package com.hazelcast.kubernetes;

import com.hazelcast.internal.json.Json;
import com.hazelcast.internal.json.JsonArray;
import com.hazelcast.internal.json.JsonObject;
import com.hazelcast.internal.json.JsonValue;
import com.hazelcast.kubernetes.KubernetesClient;
import com.hazelcast.nio.IOUtil;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Scanner;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.jivesoftware.smackx.address.packet.MultipleAddresses;
import org.snmp4j.smi.GenericAddress;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/hazelcast/kubernetes/DefaultKubernetesClient.class */
public class DefaultKubernetesClient implements KubernetesClient {
    private static final int HTTP_OK = 200;
    private final String kubernetesMaster;
    private final String apiToken;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DefaultKubernetesClient(String str, String str2) {
        this.kubernetesMaster = str;
        this.apiToken = str2;
    }

    @Override // com.hazelcast.kubernetes.KubernetesClient
    public KubernetesClient.Endpoints endpoints(String str) {
        return parseEndpointsList(callGet(String.format("%s/api/v1/namespaces/%s/endpoints", this.kubernetesMaster, str)));
    }

    @Override // com.hazelcast.kubernetes.KubernetesClient
    public KubernetesClient.Endpoints endpointsByLabel(String str, String str2, String str3) {
        return parseEndpointsList(callGet(String.format("%s/api/v1/namespaces/%s/endpoints?%s", this.kubernetesMaster, str, String.format("labelSelector=%s=%s", str2, str3))));
    }

    @Override // com.hazelcast.kubernetes.KubernetesClient
    public KubernetesClient.Endpoints endpointsByName(String str, String str2) {
        return parseEndpoint(callGet(String.format("%s/api/v1/namespaces/%s/endpoints/%s", this.kubernetesMaster, str, str2)));
    }

    private JsonObject callGet(String str) {
        HttpURLConnection httpURLConnection = null;
        try {
            try {
                HttpURLConnection httpURLConnection2 = (HttpURLConnection) new URL(str).openConnection();
                if (httpURLConnection2 instanceof HttpsURLConnection) {
                    ((HttpsURLConnection) httpURLConnection2).setSSLSocketFactory(buildSslSocketFactory());
                }
                httpURLConnection2.setRequestMethod("GET");
                httpURLConnection2.setRequestProperty("Authorization", String.format("Bearer %s", this.apiToken));
                if (httpURLConnection2.getResponseCode() != 200) {
                    throw new KubernetesClientException(String.format("Failure executing: GET at: %s. Message: %s,", str, read(httpURLConnection2.getErrorStream())));
                }
                JsonObject asObject = Json.parse(read(httpURLConnection2.getInputStream())).asObject();
                if (httpURLConnection2 != null) {
                    httpURLConnection2.disconnect();
                }
                return asObject;
            } catch (Exception e) {
                throw new KubernetesClientException("Failure in KubernetesClient", e);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                httpURLConnection.disconnect();
            }
            throw th;
        }
    }

    private static String read(InputStream inputStream) {
        Scanner scanner = new Scanner(inputStream, "UTF-8");
        scanner.useDelimiter("\\Z");
        return scanner.next();
    }

    private static KubernetesClient.Endpoints parseEndpointsList(JsonObject jsonObject) {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        Iterator<JsonValue> it = toJsonArray(jsonObject.get("items")).iterator();
        while (it.hasNext()) {
            KubernetesClient.Endpoints parseEndpoint = parseEndpoint(it.next());
            arrayList.addAll(parseEndpoint.getAddresses());
            arrayList2.addAll(parseEndpoint.getNotReadyAddresses());
        }
        return new KubernetesClient.Endpoints(arrayList, arrayList2);
    }

    private static KubernetesClient.Endpoints parseEndpoint(JsonValue jsonValue) {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        Iterator<JsonValue> it = toJsonArray(jsonValue.asObject().get("subsets")).iterator();
        while (it.hasNext()) {
            JsonValue next = it.next();
            Iterator<JsonValue> it2 = toJsonArray(next.asObject().get(MultipleAddresses.ELEMENT)).iterator();
            while (it2.hasNext()) {
                arrayList.add(parseEntrypointAddress(it2.next()));
            }
            Iterator<JsonValue> it3 = toJsonArray(next.asObject().get("notReadyAddresses")).iterator();
            while (it3.hasNext()) {
                arrayList2.add(parseEntrypointAddress(it3.next()));
            }
        }
        return new KubernetesClient.Endpoints(arrayList, arrayList2);
    }

    private static KubernetesClient.EntrypointAddress parseEntrypointAddress(JsonValue jsonValue) {
        return new KubernetesClient.EntrypointAddress(jsonValue.asObject().get(GenericAddress.TYPE_IP).asString(), parseAdditionalProperties(jsonValue));
    }

    private static Map<String, Object> parseAdditionalProperties(JsonValue jsonValue) {
        HashSet hashSet = new HashSet(Arrays.asList(GenericAddress.TYPE_IP, "nodeName", "targetRef", "hostname"));
        HashMap hashMap = new HashMap();
        Iterator<JsonObject.Member> it = jsonValue.asObject().iterator();
        while (it.hasNext()) {
            JsonObject.Member next = it.next();
            if (!hashSet.contains(next.getName())) {
                hashMap.put(next.getName(), toString(next.getValue()));
            }
        }
        return hashMap;
    }

    private static JsonArray toJsonArray(JsonValue jsonValue) {
        return (jsonValue == null || jsonValue.isNull()) ? new JsonArray() : jsonValue.asArray();
    }

    private static String toString(JsonValue jsonValue) {
        return jsonValue.isString() ? jsonValue.asString() : jsonValue.toString();
    }

    private static SSLSocketFactory buildSslSocketFactory() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry("ca", generateCertificate());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            return sSLContext.getSocketFactory();
        } catch (Exception e) {
            throw new KubernetesClientException("Failure in generating SSLSocketFactory", e);
        }
    }

    private static Certificate generateCertificate() throws IOException, CertificateException {
        BufferedInputStream bufferedInputStream = null;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            bufferedInputStream = new BufferedInputStream(new FileInputStream(new File(caCertPath())));
            Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
            IOUtil.closeResource(bufferedInputStream);
            return generateCertificate;
        } catch (Throwable th) {
            IOUtil.closeResource(bufferedInputStream);
            throw th;
        }
    }

    @SuppressFBWarnings({"DMI_HARDCODED_ABSOLUTE_FILENAME"})
    private static String caCertPath() {
        return "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt";
    }
}
