package com.cloudera.navigator.audit.hdfs;

import com.cloudera.navigator.NavigatorParams;
import com.cloudera.navigator.audit.AuditEventPipeline;
import com.cloudera.navigator.audit.AuditPipeline;
import com.cloudera.navigator.audit.AuditPluginConstants;
import com.cloudera.navigator.audit.UserInfo;
import com.cloudera.navigator.ipc.AvroHdfsAuditEvent;
import com.cloudera.navigator.shaded.jackson.annotation.JsonProperty;
import java.io.File;
import java.net.InetAddress;
import java.util.concurrent.atomic.AtomicReference;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileStatus;
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenSecretManager;
import org.apache.hadoop.security.UserGroupInformation;

/* loaded from: input_file:com/cloudera/navigator/audit/hdfs/HdfsAuditLoggerImpl.class */
public class HdfsAuditLoggerImpl {
    private AuditEventPipeline pipeline;
    private boolean setOwnerNewTargetB;
    private Log LOG = LogFactory.getLog(HdfsAuditLoggerImpl.class);
    private final AtomicReference<String> serviceName = new AtomicReference<>();

    /* JADX INFO: Access modifiers changed from: package-private */
    public void initialize(Configuration configuration) {
        String str = configuration.get(NavigatorParams.NAVIGATOR_CLIENT_CONFIG_PATH, JsonProperty.USE_DEFAULT_NAME);
        if (configuration.get(NavigatorParams.NAVIGATOR_CLIENT_CONFIG_AUDIT_HDFS_SETOWNER, "false").equals("true")) {
            this.setOwnerNewTargetB = true;
        }
        this.pipeline = AuditPipeline.setUpProcessingPipeline(AuditPluginConstants.HDFS_AUDIT_LOGGER, new File(str), new HdfsShutdownHook(), new AuditPipeline.ServiceNameUpdateStage(this.serviceName));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void logAuditEvent(boolean z, String str, InetAddress inetAddress, String str2, String str3, String str4, FileStatus fileStatus, UserGroupInformation userGroupInformation, DelegationTokenSecretManager delegationTokenSecretManager) {
        if (this.serviceName.get() == null) {
            return;
        }
        String str5 = null;
        String str6 = str2;
        if (fileStatus != null) {
            str5 = fileStatus.getPermission().toString();
            if (this.setOwnerNewTargetB) {
                str6 = str6.concat(": ").concat(fileStatus.getOwner());
            }
        }
        UserInfo userInfo = new UserInfo(str);
        this.pipeline.feedEvent(AvroHdfsAuditEvent.newBuilder().setServiceName(this.serviceName.get()).setEventTime(System.currentTimeMillis()).setAllowed(z).setUsername(userInfo.getUsername()).setImpersonator(userInfo.getImpersonator()).setIpAddress(inetAddress != null ? inetAddress.getHostAddress() : null).setOperation(str6).setSrc(str3).setDest(str4).setPermissions(str5).setDelegationTokenId(getDelegationTokenId(userGroupInformation, delegationTokenSecretManager)).build());
    }

    private String getDelegationTokenId(UserGroupInformation userGroupInformation, DelegationTokenSecretManager delegationTokenSecretManager) {
        if (userGroupInformation == null || delegationTokenSecretManager == null || userGroupInformation.getAuthenticationMethod() != UserGroupInformation.AuthenticationMethod.TOKEN) {
            return null;
        }
        for (DelegationTokenIdentifier delegationTokenIdentifier : userGroupInformation.getTokenIdentifiers()) {
            if (delegationTokenIdentifier instanceof DelegationTokenIdentifier) {
                return delegationTokenSecretManager.getTokenTrackingId(delegationTokenIdentifier);
            }
        }
        return null;
    }
}
