package com.huawei.bigdata.om.common.rpc;

import com.huawei.bigdata.om.common.auth.SecurityUtils;
import com.huawei.bigdata.om.common.utils.HaUtil;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.util.HashMap;
import javax.security.auth.Subject;
import org.apache.commons.lang3.StringUtils;
import org.apache.thrift.TProcessor;
import org.apache.thrift.protocol.TCompactProtocol;
import org.apache.thrift.server.TThreadPoolServer;
import org.apache.thrift.server.TThreadedSelectorServer;
import org.apache.thrift.transport.TNonblockingServerSocket;
import org.apache.thrift.transport.TSSLTransportFactory;
import org.apache.thrift.transport.TSaslServerTransport;
import org.apache.thrift.transport.TServerSocket;
import org.apache.thrift.transport.TTransportException;
import org.apache.thrift.transport.TTransportFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/huawei/bigdata/om/common/rpc/RpcServiceFactory.class */
public class RpcServiceFactory {
    private static final Logger log = LoggerFactory.getLogger(RpcServiceFactory.class);
    private static final String protocol = "TLS";

    /* renamed from: com.huawei.bigdata.om.common.rpc.RpcServiceFactory$1, reason: invalid class name */
    /* loaded from: input_file:com/huawei/bigdata/om/common/rpc/RpcServiceFactory$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$huawei$bigdata$om$common$rpc$RpcType = new int[RpcType.values().length];

        static {
            try {
                $SwitchMap$com$huawei$bigdata$om$common$rpc$RpcType[RpcType.KERBEROS.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$huawei$bigdata$om$common$rpc$RpcType[RpcType.KERBEROS_SASL.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$huawei$bigdata$om$common$rpc$RpcType[RpcType.KERBEROS_SASL_SSL.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public static RpcService createRpcServer(TProcessor tProcessor, RpcServiceConfiguration rpcServiceConfiguration) {
        if (rpcServiceConfiguration.getRpcType() == null) {
            return createNormalServer(tProcessor, rpcServiceConfiguration);
        }
        switch (AnonymousClass1.$SwitchMap$com$huawei$bigdata$om$common$rpc$RpcType[rpcServiceConfiguration.getRpcType().ordinal()]) {
            case HaUtil.HA_STANDBY_MODE /* 1 */:
                return createKerberosServer(tProcessor, rpcServiceConfiguration);
            case 2:
                return createKerberosSaslServer(tProcessor, rpcServiceConfiguration);
            case 3:
                return createKerberosSaslSSLServer(tProcessor, rpcServiceConfiguration);
            default:
                return createNormalServer(tProcessor, rpcServiceConfiguration);
        }
    }

    private static RpcService createKerberosSaslServer(TProcessor tProcessor, RpcServiceConfiguration rpcServiceConfiguration) {
        try {
            KrbServiceTransport krbServiceTransport = new KrbServiceTransport(login(rpcServiceConfiguration), createTransportFactory(rpcServiceConfiguration));
            TThreadPoolServer.Args args = new TThreadPoolServer.Args(new TServerSocket(createInetSocketAddress(rpcServiceConfiguration)));
            args.processor(tProcessor);
            args.transportFactory(krbServiceTransport);
            args.protocolFactory(new TCompactProtocol.Factory());
            TThreadPoolServer tThreadPoolServer = new TThreadPoolServer(args);
            Runtime runtime = Runtime.getRuntime();
            tThreadPoolServer.getClass();
            runtime.addShutdownHook(new Thread(tThreadPoolServer::stop));
            return new DefaultRpcService(tThreadPoolServer);
        } catch (Exception e) {
            log.error("RpcServiceFactory:createSaslThreadPoolServer: ", e);
            return null;
        }
    }

    private static RpcService createKerberosSaslSSLServer(TProcessor tProcessor, RpcServiceConfiguration rpcServiceConfiguration) {
        try {
            Subject login = login(rpcServiceConfiguration);
            TSSLTransportFactory.TSSLTransportParameters tSSLTransportParameters = new TSSLTransportFactory.TSSLTransportParameters(protocol, rpcServiceConfiguration.getCipherSuites());
            tSSLTransportParameters.setKeyStore(Files.newInputStream(Paths.get(rpcServiceConfiguration.getKeystorePath(), new String[0]), new OpenOption[0]), rpcServiceConfiguration.getKeystorePassWd());
            tSSLTransportParameters.setTrustStore(Files.newInputStream(Paths.get(rpcServiceConfiguration.getTrustStorePath(), new String[0]), new OpenOption[0]), rpcServiceConfiguration.getTrustStorePassWd());
            tSSLTransportParameters.requireClientAuth(true);
            TServerSocket serverSocket = TSSLTransportFactory.getServerSocket(rpcServiceConfiguration.getPort(), 1000000, InetAddress.getByName(rpcServiceConfiguration.getHost()), tSSLTransportParameters);
            KrbServiceTransport krbServiceTransport = new KrbServiceTransport(login, createTransportFactory(rpcServiceConfiguration));
            TThreadPoolServer.Args args = new TThreadPoolServer.Args(serverSocket);
            args.processor(tProcessor);
            args.transportFactory(krbServiceTransport);
            args.protocolFactory(new TCompactProtocol.Factory());
            TThreadPoolServer tThreadPoolServer = new TThreadPoolServer(args);
            Runtime runtime = Runtime.getRuntime();
            tThreadPoolServer.getClass();
            runtime.addShutdownHook(new Thread(tThreadPoolServer::stop));
            return new DefaultRpcService(tThreadPoolServer);
        } catch (Exception e) {
            log.error("RpcServiceFactory:createSaslThreadPoolServer: ", e);
            return null;
        }
    }

    private static RpcService createSaslSelectorServer(TProcessor tProcessor, RpcServiceConfiguration rpcServiceConfiguration) {
        try {
            TThreadedSelectorServer tThreadedSelectorServer = new TThreadedSelectorServer(new TThreadedSelectorServer.Args(new TNonblockingServerSocket(createInetSocketAddress(rpcServiceConfiguration))).processor(tProcessor).transportFactory(new KrbServiceTransport(login(rpcServiceConfiguration), createTransportFactory(rpcServiceConfiguration))).protocolFactory(new TCompactProtocol.Factory()).selectorThreads(2).workerThreads(10));
            Runtime runtime = Runtime.getRuntime();
            tThreadedSelectorServer.getClass();
            runtime.addShutdownHook(new Thread(tThreadedSelectorServer::stop));
            return new DefaultRpcService(tThreadedSelectorServer);
        } catch (Exception e) {
            log.error("RpcServiceFactory:createSaslSelectorServer: ", e);
            return null;
        }
    }

    private static RpcService createKerberosServer(TProcessor tProcessor, RpcServiceConfiguration rpcServiceConfiguration) {
        try {
            login(rpcServiceConfiguration);
            TThreadPoolServer.Args args = new TThreadPoolServer.Args(new TServerSocket(createInetSocketAddress(rpcServiceConfiguration)));
            args.processor(tProcessor);
            args.protocolFactory(new TCompactProtocol.Factory());
            TThreadPoolServer tThreadPoolServer = new TThreadPoolServer(args);
            Runtime runtime = Runtime.getRuntime();
            tThreadPoolServer.getClass();
            runtime.addShutdownHook(new Thread(tThreadPoolServer::stop));
            return new DefaultRpcService(tThreadPoolServer);
        } catch (Exception e) {
            log.error("RpcServiceFactory:createKerberosThreadPoolServer: ", e);
            return null;
        }
    }

    private static RpcService createKerberosSelectorServer(TProcessor tProcessor, RpcServiceConfiguration rpcServiceConfiguration) {
        try {
            login(rpcServiceConfiguration);
            TThreadedSelectorServer tThreadedSelectorServer = new TThreadedSelectorServer(new TThreadedSelectorServer.Args(new TNonblockingServerSocket(createInetSocketAddress(rpcServiceConfiguration))).processor(tProcessor).transportFactory(new TTransportFactory()).protocolFactory(new TCompactProtocol.Factory()).selectorThreads(2).workerThreads(10));
            Runtime runtime = Runtime.getRuntime();
            tThreadedSelectorServer.getClass();
            runtime.addShutdownHook(new Thread(tThreadedSelectorServer::stop));
            return new DefaultRpcService(tThreadedSelectorServer);
        } catch (Exception e) {
            log.error("RpcServiceFactory:createKerberosSelectorServer: ", e);
            return null;
        }
    }

    private static <T> RpcService createNormalServer(TProcessor tProcessor, RpcServiceConfiguration rpcServiceConfiguration) {
        try {
            TThreadPoolServer.Args args = new TThreadPoolServer.Args(new TServerSocket(createInetSocketAddress(rpcServiceConfiguration)));
            args.processor(tProcessor);
            args.protocolFactory(new TCompactProtocol.Factory());
            TThreadPoolServer tThreadPoolServer = new TThreadPoolServer(args);
            Runtime runtime = Runtime.getRuntime();
            tThreadPoolServer.getClass();
            runtime.addShutdownHook(new Thread(tThreadPoolServer::stop));
            return new DefaultRpcService(tThreadPoolServer);
        } catch (TTransportException e) {
            log.error("RpcServiceFactory:createThreadPoolServer: ", e);
            return null;
        }
    }

    private static TSaslServerTransport.Factory createTransportFactory(RpcServiceConfiguration rpcServiceConfiguration) {
        HashMap hashMap = new HashMap();
        hashMap.put("javax.security.sasl.qop", "auth-conf,auth-int,auth");
        hashMap.put("javax.security.sasl.server.authentication", "true");
        TSaslServerTransport.Factory factory = new TSaslServerTransport.Factory();
        factory.addServerDefinition("GSSAPI", rpcServiceConfiguration.getName(), StringUtils.substringBetween(rpcServiceConfiguration.getPrincipal(), "/", "@"), hashMap, new SaslCallbackHandler());
        return factory;
    }

    private static InetSocketAddress createInetSocketAddress(RpcServiceConfiguration rpcServiceConfiguration) {
        return StringUtils.isNotBlank(rpcServiceConfiguration.getHost()) ? new InetSocketAddress(rpcServiceConfiguration.getHost(), rpcServiceConfiguration.getPort()) : new InetSocketAddress(rpcServiceConfiguration.getInetAddress(), rpcServiceConfiguration.getPort());
    }

    private static Subject login(RpcServiceConfiguration rpcServiceConfiguration) {
        return StringUtils.isNotBlank(rpcServiceConfiguration.getName()) ? SecurityUtils.login(rpcServiceConfiguration.getName(), rpcServiceConfiguration.getPrincipal(), rpcServiceConfiguration.getKeyTabPath(), rpcServiceConfiguration.getKrbConf()) : SecurityUtils.login(rpcServiceConfiguration.getPrincipal(), rpcServiceConfiguration.getKeyTabPath(), rpcServiceConfiguration.getKrbConf());
    }
}
