package io.hops.util;

import io.hops.util.cloud.Credentials;
import io.hops.util.exceptions.CloudCredentialException;
import io.hops.util.exceptions.HTTPSClientInitializationException;
import io.hops.util.exceptions.JWTNotFoundException;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.ws.rs.HttpMethod;
import javax.ws.rs.ProcessingException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.spark.sql.SparkSession;
import org.codehaus.jackson.util.MinimalPrettyPrinter;
import org.json.JSONArray;
import org.json.JSONObject;

/* loaded from: input_file:io/hops/util/CredentialsProvider.class */
public class CredentialsProvider {
    private static final Logger LOG = Logger.getLogger(CredentialsProvider.class.getName());

    /* loaded from: input_file:io/hops/util/CredentialsProvider$AssumeRoleRequest.class */
    public static class AssumeRoleRequest {
        private String roleArn;
        private String roleSessionName;
        private int durationSeconds;

        private AssumeRoleRequest() {
        }

        public static AssumeRoleRequest builder() {
            return new AssumeRoleRequest();
        }

        public Credentials send() throws CloudCredentialException {
            return CredentialsProvider.assumeRole(this.roleArn, this.roleSessionName, this.durationSeconds);
        }

        public AssumeRoleRequest setRoleArn(String str) {
            this.roleArn = str;
            return this;
        }

        public AssumeRoleRequest setRoleSessionName(String str) {
            this.roleSessionName = str;
            return this;
        }

        public AssumeRoleRequest setDurationSeconds(int i) {
            this.durationSeconds = i;
            return this;
        }
    }

    private CredentialsProvider() {
    }

    public static Credentials assumeRole() throws CloudCredentialException {
        return assumeRole(null, null, 0);
    }

    public static Credentials assumeRole(String str) throws CloudCredentialException {
        return assumeRole(str, null, 0);
    }

    public static Credentials assumeRole(String str, String str2, int i) throws CloudCredentialException {
        try {
            HashMap hashMap = new HashMap();
            if (str != null && !str.isEmpty()) {
                hashMap.put(Constants.HOPSWORKS_CLOUD_SESSION_TOKEN_RESOURCE_QUERY_ROLE, str);
            }
            if (str2 != null && str2.isEmpty()) {
                hashMap.put(Constants.HOPSWORKS_CLOUD_SESSION_TOKEN_RESOURCE_QUERY_SESSION, str2);
            }
            if (i > 0) {
                hashMap.put(Constants.HOPSWORKS_CLOUD_SESSION_TOKEN_RESOURCE_QUERY_SESSION_DURATION, Integer.valueOf(i));
            }
            Response clientWrapper = Hops.clientWrapper("/project/" + Hops.getProjectId() + "/" + Constants.HOPSWORKS_CLOUD_RESOURCE + "/" + Constants.HOPSWORKS_AWS_CLOUD_SESSION_TOKEN_RESOURCE, HttpMethod.GET, hashMap);
            LOG.log(Level.FINE, "******* response.getStatusInfo():" + clientWrapper.getStatusInfo());
            Credentials credentialsFromJson = getCredentialsFromJson(getResponse(clientWrapper));
            setSparkHadoopConf(credentialsFromJson);
            setSystemProperties(credentialsFromJson);
            return credentialsFromJson;
        } catch (HTTPSClientInitializationException | JWTNotFoundException e) {
            throw new CloudCredentialException(e.getMessage());
        }
    }

    public static String[] getRoles() throws CloudCredentialException {
        JSONArray jSONArray = getCloudRoles(null).getJSONArray(Constants.JSON_ARRAY_ITEMS);
        String[] strArr = new String[jSONArray.length()];
        for (int i = 0; i < jSONArray.length(); i++) {
            strArr[i] = (String) ((JSONObject) jSONArray.get(i)).get(Constants.JSON_CLOUD_ROLE);
        }
        return strArr;
    }

    public static String getRole(Integer num) throws CloudCredentialException {
        return getCloudRoles(num.toString()).getString(Constants.JSON_CLOUD_ROLE);
    }

    public static String getRole() throws CloudCredentialException {
        return getCloudRoles("default").getString(Constants.JSON_CLOUD_ROLE);
    }

    private static JSONObject getCloudRoles(String str) throws CloudCredentialException {
        try {
            Response clientWrapper = Hops.clientWrapper("/project/" + Hops.getProjectId() + "/" + Constants.HOPSWORKS_CLOUD_RESOURCE + "/" + Constants.HOPSWORKS_CLOUD_ROLE_MAPPINGS_RESOURCE + (str == null ? "" : "/" + str), HttpMethod.GET, null);
            LOG.log(Level.FINE, "******* response.getStatusInfo():" + clientWrapper.getStatusInfo());
            return getResponse(clientWrapper);
        } catch (HTTPSClientInitializationException | JWTNotFoundException e) {
            throw new CloudCredentialException(e.getMessage());
        }
    }

    private static void setSparkHadoopConf(Credentials credentials) {
        if (System.getenv().containsKey(Constants.SPARK_IS_DRIVER_ENV)) {
            SparkSession findSpark = Hops.findSpark();
            findSpark.sparkContext().hadoopConfiguration().set(Constants.S3_CREDENTIAL_PROVIDER_ENV, Constants.S3_TEMPORARY_CREDENTIAL_PROVIDER);
            findSpark.sparkContext().hadoopConfiguration().set(Constants.S3_ACCESS_KEY_ENV, credentials.getAccessKeyId());
            findSpark.sparkContext().hadoopConfiguration().set(Constants.S3_SECRET_KEY_ENV, credentials.getSecretAccessKey());
            findSpark.sparkContext().hadoopConfiguration().set(Constants.S3_SESSION_KEY_ENV, credentials.getSessionToken());
        }
    }

    private static void setSystemProperties(Credentials credentials) {
        Hops.setEnv(Constants.AWS_ACCESS_KEY_ID_ENV, credentials.getAccessKeyId());
        Hops.setEnv(Constants.AWS_SECRET_ACCESS_KEY_ENV, credentials.getSecretAccessKey());
        Hops.setEnv(Constants.AWS_SESSION_TOKEN_ENV, credentials.getSessionToken());
    }

    private static Credentials getCredentialsFromJson(JSONObject jSONObject) {
        Credentials credentials = new Credentials();
        if (jSONObject.has(Constants.JSON_ACCESS_KEY_ID)) {
            credentials.setAccessKeyId(jSONObject.getString(Constants.JSON_ACCESS_KEY_ID));
        }
        if (jSONObject.has(Constants.JSON_SECRET_ACCESS_KEY_ID)) {
            credentials.setSecretAccessKey(jSONObject.getString(Constants.JSON_SECRET_ACCESS_KEY_ID));
        }
        if (jSONObject.has(Constants.JSON_SESSION_TOKEN_ID)) {
            credentials.setSessionToken(jSONObject.getString(Constants.JSON_SESSION_TOKEN_ID));
        }
        return credentials;
    }

    private static JSONObject getResponse(Response response) throws CloudCredentialException {
        Response.Status.Family family = response.getStatusInfo().getFamily();
        if (response.getMediaType() == null || !MediaType.APPLICATION_JSON_TYPE.getSubtype().equals(response.getMediaType().getSubtype())) {
            throw new CloudCredentialException("Cannot Connect To Server. Got status: " + response.getStatus());
        }
        try {
            JSONObject jSONObject = new JSONObject((String) response.readEntity(String.class));
            if (family == Response.Status.Family.INFORMATIONAL || family == Response.Status.Family.SUCCESSFUL) {
                return jSONObject;
            }
            throw new CloudCredentialException(jSONObject.getString(Constants.JSON_ERROR_MSG) + MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR + jSONObject.getString(Constants.JSON_USR_MSG));
        } catch (ProcessingException e) {
            throw new CloudCredentialException(e.getMessage() + " Status: " + response.getStatus());
        }
    }
}
