package io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.impl;

import io.hops.hadoop.shaded.org.apache.kerby.KOptions;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.KrbException;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.KrbContext;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.KrbOption;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.KrbSetting;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.PkinitOption;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.TokenOption;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.request.AsRequest;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.request.AsRequestWithCert;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.request.AsRequestWithKeytab;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.request.AsRequestWithPasswd;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.request.AsRequestWithToken;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.request.TgsRequest;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.request.TgsRequestWithTgt;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.request.TgsRequestWithToken;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.type.base.NameType;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.type.base.PrincipalName;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.type.ticket.SgtTicket;
import io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.type.ticket.TgtTicket;

/* loaded from: input_file:WEB-INF/lib/hadoop-client-runtime-3.2.0.0-RC4.jar:io/hops/hadoop/shaded/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.class */
public abstract class AbstractInternalKrbClient implements InternalKrbClient {
    private KrbContext context;
    private final KrbSetting krbSetting;

    public AbstractInternalKrbClient(KrbSetting krbSetting) {
        this.krbSetting = krbSetting;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KrbContext getContext() {
        return this.context;
    }

    @Override // io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.impl.InternalKrbClient
    public KrbSetting getSetting() {
        return this.krbSetting;
    }

    @Override // io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.impl.InternalKrbClient
    public void init() throws KrbException {
        this.context = new KrbContext();
        this.context.init(this.krbSetting);
    }

    @Override // io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.impl.InternalKrbClient
    public TgtTicket requestTgt(KOptions kOptions) throws KrbException {
        AsRequest asRequest = null;
        if (kOptions.contains(KrbOption.USE_PASSWD)) {
            asRequest = new AsRequestWithPasswd(this.context);
        } else if (kOptions.contains(KrbOption.USE_KEYTAB)) {
            asRequest = new AsRequestWithKeytab(this.context);
        } else if (kOptions.contains(PkinitOption.USE_ANONYMOUS)) {
            asRequest = new AsRequestWithCert(this.context);
        } else if (kOptions.contains(PkinitOption.USE_PKINIT)) {
            asRequest = new AsRequestWithCert(this.context);
        } else if (kOptions.contains(TokenOption.USE_TOKEN)) {
            asRequest = new AsRequestWithToken(this.context);
        } else if (kOptions.contains(TokenOption.USER_ID_TOKEN)) {
            asRequest = new AsRequestWithToken(this.context);
        }
        if (asRequest == null) {
            throw new IllegalArgumentException("No valid krb client request option found");
        }
        if (kOptions.contains(KrbOption.CLIENT_PRINCIPAL)) {
            PrincipalName principalName = new PrincipalName(fixPrincipal(kOptions.getStringOption(KrbOption.CLIENT_PRINCIPAL)));
            if (kOptions.contains(PkinitOption.USE_ANONYMOUS)) {
                principalName.setNameType(NameType.NT_WELLKNOWN);
            }
            asRequest.setClientPrincipal(principalName);
        }
        if (kOptions.contains(KrbOption.SERVER_PRINCIPAL)) {
            asRequest.setServerPrincipal(new PrincipalName(fixPrincipal(kOptions.getStringOption(KrbOption.SERVER_PRINCIPAL)), NameType.NT_PRINCIPAL));
        }
        asRequest.setRequestOptions(kOptions);
        return doRequestTgt(asRequest);
    }

    @Override // io.hops.hadoop.shaded.org.apache.kerby.kerberos.kerb.client.impl.InternalKrbClient
    public SgtTicket requestSgt(KOptions kOptions) throws KrbException {
        TgsRequest tgsRequest = null;
        if (kOptions.contains(TokenOption.USER_AC_TOKEN)) {
            tgsRequest = new TgsRequestWithToken(this.context);
        } else if (kOptions.contains(KrbOption.USE_TGT)) {
            tgsRequest = new TgsRequestWithTgt(this.context, (TgtTicket) kOptions.getOption(KrbOption.USE_TGT).getOptionInfo().getValue());
        }
        if (tgsRequest == null) {
            throw new IllegalArgumentException("No valid krb client request option found");
        }
        tgsRequest.setServerPrincipal(new PrincipalName(fixPrincipal(kOptions.getStringOption(KrbOption.SERVER_PRINCIPAL))));
        tgsRequest.setRequestOptions(kOptions);
        return doRequestSgt(tgsRequest);
    }

    protected abstract TgtTicket doRequestTgt(AsRequest asRequest) throws KrbException;

    protected abstract SgtTicket doRequestSgt(TgsRequest tgsRequest) throws KrbException;

    protected String fixPrincipal(String str) {
        if (!str.contains("@")) {
            str = str + "@" + this.krbSetting.getKdcRealm();
        }
        return str;
    }
}
