package com.yahoo.athenz.common.server.store.impl;

import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3ClientBuilder;
import com.amazonaws.services.s3.model.ListObjectsRequest;
import com.amazonaws.services.s3.model.ObjectListing;
import com.amazonaws.services.s3.model.S3ObjectInputStream;
import com.amazonaws.services.s3.model.S3ObjectSummary;
import com.amazonaws.util.EC2MetadataUtils;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.yahoo.athenz.common.ServerCommonConsts;
import com.yahoo.athenz.common.server.store.ChangeLogStore;
import com.yahoo.athenz.zms.JWSDomain;
import com.yahoo.athenz.zms.SignedDomain;
import com.yahoo.athenz.zms.SignedDomains;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import org.eclipse.jetty.util.StringUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/yahoo/athenz/common/server/store/impl/S3ChangeLogStore.class */
public class S3ChangeLogStore implements ChangeLogStore {
    private static final Logger LOGGER = LoggerFactory.getLogger(S3ChangeLogStore.class);
    long lastModTime;
    private String s3BucketName;
    private String awsRegion;
    private ObjectMapper jsonMapper;
    private boolean jwsDomainSupport;
    private static final String NUMBER_OF_THREADS = "athenz.zts.bucket.threads";
    private static final String DEFAULT_TIMEOUT_SECONDS = "athenz.zts.bucket.threads.timeout";
    AmazonS3 awsS3Client = null;
    private int nThreads = Integer.parseInt(System.getProperty(NUMBER_OF_THREADS, "10"));
    private int defaultTimeoutSeconds = Integer.parseInt(System.getProperty(DEFAULT_TIMEOUT_SECONDS, "1800"));
    protected Map<String, SignedDomain> tempSignedDomainMap = new ConcurrentHashMap();
    protected Map<String, JWSDomain> tempJWSDomainMap = new ConcurrentHashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/yahoo/athenz/common/server/store/impl/S3ChangeLogStore$ObjectS3Thread.class */
    public class ObjectS3Thread implements Runnable {
        String domainName;
        AmazonS3 s3;
        Map<String, JWSDomain> jwsDomainMap;
        Map<String, SignedDomain> signedDomainMap;
        boolean jwsSupport;

        public ObjectS3Thread(String str, Map<String, SignedDomain> map, Map<String, JWSDomain> map2, AmazonS3 amazonS3, boolean z) {
            this.domainName = str;
            this.s3 = amazonS3;
            this.signedDomainMap = map;
            this.jwsDomainMap = map2;
            this.jwsSupport = z;
        }

        @Override // java.lang.Runnable
        public void run() {
            if (this.jwsSupport) {
                saveJWSDomain();
            } else {
                saveSignedDomain();
            }
        }

        void saveSignedDomain() {
            SignedDomain signedDomain = null;
            try {
                S3ObjectInputStream objectContent = this.s3.getObject(S3ChangeLogStore.this.s3BucketName, this.domainName).getObjectContent();
                try {
                    signedDomain = (SignedDomain) S3ChangeLogStore.this.jsonMapper.readValue(objectContent, SignedDomain.class);
                    if (objectContent != null) {
                        objectContent.close();
                    }
                } finally {
                }
            } catch (Exception e) {
                S3ChangeLogStore.LOGGER.error("AWSS3ChangeLogThread: ObjectS3Thread- getSignedDomain - unable to get domain {} error: {}", this.domainName, e.getMessage());
            }
            if (signedDomain != null) {
                this.signedDomainMap.put(this.domainName, signedDomain);
            }
        }

        void saveJWSDomain() {
            JWSDomain jWSDomain = null;
            try {
                S3ObjectInputStream objectContent = this.s3.getObject(S3ChangeLogStore.this.s3BucketName, this.domainName).getObjectContent();
                try {
                    jWSDomain = (JWSDomain) S3ChangeLogStore.this.jsonMapper.readValue(objectContent, JWSDomain.class);
                    if (objectContent != null) {
                        objectContent.close();
                    }
                } finally {
                }
            } catch (Exception e) {
                S3ChangeLogStore.LOGGER.error("AWSS3ChangeLogThread: ObjectS3Thread- getJWSDomain - unable to get domain {} error: {}", this.domainName, e.getMessage());
            }
            if (jWSDomain != null) {
                this.jwsDomainMap.put(this.domainName, jWSDomain);
            }
        }
    }

    public S3ChangeLogStore() {
        init();
        initAwsRegion();
    }

    public S3ChangeLogStore(String str) {
        init();
        this.awsRegion = str;
    }

    void init() {
        this.s3BucketName = System.getProperty(ServerCommonConsts.ZTS_PROP_AWS_BUCKET_NAME);
        if (this.s3BucketName == null || this.s3BucketName.isEmpty()) {
            LOGGER.error("S3 Bucket name cannot be null");
            throw new RuntimeException("S3ChangeLogStore: S3 Bucket name cannot be null");
        }
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("AWSS3ChangeLog: S3 Bucket name: {}", this.s3BucketName);
        }
        this.jsonMapper = new ObjectMapper();
        this.jsonMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
    }

    void initAwsRegion() {
        this.awsRegion = System.getProperty(ServerCommonConsts.ZTS_PROP_AWS_REGION_NAME);
        if (StringUtil.isEmpty(this.awsRegion)) {
            this.awsRegion = EC2MetadataUtils.getEC2InstanceRegion();
        }
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public void setJWSDomainSupport(boolean z) {
        this.jwsDomainSupport = z;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public boolean supportsFullRefresh() {
        return false;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public SignedDomain getLocalSignedDomain(String str) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("getLocalSignedDomain: {}", str);
        }
        SignedDomain remove = this.tempSignedDomainMap.remove(str);
        if (remove == null) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info("getLocalSignedDomain: not present in cache, fetching from S3...");
            }
            if (this.awsS3Client == null) {
                this.awsS3Client = getS3Client();
            }
            remove = getSignedDomain(this.awsS3Client, str);
            if (remove == null) {
                this.awsS3Client = getS3Client();
                remove = getSignedDomain(this.awsS3Client, str);
            }
        }
        return remove;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public JWSDomain getLocalJWSDomain(String str) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("getLocalJWSDomain: {}", str);
        }
        JWSDomain remove = this.tempJWSDomainMap.remove(str);
        if (remove == null) {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info("getLocalJWSDomain: not present in cache, fetching from S3...");
            }
            if (this.awsS3Client == null) {
                this.awsS3Client = getS3Client();
            }
            remove = getJWSDomain(this.awsS3Client, str);
            if (remove == null) {
                this.awsS3Client = getS3Client();
                remove = getJWSDomain(this.awsS3Client, str);
            }
        }
        return remove;
    }

    SignedDomain getSignedDomain(AmazonS3 amazonS3, String str) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("getSignedDomain with S3: {}", str);
        }
        SignedDomain signedDomain = null;
        try {
            S3ObjectInputStream objectContent = amazonS3.getObject(this.s3BucketName, str).getObjectContent();
            try {
                signedDomain = (SignedDomain) this.jsonMapper.readValue(objectContent, SignedDomain.class);
                if (objectContent != null) {
                    objectContent.close();
                }
            } finally {
            }
        } catch (Exception e) {
            LOGGER.error("AWSS3ChangeLog: getSignedDomain - unable to get domain {} error: {}", str, e.getMessage());
        }
        return signedDomain;
    }

    JWSDomain getJWSDomain(AmazonS3 amazonS3, String str) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("getJWSDomain with S3: {}", str);
        }
        JWSDomain jWSDomain = null;
        try {
            S3ObjectInputStream objectContent = amazonS3.getObject(this.s3BucketName, str).getObjectContent();
            try {
                jWSDomain = (JWSDomain) this.jsonMapper.readValue(objectContent, JWSDomain.class);
                if (objectContent != null) {
                    objectContent.close();
                }
            } finally {
            }
        } catch (Exception e) {
            LOGGER.error("AWSS3ChangeLog: getJWSDomain - unable to get domain {} error: {}", str, e.getMessage());
        }
        return jWSDomain;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public void removeLocalDomain(String str) {
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public void saveLocalDomain(String str, SignedDomain signedDomain) {
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public void saveLocalDomain(String str, JWSDomain jWSDomain) {
    }

    void listObjects(AmazonS3 amazonS3, Collection<String> collection, long j) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("listObjects: Retrieving domains from {} with mod time > {}", this.s3BucketName, Long.valueOf(j));
        }
        ObjectListing listObjects = amazonS3.listObjects(new ListObjectsRequest().withBucketName(this.s3BucketName));
        while (true) {
            ObjectListing objectListing = listObjects;
            if (objectListing == null) {
                return;
            }
            List<S3ObjectSummary> objectSummaries = objectListing.getObjectSummaries();
            boolean isTruncated = objectListing.isTruncated();
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("listObjects: retrieved {} objects, more objects available - {}", Integer.valueOf(objectSummaries.size()), Boolean.valueOf(isTruncated));
            }
            for (S3ObjectSummary s3ObjectSummary : objectSummaries) {
                if (j <= 0 || s3ObjectSummary.getLastModified().getTime() > j) {
                    String key = s3ObjectSummary.getKey();
                    if (key.charAt(0) != '.') {
                        collection.add(key);
                    }
                }
            }
            if (!isTruncated) {
                return;
            } else {
                listObjects = amazonS3.listNextBatchOfObjects(objectListing);
            }
        }
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public List<String> getLocalDomainList() {
        if (this.lastModTime == 0) {
            this.lastModTime = System.currentTimeMillis();
        }
        this.awsS3Client = getS3Client();
        List<String> arrayList = new ArrayList<>();
        listObjects(this.awsS3Client, arrayList, 0L);
        this.tempSignedDomainMap.clear();
        this.tempJWSDomainMap.clear();
        if (!getAllDomains(arrayList)) {
            getAllDomains(arrayList);
        }
        return arrayList;
    }

    public boolean getAllDomains(List<String> list) {
        if (LOGGER.isInfoEnabled()) {
            LOGGER.info("Getting all domains from S3 with multiple threads...");
        }
        ExecutorService executorService = getExecutorService();
        AmazonS3 s3Client = getS3Client();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            executorService.execute(new ObjectS3Thread(it.next(), this.tempSignedDomainMap, this.tempJWSDomainMap, s3Client, this.jwsDomainSupport));
        }
        executorService.shutdown();
        try {
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info("Waiting for completion of all getdomain tasks...");
            }
            executorService.awaitTermination(this.defaultTimeoutSeconds, TimeUnit.SECONDS);
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info("Executor completed all of its tasks");
            }
            return true;
        } catch (InterruptedException e) {
            LOGGER.error("Interrupted Exception in getAllSignedDomains", e);
            this.tempSignedDomainMap.clear();
            this.tempJWSDomainMap.clear();
            executorService.shutdownNow();
            return false;
        }
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public Set<String> getServerDomainList() {
        HashSet hashSet = new HashSet();
        listObjects(getS3Client(), hashSet, 0L);
        return hashSet;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public SignedDomains getServerDomainModifiedList() {
        return null;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public SignedDomain getServerSignedDomain(String str) {
        return null;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public JWSDomain getServerJWSDomain(String str) {
        return null;
    }

    List<String> getUpdatedDomainList(AmazonS3 amazonS3, StringBuilder sb) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Retrieving updating domains from S3...");
        }
        sb.append(System.currentTimeMillis());
        ArrayList arrayList = new ArrayList();
        listObjects(amazonS3, arrayList, this.lastModTime);
        if (LOGGER.isInfoEnabled()) {
            LOGGER.info("Retrieved {} updated domains", Integer.valueOf(arrayList.size()));
        }
        return arrayList;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public SignedDomains getUpdatedSignedDomains(StringBuilder sb) {
        AmazonS3 s3Client = getS3Client();
        List<String> updatedDomainList = getUpdatedDomainList(s3Client, sb);
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = updatedDomainList.iterator();
        while (it.hasNext()) {
            SignedDomain signedDomain = getSignedDomain(s3Client, it.next());
            if (signedDomain != null) {
                arrayList.add(signedDomain);
            }
        }
        SignedDomains signedDomains = new SignedDomains();
        signedDomains.setDomains(arrayList);
        return signedDomains;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public List<JWSDomain> getUpdatedJWSDomains(StringBuilder sb) {
        AmazonS3 s3Client = getS3Client();
        List<String> updatedDomainList = getUpdatedDomainList(s3Client, sb);
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = updatedDomainList.iterator();
        while (it.hasNext()) {
            JWSDomain jWSDomain = getJWSDomain(s3Client, it.next());
            if (jWSDomain != null) {
                arrayList.add(jWSDomain);
            }
        }
        return arrayList;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStore
    public void setLastModificationTimestamp(String str) {
        if (str == null) {
            this.lastModTime = 0L;
        } else {
            this.lastModTime = Long.parseLong(str);
        }
    }

    AmazonS3 getS3Client() {
        if (StringUtil.isEmpty(this.awsRegion)) {
            throw new RuntimeException("S3ChangeLogStore: Couldn't detect AWS region");
        }
        return (AmazonS3) AmazonS3ClientBuilder.standard().withRegion(this.awsRegion).build();
    }

    public ExecutorService getExecutorService() {
        return Executors.newFixedThreadPool(this.nThreads);
    }
}
