package org.opensearch.hadoop.mr.security;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.lang.reflect.UndeclaredThrowableException;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collections;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.Token;
import org.opensearch.hadoop.OpenSearchHadoopException;
import org.opensearch.hadoop.cfg.Settings;
import org.opensearch.hadoop.security.OpenSearchToken;
import org.opensearch.hadoop.security.User;
import org.opensearch.hadoop.security.UserProvider;
import org.opensearch.hadoop.serialization.OpenSearchHadoopSerializationException;
import org.opensearch.hadoop.util.ClusterName;

/* loaded from: input_file:org/opensearch/hadoop/mr/security/HadoopUser.class */
public class HadoopUser implements User {
    private final Settings providerSettings;
    private final UserGroupInformation ugi;

    public HadoopUser(UserGroupInformation userGroupInformation, Settings settings) {
        this.ugi = userGroupInformation;
        this.providerSettings = settings;
    }

    @Override // org.opensearch.hadoop.security.User
    public <T> T doAs(PrivilegedAction<T> privilegedAction) {
        return (T) this.ugi.doAs(privilegedAction);
    }

    @Override // org.opensearch.hadoop.security.User
    public <T> T doAs(PrivilegedExceptionAction<T> privilegedExceptionAction) throws OpenSearchHadoopException {
        try {
            return (T) this.ugi.doAs(privilegedExceptionAction);
        } catch (IOException e) {
            throw new OpenSearchHadoopException(e);
        } catch (InterruptedException e2) {
            throw new OpenSearchHadoopException(e2);
        } catch (UndeclaredThrowableException e3) {
            throw new OpenSearchHadoopException(e3);
        }
    }

    @Override // org.opensearch.hadoop.security.User
    public OpenSearchToken getOpenSearchToken(String str) {
        if (str == null || str.equals("") || str.equals(ClusterName.UNNAMED_CLUSTER_NAME)) {
            return null;
        }
        for (Token token : this.ugi.getTokens()) {
            if (OpenSearchTokenIdentifier.KIND_NAME.equals(token.getKind()) && str.equals(token.getService().toString())) {
                try {
                    return new OpenSearchToken(new DataInputStream(new ByteArrayInputStream(token.getPassword())));
                } catch (IOException e) {
                    throw new OpenSearchHadoopSerializationException("Could not read token information from UGI", e);
                }
            }
        }
        return null;
    }

    @Override // org.opensearch.hadoop.security.User
    public Iterable<OpenSearchToken> getAllOpenSearchTokens() {
        ArrayList arrayList = new ArrayList();
        for (Token token : this.ugi.getTokens()) {
            if (OpenSearchTokenIdentifier.KIND_NAME.equals(token.getKind())) {
                try {
                    arrayList.add(new OpenSearchToken(new DataInputStream(new ByteArrayInputStream(token.getPassword()))));
                } catch (IOException e) {
                    throw new OpenSearchHadoopSerializationException("Could not read token information from UGI", e);
                }
            }
        }
        return Collections.unmodifiableList(arrayList);
    }

    @Override // org.opensearch.hadoop.security.User
    public void addOpenSearchToken(OpenSearchToken openSearchToken) {
        this.ugi.addToken(OpenSearchTokenIdentifier.createTokenFrom(openSearchToken));
    }

    @Override // org.opensearch.hadoop.security.User
    public String getUserName() {
        return this.ugi.getUserName();
    }

    @Override // org.opensearch.hadoop.security.User
    public KerberosPrincipal getKerberosPrincipal() {
        if (this.ugi.hasKerberosCredentials()) {
            return new KerberosPrincipal(this.ugi.getUserName());
        }
        return null;
    }

    @Override // org.opensearch.hadoop.security.User
    public boolean isProxyUser() {
        return UserGroupInformation.AuthenticationMethod.PROXY.equals(this.ugi.getAuthenticationMethod());
    }

    @Override // org.opensearch.hadoop.security.User
    public UserProvider getRealUserProvider() {
        HadoopRealUserProvider hadoopRealUserProvider = new HadoopRealUserProvider();
        hadoopRealUserProvider.setSettings(this.providerSettings);
        return hadoopRealUserProvider;
    }

    public String toString() {
        return "HadoopUser{ugi=" + this.ugi + '}';
    }
}
