package io.hops.hopsworks.expat.migrations.x509;

import io.hops.hopsworks.common.util.HopsUtils;
import io.hops.hopsworks.expat.db.dao.certificates.ExpatCertificate;
import io.hops.hopsworks.expat.db.dao.user.ExpatUser;
import io.hops.hopsworks.expat.migrations.MigrateStep;
import io.hops.hopsworks.expat.migrations.MigrationException;
import io.hops.hopsworks.expat.migrations.RollbackException;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.apache.commons.configuration2.ex.ConfigurationException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:io/hops/hopsworks/expat/migrations/x509/GenerateProjectCertificates.class */
public class GenerateProjectCertificates extends GenerateCertificates implements MigrateStep {
    private static final Logger LOGGER = LogManager.getLogger(GenerateProjectCertificates.class);
    private static final String SELECT_PROJECT_CERTS = "SELECT * FROM projectgenericuser_certs";
    private static final String SELECT_PROJECT_BY_NAME = "SELECT * FROM project WHERE projectname = ?";
    private static final String UPDATE_PROJECT_CERTS = "UPDATE projectgenericuser_certs SET pgu_key = ?, pgu_cert = ?, cert_password = ? WHERE project_generic_username = ?";

    @Override // io.hops.hopsworks.expat.migrations.MigrateStep
    public void migrate() throws MigrationException {
        try {
            setup("ProjectCertificates");
            LOGGER.info("Getting all Project Certificates");
            generateNewCertsAndUpdateDb(getProjectCerts(), "Project Generic");
            LOGGER.info("Finished migration of User Certificates.");
            LOGGER.info(">>> You should revoke certificates and clean manually backup dir with previous certs: " + this.certsBackupDir.toString());
        } catch (ConfigurationException | SQLException e) {
            LOGGER.error("Could not initialize database connection", e);
            throw new MigrationException("Could not initialize database connection", e);
        } catch (IOException e2) {
            LOGGER.error(e2.getMessage(), e2);
            throw new MigrationException(e2.getMessage(), e2);
        } catch (Exception e3) {
            LOGGER.error("Generic error", e3);
            throw new MigrationException("Generic error", e3);
        }
    }

    private Map<ExpatCertificate, ExpatUser> getProjectCerts() throws Exception {
        HashMap hashMap = new HashMap();
        ResultSet resultSet = null;
        ResultSet resultSet2 = null;
        PreparedStatement preparedStatement = null;
        Statement createStatement = this.connection.createStatement();
        try {
            resultSet = createStatement.executeQuery(SELECT_PROJECT_CERTS);
            while (resultSet.next()) {
                String string = resultSet.getString("project_generic_username");
                String[] split = string.split("__");
                if (split.length != 2) {
                    throw new MigrationException("Could not parse Project Generic Username: " + string);
                }
                String str = split[0];
                ExpatCertificate expatCertificate = new ExpatCertificate(str, "PROJECTGENERICUSER");
                LOGGER.info("Processing: " + string + " <" + split[0] + ", " + split[1] + ">");
                try {
                    preparedStatement = this.connection.prepareStatement(SELECT_PROJECT_BY_NAME);
                    preparedStatement.setString(1, str);
                    resultSet2 = preparedStatement.executeQuery();
                    if (resultSet2.next()) {
                        ExpatUser expatUserByEmail = this.expatUserFacade.getExpatUserByEmail(this.connection, resultSet2.getString("username"));
                        expatCertificate.setPlainPassword(HopsUtils.randomString(64));
                        expatCertificate.setCipherPassword(HopsUtils.encrypt(expatUserByEmail.getPassword(), expatCertificate.getPlainPassword(), this.masterPassword));
                        hashMap.put(expatCertificate, expatUserByEmail);
                        if (resultSet2 != null) {
                            resultSet2.close();
                        }
                        if (preparedStatement != null) {
                            preparedStatement.close();
                        }
                    } else {
                        LOGGER.warn("Could not find project " + str);
                        if (resultSet2 != null) {
                            resultSet2.close();
                        }
                        if (preparedStatement != null) {
                            preparedStatement.close();
                        }
                    }
                } catch (Throwable th) {
                    if (resultSet2 != null) {
                        resultSet2.close();
                    }
                    if (preparedStatement != null) {
                        preparedStatement.close();
                    }
                    throw th;
                }
            }
            if (resultSet != null) {
                resultSet.close();
            }
            if (createStatement != null) {
                createStatement.close();
            }
            return hashMap;
        } catch (Throwable th2) {
            if (resultSet != null) {
                resultSet.close();
            }
            if (createStatement != null) {
                createStatement.close();
            }
            throw th2;
        }
    }

    @Override // io.hops.hopsworks.expat.migrations.MigrateStep
    public void rollback() throws RollbackException {
        try {
            migrate();
        } catch (MigrationException e) {
            throw new RollbackException("Could not rollback Project Certificates", e);
        }
    }

    @Override // io.hops.hopsworks.expat.migrations.x509.GenerateCertificates
    void updateCertificatesInDB(Set<ExpatCertificate> set, Connection connection) throws SQLException {
        PreparedStatement preparedStatement = null;
        try {
            connection.setAutoCommit(false);
            preparedStatement = connection.prepareStatement(UPDATE_PROJECT_CERTS);
            for (ExpatCertificate expatCertificate : set) {
                preparedStatement.setBytes(1, expatCertificate.getKeyStore());
                preparedStatement.setBytes(2, expatCertificate.getTrustStore());
                preparedStatement.setString(3, expatCertificate.getCipherPassword());
                preparedStatement.setString(4, expatCertificate.getProjectName() + "__" + expatCertificate.getUsername());
                preparedStatement.addBatch();
                LOGGER.debug("Added " + expatCertificate + " to Tx batch");
            }
            preparedStatement.executeBatch();
            connection.commit();
            LOGGER.info("Finished updating database");
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            connection.setAutoCommit(true);
        } catch (Throwable th) {
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            connection.setAutoCommit(true);
            throw th;
        }
    }
}
