package com.parasoft.xtest.common.vm;

import com.parasoft.xtest.common.dtp.IDtpConstants;
import com.parasoft.xtest.common.json.JSONException;
import com.parasoft.xtest.common.json.JSONObject;
import com.parasoft.xtest.common.license.ArchInfo;
import com.parasoft.xtest.common.profiler.PerformanceMeter;
import com.parasoft.xtest.common.profiler.Profiler;
import com.parasoft.xtest.common.text.UString;
import com.parasoft.xtest.common.vm.VMInfoFactory;
import com.parasoft.xtest.results.internal.metadata.UuidUtil;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.UUID;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.TrustStrategy;
import org.apache.http.util.EntityUtils;
import org.apache.logging.log4j.core.net.ssl.SslConfigurationDefaults;

/* loaded from: input_file:WEB-INF/lib/com.parasoft.xtest.common-10.6.1.20221021.jar:com/parasoft/xtest/common/vm/KubernetesDetector.class */
public class KubernetesDetector implements IVEnvDetector {
    private static final String PARASOFT_SECRET = "parasoft-secret";
    private static final File SERVICE_ACCOUNT = new File("/var/run/secrets/kubernetes.io/serviceaccount");
    private static final File CA_CERT = new File(SERVICE_ACCOUNT, "ca.crt");
    private static final File TOKEN = new File(SERVICE_ACCOUNT, "token");
    private static final ResponseHandler<JSONObject> JSON_PARSER = httpResponse -> {
        String str;
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        String entityUtils = EntityUtils.toString(httpResponse.getEntity());
        if (statusCode < 200 || statusCode >= 300) {
            str = entityUtils;
        } else {
            try {
                return new JSONObject(entityUtils);
            } catch (JSONException e) {
                str = e.getMessage();
            }
        }
        throw new IOException("Kubernetes API call fails with status=" + statusCode + " error=" + str);
    };
    private static KubernetesAPIClient apiClient = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/com.parasoft.xtest.common-10.6.1.20221021.jar:com/parasoft/xtest/common/vm/KubernetesDetector$KubernetesAPIClient.class */
    public static class KubernetesAPIClient {
        private HttpClientBuilder httpClientBuilder;
        private URI baseURI;
        private String token;
        private Exception setupException;

        public KubernetesAPIClient(String str, int i, int i2) {
            try {
                this.baseURI = new URIBuilder().setScheme(IDtpConstants.HTTPS_PROTOCOL).setHost(str).setPort(i).setPath("/api/v1/namespaces").build();
                this.token = new String(Files.readAllBytes(KubernetesDetector.TOKEN.toPath()));
                this.httpClientBuilder = HttpClientBuilder.create().setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(i2).setSocketTimeout(i2).build()).setSSLContext(SSLContextBuilder.create().loadTrustMaterial(KubernetesDetector.convertToKeyStore(KubernetesDetector.CA_CERT), (TrustStrategy) null).build());
            } catch (Exception e) {
                Logger.getLogger().debug(EVMType.Kubernetes + ": Error initializing client: " + e.getMessage());
                this.setupException = e;
            }
        }

        public JSONObject getNamespace() throws Exception {
            return execute(new HttpGet(), "/parasoft-namespace", null);
        }

        public JSONObject getSecret() throws Exception {
            return execute(new HttpGet(), "/parasoft-namespace/secrets/parasoft-secret", null);
        }

        public JSONObject postSecret(String str) throws Exception {
            return execute(new HttpPost(), "/parasoft-namespace/secrets", str);
        }

        public JSONObject putSecret(String str) throws Exception {
            return execute(new HttpPut(), "/parasoft-namespace/secrets/parasoft-secret", str);
        }

        private <T extends HttpRequestBase> JSONObject execute(T t, String str, String str2) throws Exception {
            if (this.setupException != null) {
                throw this.setupException;
            }
            t.setURI(new URIBuilder(this.baseURI).setPath(String.valueOf(this.baseURI.getPath()) + str).build());
            t.addHeader("Content-Type", "application/json");
            t.addHeader("Authorization", "Bearer " + this.token);
            if (str2 != null && (t instanceof HttpEntityEnclosingRequestBase)) {
                ((HttpEntityEnclosingRequestBase) t).setEntity(new StringEntity(str2));
            }
            Throwable th = null;
            try {
                CloseableHttpClient build = this.httpClientBuilder.build();
                try {
                    JSONObject jSONObject = (JSONObject) build.execute(t, KubernetesDetector.JSON_PARSER);
                    if (build != null) {
                        build.close();
                    }
                    return jSONObject;
                } catch (Throwable th2) {
                    if (build != null) {
                        build.close();
                    }
                    throw th2;
                }
            } catch (Throwable th3) {
                if (0 == 0) {
                    th = th3;
                } else if (null != th3) {
                    th.addSuppressed(th3);
                }
                throw th;
            }
        }
    }

    @Override // com.parasoft.xtest.common.vm.IVEnvDetector
    public boolean isAllowed(EVMStrategy eVMStrategy) {
        if (ArchInfo.isLinux() && (eVMStrategy == EVMStrategy.KUBERNETES_VM || eVMStrategy == EVMStrategy.ALL_VM)) {
            return true;
        }
        Logger.getLogger().info(EVMType.Kubernetes + ": VM UUID disabled.");
        return false;
    }

    @Override // com.parasoft.xtest.common.vm.IVEnvDetector
    public IVMInfo createVMInfo() {
        PerformanceMeter meter = Profiler.getProfiler(IVEnvDetector.PROFILER_IDENTIFIER).getMeter(VMInfoFactory.class, EVMType.Kubernetes.toString());
        meter.start();
        try {
            String kubernetesSystemUUID = getKubernetesSystemUUID();
            if (kubernetesSystemUUID == null) {
                meter.stop();
                return null;
            }
            String trim = kubernetesSystemUUID.trim();
            return new VMInfoFactory.SessionVMInfo(trim.hashCode(), EVMType.Kubernetes, trim, new VMInfoFactory.ISessionInfo() { // from class: com.parasoft.xtest.common.vm.KubernetesDetector.1
                @Override // com.parasoft.xtest.common.vm.VMInfoFactory.ISessionInfo
                public String getSessionId() throws Exception {
                    return KubernetesDetector.getSessionId();
                }

                @Override // com.parasoft.xtest.common.vm.VMInfoFactory.ISessionInfo
                public String createSessionId() throws Exception {
                    return KubernetesDetector.createSessionId();
                }
            });
        } finally {
            meter.stop();
        }
    }

    public static String getKubernetesSystemUUID() {
        KubernetesAPIClient client = getClient();
        if (client == null) {
            Logger.getLogger().info(EVMType.Kubernetes + ": Environment was not detected.");
            return null;
        }
        try {
            JSONObject jSONObject = client.getNamespace().getJSONObject("metadata");
            if (jSONObject != null) {
                Logger.getLogger().info(EVMType.Kubernetes + ": System detected.");
                return jSONObject.getString("uid");
            }
            Logger.getLogger().warn(EVMType.Kubernetes + ": Cannot generate machine ID because API fails to get UUID.");
            return "";
        } catch (Exception e) {
            Logger.getLogger().debug(EVMType.Kubernetes + ": " + e.getMessage());
            return "";
        }
    }

    public static String getSessionId() throws Exception {
        KubernetesAPIClient client = getClient();
        if (client == null) {
            throw new Exception(EVMType.Kubernetes + ": Cannot create API client");
        }
        String str = null;
        JSONObject jSONObject = client.getSecret().getJSONObject("data");
        if (jSONObject != null) {
            Logger.getLogger().debug(EVMType.Kubernetes + ": Found secret data.");
            str = jSONObject.getString(UuidUtil.UUID_ATTR);
        }
        if (!UString.isEmpty(str)) {
            return str;
        }
        Logger.getLogger().debug(EVMType.Kubernetes + ": Secret data was empty.");
        throw new Exception("Cannot get Kubernetes session id");
    }

    public static String createSessionId() throws Exception {
        KubernetesAPIClient client = getClient();
        if (client == null) {
            throw new Exception("Cannot create Kubernetes API client");
        }
        String encodeToString = Base64.getUrlEncoder().encodeToString(UUID.randomUUID().toString().getBytes());
        String jSONObject = new JSONObject().put("data", new JSONObject().put(UuidUtil.UUID_ATTR, encodeToString)).put("metadata", new JSONObject().put("name", PARASOFT_SECRET)).toString();
        try {
            client.postSecret(jSONObject);
            return encodeToString;
        } catch (Exception e) {
            String message = e.getMessage();
            try {
                client.putSecret(jSONObject);
                return encodeToString;
            } catch (Exception e2) {
                Logger.getLogger().debug(message);
                Logger.getLogger().debug(e2.getMessage());
                throw e2;
            }
        }
    }

    static void setClient(KubernetesAPIClient kubernetesAPIClient) {
        apiClient = kubernetesAPIClient;
    }

    private static KubernetesAPIClient getClient() {
        if (apiClient != null) {
            return apiClient;
        }
        String str = System.getenv("KUBERNETES_SERVICE_HOST");
        Integer environmentVariableAsInt = getEnvironmentVariableAsInt("KUBERNETES_SERVICE_PORT", null);
        int intValue = getEnvironmentVariableAsInt("PARASOFT_KUBERNETES_SERVICE_TIMEOUT", 15000).intValue();
        if (str != null && environmentVariableAsInt != null && CA_CERT.exists() && TOKEN.exists()) {
            apiClient = new KubernetesAPIClient(str, environmentVariableAsInt.intValue(), intValue);
        }
        return apiClient;
    }

    private static Integer getEnvironmentVariableAsInt(String str, Integer num) {
        String str2 = System.getenv(str);
        if (str2 != null) {
            try {
                return Integer.valueOf(Integer.parseInt(str2));
            } catch (NumberFormatException e) {
                Logger.getLogger().debug(EVMType.Kubernetes + ": Environment found an unexpected data type");
            }
        }
        return num;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static KeyStore convertToKeyStore(File file) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(SslConfigurationDefaults.KEYSTORE_TYPE);
        keyStore.load(null, null);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Throwable th = null;
        try {
            InputStream newInputStream = Files.newInputStream(file.toPath(), new OpenOption[0]);
            try {
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(newInputStream);
                keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName("RFC2253"), x509Certificate);
                if (newInputStream != null) {
                    newInputStream.close();
                }
                return keyStore;
            } catch (Throwable th2) {
                if (newInputStream != null) {
                    newInputStream.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }
}
