package org.neo4j.causalclustering.discovery;

import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.StandardOpenOption;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.Optional;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeoutException;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.client.api.ContentResponse;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.neo4j.causalclustering.core.CausalClusteringSettings;
import org.neo4j.causalclustering.discovery.kubernetes.KubernetesType;
import org.neo4j.causalclustering.discovery.kubernetes.ServiceList;
import org.neo4j.causalclustering.discovery.kubernetes.Status;
import org.neo4j.helpers.AdvertisedSocketAddress;
import org.neo4j.helpers.collection.Pair;
import org.neo4j.kernel.configuration.Config;
import org.neo4j.logging.Log;
import org.neo4j.logging.internal.LogService;
import org.neo4j.util.Preconditions;

/* loaded from: input_file:org/neo4j/causalclustering/discovery/KubernetesResolver.class */
public class KubernetesResolver implements RemoteMembersResolver {
    private final KubernetesClient kubernetesClient;
    private final HttpClient httpClient;
    private final Log log;

    /* loaded from: input_file:org/neo4j/causalclustering/discovery/KubernetesResolver$KubernetesClient.class */
    static class KubernetesClient extends RetryingHostnameResolver {
        static final String path = "/api/v1/namespaces/%s/services";
        private final Log log;
        private final Log userLog;
        private final HttpClient httpClient;
        private final String token;
        private final String namespace;
        private final String labelSelector;
        private final ObjectMapper objectMapper;
        private final String portName;
        private final AdvertisedSocketAddress kubernetesAddress;

        KubernetesClient(LogService logService, HttpClient httpClient, String str, String str2, Config config, MultiRetryStrategy<AdvertisedSocketAddress, Collection<AdvertisedSocketAddress>> multiRetryStrategy) {
            super(config, multiRetryStrategy);
            this.log = logService.getInternalLog(getClass());
            this.userLog = logService.getUserLog(getClass());
            this.token = str;
            this.namespace = str2;
            this.kubernetesAddress = (AdvertisedSocketAddress) config.get(CausalClusteringSettings.kubernetes_address);
            this.labelSelector = (String) config.get(CausalClusteringSettings.kubernetes_label_selector);
            this.portName = (String) config.get(CausalClusteringSettings.kubernetes_service_port_name);
            this.httpClient = httpClient;
            this.objectMapper = new ObjectMapper().configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
        }

        @Override // org.neo4j.causalclustering.discovery.RetryingHostnameResolver
        protected Collection<AdvertisedSocketAddress> resolveOnce(AdvertisedSocketAddress advertisedSocketAddress) {
            try {
                ContentResponse send = this.httpClient.newRequest(this.kubernetesAddress.getHostname(), this.kubernetesAddress.getPort()).method(HttpMethod.GET).scheme("https").path(String.format(path, this.namespace)).param("labelSelector", this.labelSelector).header(HttpHeader.AUTHORIZATION, "Bearer " + this.token).accept(new String[]{MimeTypes.Type.APPLICATION_JSON.asString()}).send();
                this.log.info("Received from k8s api \n" + send.getContentAsString());
                Collection<AdvertisedSocketAddress> collection = (Collection) ((KubernetesType) this.objectMapper.readValue(send.getContent(), KubernetesType.class)).handle(new Parser(this.portName, this.namespace));
                this.userLog.info("Resolved %s from Kubernetes API at %s namespace %s labelSelector %s", new Object[]{collection, this.kubernetesAddress, this.namespace, this.labelSelector});
                if (collection.isEmpty()) {
                    this.log.error("Resolved empty hosts from Kubernetes API at %s namespace %s labelSelector %s", new Object[]{this.kubernetesAddress, this.namespace, this.labelSelector});
                }
                return collection;
            } catch (IOException e) {
                this.log.error("Failed to parse result from Kubernetes API", e);
                return Collections.emptySet();
            } catch (InterruptedException | ExecutionException | TimeoutException e2) {
                this.log.error(String.format("Failed to resolve hosts from Kubernetes API at %s namespace %s labelSelector %s", this.kubernetesAddress, this.namespace, this.labelSelector), e2);
                return Collections.emptySet();
            }
        }
    }

    /* loaded from: input_file:org/neo4j/causalclustering/discovery/KubernetesResolver$Parser.class */
    private static class Parser implements KubernetesType.Visitor<Collection<AdvertisedSocketAddress>> {
        private final String portName;
        private final String namespace;

        private Parser(String str, String str2) {
            this.portName = str;
            this.namespace = str2;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.neo4j.causalclustering.discovery.kubernetes.KubernetesType.Visitor
        public Collection<AdvertisedSocketAddress> visit(Status status) {
            throw new IllegalStateException(String.format("Unable to contact Kubernetes API. Status: %s", status));
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.neo4j.causalclustering.discovery.kubernetes.KubernetesType.Visitor
        public Collection<AdvertisedSocketAddress> visit(ServiceList serviceList) {
            return (Collection) serviceList.items().stream().filter(this::notDeleted).flatMap(this::extractServicePort).map(pair -> {
                return new AdvertisedSocketAddress(String.format("%s.%s.svc.cluster.local", pair.first(), this.namespace), ((ServiceList.Service.ServiceSpec.ServicePort) pair.other()).port());
            }).collect(Collectors.toSet());
        }

        private boolean notDeleted(ServiceList.Service service) {
            return service.metadata().deletionTimestamp() == null;
        }

        private Stream<Pair<String, ServiceList.Service.ServiceSpec.ServicePort>> extractServicePort(ServiceList.Service service) {
            return service.spec().ports().stream().filter(servicePort -> {
                return this.portName.equals(servicePort.name());
            }).map(servicePort2 -> {
                return Pair.of(service.metadata().name(), servicePort2);
            });
        }
    }

    private KubernetesResolver(LogService logService, Config config) {
        this.log = logService.getInternalLog(getClass());
        this.httpClient = new HttpClient(createSslContextFactory(config));
        this.kubernetesClient = new KubernetesClient(logService, this.httpClient, read((File) config.get(CausalClusteringSettings.kubernetes_token)), read((File) config.get(CausalClusteringSettings.kubernetes_namespace)), config, RetryingHostnameResolver.defaultRetryStrategy(config, logService.getInternalLogProvider()));
    }

    public static RemoteMembersResolver resolver(LogService logService, Config config) {
        return new KubernetesResolver(logService, config);
    }

    /* JADX WARN: Failed to calculate best type for var: r10v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r10v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Failed to calculate best type for var: r9v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r9v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 10, insn: 0x00e4: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r10 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:57:0x00e4 */
    /* JADX WARN: Not initialized variable reg: 9, insn: 0x00e0: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r9 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:55:0x00e0 */
    /* JADX WARN: Type inference failed for: r10v0, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r9v0, types: [org.neo4j.causalclustering.discovery.SecurePassword] */
    private SslContextFactory createSslContextFactory(Config config) {
        File file = (File) config.get(CausalClusteringSettings.kubernetes_ca_crt);
        try {
            try {
                SecurePassword securePassword = new SecurePassword(16, new SecureRandom());
                Throwable th = null;
                InputStream newInputStream = Files.newInputStream(file.toPath(), StandardOpenOption.READ);
                Throwable th2 = null;
                try {
                    try {
                        KeyStore loadKeyStore = loadKeyStore(securePassword, newInputStream);
                        SslContextFactory sslContextFactory = new SslContextFactory();
                        sslContextFactory.setTrustStore(loadKeyStore);
                        sslContextFactory.setTrustStorePassword(String.valueOf(securePassword.password()));
                        if (newInputStream != null) {
                            if (0 != 0) {
                                try {
                                    newInputStream.close();
                                } catch (Throwable th3) {
                                    th2.addSuppressed(th3);
                                }
                            } else {
                                newInputStream.close();
                            }
                        }
                        if (securePassword != null) {
                            if (0 != 0) {
                                try {
                                    securePassword.close();
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                }
                            } else {
                                securePassword.close();
                            }
                        }
                        return sslContextFactory;
                    } finally {
                    }
                } catch (Throwable th5) {
                    if (newInputStream != null) {
                        if (th2 != null) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th6) {
                                th2.addSuppressed(th6);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                    throw th5;
                }
            } finally {
            }
        } catch (Exception e) {
            throw new IllegalStateException("Unable to load CA certificate for Kubernetes", e);
        }
    }

    private KeyStore loadKeyStore(SecurePassword securePassword, InputStream inputStream) throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException {
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(inputStream);
        Preconditions.checkState(!generateCertificates.isEmpty(), "Expected non empty Kubernetes CA certificates");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, securePassword.password());
        int i = 0;
        Iterator<? extends Certificate> it = generateCertificates.iterator();
        while (it.hasNext()) {
            int i2 = i;
            i++;
            keyStore.setCertificateEntry("ca" + i2, it.next());
        }
        return keyStore;
    }

    private String read(File file) {
        try {
            Optional<String> findFirst = Files.lines(file.toPath()).findFirst();
            if (findFirst.isPresent()) {
                return findFirst.get();
            }
            throw new IllegalStateException(String.format("Expected file at %s to have at least 1 line", file));
        } catch (IOException e) {
            throw new IllegalArgumentException("Unable to read file " + file, e);
        }
    }

    @Override // org.neo4j.causalclustering.discovery.RemoteMembersResolver
    public <T> Collection<T> resolve(Function<AdvertisedSocketAddress, T> function) {
        try {
            try {
                this.httpClient.start();
                return (Collection) this.kubernetesClient.resolve(null).stream().map(function).collect(Collectors.toList());
            } catch (Exception e) {
                throw new IllegalStateException("Unable to query Kubernetes API", e);
            }
        } finally {
            try {
                this.httpClient.stop();
            } catch (Exception e2) {
                this.log.warn("Unable to shut down HTTP client", e2);
            }
        }
    }
}
