package org.apache.spark.sql.hive.security;

import java.lang.reflect.UndeclaredThrowableException;
import java.security.PrivilegedExceptionAction;
import java.util.Map;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.ql.metadata.Hive;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.Credentials;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.Token;
import org.apache.spark.SparkConf;
import org.apache.spark.deploy.SparkHadoopUtil$;
import org.apache.spark.internal.LogEntry;
import org.apache.spark.internal.LogEntry$;
import org.apache.spark.internal.LogKeys$CLASS_NAME$;
import org.apache.spark.internal.Logging;
import org.apache.spark.internal.MDC;
import org.apache.spark.internal.MessageWithContext;
import org.apache.spark.internal.config.package$;
import org.apache.spark.security.HadoopDelegationTokenProvider;
import org.apache.spark.sql.hive.client.HiveClientImpl$;
import org.apache.spark.util.Utils$;
import org.slf4j.Logger;
import scala.Function0;
import scala.None$;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.StringContext;
import scala.collection.StringOps$;
import scala.collection.immutable.Nil$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;
import scala.runtime.ScalaRunTime$;
import scala.util.control.NonFatal$;

/* compiled from: HiveDelegationTokenProvider.scala */
@ScalaSignature(bytes = "\u0006\u0005\u0005-a!\u0002\u0006\f\u0001E9\u0002\"B\u0015\u0001\t\u0003Y\u0003\"\u0002\u0018\u0001\t\u0003z\u0003bB\u001e\u0001\u0005\u0004%I\u0001\u0010\u0005\u0007\u0001\u0002\u0001\u000b\u0011B\u001f\t\u000b\u0005\u0003A\u0011\u0002\"\t\u000b5\u0003A\u0011\t(\t\u000be\u0003A\u0011\t.\t\u000b)\u0004A\u0011B6\t\u000bu\u0004A\u0011\u0002@\u00037!Kg/\u001a#fY\u0016<\u0017\r^5p]R{7.\u001a8Qe>4\u0018\u000eZ3s\u0015\taQ\"\u0001\u0005tK\u000e,(/\u001b;z\u0015\tqq\"\u0001\u0003iSZ,'B\u0001\t\u0012\u0003\r\u0019\u0018\u000f\u001c\u0006\u0003%M\tQa\u001d9be.T!\u0001F\u000b\u0002\r\u0005\u0004\u0018m\u00195f\u0015\u00051\u0012aA8sON!\u0001\u0001\u0007\u0010$!\tIB$D\u0001\u001b\u0015\u0005Y\u0012!B:dC2\f\u0017BA\u000f\u001b\u0005\u0019\te.\u001f*fMB\u0011q$I\u0007\u0002A)\u0011A\"E\u0005\u0003E\u0001\u0012Q\u0004S1e_>\u0004H)\u001a7fO\u0006$\u0018n\u001c8U_.,g\u000e\u0015:pm&$WM\u001d\t\u0003I\u001dj\u0011!\n\u0006\u0003ME\t\u0001\"\u001b8uKJt\u0017\r\\\u0005\u0003Q\u0015\u0012q\u0001T8hO&tw-\u0001\u0004=S:LGOP\u0002\u0001)\u0005a\u0003CA\u0017\u0001\u001b\u0005Y\u0011aC:feZL7-\u001a(b[\u0016,\u0012\u0001\r\t\u0003car!A\r\u001c\u0011\u0005MRR\"\u0001\u001b\u000b\u0005UR\u0013A\u0002\u001fs_>$h(\u0003\u000285\u00051\u0001K]3eK\u001aL!!\u000f\u001e\u0003\rM#(/\u001b8h\u0015\t9$$A\u000bdY\u0006\u001c8OT8u\r>,h\u000eZ#se>\u00148\u000b\u001e:\u0016\u0003u\u0002\"\u0001\n \n\u0005}*#AE'fgN\fw-Z,ji\"\u001cuN\u001c;fqR\fac\u00197bgNtu\u000e\u001e$pk:$WI\u001d:peN#(\u000fI\u0001\tQ&4XmQ8oMR\u00111i\u0013\t\u0003\t&k\u0011!\u0012\u0006\u0003\r\u001e\u000bAaY8oM*\u0011\u0001jE\u0001\u0007Q\u0006$wn\u001c9\n\u0005)+%!D\"p]\u001aLw-\u001e:bi&|g\u000eC\u0003M\u000b\u0001\u00071)\u0001\u0006iC\u0012|w\u000e]\"p]\u001a\f\u0001\u0004Z3mK\u001e\fG/[8o)>\\WM\\:SKF,\u0018N]3e)\ry%\u000b\u0017\t\u00033AK!!\u0015\u000e\u0003\u000f\t{w\u000e\\3b]\")1K\u0002a\u0001)\u0006I1\u000f]1sW\u000e{gN\u001a\t\u0003+Zk\u0011!E\u0005\u0003/F\u0011\u0011b\u00159be.\u001cuN\u001c4\t\u000b13\u0001\u0019A\"\u0002-=\u0014G/Y5o\t\u0016dWmZ1uS>tGk\\6f]N$BaW1cGB\u0019\u0011\u0004\u00180\n\u0005uS\"AB(qi&|g\u000e\u0005\u0002\u001a?&\u0011\u0001M\u0007\u0002\u0005\u0019>tw\rC\u0003M\u000f\u0001\u00071\tC\u0003T\u000f\u0001\u0007A\u000bC\u0003e\u000f\u0001\u0007Q-A\u0003de\u0016$7\u000f\u0005\u0002gQ6\tqM\u0003\u0002\r\u000f&\u0011\u0011n\u001a\u0002\f\u0007J,G-\u001a8uS\u0006d7/\u0001\u0007e_\u0006\u001b(+Z1m+N,'/\u0006\u0002m_R\u0011Q\u000e\u001f\t\u0003]>d\u0001\u0001B\u0003q\u0011\t\u0007\u0011OA\u0001U#\t\u0011X\u000f\u0005\u0002\u001ag&\u0011AO\u0007\u0002\b\u001d>$\b.\u001b8h!\tIb/\u0003\u0002x5\t\u0019\u0011I\\=\t\reDA\u00111\u0001{\u0003\t1g\u000eE\u0002\u001aw6L!\u0001 \u000e\u0003\u0011q\u0012\u0017P\\1nKz\n!\u0002^8lK:\fE.[1t+\u0005y\b\u0003BA\u0001\u0003\u000fi!!a\u0001\u000b\u0007\u0005\u0015q)\u0001\u0002j_&!\u0011\u0011BA\u0002\u0005\u0011!V\r\u001f;")
/* loaded from: input_file:org/apache/spark/sql/hive/security/HiveDelegationTokenProvider.class */
public class HiveDelegationTokenProvider implements HadoopDelegationTokenProvider, Logging {
    private final MessageWithContext classNotFoundErrorStr;
    private transient Logger org$apache$spark$internal$Logging$$log_;

    public String logName() {
        return Logging.logName$(this);
    }

    public Logger log() {
        return Logging.log$(this);
    }

    public Logging.LogStringContext LogStringContext(StringContext stringContext) {
        return Logging.LogStringContext$(this, stringContext);
    }

    public void withLogContext(Map<String, String> map, Function0<BoxedUnit> function0) {
        Logging.withLogContext$(this, map, function0);
    }

    public void logInfo(Function0<String> function0) {
        Logging.logInfo$(this, function0);
    }

    public void logInfo(LogEntry logEntry) {
        Logging.logInfo$(this, logEntry);
    }

    public void logInfo(LogEntry logEntry, Throwable th) {
        Logging.logInfo$(this, logEntry, th);
    }

    public void logDebug(Function0<String> function0) {
        Logging.logDebug$(this, function0);
    }

    public void logDebug(LogEntry logEntry) {
        Logging.logDebug$(this, logEntry);
    }

    public void logDebug(LogEntry logEntry, Throwable th) {
        Logging.logDebug$(this, logEntry, th);
    }

    public void logTrace(Function0<String> function0) {
        Logging.logTrace$(this, function0);
    }

    public void logTrace(LogEntry logEntry) {
        Logging.logTrace$(this, logEntry);
    }

    public void logTrace(LogEntry logEntry, Throwable th) {
        Logging.logTrace$(this, logEntry, th);
    }

    public void logWarning(Function0<String> function0) {
        Logging.logWarning$(this, function0);
    }

    public void logWarning(LogEntry logEntry) {
        Logging.logWarning$(this, logEntry);
    }

    public void logWarning(LogEntry logEntry, Throwable th) {
        Logging.logWarning$(this, logEntry, th);
    }

    public void logError(Function0<String> function0) {
        Logging.logError$(this, function0);
    }

    public void logError(LogEntry logEntry) {
        Logging.logError$(this, logEntry);
    }

    public void logError(LogEntry logEntry, Throwable th) {
        Logging.logError$(this, logEntry, th);
    }

    public void logInfo(Function0<String> function0, Throwable th) {
        Logging.logInfo$(this, function0, th);
    }

    public void logDebug(Function0<String> function0, Throwable th) {
        Logging.logDebug$(this, function0, th);
    }

    public void logTrace(Function0<String> function0, Throwable th) {
        Logging.logTrace$(this, function0, th);
    }

    public void logWarning(Function0<String> function0, Throwable th) {
        Logging.logWarning$(this, function0, th);
    }

    public void logError(Function0<String> function0, Throwable th) {
        Logging.logError$(this, function0, th);
    }

    public boolean isTraceEnabled() {
        return Logging.isTraceEnabled$(this);
    }

    public void initializeLogIfNecessary(boolean z) {
        Logging.initializeLogIfNecessary$(this, z);
    }

    public boolean initializeLogIfNecessary(boolean z, boolean z2) {
        return Logging.initializeLogIfNecessary$(this, z, z2);
    }

    public boolean initializeLogIfNecessary$default$2() {
        return Logging.initializeLogIfNecessary$default$2$(this);
    }

    public void initializeForcefully(boolean z, boolean z2) {
        Logging.initializeForcefully$(this, z, z2);
    }

    public Logger org$apache$spark$internal$Logging$$log_() {
        return this.org$apache$spark$internal$Logging$$log_;
    }

    public void org$apache$spark$internal$Logging$$log__$eq(Logger logger) {
        this.org$apache$spark$internal$Logging$$log_ = logger;
    }

    public String serviceName() {
        return "hive";
    }

    /* JADX INFO: Access modifiers changed from: private */
    public MessageWithContext classNotFoundErrorStr() {
        return this.classNotFoundErrorStr;
    }

    private Configuration hiveConf(Configuration configuration) {
        try {
            return new HiveConf(configuration, HiveConf.class);
        } catch (Throwable th) {
            if (th != null && NonFatal$.MODULE$.apply(th)) {
                logWarning(() -> {
                    return "Fail to create Hive Configuration";
                }, th);
                return configuration;
            }
            if (!(th instanceof NoClassDefFoundError)) {
                throw th;
            }
            logWarning(LogEntry$.MODULE$.from(() -> {
                return this.classNotFoundErrorStr();
            }), (NoClassDefFoundError) th);
            return configuration;
        }
    }

    public boolean delegationTokensRequired(SparkConf sparkConf, Configuration configuration) {
        return UserGroupInformation.getCurrentUser().getCredentials().getToken(tokenAlias()) == null && UserGroupInformation.isSecurityEnabled() && StringOps$.MODULE$.nonEmpty$extension(Predef$.MODULE$.augmentString(hiveConf(configuration).getTrimmed("hive.metastore.uris", ""))) && (SparkHadoopUtil$.MODULE$.get().isProxyUser(UserGroupInformation.getCurrentUser()) || !(Utils$.MODULE$.isClientMode(sparkConf) || sparkConf.contains(package$.MODULE$.KEYTAB())));
    }

    public Option<Object> obtainDelegationTokens(Configuration configuration, SparkConf sparkConf, Credentials credentials) {
        None$ none$;
        try {
            try {
                Configuration hiveConf = hiveConf(configuration);
                String str = "hive.metastore.kerberos.principal";
                String trimmed = hiveConf.getTrimmed("hive.metastore.kerberos.principal", "");
                Predef$.MODULE$.require(StringOps$.MODULE$.nonEmpty$extension(Predef$.MODULE$.augmentString(trimmed)), () -> {
                    return "Hive principal " + str + " undefined";
                });
                String trimmed2 = hiveConf.getTrimmed("hive.metastore.uris", "");
                Predef$.MODULE$.require(StringOps$.MODULE$.nonEmpty$extension(Predef$.MODULE$.augmentString(trimmed2)), () -> {
                    return "Hive metastore uri undefined";
                });
                UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
                logDebug(() -> {
                    return "Getting Hive delegation token for " + currentUser.getUserName() + " against " + trimmed + " at " + trimmed2;
                });
                doAsRealUser(() -> {
                    String delegationToken = HiveClientImpl$.MODULE$.getHive(hiveConf).getDelegationToken(currentUser.getUserName(), trimmed);
                    Token token = new Token();
                    token.decodeFromUrlString(delegationToken);
                    this.logDebug(() -> {
                        return "Get Token from hive metastore: " + token.toString();
                    });
                    credentials.addToken(this.tokenAlias(), token);
                });
                none$ = None$.MODULE$;
            } catch (Throwable th) {
                if (th != null && NonFatal$.MODULE$.apply(th)) {
                    logWarning(LogEntry$.MODULE$.from(() -> {
                        return Utils$.MODULE$.createFailedToGetTokenMessage(this.serviceName(), th);
                    }));
                    none$ = None$.MODULE$;
                }
                if (!(th instanceof NoClassDefFoundError)) {
                    throw th;
                }
                logWarning(LogEntry$.MODULE$.from(() -> {
                    return this.classNotFoundErrorStr();
                }));
                none$ = None$.MODULE$;
            }
            return none$;
        } finally {
            Utils$.MODULE$.tryLogNonFatalError(() -> {
                Hive.closeCurrent();
            });
        }
    }

    private <T> T doAsRealUser(final Function0<T> function0) {
        UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
        try {
            final HiveDelegationTokenProvider hiveDelegationTokenProvider = null;
            return (T) ((UserGroupInformation) Option$.MODULE$.apply(currentUser.getRealUser()).getOrElse(() -> {
                return currentUser;
            })).doAs(new PrivilegedExceptionAction<T>(hiveDelegationTokenProvider, function0) { // from class: org.apache.spark.sql.hive.security.HiveDelegationTokenProvider$$anon$1
                private final Function0 fn$1;

                @Override // java.security.PrivilegedExceptionAction
                public T run() {
                    return (T) this.fn$1.apply();
                }

                {
                    this.fn$1 = function0;
                }
            });
        } catch (UndeclaredThrowableException e) {
            throw ((Throwable) Option$.MODULE$.apply(e.getCause()).getOrElse(() -> {
                return e;
            }));
        }
    }

    private Text tokenAlias() {
        return new Text("hive.server2.delegation.token");
    }

    public HiveDelegationTokenProvider() {
        Logging.$init$(this);
        this.classNotFoundErrorStr = LogStringContext(new StringContext(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{"You are attempting to use the ", ", "}))).log(ScalaRunTime$.MODULE$.wrapRefArray(new MDC[]{new MDC(LogKeys$CLASS_NAME$.MODULE$, getClass().getCanonicalName())})).$plus(LogStringContext(new StringContext(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{"but your Spark distribution is not built with Hive libraries."}))).log(Nil$.MODULE$));
    }
}
