(str2, str).toString();
        HopsSSLSocketFactory.setTlsConfiguration(path + Settings.KEYSTORE_SUFFIX, projectSpecificUserCertPassword, path + Settings.TRUSTSTORE_SUFFIX, projectSpecificUserCertPassword, configuration);
    }

    public void materializeCertsForNonSuperUser(String str) {
        if (str != null) {
            String[] split = str.split("__", 2);
            if (split.length == 2) {
                try {
                    this.certificateMaterializer.materializeCertificatesLocal(split[1], split[0]);
                } catch (IOException e) {
                    throw new RuntimeException("Error while materializing user certificates " + e.getMessage(), e);
                }
            }
        }
    }

    public void removeNonSuperUserCertificate(String str) {
        if (str != null) {
            String[] split = str.split("__", 2);
            if (split.length == 2) {
                this.certificateMaterializer.removeCertificatesLocal(split[1], split[0]);
            }
        }
    }

    private void handleMissingConf(String str, String str2) throws IllegalStateException {
        this.LOG.log(Level.SEVERE, "Unable to locate {0} in {1}", new Object[]{str, str2});
        throw new IllegalStateException("Unable to locate " + str + " in " + str2);
    }
}
