package alluxio.security.authentication;

import alluxio.conf.AlluxioConfiguration;
import alluxio.conf.PropertyKey;
import alluxio.exception.status.AlluxioStatusException;
import alluxio.exception.status.UnauthenticatedException;
import alluxio.grpc.ChannelAuthenticationScheme;
import alluxio.grpc.GrpcChannelKey;
import alluxio.grpc.GrpcConnection;
import alluxio.grpc.GrpcServerAddress;
import alluxio.grpc.SaslAuthenticationServiceGrpc;
import alluxio.security.authentication.plain.SaslClientHandlerPlain;
import io.grpc.Channel;
import io.grpc.Status;
import java.net.SocketAddress;
import javax.security.auth.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:alluxio/security/authentication/ChannelAuthenticator.class */
public class ChannelAuthenticator {
    private static final Logger LOG = LoggerFactory.getLogger(ChannelAuthenticator.class);
    private final GrpcChannelKey mChannelKey;
    private final GrpcConnection mConnection;
    private final Subject mParentSubject;
    private final AuthType mAuthType;
    private AlluxioConfiguration mConfiguration;
    private AuthenticatedChannelClientDriver mAuthDriver;
    private Channel mAuthenticatedChannel;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: alluxio.security.authentication.ChannelAuthenticator$1, reason: invalid class name */
    /* loaded from: input_file:alluxio/security/authentication/ChannelAuthenticator$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$alluxio$grpc$ChannelAuthenticationScheme = new int[ChannelAuthenticationScheme.values().length];

        static {
            try {
                $SwitchMap$alluxio$grpc$ChannelAuthenticationScheme[ChannelAuthenticationScheme.SIMPLE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$alluxio$grpc$ChannelAuthenticationScheme[ChannelAuthenticationScheme.CUSTOM.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            $SwitchMap$alluxio$security$authentication$AuthType = new int[AuthType.values().length];
            try {
                $SwitchMap$alluxio$security$authentication$AuthType[AuthType.NOSASL.ordinal()] = 1;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$alluxio$security$authentication$AuthType[AuthType.SIMPLE.ordinal()] = 2;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$alluxio$security$authentication$AuthType[AuthType.CUSTOM.ordinal()] = 3;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public ChannelAuthenticator(GrpcConnection grpcConnection, Subject subject, AuthType authType, AlluxioConfiguration alluxioConfiguration) {
        this.mConnection = grpcConnection;
        this.mChannelKey = this.mConnection.getChannelKey();
        this.mParentSubject = subject;
        this.mAuthType = authType;
        this.mConfiguration = alluxioConfiguration;
    }

    public void authenticate() throws AlluxioStatusException {
        LOG.debug("Authenticating channel: {}. AuthType: {}", this.mChannelKey.toString(), this.mAuthType);
        try {
            this.mAuthDriver = new AuthenticatedChannelClientDriver(createSaslClientHandler(this.mChannelKey.getServerAddress(), getChannelAuthScheme(this.mAuthType, this.mParentSubject, this.mChannelKey.getServerAddress().getSocketAddress()), this.mParentSubject), this.mChannelKey);
            this.mAuthDriver.setServerObserver(SaslAuthenticationServiceGrpc.newStub(this.mConnection.getChannel()).authenticate(this.mAuthDriver));
            this.mAuthDriver.startAuthenticatedChannel(this.mConfiguration.getMs(PropertyKey.NETWORK_CONNECTION_AUTH_TIMEOUT));
            this.mConnection.interceptChannel(new ChannelIdInjector(this.mChannelKey.getChannelId()));
        } catch (Throwable th) {
            AlluxioStatusException fromThrowable = AlluxioStatusException.fromThrowable(th);
            throw AlluxioStatusException.from(Status.fromCode(fromThrowable.getStatusCode()).withDescription(String.format("Channel authentication failed with code:%s. Channel: %s, AuthType: %s, Error: %s", fromThrowable.getStatusCode().name(), this.mChannelKey.toString(), this.mAuthType, fromThrowable.toString())).withCause(th));
        }
    }

    public Channel getAuthenticatedChannel() {
        return this.mAuthenticatedChannel;
    }

    public AuthenticatedChannelClientDriver getAuthenticationDriver() {
        return this.mAuthDriver;
    }

    private ChannelAuthenticationScheme getChannelAuthScheme(AuthType authType, Subject subject, SocketAddress socketAddress) throws UnauthenticatedException {
        switch (authType) {
            case NOSASL:
                return ChannelAuthenticationScheme.NOSASL;
            case SIMPLE:
                return ChannelAuthenticationScheme.SIMPLE;
            case CUSTOM:
                return ChannelAuthenticationScheme.CUSTOM;
            default:
                throw new UnauthenticatedException(String.format("Configured authentication type is not supported: %s", authType));
        }
    }

    private SaslClientHandler createSaslClientHandler(GrpcServerAddress grpcServerAddress, ChannelAuthenticationScheme channelAuthenticationScheme, Subject subject) throws UnauthenticatedException {
        switch (AnonymousClass1.$SwitchMap$alluxio$grpc$ChannelAuthenticationScheme[channelAuthenticationScheme.ordinal()]) {
            case 1:
            case 2:
                return new SaslClientHandlerPlain(this.mParentSubject, this.mConfiguration);
            default:
                throw new UnauthenticatedException(String.format("Channel authentication scheme not supported: %s", channelAuthenticationScheme.name()));
        }
    }
}
