package org.apache.hadoop.hbase.zookeeper.server.auth;

import java.util.Properties;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.hbase.security.common.IAMAuthCommonUtils;
import org.apache.hadoop.hbase.security.common.IAMAuthInfo;
import org.apache.hadoop.hbase.security.token.AKSKTokenCommonUtil;
import org.apache.hadoop.hbase.zookeeper.IAMAuthZookeeperUtil;
import org.apache.zookeeper.KeeperException;
import org.apache.zookeeper.data.Id;
import org.apache.zookeeper.server.ServerCnxn;
import org.apache.zookeeper.server.auth.ExtAuthenticationProvider;

/* loaded from: input_file:org/apache/hadoop/hbase/zookeeper/server/auth/IAMAuthenticationProvider.class */
public class IAMAuthenticationProvider implements ExtAuthenticationProvider {
    public static final Log LOG = LogFactory.getLog(IAMAuthenticationProvider.class);
    private Properties configuration;

    public IAMAuthenticationProvider() {
        this.configuration = null;
        this.configuration = IAMAuthZookeeperUtil.getDecryptServerConfig();
    }

    public String getScheme() {
        return IAMAuthZookeeperUtil.SCHEME;
    }

    public KeeperException.Code handleAuthentication(ServerCnxn serverCnxn, byte[] bArr) {
        LOG.info("enter handleAuthentication.");
        if (null == this.configuration) {
            LOG.error("configuration is null, reinit it.");
            this.configuration = IAMAuthZookeeperUtil.getDecryptServerConfig();
        }
        if (!AKSKTokenCommonUtil.isAkskAuth(this.configuration)) {
            return KeeperException.Code.OK;
        }
        if (IAMAuthCommonUtils.isEmpty(bArr)) {
            throw new IllegalArgumentException("Auth data is empty");
        }
        IAMAuthInfo parse = IAMAuthInfo.parse(bArr);
        String str = null;
        try {
            str = AKSKTokenCommonUtil.retrievePassword(this.configuration, parse.getAccessKey(), parse.getUserName());
        } catch (Exception e) {
            LOG.error("retrievePassword faild.", e);
        }
        if (!IAMAuthCommonUtils.isEmpty(str) && str.equals(parse.getSecretKey())) {
            serverCnxn.addAuthInfo(new Id(getScheme(), parse.getUserName()));
            return KeeperException.Code.OK;
        }
        return KeeperException.Code.AUTHFAILED;
    }

    public boolean matches(String str, String str2) {
        return str.equals(str2);
    }

    public boolean isAuthenticated() {
        return true;
    }

    public boolean isValid(String str) {
        return true;
    }

    public String getUserName(String str) {
        return str;
    }
}
