package org.apache.ranger.services.solr.client;

import java.io.IOException;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.Callable;
import java.util.concurrent.TimeUnit;
import javax.security.auth.Subject;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.security.SecureClientLogin;
import org.apache.ranger.plugin.client.BaseClient;
import org.apache.ranger.plugin.client.HadoopException;
import org.apache.ranger.plugin.service.ResourceLookupContext;
import org.apache.ranger.plugin.util.PasswordUtils;
import org.apache.ranger.plugin.util.TimedEventUtil;
import org.apache.ranger.services.solr.RangerSolrConstants;
import org.apache.solr.client.solrj.SolrClient;
import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrResponse;
import org.apache.solr.client.solrj.impl.CloudSolrClient;
import org.apache.solr.client.solrj.impl.HttpClientUtil;
import org.apache.solr.client.solrj.impl.HttpSolrClient;
import org.apache.solr.client.solrj.impl.Krb5HttpClientBuilder;
import org.apache.solr.client.solrj.request.CollectionAdminRequest;
import org.apache.solr.client.solrj.request.ConfigSetAdminRequest;
import org.apache.solr.client.solrj.request.CoreAdminRequest;
import org.apache.solr.client.solrj.request.QueryRequest;
import org.apache.solr.client.solrj.response.CoreAdminResponse;
import org.apache.solr.client.solrj.response.QueryResponse;
import org.apache.solr.common.params.CoreAdminParams;
import org.apache.solr.common.util.SimpleOrderedMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/ranger/services/solr/client/ServiceSolrClient.class */
public class ServiceSolrClient {
    private static final Logger LOG = LoggerFactory.getLogger(ServiceSolrClient.class);
    private String username;
    private String password;
    private String serviceName;
    private SolrClient solrClient = null;
    private boolean isSolrCloud;
    private boolean isKerberosAuth;
    private String url;
    private Subject loginSubject;
    private String authType;

    public ServiceSolrClient(String str, Map<String, String> map, String str2, boolean z) {
        this.isSolrCloud = true;
        this.username = map.get("username");
        this.password = map.get("password");
        this.authType = map.get("authtype");
        this.isKerberosAuth = "kerberos".equalsIgnoreCase(this.authType);
        this.url = str2;
        this.serviceName = str;
        this.isSolrCloud = z;
        createSolrClientInstance();
        login(map);
    }

    public Map<String, Object> connectionTest() throws Exception {
        final HashMap hashMap = new HashMap();
        if (this.isKerberosAuth) {
            Subject.doAs(this.loginSubject, new PrivilegedAction<Void>() { // from class: org.apache.ranger.services.solr.client.ServiceSolrClient.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public Void run() {
                    ServiceSolrClient.this.testConnection(hashMap);
                    return null;
                }
            });
        } else {
            testConnection(hashMap);
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void testConnection(Map<String, Object> map) {
        try {
            getCollectionList(null);
            BaseClient.generateResponseDataMap(true, "ConnectionTest Successful", "ConnectionTest Successful", (Long) null, (String) null, map);
        } catch (Exception e) {
            LOG.error("Error connecting to Solr. solrClient=" + this.solrClient, e);
            String str = "Unable to connect to Solr instance." + e.getMessage();
            BaseClient.generateResponseDataMap(false, str, str + RangerSolrConstants.errMessage, (Long) null, (String) null, map);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<String> getSchemaList(List<String> list) throws Exception {
        return getCollectionList(list);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<String> getCollectionList(List<String> list) throws Exception {
        if (!this.isSolrCloud) {
            return getCoresList(list);
        }
        CollectionAdminRequest.List list2 = new CollectionAdminRequest.List();
        String decryptedPassword = getDecryptedPassword();
        if (!this.isKerberosAuth && this.username != null && decryptedPassword != null) {
            list2.setBasicAuthCredentials(this.username, decryptedPassword);
        }
        SolrResponse process = list2.process(this.solrClient);
        ArrayList arrayList = new ArrayList();
        ArrayList<String> arrayList2 = (ArrayList) process.getResponse().get("collections");
        if (CollectionUtils.isEmpty(arrayList2)) {
            return arrayList;
        }
        for (String str : arrayList2) {
            if (list == null || !list.contains(str)) {
                arrayList.add(str);
            }
        }
        return arrayList;
    }

    private List<String> getCoresList(List<String> list) throws Exception {
        CoreAdminRequest coreAdminRequest = new CoreAdminRequest();
        coreAdminRequest.setAction(CoreAdminParams.CoreAdminAction.STATUS);
        String decryptedPassword = getDecryptedPassword();
        if (!this.isKerberosAuth && this.username != null && decryptedPassword != null) {
            coreAdminRequest.setBasicAuthCredentials(this.username, decryptedPassword);
        }
        CoreAdminResponse process = coreAdminRequest.process(this.solrClient);
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < process.getCoreStatus().size(); i++) {
            if (list == null || !list.contains(process.getCoreStatus().getName(i))) {
                arrayList.add(process.getCoreStatus().getName(i));
            }
        }
        return arrayList;
    }

    private List<String> getFieldList(String str, List<String> list) throws Exception {
        String str2 = "";
        if (str != null && !str.isEmpty()) {
            str2 = str2 + "/" + str;
        }
        SolrQuery solrQuery = new SolrQuery();
        solrQuery.setRequestHandler(str2 + "/schema/fields");
        QueryRequest queryRequest = new QueryRequest(solrQuery);
        String decryptedPassword = getDecryptedPassword();
        if (!this.isKerberosAuth && this.username != null && decryptedPassword != null) {
            queryRequest.setBasicAuthCredentials(this.username, decryptedPassword);
        }
        QueryResponse process = queryRequest.process(this.solrClient);
        ArrayList arrayList = new ArrayList();
        if (process == null || process.getStatus() != 0) {
            LOG.error("Error getting fields for collection=" + str + ", response=" + process);
        } else {
            Iterator it = ((ArrayList) process.getResponse().get("fields")).iterator();
            while (it.hasNext()) {
                String str3 = (String) ((SimpleOrderedMap) it.next()).get("name");
                if (list == null || !list.contains(str3)) {
                    arrayList.add(str3);
                }
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<String> getFieldList(List<String> list, List<String> list2) throws Exception {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (list == null || list.size() == 0) {
            return getFieldList((String) null, list2);
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                linkedHashSet.addAll(getFieldList(it.next(), list2));
            } catch (Exception e) {
                LOG.error("Error getting fields.", e);
            }
        }
        return new ArrayList(linkedHashSet);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<String> getConfigList(List<String> list) throws Exception {
        ConfigSetAdminRequest.List list2 = new ConfigSetAdminRequest.List();
        String decryptedPassword = getDecryptedPassword();
        if (!this.isKerberosAuth && this.username != null && decryptedPassword != null) {
            list2.setBasicAuthCredentials(this.username, decryptedPassword);
        }
        SolrResponse process = list2.process(this.solrClient);
        ArrayList arrayList = new ArrayList();
        ArrayList<String> arrayList2 = (ArrayList) process.getResponse().get("configSets");
        if (CollectionUtils.isEmpty(arrayList2)) {
            return arrayList;
        }
        for (String str : arrayList2) {
            if (list == null || !list.contains(str)) {
                arrayList.add(str);
            }
        }
        return arrayList;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v57, types: [java.util.List] */
    public List<String> getResources(ResourceLookupContext resourceLookupContext) {
        final String userInput = resourceLookupContext.getUserInput();
        String resourceName = resourceLookupContext.getResourceName();
        Map resources = resourceLookupContext.getResources();
        ArrayList arrayList = null;
        List list = null;
        List list2 = null;
        List list3 = null;
        List list4 = null;
        RangerSolrConstants.RESOURCE_TYPE resource_type = RangerSolrConstants.RESOURCE_TYPE.COLLECTION;
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== getResources() UserInput: \"" + userInput + "\" resource : " + resourceName + " resourceMap: " + resources);
        }
        if (userInput != null && resourceName != null) {
            if (resources != null && !resources.isEmpty()) {
                list = (List) resources.get(RangerSolrConstants.COLLECTION_KEY);
                list2 = (List) resources.get(RangerSolrConstants.FIELD_KEY);
                list3 = (List) resources.get(RangerSolrConstants.CONFIG_KEY);
                list4 = (List) resources.get(RangerSolrConstants.SCHEMA_KEY);
            }
            String lowerCase = resourceName.trim().toLowerCase();
            boolean z = -1;
            switch (lowerCase.hashCode()) {
                case -1741312354:
                    if (lowerCase.equals(RangerSolrConstants.COLLECTION_KEY)) {
                        z = false;
                        break;
                    }
                    break;
                case -1354792126:
                    if (lowerCase.equals(RangerSolrConstants.CONFIG_KEY)) {
                        z = 2;
                        break;
                    }
                    break;
                case -907987551:
                    if (lowerCase.equals(RangerSolrConstants.SCHEMA_KEY)) {
                        z = 4;
                        break;
                    }
                    break;
                case 92668751:
                    if (lowerCase.equals(RangerSolrConstants.ADMIN_KEY)) {
                        z = 3;
                        break;
                    }
                    break;
                case 97427706:
                    if (lowerCase.equals(RangerSolrConstants.FIELD_KEY)) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    resource_type = RangerSolrConstants.RESOURCE_TYPE.COLLECTION;
                    break;
                case true:
                    resource_type = RangerSolrConstants.RESOURCE_TYPE.FIELD;
                    break;
                case true:
                    resource_type = RangerSolrConstants.RESOURCE_TYPE.CONFIG;
                    break;
                case true:
                    resource_type = RangerSolrConstants.RESOURCE_TYPE.ADMIN;
                    break;
                case true:
                    resource_type = RangerSolrConstants.RESOURCE_TYPE.SCHEMA;
                    break;
            }
        }
        if (userInput != null) {
            try {
                Callable<List<String>> callable = null;
                final List list5 = list;
                final List list6 = list2;
                final List list7 = list3;
                final List list8 = list4;
                if (resource_type == RangerSolrConstants.RESOURCE_TYPE.COLLECTION) {
                    callable = new Callable<List<String>>() { // from class: org.apache.ranger.services.solr.client.ServiceSolrClient.2
                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.util.concurrent.Callable
                        public List<String> call() {
                            ArrayList arrayList2 = new ArrayList();
                            try {
                                List<String> collectionList = ServiceSolrClient.this.isKerberosAuth ? (List) Subject.doAs(ServiceSolrClient.this.loginSubject, new PrivilegedAction<List<String>>() { // from class: org.apache.ranger.services.solr.client.ServiceSolrClient.2.1
                                    /* JADX WARN: Can't rename method to resolve collision */
                                    @Override // java.security.PrivilegedAction
                                    public List<String> run() {
                                        List<String> list9 = null;
                                        try {
                                            list9 = ServiceSolrClient.this.getCollectionList(list5);
                                        } catch (Exception e) {
                                            ServiceSolrClient.LOG.error("Unable to get collections, Error : " + e.getMessage(), new Throwable(e));
                                        }
                                        return list9;
                                    }
                                }) : ServiceSolrClient.this.getCollectionList(list5);
                                if (userInput == null || userInput.isEmpty()) {
                                    arrayList2.addAll(collectionList);
                                } else {
                                    for (String str : collectionList) {
                                        if (str.startsWith(userInput)) {
                                            arrayList2.add(str);
                                        }
                                    }
                                }
                            } catch (Exception e) {
                                ServiceSolrClient.LOG.error("Error getting collections.", e);
                            }
                            return arrayList2;
                        }
                    };
                } else if (resource_type == RangerSolrConstants.RESOURCE_TYPE.FIELD) {
                    callable = new Callable<List<String>>() { // from class: org.apache.ranger.services.solr.client.ServiceSolrClient.3
                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.util.concurrent.Callable
                        public List<String> call() {
                            ArrayList arrayList2 = new ArrayList();
                            try {
                                List<String> fieldList = ServiceSolrClient.this.isKerberosAuth ? (List) Subject.doAs(ServiceSolrClient.this.loginSubject, new PrivilegedAction<List<String>>() { // from class: org.apache.ranger.services.solr.client.ServiceSolrClient.3.1
                                    /* JADX WARN: Can't rename method to resolve collision */
                                    /* JADX WARN: Multi-variable type inference failed */
                                    /* JADX WARN: Type inference failed for: r0v6, types: [java.util.List] */
                                    @Override // java.security.PrivilegedAction
                                    public List<String> run() {
                                        ArrayList arrayList3 = new ArrayList();
                                        try {
                                            arrayList3 = ServiceSolrClient.this.getFieldList((List<String>) list5, (List<String>) list6);
                                        } catch (Exception e) {
                                            ServiceSolrClient.LOG.error("Unable to get field list, Error : " + e.getMessage(), new Throwable(e));
                                        }
                                        return arrayList3;
                                    }
                                }) : ServiceSolrClient.this.getFieldList((List<String>) list5, (List<String>) list6);
                                if (userInput == null || userInput.isEmpty()) {
                                    arrayList2.addAll(fieldList);
                                } else {
                                    for (String str : fieldList) {
                                        if (str.startsWith(userInput)) {
                                            arrayList2.add(str);
                                        }
                                    }
                                }
                            } catch (Exception e) {
                                ServiceSolrClient.LOG.error("Error getting collections.", e);
                            }
                            return arrayList2;
                        }
                    };
                } else if (resource_type == RangerSolrConstants.RESOURCE_TYPE.CONFIG) {
                    callable = new Callable<List<String>>() { // from class: org.apache.ranger.services.solr.client.ServiceSolrClient.4
                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.util.concurrent.Callable
                        public List<String> call() {
                            ArrayList arrayList2 = new ArrayList();
                            try {
                                List<String> configList = ServiceSolrClient.this.isKerberosAuth ? (List) Subject.doAs(ServiceSolrClient.this.loginSubject, new PrivilegedAction<List<String>>() { // from class: org.apache.ranger.services.solr.client.ServiceSolrClient.4.1
                                    /* JADX WARN: Can't rename method to resolve collision */
                                    @Override // java.security.PrivilegedAction
                                    public List<String> run() {
                                        List<String> list9 = null;
                                        try {
                                            list9 = ServiceSolrClient.this.getConfigList(list7);
                                        } catch (Exception e) {
                                            ServiceSolrClient.LOG.error("Unable to get Solr configs, Error : " + e.getMessage(), new Throwable(e));
                                        }
                                        return list9;
                                    }
                                }) : ServiceSolrClient.this.getConfigList(list7);
                                if (userInput == null || userInput.isEmpty()) {
                                    arrayList2.addAll(configList);
                                } else {
                                    for (String str : configList) {
                                        if (str.startsWith(userInput)) {
                                            arrayList2.add(str);
                                        }
                                    }
                                }
                            } catch (Exception e) {
                                ServiceSolrClient.LOG.error("Error getting Solr configs.", e);
                            }
                            return arrayList2;
                        }
                    };
                } else if (resource_type == RangerSolrConstants.RESOURCE_TYPE.ADMIN) {
                    ArrayList arrayList2 = new ArrayList();
                    try {
                        List<String> list9 = RangerSolrConstants.ADMIN_TYPE.VALUE_LIST;
                        if (userInput == null || userInput.isEmpty()) {
                            arrayList2.addAll(list9);
                        } else {
                            for (String str : list9) {
                                if (str.startsWith(userInput)) {
                                    arrayList2.add(str);
                                }
                            }
                        }
                    } catch (Exception e) {
                        LOG.error("Error getting Solr admin resources.", e);
                    }
                    arrayList = arrayList2;
                } else if (resource_type == RangerSolrConstants.RESOURCE_TYPE.SCHEMA) {
                    callable = new Callable<List<String>>() { // from class: org.apache.ranger.services.solr.client.ServiceSolrClient.5
                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.util.concurrent.Callable
                        public List<String> call() {
                            ArrayList arrayList3 = new ArrayList();
                            try {
                                List<String> schemaList = ServiceSolrClient.this.isKerberosAuth ? (List) Subject.doAs(ServiceSolrClient.this.loginSubject, new PrivilegedAction<List<String>>() { // from class: org.apache.ranger.services.solr.client.ServiceSolrClient.5.1
                                    /* JADX WARN: Can't rename method to resolve collision */
                                    @Override // java.security.PrivilegedAction
                                    public List<String> run() {
                                        List<String> list10 = null;
                                        try {
                                            list10 = ServiceSolrClient.this.getSchemaList(list8);
                                        } catch (Exception e2) {
                                            ServiceSolrClient.LOG.error("Unable to get collections for schema listing, Error : " + e2.getMessage(), new Throwable(e2));
                                        }
                                        return list10;
                                    }
                                }) : ServiceSolrClient.this.getSchemaList(list8);
                                if (userInput == null || userInput.isEmpty()) {
                                    arrayList3.addAll(schemaList);
                                } else {
                                    for (String str2 : schemaList) {
                                        if (str2.startsWith(userInput)) {
                                            arrayList3.add(str2);
                                        }
                                    }
                                }
                            } catch (Exception e2) {
                                ServiceSolrClient.LOG.error("Error getting collections for schema listing.", e2);
                            }
                            return arrayList3;
                        }
                    };
                }
                if (callable != null) {
                    synchronized (this) {
                        arrayList = (List) TimedEventUtil.timedTask(callable, 5L, TimeUnit.SECONDS);
                    }
                }
            } catch (Exception e2) {
                LOG.error("Unable to get Solr resources.", e2);
            }
        }
        return arrayList;
    }

    private String getDecryptedPassword() {
        String str = null;
        try {
            try {
                str = PasswordUtils.decryptPassword(this.password);
                if (str == null) {
                    str = this.password;
                }
            } catch (Exception e) {
                LOG.info("Password decryption failed; trying Solr connection with received password string");
                str = null;
                if (0 == 0) {
                    str = this.password;
                }
            }
            return str;
        } finally {
            if (str == null) {
                String str2 = this.password;
            }
        }
    }

    private void createSolrClientInstance() {
        setHttpClientBuilderForKrb();
        if (this.isSolrCloud) {
            this.solrClient = new CloudSolrClient.Builder(Arrays.asList(this.url), Optional.empty()).build();
            return;
        }
        HttpSolrClient.Builder builder = new HttpSolrClient.Builder();
        builder.withBaseSolrUrl(this.url);
        this.solrClient = builder.build();
    }

    private void setHttpClientBuilderForKrb() {
        if (this.isKerberosAuth) {
            Krb5HttpClientBuilder krb5HttpClientBuilder = new Krb5HttpClientBuilder();
            try {
                HttpClientUtil.setHttpClientBuilder(krb5HttpClientBuilder.getBuilder());
                krb5HttpClientBuilder.close();
            } catch (Throwable th) {
                try {
                    krb5HttpClientBuilder.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    private void login(Map<String, String> map) {
        try {
            String str = map.get("rangerprincipal");
            String str2 = map.get("rangerkeytab");
            String str3 = map.get("namerules");
            if (StringUtils.isEmpty(str3)) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Name Rule is empty. Setting Name Rule as 'DEFAULT'");
                }
                str3 = "DEFAULT";
            }
            String str4 = this.username;
            if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
                if (str4 == null) {
                    throw createException("Unable to find login username for hadoop environment, [" + this.serviceName + "]", null);
                }
                String str5 = map.get("rangerkeytab");
                if (str5 == null) {
                    String str6 = this.password;
                    String str7 = null;
                    try {
                        if (str6 != null) {
                            try {
                                str7 = PasswordUtils.decryptPassword(str6);
                                if (str7 == null) {
                                    str7 = str6;
                                }
                            } catch (Exception e) {
                                LOG.info("Password decryption failed; trying connection with received password string");
                                str7 = null;
                                if (0 == 0) {
                                    str7 = str6;
                                }
                            }
                        } else {
                            LOG.info("Password decryption failed: no password was configured");
                        }
                        if (this.isKerberosAuth) {
                            LOG.info("Init Login: using username/password");
                            this.loginSubject = SecureClientLogin.loginUserWithPassword(str4, str7);
                        } else {
                            LOG.info("Init Login: security not enabled, using username");
                            this.loginSubject = SecureClientLogin.login(str4);
                        }
                    } catch (Throwable th) {
                        if (str7 == null) {
                        }
                        throw th;
                    }
                } else if (this.isKerberosAuth) {
                    LOG.info("Init Login: security enabled, using username/keytab");
                    this.loginSubject = SecureClientLogin.loginUserFromKeytab(str4, str5, str3);
                } else {
                    LOG.info("Init Login: using username");
                    this.loginSubject = SecureClientLogin.login(str4);
                }
            } else if (this.isKerberosAuth) {
                LOG.info("Init Lookup Login: security enabled, using lookupPrincipal/lookupKeytab");
                this.loginSubject = SecureClientLogin.loginUserFromKeytab(str, str2, str3);
            } else {
                LOG.info("Init Login: security not enabled, using username");
                this.loginSubject = SecureClientLogin.login(str4);
            }
        } catch (IOException e2) {
            throw createException("Unable to login to Hadoop environment [" + this.serviceName + "]", e2);
        } catch (SecurityException e3) {
            throw createException("Unable to login to Hadoop environment [" + this.serviceName + "]", e3);
        }
    }

    private HadoopException createException(String str, Exception exc) {
        HadoopException hadoopException = new HadoopException(str, exc);
        hadoopException.generateResponseDataMap(false, (exc != null ? BaseClient.getMessage(exc) : str) + RangerSolrConstants.errMessage, str + RangerSolrConstants.errMessage, (Long) null, (String) null);
        return hadoopException;
    }
}
