package com.amazon.redshift.core.v3;

import com.amazon.redshift.RedshiftProperty;
import com.amazon.redshift.core.ConnectionFactory;
import com.amazon.redshift.core.QueryExecutor;
import com.amazon.redshift.core.RedshiftStream;
import com.amazon.redshift.core.ServerVersion;
import com.amazon.redshift.core.SetupQueryRunner;
import com.amazon.redshift.core.SocketFactoryFactory;
import com.amazon.redshift.core.Utils;
import com.amazon.redshift.core.Version;
import com.amazon.redshift.hostchooser.CandidateHost;
import com.amazon.redshift.hostchooser.GlobalHostStatusTracker;
import com.amazon.redshift.hostchooser.HostChooserFactory;
import com.amazon.redshift.hostchooser.HostRequirement;
import com.amazon.redshift.hostchooser.HostStatus;
import com.amazon.redshift.jdbc.EscapedFunctions;
import com.amazon.redshift.jdbc.SslMode;
import com.amazon.redshift.logger.LogLevel;
import com.amazon.redshift.logger.RedshiftLogger;
import com.amazon.redshift.ssl.MakeSSL;
import com.amazon.redshift.sspi.ISSPIClient;
import com.amazon.redshift.util.DriverInfo;
import com.amazon.redshift.util.GT;
import com.amazon.redshift.util.HostSpec;
import com.amazon.redshift.util.RedshiftException;
import com.amazon.redshift.util.RedshiftState;
import com.amazon.redshift.util.ServerErrorMessage;
import java.io.IOException;
import java.net.ConnectException;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.TimeZone;
import javax.net.SocketFactory;

/* loaded from: input_file:com/amazon/redshift/core/v3/ConnectionFactoryImpl.class */
public class ConnectionFactoryImpl extends ConnectionFactory {
    private RedshiftLogger logger;
    private static final int AUTH_REQ_OK = 0;
    private static final int AUTH_REQ_KRB4 = 1;
    private static final int AUTH_REQ_KRB5 = 2;
    private static final int AUTH_REQ_PASSWORD = 3;
    private static final int AUTH_REQ_CRYPT = 4;
    private static final int AUTH_REQ_MD5 = 5;
    private static final int AUTH_REQ_SCM = 6;
    private static final int AUTH_REQ_GSS = 7;
    private static final int AUTH_REQ_GSS_CONTINUE = 8;
    private static final int AUTH_REQ_SSPI = 9;
    private static final int AUTH_REQ_SASL = 10;
    private static final int AUTH_REQ_SASL_CONTINUE = 11;
    private static final int AUTH_REQ_SASL_FINAL = 12;
    private static final int AUTH_REQ_DIGEST = 13;
    private static final int AUTH_REQ_IDP = 14;
    private static final int AUTH_DIGEST_SHA256 = 0;
    private static final int AUTH_DIGEST_SCRYPT = 1;
    private static final int AUTH_DIGEST_ARGON2 = 2;
    public static int BASE_SERVER_PROTOCOL_VERSION = 0;
    public static int EXTENDED_RESULT_METADATA_SERVER_PROTOCOL_VERSION = 1;
    public static int BINARY_PROTOCOL_VERSION = 2;
    public static int EXTENDED2_RESULT_METADATA_SERVER_PROTOCOL_VERSION = 3;
    public static int DEFAULT_SERVER_PROTOCOL_VERSION = EXTENDED2_RESULT_METADATA_SERVER_PROTOCOL_VERSION;

    private ISSPIClient createSSPI(RedshiftStream redshiftStream, String str, boolean z) {
        try {
            return (ISSPIClient) Class.forName("com.amazon.redshift.sspi.SSPIClient").getDeclaredConstructor(RedshiftStream.class, String.class, Boolean.TYPE).newInstance(redshiftStream, str, Boolean.valueOf(z));
        } catch (Exception e) {
            throw new IllegalStateException("Unable to load com.amazon.redshift.sspi.SSPIClient. Please check that SSPIClient is included in your pgjdbc distribution.", e);
        }
    }

    private RedshiftStream tryConnect(String str, String str2, Properties properties, SocketFactory socketFactory, HostSpec hostSpec, SslMode sslMode) throws SQLException, IOException {
        int i = RedshiftProperty.CONNECT_TIMEOUT.getInt(properties) * 1000;
        RedshiftStream redshiftStream = null;
        try {
            RedshiftStream redshiftStream2 = new RedshiftStream(socketFactory, hostSpec, i, this.logger);
            int i2 = RedshiftProperty.SOCKET_TIMEOUT.getInt(properties);
            if (i2 > 0) {
                redshiftStream2.getSocket().setSoTimeout(i2 * 1000);
            }
            redshiftStream2.setMaxResultBuffer(RedshiftProperty.MAX_RESULT_BUFFER.get(properties));
            redshiftStream2.getSocket().setKeepAlive(RedshiftProperty.TCP_KEEP_ALIVE.getBoolean(properties));
            int i3 = RedshiftProperty.RECEIVE_BUFFER_SIZE.getInt(properties);
            if (i3 > -1) {
                if (i3 > 0) {
                    redshiftStream2.getSocket().setReceiveBufferSize(i3);
                } else if (RedshiftLogger.isEnable()) {
                    this.logger.log(LogLevel.INFO, "Ignore invalid value for receiveBufferSize: {0}", Integer.valueOf(i3));
                }
            }
            int i4 = RedshiftProperty.SEND_BUFFER_SIZE.getInt(properties);
            if (i4 > -1) {
                if (i4 > 0) {
                    redshiftStream2.getSocket().setSendBufferSize(i4);
                } else if (RedshiftLogger.isEnable()) {
                    this.logger.log(LogLevel.INFO, "Ignore invalid value for sendBufferSize: {0}", Integer.valueOf(i4));
                }
            }
            if (RedshiftLogger.isEnable()) {
                this.logger.log(LogLevel.DEBUG, "Receive Buffer Size is {0}", Integer.valueOf(redshiftStream2.getSocket().getReceiveBufferSize()));
                this.logger.log(LogLevel.DEBUG, "Send Buffer Size is {0}", Integer.valueOf(redshiftStream2.getSocket().getSendBufferSize()));
            }
            redshiftStream = enableSSL(redshiftStream2, sslMode, properties, i);
            sendStartupPacket(redshiftStream, getParametersForStartup(str, str2, properties, true));
            doAuthentication(redshiftStream, hostSpec.getHost(), str, properties);
            return redshiftStream;
        } catch (Exception e) {
            closeStream(redshiftStream);
            throw e;
        }
    }

    @Override // com.amazon.redshift.core.ConnectionFactory
    public QueryExecutor openConnectionImpl(HostSpec[] hostSpecArr, String str, String str2, Properties properties, RedshiftLogger redshiftLogger) throws SQLException {
        this.logger = redshiftLogger;
        SslMode of = SslMode.of(properties);
        String str3 = RedshiftProperty.TARGET_SERVER_TYPE.get(properties);
        try {
            HostRequirement targetServerType = HostRequirement.getTargetServerType(str3);
            SocketFactory socketFactory = SocketFactoryFactory.getSocketFactory(properties);
            Iterator<CandidateHost> it = HostChooserFactory.createHostChooser(hostSpecArr, targetServerType, properties).iterator();
            HashMap hashMap = new HashMap();
            while (it.hasNext()) {
                CandidateHost next = it.next();
                HostSpec hostSpec = next.hostSpec;
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.DEBUG, "Trying to establish a protocol version 3 connection to {0}", hostSpec);
                }
                HostStatus hostStatus = (HostStatus) hashMap.get(hostSpec);
                if (hostStatus == null || next.targetServerType.allowConnectingTo(hostStatus)) {
                    RedshiftStream redshiftStream = null;
                    try {
                        try {
                            redshiftStream = tryConnect(str, str2, properties, socketFactory, hostSpec, of);
                        } catch (SQLException e) {
                            if (of == SslMode.PREFER && RedshiftState.INVALID_AUTHORIZATION_SPECIFICATION.getState().equals(e.getSQLState())) {
                                Throwable th = null;
                                try {
                                    redshiftStream = tryConnect(str, str2, properties, socketFactory, hostSpec, SslMode.DISABLE);
                                    if (RedshiftLogger.isEnable()) {
                                        redshiftLogger.log(LogLevel.DEBUG, "Downgraded to non-encrypted connection for host {0}", hostSpec);
                                    }
                                } catch (IOException e2) {
                                    th = e2;
                                } catch (SQLException e3) {
                                    th = e3;
                                }
                                if (th != null) {
                                    if (RedshiftLogger.isEnable()) {
                                        redshiftLogger.log(LogLevel.DEBUG, th, "sslMode==PREFER, however non-SSL connection failed as well", new Object[0]);
                                    }
                                    e.addSuppressed(th);
                                    throw e;
                                }
                            } else {
                                if (of != SslMode.ALLOW || !RedshiftState.INVALID_AUTHORIZATION_SPECIFICATION.getState().equals(e.getSQLState())) {
                                    throw e;
                                }
                                Throwable th2 = null;
                                try {
                                    redshiftStream = tryConnect(str, str2, properties, socketFactory, hostSpec, SslMode.REQUIRE);
                                    if (RedshiftLogger.isEnable()) {
                                        redshiftLogger.log(LogLevel.DEBUG, "Upgraded to encrypted connection for host {0}", hostSpec);
                                    }
                                } catch (IOException e4) {
                                    th2 = e4;
                                } catch (SQLException e5) {
                                    th2 = e5;
                                }
                                if (th2 != null) {
                                    if (RedshiftLogger.isEnable()) {
                                        redshiftLogger.log(LogLevel.DEBUG, th2, "sslMode==ALLOW, however SSL connection failed as well", new Object[0]);
                                    }
                                    e.addSuppressed(th2);
                                    throw e;
                                }
                            }
                        }
                        QueryExecutorImpl queryExecutorImpl = new QueryExecutorImpl(redshiftStream, str, str2, RedshiftProperty.CANCEL_SIGNAL_TIMEOUT.getInt(properties) * 1000, properties, redshiftLogger);
                        HostStatus hostStatus2 = HostStatus.ConnectOK;
                        if (next.targetServerType != HostRequirement.any) {
                            hostStatus2 = isPrimary(queryExecutorImpl) ? HostStatus.Primary : HostStatus.Secondary;
                        }
                        GlobalHostStatusTracker.reportHostStatus(hostSpec, hostStatus2);
                        hashMap.put(hostSpec, hostStatus2);
                        if (next.targetServerType.allowConnectingTo(hostStatus2)) {
                            runInitialQueries(queryExecutorImpl, properties);
                            return queryExecutorImpl;
                        }
                        queryExecutorImpl.close();
                    } catch (ConnectException e6) {
                        GlobalHostStatusTracker.reportHostStatus(hostSpec, HostStatus.ConnectFail);
                        hashMap.put(hostSpec, HostStatus.ConnectFail);
                        if (!it.hasNext()) {
                            throw new RedshiftException(GT.tr("Connection to {0} refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.", hostSpec), RedshiftState.CONNECTION_UNABLE_TO_CONNECT, e6);
                        }
                        if (RedshiftLogger.isEnable()) {
                            redshiftLogger.log(LogLevel.DEBUG, e6, "ConnectException occurred while connecting to {0}", hostSpec);
                        }
                    } catch (IOException e7) {
                        closeStream(null);
                        GlobalHostStatusTracker.reportHostStatus(hostSpec, HostStatus.ConnectFail);
                        hashMap.put(hostSpec, HostStatus.ConnectFail);
                        if (!it.hasNext()) {
                            throw new RedshiftException(GT.tr("The connection attempt failed.", new Object[0]), RedshiftState.CONNECTION_UNABLE_TO_CONNECT, e7);
                        }
                        if (RedshiftLogger.isEnable()) {
                            redshiftLogger.log(LogLevel.DEBUG, e7, "IOException occurred while connecting to {0}", hostSpec);
                        }
                    } catch (SQLException e8) {
                        closeStream(null);
                        GlobalHostStatusTracker.reportHostStatus(hostSpec, HostStatus.ConnectFail);
                        hashMap.put(hostSpec, HostStatus.ConnectFail);
                        if (!it.hasNext()) {
                            throw e8;
                        }
                        if (RedshiftLogger.isEnable()) {
                            redshiftLogger.log(LogLevel.DEBUG, e8, "SQLException occurred while connecting to {0}", hostSpec);
                        }
                    }
                } else if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.DEBUG, "Known status of host {0} is {1}, and required status was {2}. Will try next host", hostSpec, hostStatus, next.targetServerType);
                }
            }
            throw new RedshiftException(GT.tr("Could not find a server with specified targetServerType: {0}", targetServerType), RedshiftState.CONNECTION_UNABLE_TO_CONNECT);
        } catch (IllegalArgumentException e9) {
            throw new RedshiftException(GT.tr("Invalid targetServerType value: {0}", str3), RedshiftState.CONNECTION_UNABLE_TO_CONNECT);
        }
    }

    private List<String[]> getParametersForStartup(String str, String str2, Properties properties, boolean z) {
        String str3;
        ArrayList arrayList = new ArrayList();
        boolean z2 = false;
        String str4 = "";
        String str5 = RedshiftProperty.CREDENTIALS_PROVIDER.get(properties);
        if (str5 != null && (str5.equalsIgnoreCase("com.amazon.redshift.plugin.BasicJwtCredentialsProvider") || str5.equalsIgnoreCase("com.amazon.redshift.plugin.BrowserAzureOAuth2CredentialsProvider"))) {
            str4 = "AzureAD";
            z2 = true;
            if (RedshiftLogger.isEnable()) {
                this.logger.log(LogLevel.INFO, "using azure plugin idptype", new Object[0]);
            }
        } else if (str5 != null && (str5.equalsIgnoreCase("com.amazon.redshift.plugin.BrowserOktaSAMLCredentialsProvider") || str5.equalsIgnoreCase("com.amazon.redshift.plugin.BasicNativeSamlCredentialsProvider"))) {
            str4 = "Okta";
            z2 = true;
            if (RedshiftLogger.isEnable()) {
                this.logger.log(LogLevel.INFO, "using okta plugin idptype", new Object[0]);
            }
        }
        if (!z2) {
            arrayList.add(new String[]{EscapedFunctions.USER, str});
        } else if (str != null && str.length() > 0) {
            arrayList.add(new String[]{EscapedFunctions.USER, str});
        }
        arrayList.add(new String[]{EscapedFunctions.DATABASE, str2});
        arrayList.add(new String[]{"client_encoding", "UTF8"});
        arrayList.add(new String[]{"DateStyle", "ISO"});
        Version from = ServerVersion.from(RedshiftProperty.ASSUME_MIN_SERVER_VERSION.get(properties));
        if (from.getVersionNum() >= ServerVersion.v9_0.getVersionNum()) {
            arrayList.add(new String[]{"extra_float_digits", "3"});
        } else {
            arrayList.add(new String[]{"extra_float_digits", "2"});
        }
        String str6 = RedshiftProperty.APPLICATION_NAME.get(properties);
        if (str6 == null) {
            StackTraceElement[] stackTrace = Thread.currentThread().getStackTrace();
            str6 = "[" + Thread.currentThread().getName() + "]" + stackTrace[stackTrace.length - 1].toString();
        }
        if (str6 != null) {
            arrayList.add(new String[]{"application_name", str6});
        }
        if (z) {
            arrayList.add(new String[]{"driver_version", DriverInfo.DRIVER_FULL_NAME});
            try {
                str3 = System.getProperty("os.name") + " " + System.getProperty("os.version") + " " + System.getProperty("os.arch");
            } catch (Exception e) {
                str3 = "Unknown";
            }
            arrayList.add(new String[]{"os_version", str3});
            if (str5 != null && str5.length() != 0) {
                arrayList.add(new String[]{"plugin_name", str5});
            }
            arrayList.add(new String[]{"client_protocol_version", properties.getProperty("client_protocol_version", Integer.toString(DEFAULT_SERVER_PROTOCOL_VERSION))});
        }
        if (z2) {
            arrayList.add(new String[]{"idp_type", str4});
            String str7 = RedshiftProperty.PROVIDER_NAME.get(properties);
            if (str7 != null && str7.length() != 0) {
                arrayList.add(new String[]{"provider_name", str7});
            }
        }
        String str8 = RedshiftProperty.REPLICATION.get(properties);
        if (str8 != null && from.getVersionNum() >= ServerVersion.v9_4.getVersionNum()) {
            arrayList.add(new String[]{"replication", str8});
        }
        String str9 = RedshiftProperty.CURRENT_SCHEMA.get(properties);
        if (str9 != null) {
            arrayList.add(new String[]{"search_path", str9});
        }
        String str10 = RedshiftProperty.OPTIONS.get(properties);
        if (str10 != null) {
            arrayList.add(new String[]{"options", str10});
        }
        return arrayList;
    }

    private static String createRedshiftTimeZone() {
        String str;
        String id = TimeZone.getDefault().getID();
        if (id.length() <= 3 || !id.startsWith("GMT")) {
            return id;
        }
        switch (id.charAt(3)) {
            case '+':
                str = "GMT-";
                break;
            case '-':
                str = "GMT+";
                break;
            default:
                return id;
        }
        return str + id.substring(4);
    }

    private RedshiftStream enableSSL(RedshiftStream redshiftStream, SslMode sslMode, Properties properties, int i) throws IOException, RedshiftException {
        if (sslMode != SslMode.DISABLE && sslMode != SslMode.ALLOW) {
            if (RedshiftLogger.isEnable()) {
                this.logger.log(LogLevel.DEBUG, " FE=> SSLRequest", new Object[0]);
            }
            redshiftStream.sendInteger4(8);
            redshiftStream.sendInteger2(1234);
            redshiftStream.sendInteger2(5679);
            redshiftStream.flush();
            switch (redshiftStream.receiveChar()) {
                case 69:
                    if (RedshiftLogger.isEnable()) {
                        this.logger.log(LogLevel.DEBUG, " <=BE SSLError", new Object[0]);
                    }
                    ServerErrorMessage serverErrorMessage = new ServerErrorMessage(redshiftStream.receiveErrorString(redshiftStream.receiveInteger4() - 4));
                    if (RedshiftLogger.isEnable()) {
                        this.logger.log(LogLevel.DEBUG, " <=BE ErrorMessage({0})", serverErrorMessage);
                    }
                    if (sslMode.requireEncryption()) {
                        throw new RedshiftException(serverErrorMessage, RedshiftProperty.LOG_SERVER_ERROR_DETAIL.getBoolean(properties));
                    }
                    redshiftStream.close();
                    return new RedshiftStream(redshiftStream.getSocketFactory(), redshiftStream.getHostSpec(), i, this.logger);
                case 78:
                    if (RedshiftLogger.isEnable()) {
                        this.logger.log(LogLevel.DEBUG, " <=BE SSLRefused", new Object[0]);
                    }
                    if (sslMode.requireEncryption()) {
                        throw new RedshiftException(GT.tr("The server does not support SSL.", new Object[0]), RedshiftState.CONNECTION_REJECTED);
                    }
                    return redshiftStream;
                case 83:
                    if (RedshiftLogger.isEnable()) {
                        this.logger.log(LogLevel.DEBUG, " <=BE SSLOk", new Object[0]);
                    }
                    MakeSSL.convert(redshiftStream, properties);
                    return redshiftStream;
                default:
                    throw new RedshiftException(GT.tr("An error occurred while setting up the SSL connection.", new Object[0]), RedshiftState.PROTOCOL_VIOLATION);
            }
        }
        return redshiftStream;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void sendStartupPacket(RedshiftStream redshiftStream, List<String[]> list) throws IOException {
        if (RedshiftLogger.isEnable()) {
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < list.size(); i++) {
                if (i != 0) {
                    sb.append(", ");
                }
                sb.append(list.get(i)[0]);
                sb.append("=");
                sb.append(list.get(i)[1]);
            }
            this.logger.log(LogLevel.DEBUG, " FE=> StartupPacket({0})", sb);
        }
        int i2 = 8;
        byte[] bArr = new byte[list.size() * 2];
        for (int i3 = 0; i3 < list.size(); i3++) {
            bArr[i3 * 2] = list.get(i3)[0].getBytes("UTF-8");
            bArr[(i3 * 2) + 1] = list.get(i3)[1].getBytes("UTF-8");
            i2 += bArr[i3 * 2].length + 1 + bArr[(i3 * 2) + 1].length + 1;
        }
        redshiftStream.sendInteger4(i2 + 1);
        redshiftStream.sendInteger2(3);
        redshiftStream.sendInteger2(0);
        for (byte[] bArr2 : bArr) {
            redshiftStream.send(bArr2);
            redshiftStream.sendChar(0);
        }
        redshiftStream.sendChar(0);
        redshiftStream.flush();
    }

    /* JADX WARN: Code restructure failed: missing block: B:54:0x02aa, code lost:
    
        throw new com.amazon.redshift.util.RedshiftException(com.amazon.redshift.util.GT.tr("The server requested IDP token-based authentication, but no token was provided.", new java.lang.Object[0]), com.amazon.redshift.util.RedshiftState.CONNECTION_REJECTED);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void doAuthentication(com.amazon.redshift.core.RedshiftStream r12, java.lang.String r13, java.lang.String r14, java.util.Properties r15) throws java.io.IOException, java.sql.SQLException {
        /*
            Method dump skipped, instructions count: 1410
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.amazon.redshift.core.v3.ConnectionFactoryImpl.doAuthentication(com.amazon.redshift.core.RedshiftStream, java.lang.String, java.lang.String, java.util.Properties):void");
    }

    private void runInitialQueries(QueryExecutor queryExecutor, Properties properties) throws SQLException {
        if (Utils.parseServerVersionStr(RedshiftProperty.ASSUME_MIN_SERVER_VERSION.get(properties)) >= ServerVersion.v9_0.getVersionNum()) {
            return;
        }
        if (queryExecutor.getServerVersionNum() >= ServerVersion.v9_0.getVersionNum()) {
            SetupQueryRunner.run(queryExecutor, "SET extra_float_digits = 3", false);
        }
        String str = RedshiftProperty.APPLICATION_NAME.get(properties);
        if (str != null && str.length() != 0) {
            StringBuilder sb = new StringBuilder();
            sb.append("SET application_name = '");
            Utils.escapeLiteral(sb, str, queryExecutor.getStandardConformingStrings());
            sb.append("'");
            SetupQueryRunner.run(queryExecutor, sb.toString(), false);
        }
        String str2 = RedshiftProperty.QUERY_GROUP.get(properties);
        if (str2 == null || str2.length() == 0) {
            return;
        }
        StringBuilder sb2 = new StringBuilder();
        sb2.append("SET query_group TO '");
        Utils.escapeLiteral(sb2, str2, queryExecutor.getStandardConformingStrings());
        sb2.append("'");
        SetupQueryRunner.run(queryExecutor, sb2.toString(), false);
    }

    private boolean isPrimary(QueryExecutor queryExecutor) throws SQLException, IOException {
        return queryExecutor.getEncoding().decode(SetupQueryRunner.run(queryExecutor, "show transaction_read_only", true).get(0)).equalsIgnoreCase("off");
    }
}
