package org.apache.nifi.dbcp.hive;

import java.io.File;
import java.io.IOException;
import java.security.PrivilegedExceptionAction;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import org.apache.commons.dbcp.BasicDataSource;
import org.apache.commons.lang3.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hive.jdbc.HiveDriver;
import org.apache.nifi.annotation.documentation.CapabilityDescription;
import org.apache.nifi.annotation.documentation.Tags;
import org.apache.nifi.annotation.lifecycle.OnDisabled;
import org.apache.nifi.annotation.lifecycle.OnEnabled;
import org.apache.nifi.components.PropertyDescriptor;
import org.apache.nifi.components.ValidationContext;
import org.apache.nifi.components.ValidationResult;
import org.apache.nifi.components.Validator;
import org.apache.nifi.controller.AbstractControllerService;
import org.apache.nifi.controller.ConfigurationContext;
import org.apache.nifi.hadoop.KerberosProperties;
import org.apache.nifi.hadoop.KerberosTicketRenewer;
import org.apache.nifi.hadoop.SecurityUtil;
import org.apache.nifi.processor.exception.ProcessException;
import org.apache.nifi.processor.util.StandardValidators;
import org.apache.nifi.reporting.InitializationException;
import org.apache.nifi.util.NiFiProperties;

@CapabilityDescription("Provides Database Connection Pooling Service for Apache Hive. Connections can be asked from pool and returned after usage.")
@Tags({"hive", "dbcp", "jdbc", "database", "connection", "pooling", "store"})
/* loaded from: input_file:org/apache/nifi/dbcp/hive/HiveConnectionPool.class */
public class HiveConnectionPool extends AbstractControllerService implements HiveDBCPService {
    static final long TICKET_RENEWAL_PERIOD = 60000;
    private volatile UserGroupInformation ugi;
    private volatile KerberosTicketRenewer renewer;
    private static final List<PropertyDescriptor> properties;
    private String connectionUrl = "unknown";
    private final AtomicReference<ValidationResources> validationResourceHolder = new AtomicReference<>();
    private volatile BasicDataSource dataSource;
    public static final PropertyDescriptor DATABASE_URL = new PropertyDescriptor.Builder().name("hive-db-connect-url").displayName("Database Connection URL").description("A database connection URL used to connect to a database. May contain database system name, host, port, database name and some parameters. The exact syntax of a database connection URL is specified by the Hive documentation. For example, the server principal is often included as a connection parameter when connecting to a secure Hive server.").defaultValue((String) null).addValidator(StandardValidators.NON_EMPTY_VALIDATOR).required(true).build();
    public static final PropertyDescriptor HIVE_CONFIGURATION_RESOURCES = new PropertyDescriptor.Builder().name("hive-config-resources").displayName("Hive Configuration Resources").description("A file or comma separated list of files which contains the Hive configuration (hive-site.xml, e.g.). Without this, Hadoop will search the classpath for a 'hive-site.xml' file or will revert to a default configuration. Note that to enable authentication with Kerberos e.g., the appropriate properties must be set in the configuration files. Please see the Hive documentation for more details.").required(false).addValidator(createMultipleFilesExistValidator()).build();
    public static final PropertyDescriptor DB_USER = new PropertyDescriptor.Builder().name("hive-db-user").displayName("Database User").description("Database user name").defaultValue((String) null).addValidator(StandardValidators.NON_EMPTY_VALIDATOR).build();
    public static final PropertyDescriptor DB_PASSWORD = new PropertyDescriptor.Builder().name("hive-db-password").displayName("Password").description("The password for the database user").defaultValue((String) null).required(false).sensitive(true).addValidator(StandardValidators.NON_EMPTY_VALIDATOR).build();
    public static final PropertyDescriptor MAX_WAIT_TIME = new PropertyDescriptor.Builder().name("hive-max-wait-time").displayName("Max Wait Time").description("The maximum amount of time that the pool will wait (when there are no available connections)  for a connection to be returned before failing, or -1 to wait indefinitely. ").defaultValue("500 millis").required(true).addValidator(StandardValidators.TIME_PERIOD_VALIDATOR).sensitive(false).build();
    public static final PropertyDescriptor MAX_TOTAL_CONNECTIONS = new PropertyDescriptor.Builder().name("hive-max-total-connections").displayName("Max Total Connections").description("The maximum number of active connections that can be allocated from this pool at the same time, or negative for no limit.").defaultValue("8").required(true).addValidator(StandardValidators.INTEGER_VALIDATOR).sensitive(false).build();
    private static KerberosProperties kerberosProperties = KerberosProperties.create(NiFiProperties.getInstance());

    /* loaded from: input_file:org/apache/nifi/dbcp/hive/HiveConnectionPool$ValidationResources.class */
    private static class ValidationResources {
        private final String configResources;
        private final Configuration configuration;

        public ValidationResources(String str, Configuration configuration) {
            this.configResources = str;
            this.configuration = configuration;
        }

        public String getConfigResources() {
            return this.configResources;
        }

        public Configuration getConfiguration() {
            return this.configuration;
        }
    }

    protected List<PropertyDescriptor> getSupportedPropertyDescriptors() {
        return properties;
    }

    protected Collection<ValidationResult> customValidate(ValidationContext validationContext) {
        boolean isSet = validationContext.getProperty(HIVE_CONFIGURATION_RESOURCES).isSet();
        ArrayList arrayList = new ArrayList();
        if (isSet) {
            String value = validationContext.getProperty(HIVE_CONFIGURATION_RESOURCES).getValue();
            ValidationResources validationResources = this.validationResourceHolder.get();
            if (validationResources == null || !value.equals(validationResources.getConfigResources())) {
                getLogger().debug("Reloading validation resources");
                validationResources = new ValidationResources(value, getConfigurationFromFiles(value));
                this.validationResourceHolder.set(validationResources);
            }
            arrayList.addAll(KerberosProperties.validatePrincipalAndKeytab(getClass().getSimpleName(), validationResources.getConfiguration(), validationContext.getProperty(kerberosProperties.getKerberosPrincipal()).getValue(), validationContext.getProperty(kerberosProperties.getKerberosKeytab()).getValue(), getLogger()));
        }
        return arrayList;
    }

    protected Configuration getConfigurationFromFiles(String str) {
        HiveConf hiveConf = new HiveConf();
        if (StringUtils.isNotBlank(str)) {
            for (String str2 : str.split(",")) {
                hiveConf.addResource(new Path(str2.trim()));
            }
        }
        return hiveConf;
    }

    @OnEnabled
    public void onConfigured(ConfigurationContext configurationContext) throws InitializationException, IOException {
        this.connectionUrl = configurationContext.getProperty(DATABASE_URL).getValue();
        Configuration configurationFromFiles = getConfigurationFromFiles(configurationContext.getProperty(HIVE_CONFIGURATION_RESOURCES).getValue());
        for (Map.Entry entry : configurationContext.getProperties().entrySet()) {
            PropertyDescriptor propertyDescriptor = (PropertyDescriptor) entry.getKey();
            if (propertyDescriptor.isDynamic()) {
                configurationFromFiles.set(propertyDescriptor.getName(), (String) entry.getValue());
            }
        }
        String name = HiveDriver.class.getName();
        if (SecurityUtil.isSecurityEnabled(configurationFromFiles)) {
            String value = configurationContext.getProperty(kerberosProperties.getKerberosPrincipal()).getValue();
            String value2 = configurationContext.getProperty(kerberosProperties.getKerberosKeytab()).getValue();
            getLogger().info("HBase Security Enabled, logging in as principal {} with keytab {}", new Object[]{value, value2});
            this.ugi = SecurityUtil.loginKerberos(configurationFromFiles, value, value2);
            getLogger().info("Successfully logged in as principal {} with keytab {}", new Object[]{value, value2});
            if (this.ugi != null) {
                this.renewer = SecurityUtil.startTicketRenewalThread(getClass().getSimpleName(), this.ugi, TICKET_RENEWAL_PERIOD, getLogger());
            }
        }
        String value3 = configurationContext.getProperty(DB_USER).getValue();
        String value4 = configurationContext.getProperty(DB_PASSWORD).getValue();
        Long asTimePeriod = configurationContext.getProperty(MAX_WAIT_TIME).asTimePeriod(TimeUnit.MILLISECONDS);
        Integer asInteger = configurationContext.getProperty(MAX_TOTAL_CONNECTIONS).asInteger();
        this.dataSource = new BasicDataSource();
        this.dataSource.setDriverClassName(name);
        String value5 = configurationContext.getProperty(DATABASE_URL).getValue();
        this.dataSource.setMaxWait(asTimePeriod.longValue());
        this.dataSource.setMaxActive(asInteger.intValue());
        this.dataSource.setUrl(value5);
        this.dataSource.setUsername(value3);
        this.dataSource.setPassword(value4);
    }

    @OnDisabled
    public void shutdown() {
        if (this.renewer != null) {
            this.renewer.stop();
        }
        try {
            this.dataSource.close();
        } catch (SQLException e) {
            throw new ProcessException(e);
        }
    }

    public Connection getConnection() throws ProcessException {
        try {
            if (this.ugi != null) {
                return (Connection) this.ugi.doAs(new PrivilegedExceptionAction<Connection>() { // from class: org.apache.nifi.dbcp.hive.HiveConnectionPool.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public Connection run() throws Exception {
                        return HiveConnectionPool.this.dataSource.getConnection();
                    }
                });
            }
            getLogger().info("Simple Authentication");
            return this.dataSource.getConnection();
        } catch (IOException | InterruptedException | SQLException e) {
            getLogger().error("Error getting Hive connection", e);
            throw new ProcessException(e);
        }
    }

    public String toString() {
        return "HiveConnectionPool[id=" + getIdentifier() + "]";
    }

    public static Validator createMultipleFilesExistValidator() {
        return new Validator() { // from class: org.apache.nifi.dbcp.hive.HiveConnectionPool.2
            public ValidationResult validate(String str, String str2, ValidationContext validationContext) {
                for (String str3 : str2.split(",")) {
                    try {
                        File file = new File(str3.trim());
                        if (!(file.exists() && file.isFile())) {
                            return new ValidationResult.Builder().subject(str).input(str2).valid(false).explanation("File " + file + " does not exist or is not a file").build();
                        }
                    } catch (SecurityException e) {
                        return new ValidationResult.Builder().subject(str).input(str2).valid(false).explanation("Unable to access " + str3 + " due to " + e.getMessage()).build();
                    }
                }
                return new ValidationResult.Builder().subject(str).input(str2).valid(true).build();
            }
        };
    }

    @Override // org.apache.nifi.dbcp.hive.HiveDBCPService
    public String getConnectionURL() {
        return this.connectionUrl;
    }

    static {
        ArrayList arrayList = new ArrayList();
        arrayList.add(DATABASE_URL);
        arrayList.add(HIVE_CONFIGURATION_RESOURCES);
        arrayList.add(kerberosProperties.getKerberosPrincipal());
        arrayList.add(kerberosProperties.getKerberosKeytab());
        arrayList.add(DB_USER);
        arrayList.add(DB_PASSWORD);
        arrayList.add(MAX_WAIT_TIME);
        arrayList.add(MAX_TOTAL_CONNECTIONS);
        properties = Collections.unmodifiableList(arrayList);
    }
}
