package io.cdap.plugin.gcp.common;

import com.google.api.gax.retrying.RetrySettings;
import com.google.auth.Credentials;
import com.google.auth.oauth2.ExternalAccountCredentials;
import com.google.auth.oauth2.GoogleCredentials;
import com.google.auth.oauth2.ServiceAccountCredentials;
import com.google.bigtable.repackaged.com.google.gson.Gson;
import com.google.cloud.bigquery.BigQuery;
import com.google.cloud.bigquery.BigQueryOptions;
import com.google.cloud.hadoop.fs.gcs.GoogleHadoopFS;
import com.google.cloud.hadoop.fs.gcs.GoogleHadoopFileSystem;
import com.google.cloud.hadoop.fs.gcs.GoogleHadoopFileSystemBase;
import com.google.cloud.hadoop.util.AccessTokenProviderClassFromConfigFactory;
import com.google.cloud.hadoop.util.CredentialFactory;
import com.google.cloud.kms.v1.CryptoKeyName;
import com.google.cloud.storage.BucketInfo;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageException;
import com.google.cloud.storage.StorageOptions;
import com.google.gson.reflect.TypeToken;
import io.cdap.plugin.gcp.gcs.GCSPath;
import io.cdap.plugin.gcp.gcs.ServiceAccountAccessTokenProvider;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Type;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import javax.annotation.Nullable;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.shaded.org.apache.zookeeper.client.ZooKeeperSaslClient;
import org.threeten.bp.Duration;

/* loaded from: input_file:io/cdap/plugin/gcp/common/GCPUtils.class */
public class GCPUtils {
    public static final String FS_GS_PROJECT_ID = "fs.gs.project.id";
    private static final String SERVICE_ACCOUNT_TYPE = "cdap.auth.service.account.type";
    private static final String SERVICE_ACCOUNT = "cdap.auth.service.account";
    private static final String SERVICE_ACCOUNT_SCOPES = "cdap.auth.service.account.scopes";
    private static final String SERVICE_ACCOUNT_TYPE_FILE_PATH = "filePath";
    private static final String GCS_PREFIX = "fs.gs";
    private static final String BQ_PREFIX = "mapred.bq";
    private static final Gson GSON = new Gson();
    private static final Type SCOPES_TYPE = new TypeToken<List<String>>() { // from class: io.cdap.plugin.gcp.common.GCPUtils.1
    }.getType();
    public static final List<String> BIGQUERY_SCOPES = Arrays.asList("https://www.googleapis.com/auth/drive", "https://www.googleapis.com/auth/bigquery");

    public static GoogleCredentials loadServiceAccountFileCredentials(String str) throws IOException {
        return loadServiceAccountCredentials(str, true);
    }

    public static GoogleCredentials loadServiceAccountCredentials(String str, boolean z) throws IOException {
        InputStream openServiceAccount = openServiceAccount(str, z);
        Throwable th = null;
        try {
            try {
                GoogleCredentials fromStream = GoogleCredentials.fromStream(openServiceAccount);
                if (openServiceAccount != null) {
                    if (0 != 0) {
                        try {
                            openServiceAccount.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        openServiceAccount.close();
                    }
                }
                return fromStream;
            } finally {
            }
        } catch (Throwable th3) {
            if (openServiceAccount != null) {
                if (th != null) {
                    try {
                        openServiceAccount.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    openServiceAccount.close();
                }
            }
            throw th3;
        }
    }

    public static InputStream openServiceAccount(String str, boolean z) throws FileNotFoundException {
        return z ? new FileInputStream(str) : new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8));
    }

    public static Map<String, String> generateGCSAuthProperties(@Nullable String str, String str2) {
        return generateAuthProperties(str, str2, CredentialFactory.GCS_SCOPES, "fs.gs");
    }

    public static Map<String, String> generateBigQueryAuthProperties(@Nullable String str, String str2) {
        ArrayList arrayList = new ArrayList(CredentialFactory.GCS_SCOPES);
        arrayList.addAll(BIGQUERY_SCOPES);
        return generateAuthProperties(str, str2, arrayList, "fs.gs", "mapred.bq");
    }

    private static Map<String, String> generateAuthProperties(@Nullable String str, String str2, Collection<String> collection, String... strArr) {
        HashMap hashMap = new HashMap();
        hashMap.put(SERVICE_ACCOUNT_TYPE, str2);
        if (str != null) {
            hashMap.put(SERVICE_ACCOUNT, str);
        }
        if (!collection.isEmpty()) {
            hashMap.put(SERVICE_ACCOUNT_SCOPES, GSON.toJson(collection));
        }
        for (String str3 : strArr) {
            hashMap.put(str3 + AccessTokenProviderClassFromConfigFactory.ACCESS_TOKEN_PROVIDER_IMPL_SUFFIX, ServiceAccountAccessTokenProvider.class.getName());
        }
        return hashMap;
    }

    public static GoogleCredentials loadCredentialsFromConf(Configuration configuration) throws IOException {
        String str = configuration.get(SERVICE_ACCOUNT_TYPE);
        String str2 = configuration.get(SERVICE_ACCOUNT);
        String str3 = configuration.get(SERVICE_ACCOUNT_SCOPES);
        List list = str3 == null ? null : (List) GSON.fromJson(str3, SCOPES_TYPE);
        GoogleCredentials createScoped = str2 == null ? GoogleCredentials.getApplicationDefault().createScoped(new String[0]) : loadServiceAccountCredentials(str2, "filePath".equals(str));
        return (list == null || list.size() <= 0) ? createScoped : createScoped.createScoped(list);
    }

    public static Map<String, String> getFileSystemProperties(GCPConnectorConfig gCPConnectorConfig, String str, Map<String, String> map) {
        return getFileSystemProperties(gCPConnectorConfig.getProject(), gCPConnectorConfig.getServiceAccount(), gCPConnectorConfig.getServiceAccountType(), str, map);
    }

    private static Map<String, String> getFileSystemProperties(String str, String str2, String str3, String str4, Map<String, String> map) {
        try {
            map.putAll(generateGCSAuthProperties(str2, str3));
        } catch (Exception e) {
        }
        map.put("fs.gs.impl", GoogleHadoopFileSystem.class.getName());
        map.put("fs.AbstractFileSystem.gs.impl", GoogleHadoopFS.class.getName());
        map.put(FS_GS_PROJECT_ID, str);
        map.put("fs.gs.system.bucket", GCSPath.from(str4).getBucket());
        map.put("fs.gs.path.encoding", GoogleHadoopFileSystemBase.PATH_CODEC_USE_URI_ENCODING);
        map.put("fs.gs.working.dir", "/");
        map.put("fs.gs.impl.disable.cache", ZooKeeperSaslClient.ENABLE_CLIENT_SASL_DEFAULT);
        return map;
    }

    public static BigQuery getBigQuery(String str, @Nullable Credentials credentials) {
        Collection<String> scopes;
        BigQueryOptions.Builder projectId = BigQueryOptions.newBuilder().setProjectId(str);
        if (credentials != null) {
            HashSet hashSet = new HashSet(BIGQUERY_SCOPES);
            if (credentials instanceof ServiceAccountCredentials) {
                hashSet.addAll(((ServiceAccountCredentials) credentials).getScopes());
            } else if ((credentials instanceof ExternalAccountCredentials) && (scopes = ((ExternalAccountCredentials) credentials).getScopes()) != null) {
                hashSet.addAll(scopes);
            }
            if (credentials instanceof GoogleCredentials) {
                credentials = ((GoogleCredentials) credentials).createScoped(hashSet);
            }
            projectId.setCredentials(credentials);
        }
        return projectId.build2().getService();
    }

    public static Storage getStorage(String str, @Nullable Credentials credentials) {
        StorageOptions.Builder projectId = StorageOptions.newBuilder().setProjectId(str);
        if (credentials != null) {
            projectId.setCredentials(credentials);
        }
        projectId.setRetrySettings(RetrySettings.newBuilder().setInitialRetryDelay(Duration.ofSeconds(1L)).setMaxRetryDelay(Duration.ofSeconds(30L)).setRetryDelayMultiplier(1.5d).setInitialRpcTimeout(Duration.ofSeconds(50L)).setMaxRpcTimeout(Duration.ofSeconds(50L)).setMaxAttempts(60).setTotalTimeout(Duration.ofMinutes(15L)).build());
        return projectId.build2().getService();
    }

    public static void createBucket(Storage storage, String str, @Nullable String str2, @Nullable CryptoKeyName cryptoKeyName) throws StorageException {
        BucketInfo.Builder newBuilder = BucketInfo.newBuilder(str);
        if (str2 != null) {
            newBuilder.setLocation(str2);
        }
        if (cryptoKeyName != null) {
            newBuilder.setDefaultKmsKeyName(cryptoKeyName.toString());
        }
        storage.create(newBuilder.build(), new Storage.BucketTargetOption[0]);
    }
}
