package io.hops.hadoop.hive.registry.impl;

import java.io.IOException;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.util.KerberosUtil;
import org.apache.hive.org.slf4j.Logger;
import org.apache.hive.org.slf4j.LoggerFactory;

/* loaded from: input_file:io/hops/hadoop/hive/registry/impl/ZookeeperUtils.class */
public class ZookeeperUtils {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) ZookeeperUtils.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/hops/hadoop/hive/registry/impl/ZookeeperUtils$JaasConfiguration.class */
    public static class JaasConfiguration extends Configuration {
        private final Configuration baseConfig = Configuration.getConfiguration();
        private final String loginContextName;
        private final String principal;
        private final String keyTabFile;

        public JaasConfiguration(String str, String str2, String str3) {
            this.loginContextName = str;
            this.principal = str2;
            this.keyTabFile = str3;
        }

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            if (!this.loginContextName.equals(str)) {
                if (this.baseConfig != null) {
                    return this.baseConfig.getAppConfigurationEntry(str);
                }
                return null;
            }
            HashMap hashMap = new HashMap();
            hashMap.put("doNotPrompt", "true");
            hashMap.put("storeKey", "true");
            hashMap.put("useKeyTab", "true");
            hashMap.put("principal", this.principal);
            hashMap.put("keyTab", this.keyTabFile);
            hashMap.put("refreshKrb5Config", "true");
            return new AppConfigurationEntry[]{new AppConfigurationEntry(KerberosUtil.getKrb5LoginModuleName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap)};
        }
    }

    public static String setupZookeeperAuth(org.apache.hadoop.conf.Configuration configuration, String str, String str2, String str3) throws IOException {
        if (!UserGroupInformation.isSecurityEnabled() || str == null) {
            LOG.info("UGI security is not enabled, or no SASL context name. Skipping setting up ZK auth.");
            return null;
        }
        LOG.info("UGI security is enabled. Setting up ZK auth.");
        if (str2 == null || str2.isEmpty()) {
            throw new IOException("Kerberos principal is empty");
        }
        if (str3 == null || str3.isEmpty()) {
            throw new IOException("Kerberos keytab is empty");
        }
        return setZookeeperClientKerberosJaasConfig(str, str2, str3);
    }

    private static String setZookeeperClientKerberosJaasConfig(String str, String str2, String str3) throws IOException {
        System.setProperty("zookeeper.sasl.clientconfig", str);
        String serverPrincipal = SecurityUtil.getServerPrincipal(str2, "0.0.0.0");
        Configuration.setConfiguration(new JaasConfiguration(str, serverPrincipal, str3));
        return serverPrincipal;
    }
}
