package org.apache.hadoop.hive.ql.intercept.rules;

import com.huawei.bigdata.om.common.login.util.CommonX509TrustManager;
import com.huawei.us.common.random.UsSecureRandom;
import java.io.BufferedReader;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import org.apache.commons.io.LineIterator;
import org.apache.commons.lang3.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
import org.apache.hadoop.security.ssl.SSLFactory;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
import org.codehaus.jettison.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/hive/ql/intercept/rules/RestUtils.class */
public class RestUtils {
    public static final String YARN_HTTP_POLICY_KEY = "yarn.http.policy";
    private static final String SSL_CONTEXT_NAME = "TLS";
    private static final String HTTPS_SCHEME = "https";
    private static final String CROSS_LINE = "\n";
    public static final String YARN_REST_PREFIX = "yarn.rest.";
    public static final String SSL_CLIENT_TRUSTSTORE_TYPE = "ssl.client.truststore.type";
    public static final String SSL_CLIENT_TRUSTSTORE_RELOAD_INTERVAL = "ssl.client.truststore.reload.interval";
    public static final String SSL_CLIENT_TRUSTSTORE_LOCATION = "ssl.client.truststore.location";
    private static final Logger LOG = LoggerFactory.getLogger(RestUtils.class);
    public static final String YARN_APPS_URL = String.format("%s/ws/v1/cluster/apps/", RuleUtils.CONF.get("yarn.http.server.name"));

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/hadoop/hive/ql/intercept/rules/RestUtils$AllTrustVerifier.class */
    public static final class AllTrustVerifier implements HostnameVerifier {
        private AllTrustVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return (StringUtils.isEmpty(str) || sSLSession == null) ? false : true;
        }
    }

    public static long getAppValue(String str, String str2, int i) {
        long j = -1;
        String str3 = null;
        try {
            str3 = restGet(RuleUtils.CONF, YARN_APPS_URL + str, i);
            if (StringUtils.isNotEmpty(str3)) {
                j = new JSONObject(str3).getJSONObject("app").getLong(str2);
            }
        } catch (Exception e) {
            LOG.error("Failed to get {}, result {}", new Object[]{YARN_APPS_URL, str3, e});
        }
        return j;
    }

    public static String restGet(Configuration configuration, String str, int i) {
        try {
            return UserGroupInformation.isSecurityEnabled() ? (String) UserGroupInformation.getLoginUser().doAs(() -> {
                return kerberosHttpGet(configuration, str, i);
            }) : httpGet(str, i);
        } catch (Exception e) {
            LOG.error("{} request failed", str);
            return null;
        }
    }

    public static String kerberosHttpGet(Configuration configuration, String str, int i) {
        AuthenticatedURL.Token token = new AuthenticatedURL.Token();
        HttpURLConnection httpURLConnection = null;
        InputStream inputStream = null;
        BufferedReader bufferedReader = null;
        SSLFactory sSLFactory = null;
        try {
            try {
                try {
                    try {
                        if ("https_only".equalsIgnoreCase(configuration.get(YARN_HTTP_POLICY_KEY))) {
                            sSLFactory = new SSLFactory(SSLFactory.Mode.CLIENT, configuration);
                            sSLFactory.init();
                            httpURLConnection = new AuthenticatedURL(new KerberosAuthenticator(), sSLFactory).openConnection(new URL(str), token);
                        } else {
                            httpURLConnection = new AuthenticatedURL().openConnection(new URL(str), token);
                        }
                        httpURLConnection.setConnectTimeout(i);
                        httpURLConnection.setReadTimeout(i);
                        int responseCode = httpURLConnection.getResponseCode();
                        inputStream = (200 > responseCode || responseCode > 299) ? httpURLConnection.getErrorStream() : httpURLConnection.getInputStream();
                        bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                        StringBuilder sb = new StringBuilder();
                        while (true) {
                            String readLine = bufferedReader.readLine();
                            if (readLine == null) {
                                break;
                            }
                            sb.append(readLine);
                        }
                        String sb2 = sb.toString();
                        closeQuietly(bufferedReader);
                        closeQuietly(inputStream);
                        if (httpURLConnection != null) {
                            httpURLConnection.disconnect();
                        }
                        if (sSLFactory != null) {
                            sSLFactory.destroy();
                        }
                        return sb2;
                    } catch (IOException e) {
                        LOG.error("An exception occurs when accessing the URL:" + str, e);
                        closeQuietly(bufferedReader);
                        closeQuietly(inputStream);
                        if (httpURLConnection != null) {
                            httpURLConnection.disconnect();
                        }
                        if (sSLFactory != null) {
                            sSLFactory.destroy();
                        }
                        return null;
                    }
                } catch (GeneralSecurityException e2) {
                    LOG.error("An generalSecurityException exception occurs when accessing the URL:" + str, e2);
                    closeQuietly(bufferedReader);
                    closeQuietly(inputStream);
                    if (httpURLConnection != null) {
                        httpURLConnection.disconnect();
                    }
                    if (sSLFactory != null) {
                        sSLFactory.destroy();
                    }
                    return null;
                }
            } catch (AuthenticationException e3) {
                LOG.error("An authentication exception occurs when accessing the URL:" + str, e3);
                closeQuietly(bufferedReader);
                closeQuietly(inputStream);
                if (httpURLConnection != null) {
                    httpURLConnection.disconnect();
                }
                if (sSLFactory != null) {
                    sSLFactory.destroy();
                }
                return null;
            }
        } catch (Throwable th) {
            closeQuietly(bufferedReader);
            closeQuietly(inputStream);
            if (httpURLConnection != null) {
                httpURLConnection.disconnect();
            }
            if (sSLFactory != null) {
                sSLFactory.destroy();
            }
            throw th;
        }
    }

    public static void closeQuietly(Closeable closeable) {
        if (closeable != null) {
            try {
                closeable.close();
            } catch (IOException e) {
                LOG.error("Failed to close the IO Object.", e);
            }
        }
    }

    public static String httpGet(String str, int i) {
        return StringUtils.startsWithIgnoreCase(str, "https://") ? getHttpsJSON(str, i) : getHttpJSON(str, i);
    }

    public static String getHttpsJSON(String str, int i) {
        String httpsResponse = getHttpsResponse(str, i);
        if (null == httpsResponse) {
            LOG.error("getHttpsResponse error. responseMsg is null");
            return null;
        }
        if (!"".equals(httpsResponse)) {
            return httpsResponse;
        }
        LOG.warn("getHttpsResponse responseMsg is empty");
        return httpsResponse;
    }

    private static String getHttpsResponse(String str, int i) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        SSLContext initializeSSLContext = initializeSSLContext();
        RegistryBuilder create = RegistryBuilder.create();
        create.register(HTTPS_SCHEME, new SSLConnectionSocketFactory(initializeSSLContext, new AllTrustVerifier()));
        BasicHttpClientConnectionManager basicHttpClientConnectionManager = new BasicHttpClientConnectionManager(create.build());
        CloseableHttpClient build = HttpClients.custom().setConnectionManager(basicHttpClientConnectionManager).build();
        if (i > 0) {
            build = HttpClients.custom().setConnectionManager(basicHttpClientConnectionManager).setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(i).setConnectionRequestTimeout(i).setSocketTimeout(i).build()).build();
        }
        return getResponseStr(build, str);
    }

    private static SSLContext initializeSSLContext() {
        try {
            SSLContext sSLContext = SSLContext.getInstance(SSL_CONTEXT_NAME);
            LOG.debug("The ctx is " + sSLContext);
            try {
                sSLContext.init(null, new TrustManager[]{new CommonX509TrustManager()}, UsSecureRandom.getInstance());
                LOG.debug("The trustManager init successfully.");
                return sSLContext;
            } catch (KeyManagementException | NoSuchAlgorithmException e) {
                LOG.error("This operation fails", e);
                return null;
            }
        } catch (NoSuchAlgorithmException e2) {
            LOG.error("No Provider supports a TrustManagerFactorySpi implementation for the specified protocol.", e2);
            return null;
        }
    }

    private static String getResponseStr(CloseableHttpClient closeableHttpClient, String str) {
        String next;
        InputStream inputStream = null;
        BufferedReader bufferedReader = null;
        LineIterator lineIterator = null;
        try {
            try {
                inputStream = closeableHttpClient.execute(new HttpGet(str)).getEntity().getContent();
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8));
                StringBuilder sb = new StringBuilder();
                lineIterator = new LineIterator(bufferedReader);
                while (lineIterator.hasNext() && (next = lineIterator.next()) != null) {
                    sb.append(next).append(System.getProperty("line.separator"));
                }
                String sb2 = sb.toString();
                if (null != lineIterator) {
                    try {
                        lineIterator.close();
                    } catch (Exception e) {
                        LOG.error("Iterator can not be closed.", e);
                    }
                }
                closeQuietly(bufferedReader);
                closeQuietly(inputStream);
                try {
                    closeableHttpClient.close();
                } catch (IOException e2) {
                    LOG.error("Http client can not be closed.", e2);
                }
                return sb2;
            } catch (Throwable th) {
                if (null != lineIterator) {
                    try {
                        lineIterator.close();
                    } catch (Exception e3) {
                        LOG.error("Iterator can not be closed.", e3);
                        closeQuietly(bufferedReader);
                        closeQuietly(inputStream);
                        closeableHttpClient.close();
                        throw th;
                    }
                }
                closeQuietly(bufferedReader);
                closeQuietly(inputStream);
                try {
                    closeableHttpClient.close();
                } catch (IOException e4) {
                    LOG.error("Http client can not be closed.", e4);
                }
                throw th;
            }
        } catch (IOException e5) {
            LOG.error("The specified client protocol is invalid", e5);
            if (null != lineIterator) {
                try {
                    lineIterator.close();
                } catch (Exception e6) {
                    LOG.error("Iterator can not be closed.", e6);
                    closeQuietly(bufferedReader);
                    closeQuietly(inputStream);
                    closeableHttpClient.close();
                    return null;
                }
            }
            closeQuietly(bufferedReader);
            closeQuietly(inputStream);
            try {
                closeableHttpClient.close();
            } catch (IOException e7) {
                LOG.error("Http client can not be closed.", e7);
            }
            return null;
        }
    }

    public static String getHttpJSON(String str, int i) {
        try {
            String restResponse = getRestResponse(new URL(str), i);
            if ("".equals(restResponse)) {
                return null;
            }
            return restResponse;
        } catch (MalformedURLException e) {
            LOG.info("Get metrics error. usr format is error", e);
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:40:0x0102  */
    /* JADX WARN: Removed duplicated region for block: B:42:0x013c A[ORIG_RETURN, RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:56:0x0135  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.lang.String getRestResponse(java.net.URL r7, int r8) {
        /*
            Method dump skipped, instructions count: 319
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.hadoop.hive.ql.intercept.rules.RestUtils.getRestResponse(java.net.URL, int):java.lang.String");
    }

    static {
        RuleUtils.CONF.set(SSL_CLIENT_TRUSTSTORE_TYPE, RuleUtils.CONF.get("yarn.rest.ssl.client.truststore.type"));
        RuleUtils.CONF.set(SSL_CLIENT_TRUSTSTORE_RELOAD_INTERVAL, RuleUtils.CONF.get("yarn.rest.ssl.client.truststore.reload.interval"));
        RuleUtils.CONF.set(SSL_CLIENT_TRUSTSTORE_LOCATION, RuleUtils.CONF.get("yarn.rest.ssl.client.truststore.location"));
    }
}
