package org.apache.ranger.raz.processor.abfsutil;

import com.azure.storage.blob.models.UserDelegationKey;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.dataformat.xml.XmlMapper;
import com.sun.jersey.api.client.ClientResponse;
import java.io.IOException;
import java.security.PrivilegedAction;
import java.text.SimpleDateFormat;
import java.time.Instant;
import java.time.OffsetDateTime;
import java.time.format.DateTimeFormatter;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.ranger.audit.provider.MiscUtil;
import org.apache.ranger.raz.intg.RangerRazErrorCode;
import org.apache.ranger.raz.intg.RangerRazException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/ranger/raz/processor/abfsutil/AbfsTokenProvider.class */
public class AbfsTokenProvider {
    private static final Logger LOG = LoggerFactory.getLogger(AbfsTokenProvider.class);
    private static final String REST_SSL_FILE_LOC = "ranger.raz.policy.rest.ssl.config.file";
    private static final String REST_CLIENT_CONN_TIMEOUT_MS = "ranger.raz.rest.client.read.timeoutMs";
    private static final String REST_CLIENT_READ_TIMEOUT_MS = "ranger.raz.rest.client.read.timeoutMs";
    private static final String REST_IDBROKER_INIT_RETRY_INTERVAL_SECONDS = "ranger.raz.rest.idbroker.init.retry.interval.seconds";
    private static final String AZURE_STORAGE_ACCOUNT = "ranger.raz.azure.storage.accounts";
    private static final String USER_DELEGATION_KEY_VALIDITY_MINUTES = "ranger.raz.azure.userdelegationkey.validity.minutes";
    private static final String KNOX_DELEGATION_TOKEN_EXPIRY_TIME_PRECHECK_IN_SECONDS = "ranger.raz.knox.delegation.token.expiry.time.precheck.in.seconds";
    private static final String AZURE_ACCESSTOKEN_EXPIRY_TIME_PRECHECK_IN_SECONDS = "ranger.raz.azure.access.token.expiry.time.precheck.in.seconds";
    private static final String USE_USER_DELEGATION_KEY_FROM_CONFIG = "ranger.raz.azure.use.user.delegation.key.from.config";
    private static final String SAS_EXPIRY_TIME_IN_SECONDS = "ranger.raz.azure.sas.expiry.time.in.seconds";
    private static final String ID_BROKER_HOST_URL = "fs.azure.ext.cab.address";
    private static final String ID_BROKER_API_GET_DELEGATION_TOKEN = "/dt/knoxtoken/api/v1/token";
    private static final String ID_BROKER_API_GET_ACCESS_TOKEN = "/azure-cab/cab/api/v1/credentials";
    private static final String URL_SEPARATOR = "/";
    private static final String STR_ACCESS_TOKEN_EQALS = "acessToken = ";
    private final Configuration conf;
    private final String sslConfigFileName;
    private final int restClientConnTimeOutMs;
    private final int idBrokerInitRetryIntervalSeconds;
    private final int restClientReadTimeOutMs;
    private final int userDelegationKeyValidityMinutes;
    private final boolean useUserDelegationKeyFromConfig;
    private final Map<String, DelegationSASGenerator> dsasGeneratorCache = new ConcurrentHashMap();
    private final Map<String, Object> locks = new ConcurrentHashMap();
    private volatile RESTClient idBrokerClient = null;
    private volatile IdBrokerDelegationToken idBrokerDelegationToken = null;
    private volatile AccessToken accessToken = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/apache/ranger/raz/processor/abfsutil/AbfsTokenProvider$AccessToken.class */
    public class AccessToken {
        private final String accessToken;
        private final String expires_on_inSeconds;
        private final String expires_in_inSeconds;
        private Long accessTokenExpiryTime_inSeconds;

        AccessToken(String str, String str2, String str3) {
            this.accessToken = str;
            this.expires_on_inSeconds = str2;
            this.expires_in_inSeconds = str3;
            if (StringUtils.isNotBlank(this.expires_on_inSeconds)) {
                this.accessTokenExpiryTime_inSeconds = Long.valueOf(Long.parseLong(this.expires_on_inSeconds));
            } else if (StringUtils.isNotBlank(this.expires_in_inSeconds)) {
                this.accessTokenExpiryTime_inSeconds = Long.valueOf(Instant.now().plus(Long.parseLong(this.expires_in_inSeconds), (TemporalUnit) ChronoUnit.SECONDS).getEpochSecond());
            }
        }

        String getAccessToken() {
            return this.accessToken;
        }

        boolean isRenewalRequired() {
            if (this.accessTokenExpiryTime_inSeconds == null) {
                return true;
            }
            return Instant.ofEpochSecond(this.accessTokenExpiryTime_inSeconds.longValue() - AbfsTokenProvider.this.conf.getInt(AbfsTokenProvider.AZURE_ACCESSTOKEN_EXPIRY_TIME_PRECHECK_IN_SECONDS, 10)).isBefore(Instant.now());
        }

        public String toString() {
            StringBuilder sb = new StringBuilder();
            if (this.accessToken != null) {
                sb = sb.append(AbfsTokenProvider.STR_ACCESS_TOKEN_EQALS);
                sb.append("********");
            }
            return sb.toString();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/apache/ranger/raz/processor/abfsutil/AbfsTokenProvider$IdBrokerDelegationToken.class */
    public class IdBrokerDelegationToken {
        private final String delegationToken;
        private final Date expiryDate;

        IdBrokerDelegationToken(String str, Date date) {
            this.delegationToken = str;
            this.expiryDate = date;
        }

        String getDelegationToken() {
            return this.delegationToken;
        }

        boolean isRenewalRequired() {
            return Long.valueOf(MiscUtil.getUTCDateForLocalDate(new Date()).getTime()).longValue() - ((long) (AbfsTokenProvider.this.conf.getInt(AbfsTokenProvider.KNOX_DELEGATION_TOKEN_EXPIRY_TIME_PRECHECK_IN_SECONDS, 10) * 1000)) >= Long.valueOf(MiscUtil.getUTCDateForLocalDate(this.expiryDate).getTime()).longValue();
        }
    }

    /* loaded from: input_file:org/apache/ranger/raz/processor/abfsutil/AbfsTokenProvider$IdBrokerInitTask.class */
    private class IdBrokerInitTask implements Runnable {
        private IdBrokerInitTask() {
        }

        @Override // java.lang.Runnable
        public void run() {
            AbfsTokenProvider.LOG.info("==> IdBrokerInitTask.run()");
            try {
                AbfsTokenProvider.this.idBrokerClient = buildIdBrokerClient();
                initIdBrokerDelegationToken();
                AbfsTokenProvider.this.accessToken = AbfsTokenProvider.this.getAccessToken();
                initUserDelegationKeyCache();
            } catch (Exception e) {
                AbfsTokenProvider.LOG.error("IdBroker initialization failed. Aborting", e);
            }
            AbfsTokenProvider.LOG.info("<== IdBrokerInitTask.run()");
        }

        private RESTClient buildIdBrokerClient() {
            String str = AbfsTokenProvider.this.conf.get(AbfsTokenProvider.ID_BROKER_HOST_URL);
            String trim = StringUtils.isEmpty(str) ? AbfsHttpConstants.EMPTY_STRING : str.trim();
            if (trim.endsWith("/")) {
                trim = trim.substring(0, trim.length() - 1);
            }
            RESTClient rESTClient = new RESTClient(trim, AbfsTokenProvider.this.sslConfigFileName, AbfsTokenProvider.this.conf);
            rESTClient.setRestClientConnTimeOutMs(AbfsTokenProvider.this.restClientConnTimeOutMs);
            rESTClient.setRestClientReadTimeOutMs(AbfsTokenProvider.this.restClientReadTimeOutMs);
            return rESTClient;
        }

        private void initIdBrokerDelegationToken() throws InterruptedException {
            AbfsTokenProvider.LOG.info("==> IdBrokerInitTask.initIdBrokerDelegationToken()");
            int i = 1;
            while (true) {
                try {
                    AbfsTokenProvider.this.idBrokerDelegationToken = AbfsTokenProvider.this.fetchIdbrokerDelegationToken();
                } catch (Throwable th) {
                    AbfsTokenProvider.LOG.warn("initIdBrokerDelegationToken() failed", th);
                }
                if (AbfsTokenProvider.this.idBrokerDelegationToken != null) {
                    AbfsTokenProvider.LOG.info("<== IdBrokerInitTask.initIdBrokerDelegationToken()");
                    return;
                } else {
                    AbfsTokenProvider.LOG.info("Failed to get IdBroker delegation token. Will retry after {} seconds. attempt# {}", Integer.valueOf(AbfsTokenProvider.this.idBrokerInitRetryIntervalSeconds), Integer.valueOf(i));
                    Thread.sleep(AbfsTokenProvider.this.idBrokerInitRetryIntervalSeconds * 1000);
                    i++;
                }
            }
        }

        private void initUserDelegationKeyCache() throws IOException {
            AbfsTokenProvider.LOG.info("==> IdBrokerInitTask.initUserDelegationKeyCache()");
            String[] strings = AbfsTokenProvider.this.conf.getStrings(AbfsTokenProvider.AZURE_STORAGE_ACCOUNT);
            if (strings != null) {
                for (String str : strings) {
                    DelegationSASGenerator delegationSASGenerator = AbfsTokenProvider.this.getDelegationSASGenerator(str);
                    if (delegationSASGenerator != null) {
                        AbfsTokenProvider.this.cacheDelegationSASGenerator(delegationSASGenerator);
                    }
                }
            }
            AbfsTokenProvider.LOG.info("<== IdBrokerInitTask.initUserDelegationKeyCache()");
        }
    }

    public AbfsTokenProvider(Configuration configuration) throws RangerRazException {
        if (configuration == null) {
            throw new RangerRazException(RangerRazErrorCode.INTERNAL_ERROR, new Object[]{"AbfsTokenProvider(): conf is null"});
        }
        if (LOG.isDebugEnabled()) {
            Iterator it = configuration.iterator();
            while (it.hasNext()) {
                Map.Entry entry = (Map.Entry) it.next();
                LOG.debug("AbfsTokenProvider: " + ((String) entry.getKey()) + AbfsHttpConstants.EQUAL + ((String) entry.getValue()));
            }
        }
        this.conf = configuration;
        this.sslConfigFileName = configuration.get(REST_SSL_FILE_LOC);
        this.restClientConnTimeOutMs = configuration.getInt("ranger.raz.rest.client.read.timeoutMs", 120000);
        this.restClientReadTimeOutMs = configuration.getInt("ranger.raz.rest.client.read.timeoutMs", 30000);
        this.idBrokerInitRetryIntervalSeconds = configuration.getInt(REST_IDBROKER_INIT_RETRY_INTERVAL_SECONDS, 15);
        this.userDelegationKeyValidityMinutes = configuration.getInt(USER_DELEGATION_KEY_VALIDITY_MINUTES, 10080);
        this.useUserDelegationKeyFromConfig = configuration.getBoolean(USE_USER_DELEGATION_KEY_FROM_CONFIG, false);
        Thread thread = new Thread(new IdBrokerInitTask());
        thread.setDaemon(true);
        thread.start();
    }

    public DelegationSASGenerator getDelegationSASGenerator(String str) throws IOException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> AbfsTokenProvider.getDelegationSASGenerator(storageAccount=" + str + ")");
        }
        DelegationSASGenerator delegationSASGenerator = this.dsasGeneratorCache.get(str);
        if (delegationSASGenerator == null || isUserDelegationKey_renewalRequired(delegationSASGenerator.getUserDelegationKey())) {
            Object obj = this.locks.get(str);
            if (obj == null) {
                synchronized (this.locks) {
                    obj = this.locks.get(str);
                    if (obj == null) {
                        obj = new Object();
                        this.locks.put(str, obj);
                    }
                }
            }
            synchronized (obj) {
                delegationSASGenerator = this.dsasGeneratorCache.get(str);
                if (delegationSASGenerator == null || isUserDelegationKey_renewalRequired(delegationSASGenerator.getUserDelegationKey())) {
                    UserDelegationKey fetchUserDelegationKey = fetchUserDelegationKey(str);
                    if (fetchUserDelegationKey != null) {
                        delegationSASGenerator = new DelegationSASGenerator(str, fetchUserDelegationKey);
                        cacheDelegationSASGenerator(delegationSASGenerator);
                    } else if (delegationSASGenerator != null) {
                        LOG.warn("Failed to get userDelegationKey for storageAccount:[" + str + "}, will continue to use existing key");
                    } else {
                        LOG.warn("Failed to get userDelegationKey for storageAccount:[" + str + "}y");
                    }
                }
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuilder().append("<== AbfsTokenProvider.getDelegationSASGenerator(storageAccount=").append(str).append(") : ").append(delegationSASGenerator).toString() == null ? " failed" : "successful");
        }
        return delegationSASGenerator;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AccessToken getAccessToken() throws IOException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> AbfsTokenProvider.getAccessToken()");
        }
        AccessToken accessToken = this.accessToken;
        if (accessToken == null || accessToken.isRenewalRequired()) {
            IdBrokerDelegationToken idBrokerDelegationToken = getIdBrokerDelegationToken();
            if (idBrokerDelegationToken == null) {
                LOG.error("Failed to get IdBroker delegationToken");
            } else {
                synchronized (this) {
                    accessToken = this.accessToken;
                    if (accessToken == null || accessToken.isRenewalRequired()) {
                        AccessToken fetchAccessToken = fetchAccessToken(idBrokerDelegationToken);
                        this.accessToken = fetchAccessToken;
                        accessToken = fetchAccessToken;
                    }
                }
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuilder().append("<== AbfsTokenProvider.getAccessToken() : ").append(accessToken).toString() == null ? "failed" : "successful");
        }
        return accessToken;
    }

    private IdBrokerDelegationToken getIdBrokerDelegationToken() throws IOException {
        IdBrokerDelegationToken idBrokerDelegationToken;
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> AbfsTokenProvider.getIdBrokerDelegationToken()");
        }
        if (this.idBrokerDelegationToken == null || this.idBrokerDelegationToken.isRenewalRequired()) {
            synchronized (this) {
                if (this.idBrokerDelegationToken == null || this.idBrokerDelegationToken.isRenewalRequired()) {
                    IdBrokerDelegationToken fetchIdbrokerDelegationToken = fetchIdbrokerDelegationToken();
                    this.idBrokerDelegationToken = fetchIdbrokerDelegationToken;
                    idBrokerDelegationToken = fetchIdbrokerDelegationToken;
                } else {
                    idBrokerDelegationToken = this.idBrokerDelegationToken;
                }
            }
        } else {
            idBrokerDelegationToken = this.idBrokerDelegationToken;
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuilder().append("<== AbfsTokenProvider.getIdBrokerDelegationToken() : ").append(idBrokerDelegationToken).toString() == null ? "failed" : "successful");
        }
        return idBrokerDelegationToken;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public IdBrokerDelegationToken fetchIdbrokerDelegationToken() throws IOException {
        LOG.info("==> AbfsTokenProvider.fetchIdbrokerDelegationToken()");
        IdBrokerDelegationToken idBrokerDelegationToken = null;
        ObjectMapper objectMapper = new ObjectMapper();
        String str = (String) parseResponse(executeAction(UserGroupInformation.getCurrentUser(), getIdBrokerResponse(ID_BROKER_API_GET_DELEGATION_TOKEN, null, null, null)), String.class);
        if (str == null) {
            LOG.error("Null response object received from IDBroker");
        } else if (StringUtils.isNotEmpty(str)) {
            JsonNode readTree = objectMapper.readTree(str);
            if (readTree != null) {
                idBrokerDelegationToken = new IdBrokerDelegationToken(readTree.findValue("access_token").asText(), new Date(new Long(readTree.findValue("expires_in").asText()).longValue()));
            } else {
                LOG.error("Cannot parse response string received from IDBroker:[" + str + "]");
            }
        } else {
            LOG.error("Empty response string received from IDBroker");
        }
        LOG.info("<== AbfsTokenProvider.fetchIdbrokerDelegationToken(): {}", idBrokerDelegationToken == null ? " failed" : "successful");
        return idBrokerDelegationToken;
    }

    private AccessToken fetchAccessToken(IdBrokerDelegationToken idBrokerDelegationToken) throws IOException {
        LOG.info("==> AbfsTokenProvider.fetchAccessToken()");
        AccessToken accessToken = null;
        ObjectMapper objectMapper = new ObjectMapper();
        UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", AbfsUtilConstants.HEADER_BEARER + idBrokerDelegationToken.getDelegationToken());
        String str = (String) parseResponse(executeAction(currentUser, getIdBrokerResponse(ID_BROKER_API_GET_ACCESS_TOKEN, hashMap, null, null)), String.class);
        if (str == null) {
            LOG.error("fetchAccessToken(): null response received from IDBroker");
        } else if (StringUtils.isNotEmpty(str)) {
            JsonNode readTree = objectMapper.readTree(str);
            if (readTree != null) {
                String asText = readTree.findValue("access_token").asText();
                String str2 = AbfsHttpConstants.EMPTY_STRING;
                JsonNode findValue = readTree.findValue("expires_in");
                if (findValue != null) {
                    str2 = findValue.asText();
                }
                accessToken = new AccessToken(asText, readTree.findValue("expires_on").asText(), str2);
            } else {
                LOG.error("fetchAccessToken(): failed to parse response received from IDBroker: {}", str);
            }
        } else {
            LOG.error("fetchAccessToken(): empty response received from IDBroker");
        }
        LOG.info("<== AbfsTokenProvider.fetchAccessToken(): {}", accessToken == null ? " failed" : "successful");
        return accessToken;
    }

    private UserDelegationKey fetchUserDelegationKey(String str) throws IOException {
        LOG.info("==> AbfsTokeProvider.fetchUserDelegationKey(storageAccount={})", str);
        UserDelegationKey userDelegationKey = null;
        RESTClient buildAzureClient = buildAzureClient(str);
        AccessToken accessToken = getAccessToken();
        if (accessToken != null && !accessToken.isRenewalRequired()) {
            userDelegationKey = fetchUserDelegationKeyWithAccessToken(buildAzureClient, AbfsHttpConstants.EMPTY_STRING, accessToken);
        } else if (this.useUserDelegationKeyFromConfig) {
            userDelegationKey = getUserDelegationKeyFromConfig(str);
        }
        if (userDelegationKey == null) {
            LOG.error("fetchUserDelegationKey(storageAccount={}): invalid accessToken");
        }
        LOG.info("<== AbfsTokeProvider.fetchUserDelegationKey(storageAccount={}): {}", str, userDelegationKey == null ? "failed" : "successful");
        return userDelegationKey;
    }

    private UserDelegationKey getUserDelegationKeyFromConfig(String str) {
        String str2 = this.conf.get("ranger.raz.adls.user.delegation.key." + str + ".oid");
        String str3 = this.conf.get("ranger.raz.adls.user.delegation.key." + str + ".tid");
        String str4 = this.conf.get("ranger.raz.adls.user.delegation.key." + str + ".service");
        String str5 = this.conf.get("ranger.raz.adls.user.delegation.key." + str + ".start");
        String str6 = this.conf.get("ranger.raz.adls.user.delegation.key." + str + ".expiry");
        String str7 = this.conf.get("ranger.raz.adls.user.delegation.key." + str + ".version", AbfsUtilConstants.API_VERSION);
        return new UserDelegationKey().setSignedObjectId(str2).setSignedTenantId(str3).setSignedService(str4).setSignedStart(OffsetDateTime.parse(str5, DateTimeFormatter.ISO_OFFSET_DATE_TIME)).setSignedExpiry(OffsetDateTime.parse(str6, DateTimeFormatter.ISO_OFFSET_DATE_TIME)).setSignedVersion(str7).setValue(this.conf.get("ranger.raz.adls.user.delegation.key." + str + ".value"));
    }

    private UserDelegationKey fetchUserDelegationKeyWithAccessToken(RESTClient rESTClient, String str, AccessToken accessToken) throws IOException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> AbfsTokenProvider.fetchUserDelegationKeyWithAccessToken() relativeUrl =" + str, "AccessToken =" + accessToken);
        }
        UserDelegationKey userDelegationKey = null;
        UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        String expiryKeyInfo = getExpiryKeyInfo(this.userDelegationKeyValidityMinutes);
        hashMap.put("Authorization", AbfsUtilConstants.HEADER_BEARER + accessToken.getAccessToken());
        hashMap.put(AbfsUtilConstants.HEADER_XML_VERSION, AbfsUtilConstants.API_VERSION);
        hashMap2.put(AbfsUtilConstants.ABFS_PARAM_TYPE, AbfsUtilConstants.ABFS_PARAM_TYPE_VALUE);
        hashMap2.put(AbfsUtilConstants.ABFS_PARAM_COMP, AbfsUtilConstants.ABFS_PARAM_COMP_VALUE);
        String str2 = (String) parseResponse(executeAction(currentUser, getAzureClientResponse(rESTClient, str, hashMap, hashMap2, expiryKeyInfo)), String.class);
        if (str2 == null) {
            LOG.error("Null response object received from Azure");
        } else if (StringUtils.isNotEmpty(str2)) {
            JsonNode readTree = new XmlMapper().readTree(str2.getBytes());
            if (readTree != null) {
                String asText = readTree.findValue("SignedOid").asText();
                String asText2 = readTree.findValue("SignedTid").asText();
                String asText3 = readTree.findValue("SignedService").asText();
                String asText4 = readTree.findValue("SignedStart").asText();
                String asText5 = readTree.findValue("SignedExpiry").asText();
                String asText6 = readTree.findValue("SignedVersion").asText();
                userDelegationKey = new UserDelegationKey().setSignedObjectId(asText).setSignedTenantId(asText2).setSignedService(asText3).setSignedStart(OffsetDateTime.parse(asText4, DateTimeFormatter.ISO_OFFSET_DATE_TIME)).setSignedExpiry(OffsetDateTime.parse(asText5, DateTimeFormatter.ISO_OFFSET_DATE_TIME)).setSignedVersion(asText6).setValue(readTree.findValue("Value").asText());
            } else {
                LOG.error("Cannot parse response string received from Azure:[" + str2 + "]");
            }
        } else {
            LOG.error("Empty response string received from Azure");
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== AbfsTokenProvider.fetchUserDelegationKeyWithAccessToken()");
        }
        return userDelegationKey;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cacheDelegationSASGenerator(DelegationSASGenerator delegationSASGenerator) {
        String storageAccountName = delegationSASGenerator.getStorageAccountName();
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> AbfsTokenProvider.setUserDelegationKeyToCache()" + storageAccountName);
        }
        synchronized (this) {
            if (this.dsasGeneratorCache.get(storageAccountName) == null) {
                this.dsasGeneratorCache.put(storageAccountName, delegationSASGenerator);
            } else {
                this.dsasGeneratorCache.replace(storageAccountName, delegationSASGenerator);
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("<== AbfsTokenProvider.setUserDelegationKeyToCache()" + storageAccountName);
        }
    }

    boolean isUserDelegationKey_renewalRequired(UserDelegationKey userDelegationKey) {
        long userDelegationKeyexpiryTime_inSeconds = getUserDelegationKeyexpiryTime_inSeconds(userDelegationKey.getSignedExpiry());
        long sasExpiryTime_inSeconds = getSasExpiryTime_inSeconds();
        boolean z = userDelegationKeyexpiryTime_inSeconds <= sasExpiryTime_inSeconds * 2;
        if (LOG.isDebugEnabled()) {
            LOG.debug("AdlsGen2RazProcessor.isUserDelegationKey_renewalRequired(): {} , sasExpiryTime_inSeconds: {} , userDelegationKeyexpiryTime_inSeconds : {}", new Object[]{Boolean.valueOf(z), Long.valueOf(sasExpiryTime_inSeconds), Long.valueOf(userDelegationKeyexpiryTime_inSeconds)});
        }
        return z;
    }

    private long getUserDelegationKeyexpiryTime_inSeconds(OffsetDateTime offsetDateTime) {
        return offsetDateTime.toEpochSecond() - OffsetDateTime.now().toEpochSecond();
    }

    private long getSasExpiryTime_inSeconds() {
        long j = this.conf.getInt(SAS_EXPIRY_TIME_IN_SECONDS, SASGenerator.ONE_HOUR_IN_SECONDS);
        return j <= 0 ? 3600L : j;
    }

    private PrivilegedAction<ClientResponse> getIdBrokerResponse(String str, Map<String, String> map, Map<String, String> map2, Object obj) {
        return () -> {
            if (this.idBrokerClient == null) {
                return null;
            }
            try {
                return this.idBrokerClient.get(str, map, map2);
            } catch (Exception e) {
                LOG.error("AbfsTokenProvider.getIdBrokerResponse() failed", e);
                return null;
            }
        };
    }

    private static PrivilegedAction<ClientResponse> getAzureClientResponse(RESTClient rESTClient, String str, Map<String, String> map, Map<String, String> map2, Object obj) {
        return () -> {
            if (rESTClient == null) {
                return null;
            }
            try {
                return rESTClient.post(str, map, map2, obj);
            } catch (Exception e) {
                LOG.error("AbfsTokenProvider.getAzureClientResponse() failed", e);
                return null;
            }
        };
    }

    private static ClientResponse executeAction(UserGroupInformation userGroupInformation, PrivilegedAction<ClientResponse> privilegedAction) {
        return (ClientResponse) userGroupInformation.doAs(privilegedAction);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private static <T> T parseResponse(ClientResponse clientResponse, Class<T> cls) {
        T t = null;
        if (clientResponse == null || clientResponse.getStatus() != 200) {
            LOG.error("failed to parse ClientResponse {}", clientResponse);
        } else {
            t = clientResponse.getEntity(cls);
        }
        return t;
    }

    private static String getExpiryKeyInfo(int i) {
        Date uTCDateForLocalDate = MiscUtil.getUTCDateForLocalDate(new Date());
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(uTCDateForLocalDate);
        calendar.add(12, i);
        String format = String.format("<KeyInfo><Expiry>%s</Expiry></KeyInfo>", new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'").format(calendar.getTime()));
        if (LOG.isDebugEnabled()) {
            LOG.debug("getExpiryKeyInfo({}): ret={}", Integer.valueOf(i), format);
        }
        return format;
    }

    private RESTClient buildAzureClient(String str) {
        String format = String.format(AbfsUtilConstants.ABFS_USER_DELEGATION_KEY_PROVIDER, str);
        if (StringUtils.isNotEmpty(format)) {
            format = format.trim();
        }
        RESTClient rESTClient = new RESTClient(format, this.sslConfigFileName, this.conf);
        rESTClient.setRestClientConnTimeOutMs(this.restClientConnTimeOutMs);
        rESTClient.setRestClientReadTimeOutMs(this.restClientReadTimeOutMs);
        return rESTClient;
    }
}
