package alluxio.proxy.s3;

import alluxio.AlluxioURI;
import alluxio.client.WriteType;
import alluxio.client.file.FileSystem;
import alluxio.client.file.URIStatus;
import alluxio.conf.AlluxioConfiguration;
import alluxio.conf.Configuration;
import alluxio.conf.PropertyKey;
import alluxio.exception.AccessControlException;
import alluxio.exception.AlluxioException;
import alluxio.exception.DirectoryNotEmptyException;
import alluxio.exception.ExceptionMessage;
import alluxio.exception.FileAlreadyExistsException;
import alluxio.exception.FileDoesNotExistException;
import alluxio.exception.InvalidPathException;
import alluxio.grpc.DeletePOptions;
import alluxio.grpc.SetAttributePOptions;
import alluxio.grpc.WritePType;
import alluxio.proto.journal.File;
import alluxio.s3.S3AuditContext;
import alluxio.s3.S3Constants;
import alluxio.s3.S3ErrorCode;
import alluxio.s3.S3ErrorResponse;
import alluxio.s3.S3Exception;
import alluxio.s3.TaggingData;
import alluxio.s3.auth.Authenticator;
import alluxio.s3.auth.AwsAuthInfo;
import alluxio.s3.signature.AwsSignatureProcessor;
import alluxio.security.User;
import alluxio.security.authentication.AuthType;
import alluxio.security.authentication.AuthenticatedClientUser;
import alluxio.security.user.ServerUserState;
import alluxio.util.SecurityUtils;
import alluxio.util.ThreadUtils;
import com.fasterxml.jackson.dataformat.xml.XmlMapper;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.cache.Cache;
import com.google.common.util.concurrent.RateLimiter;
import com.google.protobuf.ByteString;
import java.io.IOException;
import java.io.Serializable;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.TreeMap;
import java.util.regex.Pattern;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:alluxio/proxy/s3/S3RestUtils.class */
public final class S3RestUtils {
    private static final Logger LOG = LoggerFactory.getLogger(S3RestUtils.class);
    public static final String ALLUXIO_USER_HEADER = "Alluxio-Fs-User";
    public static final String MULTIPART_UPLOADS_METADATA_DIR = "/.alluxio_s3_api_metadata/uploads";

    /* renamed from: alluxio.proxy.s3.S3RestUtils$2, reason: invalid class name */
    /* loaded from: input_file:alluxio/proxy/s3/S3RestUtils$2.class */
    static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$javax$ws$rs$core$Response$Status = new int[Response.Status.values().length];

        static {
            try {
                $SwitchMap$javax$ws$rs$core$Response$Status[Response.Status.OK.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$ws$rs$core$Response$Status[Response.Status.ACCEPTED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$javax$ws$rs$core$Response$Status[Response.Status.NO_CONTENT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    /* loaded from: input_file:alluxio/proxy/s3/S3RestUtils$RestCallable.class */
    public interface RestCallable<T> {
        T call() throws S3Exception;
    }

    /* loaded from: input_file:alluxio/proxy/s3/S3RestUtils$URIStatusNameComparator.class */
    public static class URIStatusNameComparator implements Comparator<URIStatus>, Serializable {
        private static final long serialVersionUID = 733270188584155565L;

        @Override // java.util.Comparator
        public int compare(URIStatus uRIStatus, URIStatus uRIStatus2) {
            return Long.compare(Long.parseLong(uRIStatus.getName()), Long.parseLong(uRIStatus2.getName()));
        }
    }

    public static <T> Response call(String str, RestCallable<T> restCallable) {
        try {
            if (SecurityUtils.isSecurityEnabled(Configuration.global()) && AuthenticatedClientUser.get(Configuration.global()) == null) {
                AuthenticatedClientUser.set(ServerUserState.global().getUser().getName());
            }
            try {
                T call = restCallable.call();
                if (call == null) {
                    return Response.ok().build();
                }
                if (call instanceof Response) {
                    return (Response) call;
                }
                if (!(call instanceof Response.Status)) {
                    return Response.ok(new XmlMapper().writeValueAsString(call)).build();
                }
                switch (AnonymousClass2.$SwitchMap$javax$ws$rs$core$Response$Status[((Response.Status) call).ordinal()]) {
                    case 1:
                        return Response.ok().build();
                    case 2:
                        return Response.accepted().build();
                    case 3:
                        return Response.noContent().build();
                    default:
                        return S3ErrorResponse.createErrorResponse(new S3Exception("Response status is invalid", str, S3ErrorCode.INTERNAL_ERROR), str);
                }
            } catch (Exception e) {
                String message = e.getMessage();
                if (StringUtils.isEmpty(message)) {
                    message = ThreadUtils.formatStackTrace(e);
                }
                LOG.warn("Error invoking REST endpoint for {}:\n{}", str, message);
                return S3ErrorResponse.createErrorResponse(e, str);
            }
        } catch (IOException e2) {
            LOG.warn("Failed to set AuthenticatedClientUser in REST service handler: {}", e2.toString());
            return S3ErrorResponse.createErrorResponse(new S3Exception(e2, str, S3ErrorCode.INTERNAL_ERROR), str);
        }
    }

    public static String getMultipartTemporaryDirForObject(String str, String str2, String str3) {
        return str + "/" + str2 + "_" + str3;
    }

    public static String getMultipartMetaFilepathForUploadId(String str) {
        return "/.alluxio_s3_api_metadata/uploads/" + str;
    }

    public static String toS3Date(long j) {
        return new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'").format(new Date(j));
    }

    public static String parsePath(String str) {
        return str.replace(":", "/");
    }

    public static S3Exception toBucketS3Exception(Exception exc, String str) {
        try {
            throw exc;
        } catch (InvalidPathException e) {
            return new S3Exception(e, str, S3ErrorCode.INVALID_BUCKET_NAME);
        } catch (Exception e2) {
            return new S3Exception(e2, str, S3ErrorCode.INTERNAL_ERROR);
        } catch (FileAlreadyExistsException e3) {
            return new S3Exception(e3, str, S3ErrorCode.BUCKET_ALREADY_EXISTS);
        } catch (AccessControlException e4) {
            return new S3Exception(e4, str, S3ErrorCode.ACCESS_DENIED_ERROR);
        } catch (FileDoesNotExistException e5) {
            return new S3Exception(e5, str, S3ErrorCode.NO_SUCH_BUCKET);
        } catch (DirectoryNotEmptyException e6) {
            return new S3Exception(e6, str, S3ErrorCode.BUCKET_NOT_EMPTY);
        } catch (S3Exception e7) {
            e7.setResource(str);
            return e7;
        }
    }

    public static S3Exception toBucketS3Exception(Exception exc, String str, @Nonnull S3AuditContext s3AuditContext) {
        if (exc instanceof AccessControlException) {
            s3AuditContext.setAllowed(false);
        }
        s3AuditContext.setSucceeded(false);
        return toBucketS3Exception(exc, str);
    }

    public static S3Exception toObjectS3Exception(Exception exc, String str) {
        try {
            throw exc;
        } catch (DirectoryNotEmptyException e) {
            return new S3Exception(e, str, S3ErrorCode.PRECONDITION_FAILED);
        } catch (S3Exception e2) {
            e2.setResource(str);
            return e2;
        } catch (AccessControlException e3) {
            return new S3Exception(e3, str, S3ErrorCode.ACCESS_DENIED_ERROR);
        } catch (FileDoesNotExistException e4) {
            return Pattern.matches(ExceptionMessage.BUCKET_DOES_NOT_EXIST.getMessage(new Object[]{".*"}), e4.getMessage()) ? new S3Exception(e4, str, S3ErrorCode.NO_SUCH_BUCKET) : new S3Exception(e4, str, S3ErrorCode.NO_SUCH_KEY);
        } catch (Exception e5) {
            return new S3Exception(e5, str, S3ErrorCode.INTERNAL_ERROR);
        }
    }

    public static S3Exception toObjectS3Exception(Exception exc, String str, @Nonnull S3AuditContext s3AuditContext) {
        if (exc instanceof AccessControlException) {
            s3AuditContext.setAllowed(false);
        }
        s3AuditContext.setSucceeded(false);
        return toObjectS3Exception(exc, str);
    }

    public static void checkPathIsAlluxioDirectory(FileSystem fileSystem, String str, @Nullable S3AuditContext s3AuditContext) throws S3Exception {
        try {
            if (fileSystem.getStatus(new AlluxioURI(str)).isFolder()) {
            } else {
                throw new FileDoesNotExistException(ExceptionMessage.BUCKET_DOES_NOT_EXIST.getMessage(new Object[]{str}));
            }
        } catch (Exception e) {
            if (s3AuditContext == null) {
                throw toBucketS3Exception(e, str);
            }
            throw toBucketS3Exception(e, str, s3AuditContext);
        }
    }

    public static void checkPathIsAlluxioDirectory(FileSystem fileSystem, String str, @Nullable S3AuditContext s3AuditContext, Cache<String, Boolean> cache) throws S3Exception {
        if (Boolean.TRUE.equals(cache.getIfPresent(str))) {
            return;
        }
        checkPathIsAlluxioDirectory(fileSystem, str, s3AuditContext);
        cache.put(str, true);
    }

    public static List<URIStatus> checkStatusesForUploadId(FileSystem fileSystem, FileSystem fileSystem2, AlluxioURI alluxioURI, String str) throws AlluxioException, IOException {
        URIStatus status = fileSystem2.getStatus(alluxioURI);
        if (status.isFolder()) {
            return new ArrayList(Arrays.asList(status, fileSystem.getStatus(new AlluxioURI(getMultipartMetaFilepathForUploadId(str)))));
        }
        throw new RuntimeException("Alluxio UFS contains a file at intended multipart-upload directory path: " + alluxioURI);
    }

    public static void deleteExistObject(FileSystem fileSystem, AlluxioURI alluxioURI) throws IOException, AlluxioException {
        deleteExistObject(fileSystem, alluxioURI, false);
    }

    public static void deleteExistObject(FileSystem fileSystem, AlluxioURI alluxioURI, Boolean bool) throws IOException, AlluxioException {
        if (fileSystem.exists(alluxioURI)) {
            if (bool.booleanValue()) {
                fileSystem.delete(alluxioURI, DeletePOptions.newBuilder().setRecursive(true).build());
            } else {
                fileSystem.delete(alluxioURI);
            }
            LOG.info("Remove exist object: {} for overwrite.", alluxioURI.getPath());
        }
    }

    public static WritePType getS3WriteType() {
        return Configuration.getEnum(PropertyKey.PROXY_S3_WRITE_TYPE, WriteType.class).toProto();
    }

    public static boolean isAuthenticationEnabled(AlluxioConfiguration alluxioConfiguration) {
        return alluxioConfiguration.getBoolean(PropertyKey.S3_REST_AUTHENTICATION_ENABLED);
    }

    public static FileSystem createFileSystemForUser(String str, FileSystem fileSystem) {
        if (str == null) {
            return fileSystem;
        }
        Subject subject = new Subject();
        subject.getPrincipals().add(new User(str));
        return FileSystem.Factory.get(subject, Configuration.global());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r7v0, types: [java.util.Map<java.lang.String, java.lang.String>, java.util.Map] */
    public static Map<String, String> fromMultiValueToSingleValueMap(MultivaluedMap<String, String> multivaluedMap, boolean z) {
        ?? treeMap = z ? new TreeMap(new Comparator<String>() { // from class: alluxio.proxy.s3.S3RestUtils.1
            @Override // java.util.Comparator
            public int compare(String str, String str2) {
                return str.compareToIgnoreCase(str2);
            }
        }) : new HashMap();
        for (String str : multivaluedMap.keySet()) {
            treeMap.put(str, multivaluedMap.getFirst(str));
        }
        return treeMap;
    }

    public static MediaType deserializeContentType(Map<String, byte[]> map) {
        MediaType mediaType = MediaType.APPLICATION_OCTET_STREAM_TYPE;
        if (map == null) {
            return mediaType;
        }
        if (map.containsKey("s3_content_type")) {
            String str = new String(map.get("s3_content_type"), S3Constants.HEADER_CHARSET);
            if (!str.isEmpty()) {
                mediaType = MediaType.valueOf(str);
            }
        }
        return mediaType;
    }

    public static TaggingData deserializeTags(Map<String, byte[]> map) throws IOException {
        if (map == null || !map.containsKey("s3_tags")) {
            return null;
        }
        return TaggingData.deserialize(map.get("s3_tags"));
    }

    public static TaggingData deserializeTaggingHeader(String str, int i) throws S3Exception {
        if (str == null || str.isEmpty()) {
            return null;
        }
        if (i > 0 && str.getBytes(S3Constants.TAGGING_CHARSET).length > i) {
            throw new S3Exception(S3ErrorCode.METADATA_TOO_LARGE);
        }
        HashMap hashMap = new HashMap();
        for (String str2 : str.split("&")) {
            String[] split = str2.split("=");
            if (split.length > 1) {
                hashMap.put(split[0], split[1]);
            } else {
                hashMap.put(split[0], "");
            }
        }
        return new TaggingData().addTags(hashMap);
    }

    public static void setEntityTag(FileSystem fileSystem, AlluxioURI alluxioURI, String str) throws IOException, AlluxioException {
        fileSystem.setAttribute(alluxioURI, SetAttributePOptions.newBuilder().putXattr("s3_etag", ByteString.copyFrom(str, S3Constants.XATTR_STR_CHARSET)).setXattrUpdateStrategy(File.XAttrUpdateStrategy.UNION_REPLACE).build());
    }

    public static String getEntityTag(URIStatus uRIStatus) {
        String contentHash = uRIStatus.getFileInfo().getContentHash();
        if (StringUtils.isNotEmpty(contentHash)) {
            return contentHash;
        }
        return null;
    }

    public static String getUser(String str, ContainerRequestContext containerRequestContext) throws S3Exception {
        if (isAuthenticationEnabled(Configuration.global())) {
            return getUserFromSignature(containerRequestContext);
        }
        try {
            return getUserFromAuthorization(str, Configuration.global());
        } catch (RuntimeException e) {
            throw new S3Exception(new S3ErrorCode(S3ErrorCode.INTERNAL_ERROR.getCode(), e.getMessage(), S3ErrorCode.INTERNAL_ERROR.getStatus()));
        }
    }

    public static String getUser(String str, HttpServletRequest httpServletRequest) throws S3Exception {
        if (isAuthenticationEnabled(Configuration.global())) {
            return getUserFromSignature(httpServletRequest);
        }
        try {
            return getUserFromAuthorization(str, Configuration.global());
        } catch (RuntimeException e) {
            throw new S3Exception(new S3ErrorCode(S3ErrorCode.INTERNAL_ERROR.getCode(), e.getMessage(), S3ErrorCode.INTERNAL_ERROR.getStatus()));
        }
    }

    private static String getUserFromSignature(HttpServletRequest httpServletRequest) throws S3Exception {
        AwsSignatureProcessor awsSignatureProcessor = new AwsSignatureProcessor(httpServletRequest);
        Authenticator create = Authenticator.Factory.create(Configuration.global());
        AwsAuthInfo authInfo = awsSignatureProcessor.getAuthInfo();
        if (create.isAuthenticated(authInfo)) {
            return authInfo.getAccessID();
        }
        throw new S3Exception(authInfo.toString(), S3ErrorCode.INVALID_IDENTIFIER);
    }

    private static String getUserFromSignature(ContainerRequestContext containerRequestContext) throws S3Exception {
        AwsSignatureProcessor awsSignatureProcessor = new AwsSignatureProcessor(containerRequestContext);
        Authenticator create = Authenticator.Factory.create(Configuration.global());
        AwsAuthInfo authInfo = awsSignatureProcessor.getAuthInfo();
        if (create.isAuthenticated(authInfo)) {
            return authInfo.getAccessID();
        }
        throw new S3Exception(authInfo.toString(), S3ErrorCode.INVALID_IDENTIFIER);
    }

    @VisibleForTesting
    public static String getUserFromAuthorization(String str, AlluxioConfiguration alluxioConfiguration) throws S3Exception {
        if (alluxioConfiguration.get(PropertyKey.SECURITY_AUTHENTICATION_TYPE) == AuthType.NOSASL) {
            return null;
        }
        if (str == null) {
            throw new S3Exception("The authorization header that you provided is not valid.", S3ErrorCode.AUTHORIZATION_HEADER_MALFORMED);
        }
        String[] split = str.split(" ");
        if (split.length < 2) {
            throw new S3Exception("The authorization header that you provided is not valid.", S3ErrorCode.AUTHORIZATION_HEADER_MALFORMED);
        }
        String[] split2 = split[1].split("=");
        if (split2.length < 2 || !StringUtils.equals("Credential", split2[0]) || !split2[1].contains("/")) {
            throw new S3Exception("The authorization header that you provided is not valid.", S3ErrorCode.AUTHORIZATION_HEADER_MALFORMED);
        }
        String trim = split2[1].substring(0, split2[1].indexOf("/")).trim();
        if (trim.isEmpty()) {
            throw new S3Exception("The authorization header that you provided is not valid.", S3ErrorCode.AUTHORIZATION_HEADER_MALFORMED);
        }
        return trim;
    }

    public static void populateContentTypeInXAttr(Map<String, ByteString> map, String str) {
        if (str != null) {
            map.put("s3_content_type", ByteString.copyFrom(str, S3Constants.HEADER_CHARSET));
        }
    }

    public static void populateTaggingInXAttr(Map<String, ByteString> map, String str, S3AuditContext s3AuditContext, String str2) throws S3Exception {
        TaggingData taggingData = null;
        if (str != null) {
            try {
                taggingData = deserializeTaggingHeader(str, S3Handler.MAX_HEADER_METADATA_SIZE);
            } catch (IllegalArgumentException e) {
                S3Exception cause = e.getCause();
                if (!(cause instanceof S3Exception)) {
                    throw toObjectS3Exception(e, str2, s3AuditContext);
                }
                throw toObjectS3Exception(cause, str2, s3AuditContext);
            }
        }
        LOG.debug("tagData={}", taggingData);
        if (taggingData != null) {
            try {
                map.put("s3_tags", TaggingData.serialize(taggingData));
            } catch (Exception e2) {
                throw toObjectS3Exception(e2, str2, s3AuditContext);
            }
        }
    }

    public static Optional<RateLimiter> createRateLimiter(long j) {
        return j <= 0 ? Optional.empty() : Optional.of(RateLimiter.create(j));
    }

    private S3RestUtils() {
    }
}
