package com.datastax.bdp.cassandra.auth;

import com.datastax.bdp.gms.VersionBarrier;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOError;
import java.io.IOException;
import java.time.Duration;
import java.util.Arrays;
import java.util.Optional;
import java.util.Random;
import java.util.UUID;
import org.apache.cassandra.db.ConsistencyLevel;
import org.apache.cassandra.exceptions.RequestExecutionException;
import org.apache.cassandra.exceptions.RequestValidationException;
import org.apache.cassandra.utils.UUIDGen;
import org.apache.hadoop.security.token.SecretManager;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier;
import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager;
import org.apache.hadoop.security.token.delegation.DelegationKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/datastax/bdp/cassandra/auth/CassandraDelegationTokenSecretManager.class */
public class CassandraDelegationTokenSecretManager extends AbstractDelegationTokenSecretManager<CassandraDelegationTokenIdentifier> {
    private static final Logger logger;
    public static final Random randomGen;
    private final long tokenMaxLifetime;
    private final long tokenRenewInterval;
    private ConsistencyLevel consistencyLevelRead;
    private ConsistencyLevel consistencyLevelWrite;
    private DigestTokensManager digestTokensManager;
    static final /* synthetic */ boolean $assertionsDisabled;

    public CassandraDelegationTokenSecretManager(long j, long j2, long j3, DigestTokensManager digestTokensManager) {
        super(j, j2, j3, Duration.ofHours(1L).toMillis());
        this.consistencyLevelRead = ConsistencyLevel.QUORUM;
        this.consistencyLevelWrite = ConsistencyLevel.QUORUM;
        this.digestTokensManager = digestTokensManager;
        this.tokenMaxLifetime = j2;
        this.tokenRenewInterval = j3;
    }

    /* renamed from: createIdentifier, reason: merged with bridge method [inline-methods] */
    public CassandraDelegationTokenIdentifier m8createIdentifier() {
        return new CassandraDelegationTokenIdentifier();
    }

    public synchronized void addKey(DelegationKey delegationKey) throws IOException {
    }

    public synchronized CassandraDelegationTokenIdentifier cancelToken(Token<CassandraDelegationTokenIdentifier> token, String str) throws IOException {
        CassandraDelegationTokenIdentifier identifier = getIdentifier(token);
        cancelToken(identifier);
        return identifier;
    }

    public synchronized void cancelToken(CassandraDelegationTokenIdentifier cassandraDelegationTokenIdentifier) throws IOException {
        try {
            this.digestTokensManager.deleteTokenById(cassandraDelegationTokenIdentifier.getBytes(), this.consistencyLevelWrite);
            logger.info("Removed token: " + cassandraDelegationTokenIdentifier);
        } catch (RequestExecutionException | RequestValidationException | VersionBarrier.UpgradingException e) {
            throw new IOException("Failed to delete token: " + cassandraDelegationTokenIdentifier, e);
        }
    }

    public synchronized byte[] createPassword(CassandraDelegationTokenIdentifier cassandraDelegationTokenIdentifier) {
        try {
            long currentTimeMillis = System.currentTimeMillis();
            cassandraDelegationTokenIdentifier.setIssueDate(currentTimeMillis);
            cassandraDelegationTokenIdentifier.setMaxDate(currentTimeMillis + this.tokenMaxLifetime);
            cassandraDelegationTokenIdentifier.setMasterKeyId(randomGen.nextInt());
            cassandraDelegationTokenIdentifier.setSequenceNumber(randomGen.nextInt());
            byte[] bytes = cassandraDelegationTokenIdentifier.getBytes();
            byte[] decompose = UUIDGen.decompose(UUID.randomUUID());
            this.digestTokensManager.createToken(bytes, decompose, Duration.ofMillis(this.tokenMaxLifetime), this.consistencyLevelWrite);
            logger.info("Created token: " + cassandraDelegationTokenIdentifier);
            return decompose;
        } catch (RequestExecutionException | RequestValidationException | VersionBarrier.UpgradingException e) {
            throw new IOError(e);
        }
    }

    public synchronized boolean isRunning() {
        return true;
    }

    public synchronized long renewToken(Token<CassandraDelegationTokenIdentifier> token, String str) throws IOException {
        return renewToken(getIdentifier(token));
    }

    public synchronized long renewToken(CassandraDelegationTokenIdentifier cassandraDelegationTokenIdentifier) throws IOException {
        try {
            this.digestTokensManager.updateToken(cassandraDelegationTokenIdentifier.getBytes(), retrievePassword(cassandraDelegationTokenIdentifier), Duration.ofMillis(this.tokenMaxLifetime), this.consistencyLevelWrite);
            logger.info("Renewed token: " + cassandraDelegationTokenIdentifier);
            return System.currentTimeMillis() + this.tokenRenewInterval;
        } catch (RequestExecutionException | RequestValidationException | VersionBarrier.UpgradingException e) {
            throw new IOException("Failed to renew token: " + cassandraDelegationTokenIdentifier, e);
        }
    }

    public synchronized byte[] retrievePassword(CassandraDelegationTokenIdentifier cassandraDelegationTokenIdentifier) throws SecretManager.InvalidToken {
        Optional<byte[]> passwordById = this.digestTokensManager.getPasswordById(cassandraDelegationTokenIdentifier.getBytes(), this.consistencyLevelRead);
        if (passwordById.isPresent()) {
            return passwordById.get();
        }
        throw new SecretManager.InvalidToken(cassandraDelegationTokenIdentifier.toString());
    }

    public synchronized CassandraDelegationTokenIdentifier getIdentifier(Token<CassandraDelegationTokenIdentifier> token) throws IOException {
        CassandraDelegationTokenIdentifier cassandraDelegationTokenIdentifier = new CassandraDelegationTokenIdentifier();
        cassandraDelegationTokenIdentifier.readFields(new DataInputStream(new ByteArrayInputStream(token.getIdentifier())));
        return cassandraDelegationTokenIdentifier;
    }

    public synchronized void startThreads() throws IOException {
    }

    public synchronized void stopThreads() {
    }

    public synchronized void verifyToken(CassandraDelegationTokenIdentifier cassandraDelegationTokenIdentifier, byte[] bArr) throws SecretManager.InvalidToken {
        byte[] retrievePassword = retrievePassword(cassandraDelegationTokenIdentifier);
        if (!$assertionsDisabled && (retrievePassword == null || retrievePassword.length <= 0)) {
            throw new AssertionError();
        }
        if (!Arrays.equals(bArr, retrievePassword)) {
            throw new SecretManager.InvalidToken(cassandraDelegationTokenIdentifier.toString());
        }
    }

    /* renamed from: cancelToken, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ AbstractDelegationTokenIdentifier m7cancelToken(Token token, String str) throws IOException {
        return cancelToken((Token<CassandraDelegationTokenIdentifier>) token, str);
    }

    static {
        $assertionsDisabled = !CassandraDelegationTokenSecretManager.class.desiredAssertionStatus();
        logger = LoggerFactory.getLogger(CassandraDelegationTokenSecretManager.class);
        randomGen = new Random(System.currentTimeMillis());
    }
}
