package org.apache.flink.fs.obs.shaded.com.huawei.mrs;

import java.io.IOException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.annotation.Nullable;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import mrs.shaded.provider.okhttp3.MediaType;
import mrs.shaded.provider.okhttp3.OkHttpClient;
import mrs.shaded.provider.okhttp3.Request;
import mrs.shaded.provider.okhttp3.RequestBody;
import mrs.shaded.provider.okhttp3.Response;
import mrs.shaded.provider.okio.BufferedSink;
import org.apache.flink.fs.obs.shaded.com.obs.services.internal.security.SecurityKey;
import org.apache.flink.fs.obs.shaded.com.obs.services.internal.utils.JSONChange;
import org.apache.flink.fs.shaded.hadoop3.org.apache.hadoop.fs.obs.OBSFileSystem;
import org.apache.logging.log4j.core.net.ssl.SslConfigurationDefaults;
import org.slf4j.Logger;

/* loaded from: input_file:org/apache/flink/fs/obs/shaded/com/huawei/mrs/IassHttpClient.class */
public class IassHttpClient {
    private static final Logger LOG = OBSFileSystem.LOG;
    private static OkHttpClient okHttpClient = null;
    private static boolean ignoreSslCertificate = false;
    private String DEFAULT_META_URL = "http://169.254.169.254/openstack/latest/meta_data.json";

    public static OkHttpClient getClient() {
        return okHttpClient;
    }

    public static void init(boolean z) throws Exception {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        LOG.info("Initialising httpUtil with default configuration");
        if (z) {
            ignoreSslCertificate = true;
            builder = configureToIgnoreCertificate(builder);
        }
        okHttpClient = builder.build();
    }

    private static OkHttpClient.Builder configureToIgnoreCertificate(OkHttpClient.Builder builder) {
        LOG.debug("Ignore Ssl Certificate");
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: org.apache.flink.fs.obs.shaded.com.huawei.mrs.IassHttpClient.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance(SslConfigurationDefaults.PROTOCOL);
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            builder.sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustManagerArr[0]);
            builder.hostnameVerifier(new HostnameVerifier() { // from class: org.apache.flink.fs.obs.shaded.com.huawei.mrs.IassHttpClient.2
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    return true;
                }
            });
        } catch (Exception e) {
            LOG.warn("Exception while configuring IgnoreSslCertificate" + e, e);
        }
        return builder;
    }

    @Deprecated
    public SecurityKey getIamAssueRoleToken(String str, String str2, RequestBody requestBody) {
        Request build = new Request.Builder().url(str).addHeader("Content-Type", "application/json;charset=utf8").addHeader("X-Auth-Token", str2).post(requestBody).build();
        try {
            Response execute = okHttpClient.newCall(build).execute();
            if (!execute.isSuccessful()) {
                LOG.warn("Call iam assume role failed: " + execute);
                return null;
            }
            String string = execute.body() != null ? execute.body().string() : null;
            if (null != string) {
                return (SecurityKey) JSONChange.jsonToObj(new SecurityKey(), string);
            }
            LOG.warn("Get security key failed.");
            return null;
        } catch (IOException e) {
            LOG.debug("Assume token responese: " + build);
            LOG.warn("Get assume key error" + e);
            return null;
        }
    }

    public org.apache.flink.fs.obs.shaded.com.obs.services.internal.security.LimitedTimeSecurityKey getKeyFromNodeCache(String str, String str2, String str3, String str4, String str5) {
        try {
            Response execute = okHttpClient.newCall(new Request.Builder().url(null == str4 ? str5 + "?iam_domain_url=" + str + "&user_domain_name=" + str2 + "&user_domain_id=" + str3 : str5 + "?iam_domain_url=" + str + "&user_domain_name=" + str2 + "&user_domain_id=" + str3 + "&user_agency_name=" + str4).post(new RequestBody() { // from class: org.apache.flink.fs.obs.shaded.com.huawei.mrs.IassHttpClient.3
                @Override // mrs.shaded.provider.okhttp3.RequestBody
                @Nullable
                public MediaType contentType() {
                    return null;
                }

                @Override // mrs.shaded.provider.okhttp3.RequestBody
                public void writeTo(BufferedSink bufferedSink) throws IOException {
                }
            }).build()).execute();
            if (execute.isSuccessful()) {
                LimitedTimeSecurityKey limitedTimeSecurityKey = (LimitedTimeSecurityKey) JSONChange.jsonToObj(new LimitedTimeSecurityKey(), execute.body() != null ? execute.body().string() : null);
                return new org.apache.flink.fs.obs.shaded.com.obs.services.internal.security.LimitedTimeSecurityKey(limitedTimeSecurityKey.accessKey, limitedTimeSecurityKey.secretKey, limitedTimeSecurityKey.securityToken, limitedTimeSecurityKey.expiryDate);
            }
            LOG.warn("Call ecs meta data failed: " + execute);
            return null;
        } catch (IOException e) {
            LOG.warn("Get ecs meta data error: " + e);
            return null;
        }
    }

    public EcsMetaDataJson getEcsMetaDataJson(String str) {
        String str2 = str;
        if (str2 == null || str2.isEmpty()) {
            str2 = this.DEFAULT_META_URL;
        }
        try {
            Response execute = okHttpClient.newCall(new Request.Builder().url(str2).build()).execute();
            if (execute.isSuccessful()) {
                return (EcsMetaDataJson) JSONChange.jsonToObj(new EcsMetaDataJson(), execute.body() != null ? execute.body().string() : null);
            }
            LOG.warn("Call ecs meta data failed: " + execute);
            return new EcsMetaDataJson();
        } catch (IOException e) {
            LOG.warn("Get ecs meta data error: " + e);
            return null;
        }
    }
}
