package oracle.hadoop.sql.authz.sentry;

import com.google.common.annotations.VisibleForTesting;
import java.io.File;
import java.net.URISyntaxException;
import java.net.URL;
import oracle.hadoop.sql.JXADException;
import oracle.hadoop.sql.authz.Authorizables;
import oracle.hadoop.sql.authz.AuthzConf;
import oracle.hadoop.sql.authz.AuthzCore;
import oracle.hadoop.sql.messages.HSqlMessage;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.sentry.binding.hive.conf.HiveAuthzConf;
import org.apache.sentry.service.thrift.SentryServiceClientFactory;

/* loaded from: input_file:oracle/hadoop/sql/authz/sentry/SentryAuthzConf.class */
public final class SentryAuthzConf extends AuthzConf {
    private static final int SENTRY_RETRIES = 5;
    public static final String SENTRY_AUTTHZ_SITE_FILE = "sentry-site.xml";
    public static final String SENTRY_HIVE_SERVER_DEFAULT = "";
    private final Configuration sentryConf;
    private static final URL sentrySiteURL;
    private final HdfsSyncPrefixes hdfsSyncPrefixes;
    private boolean bypassFetchProxy;
    private static final Log LOG = LogFactory.getLog(SentryAuthzConf.class);
    public static final String SENTRY_HIVE_SERVER = HiveAuthzConf.AuthzConfVars.AUTHZ_SERVER_NAME.getVar();

    public Configuration getSentryConf() {
        return this.sentryConf;
    }

    public HdfsSyncPrefixes getSentrySyncPrefixes() {
        return this.hdfsSyncPrefixes;
    }

    public SentryAuthzConf(SentryAuthzConf sentryAuthzConf) {
        super(AuthzConf.AUTHZ_PROVIDER.SENTRY);
        this.bypassFetchProxy = false;
        this.sentryConf = new Configuration(sentryAuthzConf.getSentryConf());
        this.hdfsSyncPrefixes = sentryAuthzConf.getSentrySyncPrefixes();
    }

    public SentryAuthzConf() throws JXADException {
        super(AuthzConf.AUTHZ_PROVIDER.SENTRY);
        this.bypassFetchProxy = false;
        if (null == sentrySiteURL) {
            throw new JXADException(JXADException.CODE.CONFIG, HSqlMessage.MSG.INTERNAL, "sentry-site.xml is null ");
        }
        try {
            File file = new File(sentrySiteURL.toURI());
            if (!file.exists() || !file.isFile()) {
                throw new JXADException(JXADException.CODE.CONFIG, HSqlMessage.MSG.INTERNAL, "sentry-site.xml does not exist");
            }
            this.sentryConf = new Configuration(false);
            this.sentryConf.addResource(sentrySiteURL);
            this.sentryConf.set(SENTRY_HIVE_SERVER, getServerScope(this.sentryConf));
            this.hdfsSyncPrefixes = new HdfsSyncPrefixes(this.sentryConf);
            if (LOG.isDebugEnabled()) {
                LOG.debug("sentry sync prefixes found=" + (!this.hdfsSyncPrefixes.isEmpty()));
            }
        } catch (URISyntaxException e) {
            throw new JXADException(JXADException.CODE.CONFIG, e, HSqlMessage.MSG.INTERNAL, e.getMessage());
        }
    }

    @VisibleForTesting
    public SentryAuthzConf(Configuration configuration) throws JXADException {
        super(AuthzConf.AUTHZ_PROVIDER.SENTRY);
        this.bypassFetchProxy = false;
        if (null == configuration) {
            throw new IllegalArgumentException("null sentry onf");
        }
        this.sentryConf = configuration;
        this.hdfsSyncPrefixes = new HdfsSyncPrefixes(configuration);
    }

    public static String getServerScope(Configuration configuration) {
        if (null == configuration) {
            throw new IllegalArgumentException("null conf");
        }
        return configuration.get(SENTRY_HIVE_SERVER, SENTRY_HIVE_SERVER_DEFAULT);
    }

    private static void verifySentryClient(Configuration configuration) throws JXADException {
        for (int i = 0; i < 5; i++) {
            try {
                try {
                    SentryServiceClientFactory.create(configuration).close();
                    return;
                } catch (Exception e) {
                    return;
                }
            } catch (Exception e2) {
                LOG.debug("SentryServiceClient attempt " + i, e2);
            }
        }
        throw new JXADException(JXADException.CODE.CONFIG, HSqlMessage.MSG.INTERNAL, " Cannot connect to Sentry");
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Code restructure failed: missing block: B:32:0x00e3, code lost:
    
        switch(r15) {
            case 0: goto L60;
            case 1: goto L61;
            case 2: goto L62;
            case 3: goto L63;
            default: goto L68;
        };
     */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x0100, code lost:
    
        r5 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:38:0x0105, code lost:
    
        r6 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:42:0x0113, code lost:
    
        if ("kerberos".equalsIgnoreCase(r0) == false) goto L71;
     */
    /* JADX WARN: Code restructure failed: missing block: B:44:0x0116, code lost:
    
        r8 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:48:0x011c, code lost:
    
        r9 = r0;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void validate() throws oracle.hadoop.sql.JXADException {
        /*
            Method dump skipped, instructions count: 372
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: oracle.hadoop.sql.authz.sentry.SentryAuthzConf.validate():void");
    }

    @Override // oracle.hadoop.sql.authz.AuthzConf
    public boolean skipAuthz(Authorizables.AuthzDatabase authzDatabase) {
        if (null == this.sentryConf || !"default".equals(authzDatabase.getDatabaseName()) || !"false".equalsIgnoreCase(this.sentryConf.get(HiveAuthzConf.AuthzConfVars.AUTHZ_RESTRICT_DEFAULT_DB.getVar()))) {
            return false;
        }
        LOG.debug("skip privilege checks on default db");
        return true;
    }

    @Override // oracle.hadoop.sql.authz.AuthzConf
    public AuthzCore.AuthzBinding getNewBinding(Configuration configuration) throws JXADException {
        if (null == configuration) {
            throw new IllegalArgumentException("null conf");
        }
        return new SentryAuthzBinding(configuration, this, new SentryPolicyEngine(configuration, this, new SentryProviderBackend(configuration, this)));
    }

    @Override // oracle.hadoop.sql.authz.AuthzConf
    public AuthzConf getNewAuthzConf() {
        return new SentryAuthzConf(this);
    }

    public boolean isBypassFetchProxy() {
        return this.bypassFetchProxy;
    }

    public void setBypassFetchProxy(boolean z) {
        this.bypassFetchProxy = z;
    }

    public boolean hasSentrySyncPrefixes() {
        return !this.hdfsSyncPrefixes.isEmpty();
    }

    static {
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        if (contextClassLoader == null) {
            contextClassLoader = SentryAuthzConf.class.getClassLoader();
        }
        sentrySiteURL = contextClassLoader.getResource(SENTRY_AUTTHZ_SITE_FILE);
    }
}
