package org.bitsofinfo.hazelcast.discovery.etcd;

import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.reflect.TypeToken;
import com.hazelcast.logging.ILogger;
import com.hazelcast.nio.Address;
import com.hazelcast.spi.discovery.AbstractDiscoveryStrategy;
import com.hazelcast.spi.discovery.DiscoveryNode;
import com.hazelcast.spi.discovery.SimpleDiscoveryNode;
import io.netty.handler.ssl.SslContextBuilder;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.net.URI;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.naming.ConfigurationException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.xml.bind.DatatypeConverter;
import mousio.etcd4j.EtcdClient;
import mousio.etcd4j.responses.EtcdKeysResponse;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;

/* loaded from: input_file:org/bitsofinfo/hazelcast/discovery/etcd/EtcdDiscoveryStrategy.class */
public class EtcdDiscoveryStrategy extends AbstractDiscoveryStrategy implements Runnable {
    public static final String DATE_PATTERN = "yyyy.MM.dd HH:mm:ss.SSS Z";
    private static final String TEMPORARY_KEY_PASSWORD = "changeit";
    private static String trustedCertsLocation;
    private static String clientKeyLocation;
    private static String clientCertLocation;
    private String etcdUrisString;
    private List<URI> etcdUris;
    private String etcdUsername;
    private String etcdPassword;
    private String etcdServiceName;
    private EtcdRegistrator registrator;

    /* JADX WARN: Type inference failed for: r0v53, types: [org.bitsofinfo.hazelcast.discovery.etcd.EtcdDiscoveryStrategy$1] */
    public EtcdDiscoveryStrategy(DiscoveryNode discoveryNode, ILogger iLogger, Map<String, Comparable> map) {
        super(iLogger, map);
        this.etcdUris = new ArrayList();
        this.etcdServiceName = null;
        this.registrator = null;
        this.etcdUrisString = (String) getOrDefault("etcd-uris", EtcdDiscoveryConfiguration.ETCD_URIS, "http://localhost:4001");
        this.etcdUsername = (String) getOrDefault("etcd-username", EtcdDiscoveryConfiguration.ETCD_USERNAME, null);
        this.etcdPassword = (String) getOrDefault("etcd-password", EtcdDiscoveryConfiguration.ETCD_PASSWORD, null);
        this.etcdServiceName = (String) getOrDefault("etcd-service-name", EtcdDiscoveryConfiguration.ETCD_SERVICE_NAME, "");
        clientCertLocation = (String) getOrDefault("etcd-client-cert-location", EtcdDiscoveryConfiguration.ETCD_CLIENT_CERT_LOCATION, "");
        clientKeyLocation = (String) getOrDefault("etcd-client-key-location", EtcdDiscoveryConfiguration.ETCD_CLIENT_KEY_LOCATION, "");
        trustedCertsLocation = (String) getOrDefault("etcd-trusted-cert-location", EtcdDiscoveryConfiguration.ETCD_TRUSTED_CERT_LOCATION, "");
        long intValue = ((Integer) getOrDefault("etcd-discovery-delay-ms", EtcdDiscoveryConfiguration.ETCD_DISCOVERY_DELAY_MS, 30000)).intValue();
        for (String str : this.etcdUrisString.split(",")) {
            try {
                this.etcdUris.add(URI.create(str.trim()));
            } catch (Exception e) {
                iLogger.severe("Error parsing etcd-uris: " + str + " " + e.getMessage(), e);
            }
        }
        String str2 = (String) getOrDefault("etcd-registrator", EtcdDiscoveryConfiguration.ETCD_REGISTRATOR, DoNothingRegistrator.class.getCanonicalName());
        String str3 = (String) getOrDefault("etcd-registrator-config", EtcdDiscoveryConfiguration.ETCD_REGISTRATOR_CONFIG, null);
        Map<String, Object> map2 = null;
        if (str3 != null && !str3.trim().isEmpty()) {
            try {
                map2 = (Map) new Gson().fromJson(str3, new TypeToken<Map<String, Object>>() { // from class: org.bitsofinfo.hazelcast.discovery.etcd.EtcdDiscoveryStrategy.1
                }.getType());
            } catch (Exception e2) {
                iLogger.severe("Unexpected error parsing 'etcd-registrator-config' JSON: " + str3 + " error=" + e2.getMessage(), e2);
            }
        }
        try {
            this.registrator = (EtcdRegistrator) Class.forName(str2).newInstance();
            iLogger.info("Using EtcdRegistrator: " + str2);
            this.registrator.init(this.etcdUris, this.etcdUsername, this.etcdPassword, this.etcdServiceName, discoveryNode, map2, iLogger);
            this.registrator.register();
        } catch (Exception e3) {
            iLogger.severe("Unexpected error attempting to init() EtcdRegistrator and register(): " + e3.getMessage(), e3);
        }
        Runtime.getRuntime().addShutdownHook(new Thread(this));
        try {
            iLogger.info("Registered our instance w/ Etcd OK.. delaying Hazelcast discovery, sleeping: " + intValue + "ms");
            Thread.sleep(intValue);
        } catch (Exception e4) {
            iLogger.severe("Unexpected error sleeping prior to discovery: " + e4.getMessage(), e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static EtcdClient getEtcdClient(List<URI> list, String str, String str2) throws Exception {
        if (list.iterator().next().toString().toLowerCase().indexOf("https") == -1) {
            return new EtcdClient(str, str2, (URI[]) list.toArray(new URI[0]));
        }
        SslContextBuilder forClient = SslContextBuilder.forClient();
        KeyStore readCertsAndCreateKeyStore = readCertsAndCreateKeyStore(clientCertLocation, clientKeyLocation, trustedCertsLocation);
        if (readCertsAndCreateKeyStore != null) {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(readCertsAndCreateKeyStore, TEMPORARY_KEY_PASSWORD.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(readCertsAndCreateKeyStore);
            forClient.keyManager(keyManagerFactory);
            forClient.trustManager(trustManagerFactory);
        }
        return new EtcdClient(forClient.build(), str, str2, (URI[]) list.toArray(new URI[0]));
    }

    public Iterable<DiscoveryNode> discoverNodes() {
        ArrayList arrayList = new ArrayList();
        EtcdClient etcdClient = null;
        try {
            try {
                etcdClient = getEtcdClient(this.etcdUris, this.etcdUsername, this.etcdPassword);
                Gson create = new GsonBuilder().setDateFormat(DATE_PATTERN).create();
                EtcdKeysResponse etcdKeysResponse = (EtcdKeysResponse) etcdClient.getDir(this.etcdServiceName).timeout(10L, TimeUnit.SECONDS).recursive().send().get();
                if (etcdKeysResponse.node != null) {
                    for (EtcdKeysResponse.EtcdNode etcdNode : etcdKeysResponse.node.nodes) {
                        if (etcdNode.value != null && !etcdNode.value.trim().isEmpty()) {
                            try {
                                EtcdHazelcastNode etcdHazelcastNode = (EtcdHazelcastNode) create.fromJson(etcdNode.value, EtcdHazelcastNode.class);
                                arrayList.add(new SimpleDiscoveryNode(new Address(etcdHazelcastNode.ip, etcdHazelcastNode.port.intValue())));
                            } catch (Exception e) {
                                getLogger().severe("Skipping node... error parsing etcd node[" + etcdNode.key + "] value: " + etcdNode.value + " to EtcdHazelcastNode..." + e.getMessage(), e);
                            }
                        }
                    }
                }
                try {
                    etcdClient.close();
                } catch (Exception e2) {
                }
            } catch (Exception e3) {
                getLogger().severe("discoverNodes() unexpected error: " + e3.getMessage(), e3);
                try {
                    etcdClient.close();
                } catch (Exception e4) {
                }
            }
            return arrayList;
        } catch (Throwable th) {
            try {
                etcdClient.close();
            } catch (Exception e5) {
            }
            throw th;
        }
    }

    @Override // java.lang.Runnable
    public void run() {
        try {
            if (this.registrator != null) {
                getLogger().info("Deregistering myself from Etcd: " + this.registrator.getMyServiceId());
                this.registrator.deregister();
            }
        } catch (Throwable th) {
            getLogger().severe("Unexpected error in EtcdRegistrator.deregister(): " + th.getMessage(), th);
        }
    }

    private static KeyStore readCertsAndCreateKeyStore(String str, String str2, String str3) throws ConfigurationException {
        String str4;
        String str5;
        String str6;
        FileInputStream fileInputStream;
        FileInputStream fileInputStream2;
        Throwable th;
        if (((str == null || str.isEmpty()) && ((str2 == null || str2.isEmpty()) && str3 == null)) || str3.isEmpty()) {
            return null;
        }
        try {
            fileInputStream = new FileInputStream(str3);
            Throwable th2 = null;
            try {
                try {
                    str4 = new String(IOUtils.toByteArray(fileInputStream));
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                } catch (Throwable th4) {
                    th2 = th4;
                    throw th4;
                }
            } finally {
                if (fileInputStream != null) {
                    if (th2 != null) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
            }
        } catch (Exception e) {
            str4 = null;
        }
        try {
            fileInputStream2 = new FileInputStream(str2);
            th = null;
        } catch (Exception e2) {
            str5 = null;
        }
        try {
            try {
                str5 = new String(IOUtils.toByteArray(fileInputStream2));
                if (fileInputStream2 != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream2.close();
                        } catch (Throwable th6) {
                            th.addSuppressed(th6);
                        }
                    } else {
                        fileInputStream2.close();
                    }
                }
                try {
                    fileInputStream = new FileInputStream(str);
                    Throwable th7 = null;
                    try {
                        try {
                            str6 = new String(IOUtils.toByteArray(fileInputStream));
                            if (fileInputStream != null) {
                                if (0 != 0) {
                                    try {
                                        fileInputStream.close();
                                    } catch (Throwable th8) {
                                        th7.addSuppressed(th8);
                                    }
                                } else {
                                    fileInputStream.close();
                                }
                            }
                        } catch (Throwable th9) {
                            th7 = th9;
                            throw th9;
                        }
                    } finally {
                    }
                } catch (Exception e3) {
                    str6 = null;
                }
                if (str6 == null && str5 == null && str4 == null) {
                    return null;
                }
                return getKeyStore(str4, str5, str6);
            } catch (Throwable th10) {
                th = th10;
                throw th10;
            }
        } finally {
            if (fileInputStream2 != null) {
                if (th != null) {
                    try {
                        fileInputStream2.close();
                    } catch (Throwable th11) {
                        th.addSuppressed(th11);
                    }
                } else {
                    fileInputStream2.close();
                }
            }
        }
    }

    private static KeyStore getKeyStore(String str, String str2, String str3) throws ConfigurationException {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null, null);
            PrivateKey loadPrivateKey = loadPrivateKey(str2);
            if (str != null) {
                if (str != null) {
                    List<Certificate> loadChainedCertificate = loadChainedCertificate(str);
                    for (int i = 0; i < loadChainedCertificate.size(); i++) {
                        keyStore.setCertificateEntry("ca-cert-" + i, loadChainedCertificate.get(i));
                    }
                }
                if (str3 != null) {
                    Certificate loadCertificate = loadCertificate(str3);
                    keyStore.setCertificateEntry("client-cert", loadCertificate);
                    if (loadPrivateKey != null) {
                        keyStore.setKeyEntry("client-key", loadPrivateKey, TEMPORARY_KEY_PASSWORD.toCharArray(), new Certificate[]{loadCertificate});
                    }
                }
            } else if (str3 != null) {
                List<Certificate> loadChainedCertificate2 = loadChainedCertificate(str3);
                if (loadChainedCertificate2.size() > 1) {
                    for (int i2 = 1; i2 < loadChainedCertificate2.size(); i2++) {
                        keyStore.setCertificateEntry("ca-cert-" + i2, loadChainedCertificate2.get(i2));
                    }
                }
                keyStore.setCertificateEntry("client-cert", loadChainedCertificate2.get(0));
                if (loadPrivateKey != null) {
                    keyStore.setKeyEntry("client-key", loadPrivateKey, TEMPORARY_KEY_PASSWORD.toCharArray(), new Certificate[]{loadChainedCertificate2.get(0)});
                }
            }
            return keyStore;
        } catch (IOException | GeneralSecurityException e) {
            ConfigurationException configurationException = new ConfigurationException("Cannot build keystore");
            configurationException.setRootCause(e);
            throw configurationException;
        }
    }

    private static List<Certificate> loadChainedCertificate(String str) throws GeneralSecurityException {
        if (str == null) {
            return null;
        }
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
        String[] split = str.split("-----BEGIN CERTIFICATE-----");
        ArrayList arrayList = new ArrayList();
        for (int i = 1; i < split.length; i++) {
            arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(DatatypeConverter.parseBase64Binary(split[i].split("-----END CERTIFICATE-----")[0]))));
        }
        return arrayList;
    }

    private static Certificate loadCertificate(String str) throws IOException, GeneralSecurityException {
        return CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(parseDERFromPEM(str, "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----")));
    }

    private static PrivateKey loadPrivateKey(String str) throws IOException, GeneralSecurityException {
        if (str == null || str.isEmpty()) {
            return null;
        }
        if (str.contains("-----BEGIN PRIVATE KEY-----")) {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(str.replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "").replaceAll("\\s", ""))));
        }
        if (!str.contains("-----BEGIN RSA PRIVATE KEY-----")) {
            throw new GeneralSecurityException("Not supported format of a private key");
        }
        PEMParser pEMParser = new PEMParser(new StringReader(str));
        Object readObject = pEMParser.readObject();
        pEMParser.close();
        return new JcaPEMKeyConverter().setProvider("BC").getKeyPair((PEMKeyPair) readObject).getPrivate();
    }

    private static byte[] parseDERFromPEM(String str, String str2, String str3) {
        return DatatypeConverter.parseBase64Binary(str.split(str2)[1].split(str3)[0]);
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
