package org.hawkular.openshift.auth.org.hawkular.openshift.namespace;

import com.datastax.driver.core.Cluster;
import com.datastax.driver.core.JdkSSLOptions;
import com.datastax.driver.core.PreparedStatement;
import com.datastax.driver.core.ResultSet;
import com.datastax.driver.core.Row;
import com.datastax.driver.core.Session;
import com.datastax.driver.core.TokenRange;
import com.datastax.driver.core.exceptions.InvalidQueryException;
import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.net.HttpHeaders;
import groovy.util.ObjectGraphBuilder;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.stream.Stream;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import org.drools.core.RuleBaseConfiguration;
import org.hawkular.metrics.model.param.Tags;
import org.jboss.logging.Logger;

/* loaded from: input_file:WEB-INF/lib/hawkular-openshift-security-filter-0.23.12.Final.jar:org/hawkular/openshift/auth/org/hawkular/openshift/namespace/NamespaceOverrideMapper.class */
public class NamespaceOverrideMapper {
    private static final Logger log = Logger.getLogger(NamespaceOverrideMapper.class);
    private Session session;
    private final String token;
    public Map<String, String> overrides;

    public NamespaceOverrideMapper(String str) {
        log.debug("Creating NamespaceOverrideMapper");
        this.token = str;
        boolean z = false;
        do {
            try {
                this.session = createSession();
                z = true;
            } catch (Exception e) {
                log.info("Could not connect to Cassandra. This could mean Cassandra is not yet up and running. Will try again. Error message: " + e.getLocalizedMessage());
                try {
                    Thread.sleep(2000L);
                } catch (InterruptedException e2) {
                    e2.printStackTrace();
                }
            }
        } while (!z);
        log.debug("Connection to Cassandra establised");
        ensureKeyspace("openshift_metrics");
        if (hasMappingTable()) {
            log.debug("Mapping table already exists in Cassandra. Using this table");
            this.overrides = getMappingTable();
            return;
        }
        log.debug("Mapping table does not exist in Cassandra. Creating Mapping");
        Map<String, String> namespaceMapping = getNamespaceMapping(getTenants());
        log.debug("Namespace mapping: " + namespaceMapping);
        this.overrides = namespaceMapping;
        log.debug("Writing the mapping table to Cassandra");
        writeMappingTable(this.overrides);
        log.debug("Mapping table stored in Cassandra");
    }

    private Session createSession() {
        Cluster.Builder builder = new Cluster.Builder();
        Stream stream = Arrays.stream(System.getProperty("hawkular.metrics.cassandra.nodes", "hawkular-cassandra").split(Tags.LIST_DELIMITER));
        builder.getClass();
        stream.forEach(builder::addContactPoint);
        if (System.getProperty("hawkular.metrics.cassandra.use-ssl") != null && !System.getProperty("hawkular.metrics.cassandra.use-ssl").equals(RuleBaseConfiguration.DEFAULT_SIGN_ON_SERIALIZATION)) {
            try {
                builder.withSSL(JdkSSLOptions.builder().withSSLContext(SSLContext.getDefault()).withCipherSuites(new String[]{"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA"}).build());
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException("SSL support is required but is not available in the JVM.", e);
            }
        }
        Cluster build = builder.build();
        build.init();
        return build.connect();
    }

    private void ensureKeyspace(String str) {
        this.session.execute("CREATE KEYSPACE IF NOT EXISTS " + str + " WITH replication = {'class': 'SimpleStrategy', 'replication_factor': '1'}  AND durable_writes = true;");
    }

    private boolean hasMappingTable() {
        if (this.session.getCluster().getMetadata().getKeyspace("openshift_metrics").getTable("metrics_mappings") == null) {
            log.debug("metrics_mappings table does not exist");
            return false;
        }
        log.debug("metrics_mapping table does exist");
        ResultSet execute = this.session.execute("SELECT project_name FROM openshift_metrics.metrics_mappings WHERE project_id='%succeeded'");
        Row one = execute == null ? null : execute.one();
        if ((one == null ? RuleBaseConfiguration.DEFAULT_SIGN_ON_SERIALIZATION : one.getString("project_name")).equalsIgnoreCase("true")) {
            log.debug("metrics_mapping table succeeded when it was created.");
            return true;
        }
        log.debug("metrics_mapping table was created, but it did not succeed the last time.");
        return false;
    }

    private void createMappingTable() {
        this.session.execute("CREATE TABLE IF NOT EXISTS openshift_metrics.metrics_mappings (project_id text PRIMARY KEY, project_name text) WITH compaction = { 'class' : 'LeveledCompactionStrategy' };");
    }

    private Map<String, String> getMappingTable() {
        PreparedStatement prepare = this.session.prepare("SELECT project_id, project_name FROM openshift_metrics.metrics_mappings WHERE token(project_id) > ? AND token(project_id) <= ?");
        HashMap hashMap = new HashMap();
        if (hasMappingTable()) {
            for (TokenRange tokenRange : getTokenRanges()) {
                this.session.execute(prepare.bind().setToken(0, tokenRange.getStart()).setToken(1, tokenRange.getEnd())).forEach(row -> {
                });
            }
        }
        hashMap.remove("%succeeded");
        return hashMap;
    }

    private Set<TokenRange> getTokenRanges() {
        HashSet hashSet = new HashSet();
        Iterator<TokenRange> it = this.session.getCluster().getMetadata().getTokenRanges().iterator();
        while (it.hasNext()) {
            hashSet.addAll(it.next().unwrap());
        }
        return hashSet;
    }

    private void writeMappingTable(Map<String, String> map) {
        createMappingTable();
        PreparedStatement prepare = this.session.prepare("INSERT INTO openshift_metrics.metrics_mappings (project_id, project_name) VALUES(?,?);");
        for (Map.Entry<String, String> entry : map.entrySet()) {
            boolean z = false;
            for (int i = 0; !z && i < 3; i++) {
                try {
                    log.debugf("trying to write value to metrics_mapping table: %s %s", entry.getKey(), entry.getValue());
                    this.session.execute(prepare.bind(entry.getKey(), entry.getValue()));
                    log.debugf("wrote value to metrics_mapping table", new Object[0]);
                    z = true;
                } catch (Exception e) {
                    log.errorf(e, "Error trying to insert entry into the openshift_metrics.metrics_mappings table (%s:%s). Will retry.", entry.getKey(), entry.getValue());
                    try {
                        Thread.sleep(1000L);
                    } catch (InterruptedException e2) {
                    }
                }
            }
            if (!z) {
                throw new RuntimeException("Could not write all values to the openshift_metrics.metrics_mapping table. Aborting");
            }
        }
        this.session.execute(prepare.bind("%succeeded", "true"));
    }

    private Set<String> getTenants() {
        HashSet hashSet = new HashSet();
        if (!this.session.execute("SELECT * FROM system_schema.keyspaces WHERE keyspace_name = 'hawkular_metrics';").iterator().hasNext()) {
            return hashSet;
        }
        try {
            Iterator<Row> it = this.session.execute("SELECT DISTINCT tenant_id,type from hawkular_metrics.metrics_idx;").iterator();
            while (it.hasNext()) {
                String string = it.next().getString("tenant_id");
                if (!string.startsWith("_") && !string.contains(":")) {
                    hashSet.add(string);
                }
            }
        } catch (InvalidQueryException e) {
            log.warn(e);
        }
        return hashSet;
    }

    private Map<String, String> getNamespaceMapping(Set<String> set) {
        JsonNode jsonNode;
        HashMap hashMap = new HashMap();
        if (set == null || set.isEmpty()) {
            return hashMap;
        }
        try {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(NamespaceHandler.KUBERNETES_MASTER_URL + "/api/v1/namespaces").openConnection();
            httpsURLConnection.setRequestMethod("GET");
            httpsURLConnection.setRequestProperty(HttpHeaders.ACCEPT, "application/json");
            httpsURLConnection.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + this.token);
            httpsURLConnection.setConnectTimeout(0);
            httpsURLConnection.setReadTimeout(0);
            httpsURLConnection.connect();
            int responseCode = httpsURLConnection.getResponseCode();
            if (responseCode == 200) {
                JsonFactory jsonFactory = new JsonFactory();
                jsonFactory.setCodec(new ObjectMapper());
                InputStream inputStream = httpsURLConnection.getInputStream();
                JsonParser createParser = jsonFactory.createParser(inputStream);
                JsonNode jsonNode2 = (JsonNode) createParser.readValueAsTree();
                if (jsonNode2 != null && (jsonNode = jsonNode2.get("items")) != null && jsonNode.isArray()) {
                    Iterator<JsonNode> it = jsonNode.iterator();
                    while (it.hasNext()) {
                        JsonNode jsonNode3 = it.next().get("metadata");
                        String asText = jsonNode3.get(ObjectGraphBuilder.CLASSNAME_RESOLVER_KEY).asText();
                        String asText2 = jsonNode3.get("uid").asText();
                        if (set.contains(asText)) {
                            hashMap.put(asText2, asText);
                        }
                    }
                }
                createParser.close();
                inputStream.close();
            } else {
                log.error("Error getting metadata from the OpenShift Master (" + responseCode + "). This may mean the 'hawkular' user does not have permission to watch projects. Waiting 2 seconds and will try again.");
                try {
                    Thread.sleep(2000L);
                } catch (InterruptedException e) {
                    e.printStackTrace();
                }
            }
        } catch (IOException e2) {
            log.error(e2);
        }
        return hashMap;
    }
}
