package org.apache.ranger.raz.intg.client;

import com.sun.jersey.api.client.ClientHandlerException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.ConnectException;
import java.net.InetAddress;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Random;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.ranger.raz.intg.RangerRazErrorCode;
import org.apache.ranger.raz.intg.RangerRazException;
import org.apache.ranger.raz.intg.client.executor.HttpClientExecutor;
import org.apache.ranger.raz.intg.client.executor.RestClientExecutorConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/ranger/raz/intg/client/RangerRESTClient.class */
public class RangerRESTClient {
    public static final String RANGER_PROP_REST_CLIENT_CLASS = "ranger.raz.client.executor.class";
    public static final String RANGER_DEFAULT_REST_CLIENT_CLASS = "org.apache.ranger.raz.intg.client.executor.RestClientExecutorApacheHttp";
    public static final String RANGER_PROP_REST_CLIENT_MAX_RETRY = "ranger.raz.client.max.retry";
    public static final String RANGER_PROP_JWT_SERVER_COOKIE_NAME = "ranger.raz.client.auth.jwt.server.cookie.name";
    public static final String RANGER_PROP_REST_CLIENT_REQ_PARAMS_TO_MASK = "ranger.raz.client.request.params.to.mask";
    public static final String RANGER_DEFAULT_REST_CLIENT_REQ_PARAMS_TO_MASK = "token,delegation";
    public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE = "xasecure.policymgr.clientssl.keystore";
    public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_TYPE = "xasecure.policymgr.clientssl.keystore.type";
    public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_CREDENTIAL = "xasecure.policymgr.clientssl.keystore.credential.file";
    public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_CREDENTIAL_ALIAS = "sslKeyStore";
    public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_TYPE_DEFAULT = "jks";
    public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE = "xasecure.policymgr.clientssl.truststore";
    public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE_TYPE = "xasecure.policymgr.clientssl.truststore.type";
    public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE_CREDENTIAL = "xasecure.policymgr.clientssl.truststore.credential.file";
    public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE_CREDENTIAL_ALIAS = "sslTrustStore";
    public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE_TYPE_DEFAULT = "jks";
    private static final String HADOOP_SSL_CLIENT_CONF_FILE = "hadoop.ssl.client.conf";
    private static final String HADOOP_SSL_CLIENT_CONF_FILE_DEFAULT = "ssl-client.xml";
    private static final String HADOOP_SSL_CLIENT_TRUSTSTORE_LOC = "ssl.client.truststore.location";
    private static final String HADOOP_SSL_CLIENT_TRUSTSTORE_PWD = "ssl.client.truststore.password";
    public static final String RANGER_SSL_CONTEXT_ALGO_TYPE = "TLS";
    private String mUrl;
    private String mSslConfigFileName;
    private String mUsername;
    private String mPassword;
    private boolean mIsSSL;
    private String mKeyStoreURL;
    private String mKeyStoreAlias;
    private String mKeyStoreFile;
    private String mKeyStoreType;
    private String mTrustStoreURL;
    private String mTrustStoreAlias;
    private String mTrustStoreFile;
    private String mTrustStoreFilePwd;
    private String mTrustStoreType;
    private String clientClassName;
    private String jwtServerCookieName;
    private int mRestClientConnTimeOutMs;
    private int mRestClientReadTimeOutMs;
    private int lastKnownActiveUrlIndex;
    private int mMaxConnections;
    private int mMaxConnectionsPerHost;
    private int mMaxAttempts;
    private int validateAfterInactivityMs;
    private int poolRetryCount;
    private final List<String> configuredURLs;
    private final Set<String> listOfRequestParamsToMask = new HashSet();
    private volatile HttpClientExecutor client;
    private final Configuration configuration;
    private static final Logger LOG = LoggerFactory.getLogger(RangerRESTClient.class);
    public static final String RANGER_SSL_KEYMANAGER_ALGO_TYPE = KeyManagerFactory.getDefaultAlgorithm();
    public static final String RANGER_SSL_TRUSTMANAGER_ALGO_TYPE = TrustManagerFactory.getDefaultAlgorithm();

    /* loaded from: input_file:org/apache/ranger/raz/intg/client/RangerRESTClient$HTTP_METHOD.class */
    public enum HTTP_METHOD {
        GET,
        POST,
        PUT,
        DELETE
    }

    public RangerRESTClient(String str, String str2, Configuration configuration, boolean z) throws IOException {
        this.mUrl = str;
        this.mSslConfigFileName = str2;
        this.configuredURLs = getURLs(this.mUrl, z);
        this.mMaxAttempts = configuration.getInt(RANGER_PROP_REST_CLIENT_MAX_RETRY, 3);
        this.configuration = configuration;
        init(configuration);
    }

    public String getUsername() {
        return this.mUsername;
    }

    public String getPassword() {
        return this.mPassword;
    }

    public int getRestClientConnTimeOutMs() {
        return this.mRestClientConnTimeOutMs;
    }

    public void setRestClientConnTimeOutMs(int i) {
        this.mRestClientConnTimeOutMs = i;
    }

    public int getRestClientReadTimeOutMs() {
        return this.mRestClientReadTimeOutMs;
    }

    public void setRestClientReadTimeOutMs(int i) {
        this.mRestClientReadTimeOutMs = i;
    }

    public void setBasicAuthInfo(String str, String str2) {
        this.mUsername = str;
        this.mPassword = str2;
    }

    public HttpClientExecutor getClient() {
        HttpClientExecutor httpClientExecutor = this.client;
        if (httpClientExecutor == null) {
            synchronized (this) {
                httpClientExecutor = this.client;
                if (httpClientExecutor == null) {
                    HttpClientExecutor buildClient = buildClient();
                    httpClientExecutor = buildClient;
                    this.client = buildClient;
                }
            }
        }
        return httpClientExecutor;
    }

    public void resetClient() {
        this.client = null;
    }

    public int getLastKnownActiveUrlIndex() {
        return this.lastKnownActiveUrlIndex;
    }

    public List<String> getConfiguredURLs() {
        return this.configuredURLs;
    }

    public boolean isSSL() {
        return this.mIsSSL;
    }

    public void setSSL(boolean z) {
        this.mIsSSL = z;
    }

    public int getmMaxConnections() {
        return this.mMaxConnections;
    }

    public void setmMaxConnections(int i) {
        this.mMaxConnections = i;
    }

    public int getMaxConnectionsPerHost() {
        return this.mMaxConnectionsPerHost;
    }

    public void setMaxConnectionsPerHost(int i) {
        this.mMaxConnectionsPerHost = i;
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:23:0x00d2. Please report as an issue. */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:31:0x01b9 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:39:0x02bf  */
    /* JADX WARN: Removed duplicated region for block: B:43:0x02a0 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public <T> T executeHttpRequest(org.apache.ranger.raz.intg.client.RangerRESTClient.HTTP_METHOD r8, java.lang.String r9, java.util.Map<java.lang.String, java.lang.String> r10, java.lang.Object r11, java.lang.Class<T> r12) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 716
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.ranger.raz.intg.client.RangerRESTClient.executeHttpRequest(org.apache.ranger.raz.intg.client.RangerRESTClient$HTTP_METHOD, java.lang.String, java.util.Map, java.lang.Object, java.lang.Class):java.lang.Object");
    }

    protected SSLContext getSSLContext(KeyManager[] keyManagerArr, TrustManager[] trustManagerArr) {
        if (trustManagerArr == null) {
            try {
                trustManagerArr = setSSLContextFromHadoopConfFile();
            } catch (IOException e) {
                RangerRazClientLogger.error(LOG, "Unable to fetch the SSLContext from default Hadoop SSL conf: {}", HADOOP_SSL_CLIENT_CONF_FILE, e);
                throw new IllegalStateException("Unable to fetch the SSLContext from default Hadoop SSL conf: " + e.getMessage(), e);
            } catch (KeyManagementException e2) {
                RangerRazClientLogger.error(LOG, "Unable to initials the SSLContext", (Throwable) e2);
                throw new IllegalStateException("Unable to initials the SSLContex: " + e2.getMessage(), e2);
            } catch (NoSuchAlgorithmException e3) {
                RangerRazClientLogger.error(LOG, "SSL algorithm is not available in the environment", (Throwable) e3);
                throw new IllegalStateException("SSL algorithm is not available in the environment: " + e3.getMessage(), e3);
            }
        }
        SSLContext sSLContext = SSLContext.getInstance(RANGER_SSL_CONTEXT_ALGO_TYPE);
        sSLContext.init(keyManagerArr, trustManagerArr, new SecureRandom());
        return sSLContext;
    }

    protected void processException(boolean z, ClientHandlerException clientHandlerException) throws Exception {
        if (z) {
            LOG.error("Failed to communicate with all Raz URLs: [{}]", this.configuredURLs);
            LOG.error("Verify that, the URLs are correct and corresponding services are running & accessible.");
            throw clientHandlerException;
        }
    }

    protected void processException(boolean z, UnknownHostException unknownHostException) throws Exception {
        if (z) {
            LOG.error("Failed to communicate with all Raz URLs: [{}]", this.configuredURLs);
            LOG.error("Verify that, the URLs are correct and corresponding services are running & accessible.");
            throw unknownHostException;
        }
    }

    protected void processException(boolean z, URISyntaxException uRISyntaxException) throws Exception {
        if (z) {
            LOG.error("Failed to communicate with all Raz URLs: [{}]", this.configuredURLs);
            LOG.error("Verify that, the URLs are correct and corresponding services are running & accessible.");
            throw uRISyntaxException;
        }
    }

    protected void processException(boolean z, ConnectException connectException) throws Exception {
        if (z) {
            LOG.error("Failed to communicate with all Raz URLs: [{}]", this.configuredURLs);
            LOG.error("Verify that, the URLs are correct and corresponding services are running & accessible.");
            throw connectException;
        }
    }

    protected void processExceptionFinal(boolean z, Exception exc) throws Exception {
        if (z) {
            LOG.error("Failed to communicate with all Raz URLs: [{}]", this.configuredURLs);
            LOG.error("Verify that, the URLs are correct and corresponding services are running & accessible.");
            throw exc;
        }
    }

    protected void processRazException(boolean z, RangerRazException rangerRazException, int i) throws Exception {
        if (!rangerRazException.getErrorCode().equals(RangerRazErrorCode.RAZ_CLIENT_REQUEST_FAILED)) {
            if (!rangerRazException.getErrorCode().equals(RangerRazErrorCode.RAZ_CLIENT_ACCESS_DENIED)) {
                throw rangerRazException;
            }
            throw new IOException("Permission denied", rangerRazException);
        }
        RangerRazClientLogger.warn(LOG, "Failed to communicate with Raz, URL: {}", this.configuredURLs.get(i));
        if (z) {
            LOG.error("Failed to communicate with all Raz URLs: [{}]", this.configuredURLs);
            LOG.error("Verify that, the URLs are correct and corresponding services are running & accessible.");
            throw rangerRazException;
        }
    }

    protected void setLastKnownActiveUrlIndex(int i) {
        this.lastKnownActiveUrlIndex = i;
    }

    protected void setKeyStoreType(String str) {
        this.mKeyStoreType = str;
    }

    protected void setTrustStoreType(String str) {
        this.mTrustStoreType = str;
    }

    public int getValidateAfterInactivityMs() {
        return this.validateAfterInactivityMs;
    }

    public void setValidateAfterInactivityMs(int i) {
        this.validateAfterInactivityMs = i;
    }

    public int getPoolRetryCount() {
        return this.poolRetryCount;
    }

    public void setPoolRetryCount(int i) {
        this.poolRetryCount = i;
    }

    private HttpClientExecutor buildClient() {
        RestClientExecutorConfig restClientExecutorConfig = new RestClientExecutorConfig();
        restClientExecutorConfig.setUsername(this.mUsername);
        restClientExecutorConfig.setPassword(this.mPassword);
        restClientExecutorConfig.setRestClientConnTimeOutMs(Integer.valueOf(this.mRestClientConnTimeOutMs));
        restClientExecutorConfig.setRestClientReadTimeOutMs(Integer.valueOf(this.mRestClientReadTimeOutMs));
        restClientExecutorConfig.setMaxConnections(Integer.valueOf(this.mMaxConnections));
        restClientExecutorConfig.setMaxConnectionsPerHost(Integer.valueOf(this.mMaxConnectionsPerHost));
        restClientExecutorConfig.setSsl(this.mIsSSL);
        restClientExecutorConfig.setValidateAfterInactivityMs(Integer.valueOf(this.validateAfterInactivityMs));
        restClientExecutorConfig.setPoolRetryCount(Integer.valueOf(this.poolRetryCount));
        if (this.mIsSSL) {
            restClientExecutorConfig.setSslContext(getSSLContext(getKeyManagers(), getTrustManagers()));
        }
        restClientExecutorConfig.setJwtServerCookieName(this.jwtServerCookieName);
        HttpClientExecutor httpClientExecutor = null;
        try {
            httpClientExecutor = (HttpClientExecutor) Class.forName(this.clientClassName).getDeclaredConstructor(RestClientExecutorConfig.class, Configuration.class).newInstance(restClientExecutorConfig, this.configuration);
        } catch (Exception e) {
            LOG.error("Exception occured while creating instance of executor class[{}]. Exception={}", this.clientClassName, e);
        }
        return httpClientExecutor;
    }

    private void init(Configuration configuration) {
        this.mIsSSL = isSsl(this.mUrl);
        if (this.mIsSSL) {
            InputStream inputStream = null;
            InputStream inputStream2 = null;
            String str = configuration.get(HADOOP_SSL_CLIENT_CONF_FILE, HADOOP_SSL_CLIENT_CONF_FILE_DEFAULT);
            try {
                try {
                    inputStream = getFileInputStream(this.mSslConfigFileName);
                    if (inputStream != null) {
                        configuration.addResource(inputStream);
                    }
                    this.mKeyStoreURL = configuration.get(RANGER_POLICYMGR_CLIENT_KEY_FILE_CREDENTIAL);
                    this.mKeyStoreAlias = RANGER_POLICYMGR_CLIENT_KEY_FILE_CREDENTIAL_ALIAS;
                    this.mKeyStoreType = configuration.get(RANGER_POLICYMGR_CLIENT_KEY_FILE_TYPE, "jks");
                    this.mKeyStoreFile = configuration.get(RANGER_POLICYMGR_CLIENT_KEY_FILE);
                    this.mTrustStoreURL = configuration.get(RANGER_POLICYMGR_TRUSTSTORE_FILE_CREDENTIAL);
                    this.mTrustStoreAlias = RANGER_POLICYMGR_TRUSTSTORE_FILE_CREDENTIAL_ALIAS;
                    this.mTrustStoreType = configuration.get(RANGER_POLICYMGR_TRUSTSTORE_FILE_TYPE, "jks");
                    this.mTrustStoreFile = configuration.get(RANGER_POLICYMGR_TRUSTSTORE_FILE);
                    if (StringUtils.isNotEmpty(str)) {
                        inputStream2 = getFileInputStream(str);
                        Configuration configuration2 = new Configuration();
                        if (inputStream2 != null) {
                            configuration2.addResource(inputStream2);
                        }
                        if (StringUtils.isEmpty(this.mTrustStoreFile)) {
                            this.mTrustStoreFile = configuration2.get(HADOOP_SSL_CLIENT_TRUSTSTORE_LOC);
                        }
                        this.mTrustStoreFilePwd = configuration2.get(HADOOP_SSL_CLIENT_TRUSTSTORE_PWD);
                    }
                    close(inputStream, this.mSslConfigFileName);
                    close(inputStream2, str);
                } catch (IOException e) {
                    RangerRazClientLogger.error(LOG, "Unable to load SSL Config FileName: [{}]", this.mSslConfigFileName, e);
                    close(inputStream, this.mSslConfigFileName);
                    close(inputStream2, str);
                }
            } catch (Throwable th) {
                close(inputStream, this.mSslConfigFileName);
                close(inputStream2, str);
                throw th;
            }
        }
        this.clientClassName = configuration.get(RANGER_PROP_REST_CLIENT_CLASS, RANGER_DEFAULT_REST_CLIENT_CLASS);
        for (String str2 : configuration.get(RANGER_PROP_REST_CLIENT_REQ_PARAMS_TO_MASK, RANGER_DEFAULT_REST_CLIENT_REQ_PARAMS_TO_MASK).split(",")) {
            this.listOfRequestParamsToMask.add(str2);
        }
        this.jwtServerCookieName = configuration.get(RANGER_PROP_JWT_SERVER_COOKIE_NAME);
    }

    private boolean isSsl(String str) {
        return !StringUtils.isEmpty(str) && str.toLowerCase().startsWith("https");
    }

    private KeyManager[] getKeyManagers() {
        return getKeyManagers(this.mKeyStoreFile, getCredential(this.mKeyStoreURL, this.mKeyStoreAlias));
    }

    private KeyManager[] getKeyManagers(String str, String str2) {
        KeyManager[] keyManagerArr = null;
        if (StringUtils.isNotEmpty(str) && StringUtils.isNotEmpty(str2)) {
            try {
                try {
                    try {
                        try {
                            try {
                                InputStream fileInputStream = getFileInputStream(str);
                                if (fileInputStream == null) {
                                    RangerRazClientLogger.error(LOG, "Unable to obtain keystore from file [{}]", str);
                                    throw new IllegalStateException("Unable to find keystore file :" + str);
                                }
                                KeyStore keyStore = KeyStore.getInstance(this.mKeyStoreType);
                                keyStore.load(fileInputStream, str2.toCharArray());
                                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(RANGER_SSL_KEYMANAGER_ALGO_TYPE);
                                keyManagerFactory.init(keyStore, str2.toCharArray());
                                keyManagerArr = keyManagerFactory.getKeyManagers();
                                close(fileInputStream, str);
                            } catch (NoSuchAlgorithmException e) {
                                RangerRazClientLogger.error(LOG, "SSL algorithm is NOT available in the environment", (Throwable) e);
                                throw new IllegalStateException("SSL algorithm is NOT available in the environment :" + e.getMessage(), e);
                            }
                        } catch (KeyStoreException e2) {
                            RangerRazClientLogger.error(LOG, "Unable to obtain from KeyStore: {}", e2.getMessage(), e2);
                            throw new IllegalStateException("Unable to init keystore:" + e2.getMessage(), e2);
                        }
                    } catch (FileNotFoundException e3) {
                        RangerRazClientLogger.error(LOG, "Unable to find the necessary SSL Keystore Files", (Throwable) e3);
                        throw new IllegalStateException("Unable to find keystore file :" + str + ", error :" + e3.getMessage(), e3);
                    } catch (CertificateException e4) {
                        RangerRazClientLogger.error(LOG, "Unable to obtain the requested certification ", (Throwable) e4);
                        throw new IllegalStateException("Unable to obtain the requested certification :" + e4.getMessage(), e4);
                    }
                } catch (IOException e5) {
                    RangerRazClientLogger.error(LOG, "Unable to read the necessary SSL Keystore Files", (Throwable) e5);
                    throw new IllegalStateException("Unable to read keystore file :" + str + ", error :" + e5.getMessage(), e5);
                } catch (UnrecoverableKeyException e6) {
                    RangerRazClientLogger.error(LOG, "Unable to recover the key from keystore", (Throwable) e6);
                    throw new IllegalStateException("Unable to recover the key from keystore :" + str + ", error :" + e6.getMessage(), e6);
                }
            } catch (Throwable th) {
                close(null, str);
                throw th;
            }
        }
        return keyManagerArr;
    }

    private TrustManager[] getTrustManagers() {
        String credential = getCredential(this.mTrustStoreURL, this.mTrustStoreAlias);
        if (StringUtils.isEmpty(credential)) {
            credential = this.mTrustStoreFilePwd;
        }
        return getTrustManagers(this.mTrustStoreFile, credential);
    }

    private TrustManager[] getTrustManagers(String str, String str2) {
        TrustManager[] trustManagerArr = null;
        if (StringUtils.isNotEmpty(str) && StringUtils.isNotEmpty(str2)) {
            try {
                try {
                    try {
                        try {
                            try {
                                InputStream fileInputStream = getFileInputStream(str);
                                if (fileInputStream == null) {
                                    RangerRazClientLogger.error(LOG, "Unable to obtain truststore from file [{}]", str);
                                    throw new IllegalStateException("Unable to find truststore file :" + str);
                                }
                                KeyStore keyStore = KeyStore.getInstance(this.mTrustStoreType);
                                keyStore.load(fileInputStream, str2.toCharArray());
                                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(RANGER_SSL_TRUSTMANAGER_ALGO_TYPE);
                                trustManagerFactory.init(keyStore);
                                trustManagerArr = trustManagerFactory.getTrustManagers();
                                close(fileInputStream, str);
                            } catch (IOException e) {
                                RangerRazClientLogger.error(LOG, "Unable to read the necessary SSL TrustStore Files: {}", str, e);
                                throw new IllegalStateException("Unable to read the trust store file :" + str + ", error :" + e.getMessage(), e);
                            }
                        } catch (KeyStoreException e2) {
                            RangerRazClientLogger.error(LOG, "Unable to obtain from KeyStore", (Throwable) e2);
                            throw new IllegalStateException("Unable to init keystore:" + e2.getMessage(), e2);
                        }
                    } catch (FileNotFoundException e3) {
                        RangerRazClientLogger.error(LOG, "Unable to find the necessary SSL TrustStore File: {}", str, e3);
                        throw new IllegalStateException("Unable to find trust store file :" + str + ", error :" + e3.getMessage(), e3);
                    }
                } catch (NoSuchAlgorithmException e4) {
                    RangerRazClientLogger.error(LOG, "SSL algorithm is NOT available in the environment: {}", e4.getMessage(), e4);
                    throw new IllegalStateException("SSL algorithm is NOT available in the environment :" + e4.getMessage(), e4);
                } catch (CertificateException e5) {
                    RangerRazClientLogger.error(LOG, "Unable to obtain the requested certification: {}", e5.getMessage(), e5);
                    throw new IllegalStateException("Unable to obtain the requested certification :" + e5.getMessage(), e5);
                }
            } catch (Throwable th) {
                close(null, str);
                throw th;
            }
        }
        return trustManagerArr;
    }

    private TrustManager[] setSSLContextFromHadoopConfFile() throws IOException {
        TrustManager[] trustManagerArr = null;
        Configuration configuration = new Configuration();
        String str = configuration.get(HADOOP_SSL_CLIENT_CONF_FILE, HADOOP_SSL_CLIENT_CONF_FILE_DEFAULT);
        URL fileLocation = getFileLocation(str, configuration);
        if (fileLocation != null) {
            RangerRazClientLogger.info(LOG, "addResourceIfReadable({}): resource file is {}", str, fileLocation);
            configuration.addResource(fileLocation);
            this.mTrustStoreFile = configuration.get(HADOOP_SSL_CLIENT_TRUSTSTORE_LOC);
            this.mTrustStoreFilePwd = configuration.get(HADOOP_SSL_CLIENT_TRUSTSTORE_PWD);
            trustManagerArr = getTrustManagers(this.mTrustStoreFile, this.mTrustStoreFilePwd);
        } else {
            RangerRazClientLogger.error(LOG, "addResourceIfReadable({}): couldn't find resource file location", str);
        }
        return trustManagerArr;
    }

    private URL getFileLocation(String str, Configuration configuration) {
        URL resource = configuration.getClassLoader().getResource(str);
        if (resource == null) {
            resource = configuration.getClassLoader().getResource(RangerRazClient.HTTP_URL_SEPARATOR + str);
        }
        return resource;
    }

    private String getCredential(String str, String str2) {
        return RangerCredentialProvider.getInstance().getCredentialString(str, str2);
    }

    private InputStream getFileInputStream(String str) throws IOException {
        InputStream inputStream = null;
        if (StringUtils.isNotEmpty(str)) {
            File file = new File(str);
            inputStream = file.exists() ? new FileInputStream(file) : ClassLoader.getSystemResourceAsStream(str);
        }
        return inputStream;
    }

    private void close(InputStream inputStream, String str) {
        if (inputStream != null) {
            try {
                inputStream.close();
            } catch (IOException e) {
                RangerRazClientLogger.error(LOG, "Error while closing file: [{}]", str, e);
            }
        }
    }

    private List<String> getURLs(String str, boolean z) throws UnknownHostException {
        List<String> emptyList = Collections.emptyList();
        if (str != null) {
            String[] split = str.trim().split(",");
            emptyList = new ArrayList(split.length + 2);
            for (String str2 : split) {
                String cleanRestUrl = cleanRestUrl(str2);
                if (StringUtils.isNotBlank(cleanRestUrl)) {
                    emptyList.add(cleanRestUrl);
                }
            }
            if (!z || emptyList.isEmpty()) {
                setLastKnownActiveUrlIndex(new Random().nextInt(emptyList.size()));
            } else {
                String[] split2 = emptyList.get(0).split(":");
                emptyList.add(0, cleanRestUrl(split2[0] + "://" + InetAddress.getLocalHost().getHostName() + ":" + split2[2]));
                setLastKnownActiveUrlIndex(0);
            }
        }
        return emptyList;
    }

    private static String cleanRestUrl(String str) {
        String str2 = str;
        if (!StringUtils.isEmpty(StringUtils.trimToEmpty(str2))) {
            str2 = str2.trim();
            if (str2.endsWith(RangerRazClient.HTTP_URL_SEPARATOR)) {
                str2 = str2.substring(0, str2.length() - 1).trim();
            }
        }
        return str2;
    }
}
