package org.apache.knox.gateway.dispatch;

import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Field;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.util.Date;
import java.util.Properties;
import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
import org.apache.http.cookie.Cookie;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.cookie.BasicClientCookie;
import org.apache.knox.gateway.SpiGatewayMessages;
import org.apache.knox.gateway.config.GatewayConfig;
import org.apache.knox.gateway.i18n.messages.MessagesFactory;

/* loaded from: input_file:org/apache/knox/gateway/dispatch/HadoopAuthCookieStore.class */
public class HadoopAuthCookieStore extends BasicCookieStore {
    private static final SpiGatewayMessages LOG = (SpiGatewayMessages) MessagesFactory.get(SpiGatewayMessages.class);
    private static final String HADOOP_AUTH_COOKIE_NAME = "hadoop.auth";
    private static final String HIVE_SERVER2_AUTH_COOKIE_NAME = "hive.server2.auth";
    private static final String IMPALA_AUTH_COOKIE_NAME = "impala.auth";
    private static String knoxPrincipal;
    private static String shortKnoxPrincipal;

    /* loaded from: input_file:org/apache/knox/gateway/dispatch/HadoopAuthCookieStore$Wrapper.class */
    private static class Wrapper extends BasicClientCookie {
        private static final String DELEGATE_STR = "delegate";
        private final Cookie delegate;

        Wrapper(Cookie cookie) {
            super(cookie.getName(), cookie.getValue());
            this.delegate = cookie;
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public String getName() {
            return this.delegate.getName();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public String getValue() {
            String value = this.delegate.getValue();
            if (value != null && !value.isEmpty()) {
                if (!value.startsWith("\"")) {
                    value = "\"" + value;
                }
                if (!value.endsWith("\"")) {
                    value = String.valueOf(value) + "\"";
                }
            }
            return value;
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public String getComment() {
            return this.delegate.getComment();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public String getCommentURL() {
            return this.delegate.getCommentURL();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public Date getExpiryDate() {
            return this.delegate.getExpiryDate();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public boolean isPersistent() {
            return this.delegate.isPersistent();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public String getDomain() {
            return this.delegate.getDomain();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public String getPath() {
            return this.delegate.getPath();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public int[] getPorts() {
            return this.delegate.getPorts();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public boolean isSecure() {
            return this.delegate.isSecure();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public int getVersion() {
            return this.delegate.getVersion();
        }

        @Override // org.apache.http.impl.cookie.BasicClientCookie, org.apache.http.cookie.Cookie
        public boolean isExpired(Date date) {
            return this.delegate.isExpired(date);
        }

        /* JADX WARN: Type inference failed for: r0v0, types: [org.apache.knox.gateway.dispatch.HadoopAuthCookieStore$Wrapper$1] */
        @Override // org.apache.http.impl.cookie.BasicClientCookie
        public String toString() {
            return new ReflectionToStringBuilder(this) { // from class: org.apache.knox.gateway.dispatch.HadoopAuthCookieStore.Wrapper.1
                protected boolean accept(Field field) {
                    return super.accept(field) && !Wrapper.DELEGATE_STR.equals(field.getName());
                }
            }.toString();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public HadoopAuthCookieStore(GatewayConfig gatewayConfig) {
        String kerberosLoginConfig = gatewayConfig.getKerberosLoginConfig();
        if (kerberosLoginConfig == null || kerberosLoginConfig.isEmpty()) {
            return;
        }
        Properties properties = new Properties();
        Throwable th = null;
        try {
            try {
                InputStream newInputStream = Files.newInputStream(Paths.get(kerberosLoginConfig, new String[0]), new OpenOption[0]);
                try {
                    properties.load(newInputStream);
                    String property = properties.getProperty(GatewayConfig.REMOTE_CONFIG_REGISTRY_PRINCIPAL);
                    knoxPrincipal = property.startsWith("\"") ? property.substring(1, property.length() - 1) : property;
                    shortKnoxPrincipal = knoxPrincipal.split("/", 2)[0];
                    if (newInputStream != null) {
                        newInputStream.close();
                    }
                } catch (Throwable th2) {
                    if (newInputStream != null) {
                        newInputStream.close();
                    }
                    throw th2;
                }
            } catch (Throwable th3) {
                if (0 == 0) {
                    th = th3;
                } else if (null != th3) {
                    th.addSuppressed(th3);
                }
                throw th;
            }
        } catch (IOException e) {
            LOG.errorReadingKerberosLoginConfig(kerberosLoginConfig, e);
        }
    }

    @Override // org.apache.http.impl.client.BasicCookieStore, org.apache.http.client.CookieStore
    public void addCookie(Cookie cookie) {
        if (isAuthCookie(cookie) && isKnoxCookie(cookie)) {
            Wrapper wrapper = new Wrapper(cookie);
            LOG.acceptingServiceCookie(wrapper);
            super.addCookie(wrapper);
        }
    }

    private boolean isAuthCookie(Cookie cookie) {
        return HADOOP_AUTH_COOKIE_NAME.equals(cookie.getName()) || HIVE_SERVER2_AUTH_COOKIE_NAME.equals(cookie.getName()) || IMPALA_AUTH_COOKIE_NAME.equals(cookie.getName());
    }

    private boolean isKnoxCookie(Cookie cookie) {
        String value;
        boolean z = false;
        if (cookie != null && (value = cookie.getValue()) != null && (value.contains(String.valueOf('=') + knoxPrincipal) || value.contains(String.valueOf('=') + shortKnoxPrincipal))) {
            z = true;
        }
        return z;
    }
}
