package com.huawei.hadoop.hbase.metric.util;

import com.huawei.hadoop.hbase.metric.MetricControllerConstants;
import com.huawei.hadoop.hbase.metric.model.ResponseModel;
import com.huawei.us.common.random.UsSecureRandom;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.CommonUtils;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.security.User;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.NoHttpResponseException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpHead;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.BufferedHttpEntity;
import org.apache.http.entity.InputStreamEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.ssl.TrustStrategy;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/huawei/hadoop/hbase/metric/util/MetricClient.class */
public class MetricClient {
    private static final String AUTH_COOKIE = "hadoop.auth";
    private static final String AUTH_COOKIE_EQ = "hadoop.auth=";
    private static final String COOKIE = "Cookie";
    CloseableHttpClient httpClient;
    boolean sslEnabled;
    Configuration conf;
    String hostname;
    String ip;
    int port;
    private long startTime;
    private static MetricClient instance;
    private static final Logger LOG = LoggerFactory.getLogger(MetricClient.class);
    private static volatile boolean isInitialized = false;
    private static final Set<String> configSet = new HashSet();

    private MetricClient(Configuration configuration, String str) {
        this(configuration, str, configuration.getBoolean(MetricControllerConstants.METRIC_CONTROLLER_SSL_ENABLED, false));
    }

    private MetricClient(Configuration configuration, String str, boolean z) {
        try {
            this.conf = configuration;
            this.sslEnabled = z;
            this.hostname = str;
            this.ip = InetAddress.getByName(str).getHostAddress();
            this.port = this.conf.getInt(MetricControllerConstants.HBASE_METRIC_CONTROLLER_PORT, MetricControllerConstants.HBASE_METRIC_CONTROLLER_PORT_DEFAULT);
            initHttpClient(configHttpClient());
        } catch (UnknownHostException e) {
            LOG.warn("Parse MetricController hostname failed. hostname:{}, ", str, e);
        } catch (IOException e2) {
            LOG.warn("Initialize Http client failed.", e2);
        }
    }

    private HttpClientBuilder configHttpClient() {
        HttpClientBuilder custom = HttpClients.custom();
        int i = this.conf.getInt(MetricControllerConstants.METRIC_CONTROLLER_CLIENT_CONN_TIMEOUT, MetricControllerConstants.DEFAULT_METRIC_CONTROLLER_CLIENT_CONN_TIMEOUT);
        custom.setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(i).setSocketTimeout(this.conf.getInt(MetricControllerConstants.METRIC_CONTROLLER_CLIENT_SOCKET_TIMEOUT, MetricControllerConstants.DEFAULT_METRIC_CONTROLLER_CLIENT_SOCKET_TIMEOUT)).setNormalizeUri(false).build()).setConnectionManagerShared(true).setRetryHandler((iOException, i2, httpContext) -> {
            if (i2 > 3) {
                LOG.warn("Maximum tries reached for client http pool ");
                return false;
            }
            if (!(iOException instanceof NoHttpResponseException)) {
                return false;
            }
            LOG.warn("No response from server on {} call", Integer.valueOf(i2));
            return true;
        });
        custom.disableContentCompression();
        return custom;
    }

    public static synchronized MetricClient getInstance(Configuration configuration, String str) {
        initMetricClient(configuration, str);
        if (!isInitialized) {
            instance = new MetricClient(configuration, str);
            isInitialized = true;
        }
        return instance;
    }

    public static synchronized MetricClient getInstanceWithSslEnabled(Configuration configuration, String str) {
        initMetricClient(configuration, str);
        if (!isInitialized) {
            instance = new MetricClient(configuration, str, true);
            isInitialized = true;
        }
        return instance;
    }

    private static void initMetricClient(Configuration configuration, String str) {
        initConfigSet();
        if (isInitialized) {
            if (!isConfEquals(instance.conf, configuration, configSet)) {
                LOG.info("Client conf updated, Metric Client will be reinitialized");
                instance.close();
                isInitialized = false;
            } else {
                if (StringUtils.equals(instance.hostname, str)) {
                    return;
                }
                instance.hostname = str;
                try {
                    instance.ip = InetAddress.getByName(str).getHostAddress();
                } catch (UnknownHostException e) {
                    LOG.warn("Parse MetricController hostname failed. hostname:{}, ", str, e);
                }
            }
        }
    }

    private static boolean isConfEquals(Configuration configuration, Configuration configuration2, Set<String> set) {
        if (instance.sslEnabled) {
            configuration2.addResource("ssl-server.xml");
        }
        for (String str : set) {
            if (!Objects.equals(configuration.get(str), configuration2.get(str))) {
                return false;
            }
        }
        return true;
    }

    private static void initConfigSet() {
        if (configSet.isEmpty()) {
            configSet.add(MetricControllerConstants.METRIC_CONTROLLER_SSL_ENABLED);
            configSet.add(MetricControllerConstants.HBASE_METRIC_CONTROLLER_PORT);
            configSet.add(MetricControllerConstants.METRIC_CONTROLLER_CLIENT_CONN_TIMEOUT);
            configSet.add(MetricControllerConstants.METRIC_CONTROLLER_CLIENT_SOCKET_TIMEOUT);
            configSet.add(MetricControllerConstants.SSL_SERVER_TRUSTSTORE_STORE);
            configSet.add(MetricControllerConstants.METRIC_CONTROLLER_KERBEROS_PRINCIPAL);
            configSet.add(MetricControllerConstants.METRIC_CONTROLLER_KEYTAB_FILE);
        }
    }

    private void initHttpClient(HttpClientBuilder httpClientBuilder) throws IOException {
        if (this.sslEnabled) {
            this.conf.addResource("ssl-server.xml");
            String str = this.conf.get(MetricControllerConstants.SSL_SERVER_TRUSTSTORE_STORE);
            String password = HBaseConfiguration.getPassword(this.conf, MetricControllerConstants.SSL_SERVER_TRUSTSTORE_PASSWORD, (String) null);
            if (str == null) {
                throw new IOException("Client init keystore failed with empty truststore location.");
            }
            try {
                FileInputStream fileInputStream = new FileInputStream(str);
                Throwable th = null;
                try {
                    try {
                        KeyStore keyStore = KeyStore.getInstance("jks");
                        keyStore.load(fileInputStream, password.toCharArray());
                        httpClientBuilder.setSSLContext(SSLContexts.custom().loadTrustMaterial(keyStore, (TrustStrategy) null).setSecureRandom(UsSecureRandom.getInstance()).build());
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                throw new RuntimeException(e);
            }
        }
        this.httpClient = httpClientBuilder.build();
    }

    public HttpResponse executeURI(HttpUriRequest httpUriRequest, Header[] headerArr, String str) throws IOException {
        if (headerArr != null) {
            for (Header header : headerArr) {
                httpUriRequest.addHeader(header);
            }
        }
        this.startTime = System.currentTimeMillis();
        if (httpUriRequest instanceof HttpPut) {
            HttpPut httpPut = new HttpPut(str);
            httpPut.setEntity(((HttpPut) httpUriRequest).getEntity());
            httpPut.setHeaders(httpUriRequest.getAllHeaders());
            httpUriRequest = httpPut;
        } else if (httpUriRequest instanceof HttpGet) {
            httpUriRequest = new HttpGet(str);
        } else if (httpUriRequest instanceof HttpHead) {
            httpUriRequest = new HttpHead(str);
        } else if (httpUriRequest instanceof HttpDelete) {
            httpUriRequest = new HttpDelete(str);
        } else if (httpUriRequest instanceof HttpPost) {
            HttpPost httpPost = new HttpPost(str);
            httpPost.setEntity(((HttpPost) httpUriRequest).getEntity());
            httpPost.setHeaders(httpUriRequest.getAllHeaders());
            httpUriRequest = httpPost;
        }
        return authenticateAndRequest(httpUriRequest, str);
    }

    private HttpResponse authenticateAndRequest(HttpUriRequest httpUriRequest, String str) throws IOException {
        if (!User.isHBaseSecurityEnabled(this.conf)) {
            return getHttpResponse(httpUriRequest, str);
        }
        if (this.conf.get(MetricControllerConstants.METRIC_CONTROLLER_KERBEROS_PRINCIPAL) == null) {
            throw new IOException("principal is empty");
        }
        if (this.conf.get(MetricControllerConstants.METRIC_CONTROLLER_KEYTAB_FILE) == null) {
            throw new IOException("keytab file path is empty");
        }
        return (HttpResponse) UserGroupInformation.getLoginUser().doAs(() -> {
            HttpResponse httpResponse = null;
            try {
                KerberosAuthenticator kerberosAuthenticator = new KerberosAuthenticator();
                AuthenticatedURL.Token token = new AuthenticatedURL.Token();
                kerberosAuthenticator.authenticate(new URL(str), token);
                injectToken(httpUriRequest, token);
                httpResponse = getHttpResponse(httpUriRequest, str);
            } catch (IOException e) {
                LOG.error("Failed send request.", e);
            } catch (AuthenticationException e2) {
                LOG.error("Authetication failed", e2);
            }
            return httpResponse;
        });
    }

    private HttpResponse getHttpResponse(HttpUriRequest httpUriRequest, String str) throws IOException {
        CloseableHttpResponse execute = this.httpClient.execute(httpUriRequest);
        long currentTimeMillis = System.currentTimeMillis();
        if (LOG.isTraceEnabled()) {
            LOG.trace("{} {} {} {} in {} ms", new Object[]{httpUriRequest.getMethod(), str, Integer.valueOf(execute.getStatusLine().getStatusCode()), execute.getStatusLine().getReasonPhrase(), Long.valueOf(currentTimeMillis - this.startTime)});
        }
        return execute;
    }

    public static ResponseModel parseHttpEntity(HttpResponse httpResponse) throws IOException {
        if (httpResponse == null) {
            return null;
        }
        ResponseModel responseModel = new ResponseModel();
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        responseModel.setStatusCode(statusCode);
        try {
            BufferedHttpEntity bufferedHttpEntity = new BufferedHttpEntity(httpResponse.getEntity());
            if (statusCode != 200 && statusCode != 204 && statusCode != 201) {
                LOG.error("Request failed. Status: {}, Details: {}.", httpResponse.getStatusLine(), bufferedHttpEntity == null ? "No more" : EntityUtils.toString(bufferedHttpEntity, "UTF-8"));
            } else if (bufferedHttpEntity != null && bufferedHttpEntity.getContentLength() > 0) {
                responseModel.setContent(EntityUtils.toString(bufferedHttpEntity));
            }
            EntityUtils.consume(bufferedHttpEntity);
            return responseModel;
        } catch (Throwable th) {
            EntityUtils.consume(null);
            throw th;
        }
    }

    private void injectToken(HttpUriRequest httpUriRequest, AuthenticatedURL.Token token) {
        String token2 = token.toString();
        if (token2 != null) {
            if (!token2.startsWith("\"")) {
                token2 = "\"" + token2 + "\"";
            }
            httpUriRequest.addHeader(COOKIE, AUTH_COOKIE_EQ + token2);
        }
    }

    public HttpResponse post(String str, Header[] headerArr, byte[] bArr) throws IOException {
        HttpPost httpPost = new HttpPost(str);
        try {
            httpPost.setEntity(new InputStreamEntity(new ByteArrayInputStream(bArr), bArr.length));
            HttpResponse executeURI = executeURI(httpPost, headerArr, checkPath(str));
            httpPost.releaseConnection();
            return executeURI;
        } catch (Throwable th) {
            httpPost.releaseConnection();
            throw th;
        }
    }

    public HttpResponse get(String str, Header[] headerArr) throws IOException {
        HttpGet httpGet = new HttpGet(str);
        try {
            HttpResponse executeURI = executeURI(httpGet, headerArr, checkPath(str));
            httpGet.releaseConnection();
            return executeURI;
        } catch (Throwable th) {
            httpGet.releaseConnection();
            throw th;
        }
    }

    private String checkPath(String str) {
        if (!str.startsWith("/")) {
            return str;
        }
        StringBuilder sb = new StringBuilder();
        if (this.sslEnabled) {
            sb.append("https://");
        } else {
            sb.append("http://");
        }
        sb.append(CommonUtils.formatRmiHost(this.ip));
        sb.append(":");
        sb.append(this.port);
        sb.append(str);
        return sb.toString();
    }

    public void close() {
        try {
            if (this.httpClient != null) {
                this.httpClient.close();
            }
        } catch (IOException e) {
            LOG.error("httpClient close error", e);
        }
    }
}
