package org.apache.storm.utils;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.naming.ConfigurationException;
import org.apache.storm.Config;
import org.apache.storm.shade.org.apache.commons.lang.StringUtils;
import org.apache.storm.shade.org.apache.curator.framework.CuratorFramework;
import org.apache.storm.shade.org.apache.curator.framework.CuratorFrameworkFactory;
import org.apache.storm.shade.org.apache.curator.framework.api.ACLProvider;
import org.apache.storm.shade.org.apache.zookeeper.ClientCnxnSocketNetty;
import org.apache.storm.shade.org.apache.zookeeper.client.ZKClientConfig;
import org.apache.storm.shade.org.apache.zookeeper.common.ClientX509Util;
import org.apache.storm.shade.org.apache.zookeeper.data.ACL;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/storm/utils/CuratorUtils.class */
public class CuratorUtils {
    public static final Logger LOG = LoggerFactory.getLogger(CuratorUtils.class);
    public static final String CLIENT_CNXN = ClientCnxnSocketNetty.class.getName();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/apache/storm/utils/CuratorUtils$SslConf.class */
    public static final class SslConf {
        private final String keystoreLocation;
        private final String keystorePassword;
        private final String truststoreLocation;
        private final String truststorePassword;
        private final Boolean hostnameVerification;

        private SslConf(Map<String, Object> map) {
            this.keystoreLocation = ObjectReader.getString(map.get(Config.STORM_ZOOKEEPER_SSL_KEYSTORE_PATH), "");
            this.keystorePassword = ObjectReader.getString(map.get(Config.STORM_ZOOKEEPER_SSL_KEYSTORE_PASSWORD), "");
            this.truststoreLocation = ObjectReader.getString(map.get(Config.STORM_ZOOKEEPER_SSL_TRUSTSTORE_PATH), "");
            this.truststorePassword = ObjectReader.getString(map.get(Config.STORM_ZOOKEEPER_SSL_TRUSTSTORE_PASSWORD), "");
            this.hostnameVerification = Boolean.valueOf(ObjectReader.getBoolean(map.get(Config.STORM_ZOOKEEPER_SSL_HOSTNAME_VERIFICATION), true));
        }

        public String getKeystoreLocation() {
            return this.keystoreLocation;
        }

        public String getKeystorePassword() {
            return this.keystorePassword;
        }

        public String getTruststoreLocation() {
            return this.truststoreLocation;
        }

        public String getTruststorePassword() {
            return this.truststorePassword;
        }

        public Boolean getHostnameVerification() {
            return this.hostnameVerification;
        }
    }

    public static CuratorFramework newCurator(Map<String, Object> map, List<String> list, Object obj, String str, List<ACL> list2) {
        return newCurator(map, list, obj, str, null, list2);
    }

    public static CuratorFramework newCurator(Map<String, Object> map, List<String> list, Object obj, ZookeeperAuthInfo zookeeperAuthInfo, List<ACL> list2) {
        return newCurator(map, list, obj, "", zookeeperAuthInfo, list2);
    }

    public static CuratorFramework newCurator(Map<String, Object> map, List<String> list, Object obj, String str, ZookeeperAuthInfo zookeeperAuthInfo, final List<ACL> list2) {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next() + ":" + ObjectReader.getInt(obj));
        }
        String str2 = StringUtils.join(arrayList, ",") + str;
        CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.builder();
        setupBuilder(builder, str2, map, zookeeperAuthInfo);
        if (list2 != null) {
            builder.aclProvider(new ACLProvider() { // from class: org.apache.storm.utils.CuratorUtils.1
                public List<ACL> getDefaultAcl() {
                    return list2;
                }

                public List<ACL> getAclForPath(String str3) {
                    return null;
                }
            });
        }
        return builder.build();
    }

    protected static void setupBuilder(CuratorFrameworkFactory.Builder builder, String str, Map<String, Object> map, ZookeeperAuthInfo zookeeperAuthInfo) {
        builder.connectString(str);
        builder.connectionTimeoutMs(ObjectReader.getInt(map.get(Config.STORM_ZOOKEEPER_CONNECTION_TIMEOUT)).intValue()).sessionTimeoutMs(ObjectReader.getInt(map.get(Config.STORM_ZOOKEEPER_SESSION_TIMEOUT)).intValue()).retryPolicy(new StormBoundedExponentialBackoffRetry(ObjectReader.getInt(map.get(Config.STORM_ZOOKEEPER_RETRY_INTERVAL)).intValue(), ObjectReader.getInt(map.get(Config.STORM_ZOOKEEPER_RETRY_INTERVAL_CEILING)).intValue(), ObjectReader.getInt(map.get(Config.STORM_ZOOKEEPER_RETRY_TIMES)).intValue()));
        if (zookeeperAuthInfo != null && zookeeperAuthInfo.scheme != null && zookeeperAuthInfo.payload != null) {
            builder.authorization(zookeeperAuthInfo.scheme, zookeeperAuthInfo.payload);
        }
        if (ObjectReader.getBoolean(map.get(Config.ZK_SSL_ENABLE), false)) {
            SslConf sslConf = new SslConf(map);
            ZKClientConfig zKClientConfig = new ZKClientConfig();
            try {
                setSslConfiguration(zKClientConfig, new ClientX509Util(), sslConf);
                builder.zkClientConfig(zKClientConfig);
            } catch (ConfigurationException e) {
                throw new RuntimeException((Throwable) e);
            }
        }
    }

    private static void setSslConfiguration(ZKClientConfig zKClientConfig, ClientX509Util clientX509Util, SslConf sslConf) throws ConfigurationException {
        validateSslConfiguration(sslConf);
        LOG.info("Configuring the ZooKeeper client to use SSL/TLS encryption for connecting to the ZooKeeper server.");
        LOG.debug("Configuring the ZooKeeper client with {} location: {}.", sslConf.keystoreLocation, Config.STORM_ZOOKEEPER_SSL_KEYSTORE_PATH);
        LOG.debug("Configuring the ZooKeeper client with {} location: {}.", sslConf.truststoreLocation, Config.STORM_ZOOKEEPER_SSL_TRUSTSTORE_PATH);
        zKClientConfig.setProperty("zookeeper.client.secure", "true");
        zKClientConfig.setProperty("zookeeper.clientCnxnSocket", CLIENT_CNXN);
        zKClientConfig.setProperty(clientX509Util.getSslKeystoreLocationProperty(), sslConf.keystoreLocation);
        zKClientConfig.setProperty(clientX509Util.getSslKeystorePasswdProperty(), sslConf.keystorePassword);
        zKClientConfig.setProperty(clientX509Util.getSslTruststoreLocationProperty(), sslConf.truststoreLocation);
        zKClientConfig.setProperty(clientX509Util.getSslTruststorePasswdProperty(), sslConf.truststorePassword);
        zKClientConfig.setProperty(clientX509Util.getSslHostnameVerificationEnabledProperty(), sslConf.hostnameVerification.toString());
    }

    private static void validateSslConfiguration(SslConf sslConf) throws ConfigurationException {
        if (StringUtils.isEmpty(sslConf.getKeystoreLocation())) {
            throw new ConfigurationException("The keystore location parameter is empty for the ZooKeeper client connection.");
        }
        if (StringUtils.isEmpty(sslConf.getKeystorePassword())) {
            throw new ConfigurationException("The keystore password parameter is empty for the ZooKeeper client connection.");
        }
        if (StringUtils.isEmpty(sslConf.getTruststoreLocation())) {
            throw new ConfigurationException("The truststore location parameter is empty for the ZooKeeper client connection.");
        }
        if (StringUtils.isEmpty(sslConf.getTruststorePassword())) {
            throw new ConfigurationException("The truststore password parameter is empty for the ZooKeeper client connection.");
        }
    }

    public static SslConf getSslConf(Map<String, Object> map) {
        return new SslConf(map);
    }

    public static void testSetupBuilder(CuratorFrameworkFactory.Builder builder, String str, Map<String, Object> map, ZookeeperAuthInfo zookeeperAuthInfo) {
        setupBuilder(builder, str, map, zookeeperAuthInfo);
    }

    public static CuratorFramework newCuratorStarted(Map<String, Object> map, List<String> list, Object obj, String str, ZookeeperAuthInfo zookeeperAuthInfo, List<ACL> list2) {
        CuratorFramework newCurator = newCurator(map, list, obj, str, zookeeperAuthInfo, list2);
        LOG.info("Starting Utils Curator...");
        newCurator.start();
        return newCurator;
    }

    public static CuratorFramework newCuratorStarted(Map<String, Object> map, List<String> list, Object obj, ZookeeperAuthInfo zookeeperAuthInfo, List<ACL> list2) {
        CuratorFramework newCurator = newCurator(map, list, obj, zookeeperAuthInfo, list2);
        LOG.info("Starting Utils Curator (2)...");
        newCurator.start();
        return newCurator;
    }
}
