package com.netflix.eureka.aws;

import com.amazonaws.ClientConfiguration;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.auth.BasicSessionCredentials;
import com.amazonaws.auth.InstanceProfileCredentialsProvider;
import com.amazonaws.services.autoscaling.AmazonAutoScaling;
import com.amazonaws.services.autoscaling.AmazonAutoScalingClient;
import com.amazonaws.services.autoscaling.model.AutoScalingGroup;
import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsRequest;
import com.amazonaws.services.autoscaling.model.SuspendedProcess;
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient;
import com.amazonaws.services.securitytoken.model.AssumeRoleRequest;
import com.amazonaws.services.securitytoken.model.Credentials;
import com.google.common.base.Strings;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.ListeningExecutorService;
import com.google.common.util.concurrent.MoreExecutors;
import com.netflix.appinfo.AmazonInfo;
import com.netflix.appinfo.ApplicationInfoManager;
import com.netflix.appinfo.DataCenterInfo;
import com.netflix.appinfo.InstanceInfo;
import com.netflix.discovery.EurekaClientConfig;
import com.netflix.discovery.shared.Application;
import com.netflix.eureka.EurekaServerConfig;
import com.netflix.eureka.registry.InstanceRegistry;
import com.netflix.servo.annotations.DataSourceType;
import com.netflix.servo.annotations.Monitor;
import com.netflix.servo.monitor.Monitors;
import com.netflix.servo.monitor.Stopwatch;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:BOOT-INF/lib/eureka-core-2.0.0.jar:com/netflix/eureka/aws/AwsAsgUtil.class */
public class AwsAsgUtil implements AsgClient {
    private static final String PROP_ADD_TO_LOAD_BALANCER = "AddToLoadBalancer";
    private final EurekaServerConfig serverConfig;
    private final EurekaClientConfig clientConfig;
    private final InstanceRegistry registry;
    private final LoadingCache<CacheKey, Boolean> asgCache;
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AwsAsgUtil.class);
    private static final String accountId = getAccountId();
    private Map<String, Credentials> stsCredentials = new HashMap();
    private final ExecutorService cacheReloadExecutor = new ThreadPoolExecutor(1, 10, 60, TimeUnit.SECONDS, new LinkedBlockingQueue(), new ThreadFactory() { // from class: com.netflix.eureka.aws.AwsAsgUtil.1
        @Override // java.util.concurrent.ThreadFactory
        public Thread newThread(Runnable runnable) {
            Thread thread = new Thread(runnable, "Eureka-AWS-isASGEnabled");
            thread.setDaemon(true);
            return thread;
        }
    });
    private ListeningExecutorService listeningCacheReloadExecutor = MoreExecutors.listeningDecorator(this.cacheReloadExecutor);
    private final Timer timer = new Timer("Eureka-ASGCacheRefresh", true);
    private final com.netflix.servo.monitor.Timer loadASGInfoTimer = Monitors.newTimer("Eureka-loadASGInfo");
    private final AmazonAutoScaling awsClient = getAmazonAutoScalingClient();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.netflix.eureka.aws.AwsAsgUtil$2, reason: invalid class name */
    /* loaded from: input_file:BOOT-INF/lib/eureka-core-2.0.0.jar:com/netflix/eureka/aws/AwsAsgUtil$2.class */
    public class AnonymousClass2 extends CacheLoader<CacheKey, Boolean> {
        AnonymousClass2() {
        }

        @Override // com.google.common.cache.CacheLoader
        public Boolean load(CacheKey cacheKey) throws Exception {
            return AwsAsgUtil.this.isASGEnabledinAWS(cacheKey.asgAccountId, cacheKey.asgName);
        }

        @Override // com.google.common.cache.CacheLoader
        public ListenableFuture<Boolean> reload(final CacheKey cacheKey, Boolean bool) throws Exception {
            return AwsAsgUtil.this.listeningCacheReloadExecutor.submit((Callable) new Callable<Boolean>() { // from class: com.netflix.eureka.aws.AwsAsgUtil.2.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public Boolean call() throws Exception {
                    return AnonymousClass2.this.load(cacheKey);
                }
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/eureka-core-2.0.0.jar:com/netflix/eureka/aws/AwsAsgUtil$CacheKey.class */
    public static class CacheKey {
        final String asgAccountId;
        final String asgName;

        CacheKey(String str, String str2) {
            this.asgAccountId = str;
            this.asgName = str2;
        }

        public String toString() {
            return "CacheKey{asgName='" + this.asgName + "', asgAccountId='" + this.asgAccountId + "'}";
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof CacheKey)) {
                return false;
            }
            CacheKey cacheKey = (CacheKey) obj;
            if (this.asgAccountId != null) {
                if (!this.asgAccountId.equals(cacheKey.asgAccountId)) {
                    return false;
                }
            } else if (cacheKey.asgAccountId != null) {
                return false;
            }
            return this.asgName != null ? this.asgName.equals(cacheKey.asgName) : cacheKey.asgName == null;
        }

        public int hashCode() {
            return (31 * (this.asgName != null ? this.asgName.hashCode() : 0)) + (this.asgAccountId != null ? this.asgAccountId.hashCode() : 0);
        }
    }

    @Inject
    public AwsAsgUtil(EurekaServerConfig eurekaServerConfig, EurekaClientConfig eurekaClientConfig, InstanceRegistry instanceRegistry) {
        this.serverConfig = eurekaServerConfig;
        this.clientConfig = eurekaClientConfig;
        this.registry = instanceRegistry;
        this.asgCache = CacheBuilder.newBuilder().initialCapacity(500).expireAfterAccess(eurekaServerConfig.getASGCacheExpiryTimeoutMs(), TimeUnit.MILLISECONDS).build(new AnonymousClass2());
        this.awsClient.setEndpoint("autoscaling." + eurekaClientConfig.getRegion() + ".amazonaws.com");
        this.timer.schedule(getASGUpdateTask(), eurekaServerConfig.getASGUpdateIntervalMs(), eurekaServerConfig.getASGUpdateIntervalMs());
        try {
            Monitors.registerObject(this);
        } catch (Throwable th) {
            logger.warn("Cannot register the JMX monitor :", th);
        }
    }

    @Override // com.netflix.eureka.aws.AsgClient
    public boolean isASGEnabled(InstanceInfo instanceInfo) {
        CacheKey cacheKey = new CacheKey(getAccountId(instanceInfo, accountId), instanceInfo.getASGName());
        Boolean ifPresent = this.asgCache.getIfPresent(cacheKey);
        if (ifPresent != null) {
            return ifPresent.booleanValue();
        }
        if (!this.serverConfig.shouldUseAwsAsgApi()) {
            logger.info("'{}' is not cached at the moment and won't be fetched because querying AWS ASGs has been disabled via the config, returning the fallback value.", cacheKey);
            return true;
        }
        logger.info("Cache value for asg {} does not exist yet, async refreshing.", cacheKey.asgName);
        this.asgCache.refresh(cacheKey);
        return true;
    }

    @Override // com.netflix.eureka.aws.AsgClient
    public void setStatus(String str, boolean z) {
        this.asgCache.put(new CacheKey(getASGAccount(str), str), Boolean.valueOf(z));
    }

    private boolean isAddToLoadBalancerSuspended(String str, String str2) {
        AutoScalingGroup retrieveAutoScalingGroup = (str == null || str.equals(accountId)) ? retrieveAutoScalingGroup(str2) : retrieveAutoScalingGroupCrossAccount(str, str2);
        if (retrieveAutoScalingGroup != null) {
            return isAddToLoadBalancerSuspended(retrieveAutoScalingGroup);
        }
        logger.warn("The ASG information for {} could not be found. So returning false.", str2);
        return false;
    }

    private boolean isAddToLoadBalancerSuspended(AutoScalingGroup autoScalingGroup) {
        Iterator it = autoScalingGroup.getSuspendedProcesses().iterator();
        while (it.hasNext()) {
            if (PROP_ADD_TO_LOAD_BALANCER.equals(((SuspendedProcess) it.next()).getProcessName())) {
                return true;
            }
        }
        return false;
    }

    private AutoScalingGroup retrieveAutoScalingGroup(String str) {
        if (Strings.isNullOrEmpty(str)) {
            logger.warn("null asgName specified, not attempting to retrieve AutoScalingGroup from AWS");
            return null;
        }
        List autoScalingGroups = this.awsClient.describeAutoScalingGroups(new DescribeAutoScalingGroupsRequest().withAutoScalingGroupNames(new String[]{str})).getAutoScalingGroups();
        if (autoScalingGroups.isEmpty()) {
            return null;
        }
        return (AutoScalingGroup) autoScalingGroups.get(0);
    }

    private Credentials initializeStsSession(String str) {
        AWSSecurityTokenServiceClient aWSSecurityTokenServiceClient = new AWSSecurityTokenServiceClient(new InstanceProfileCredentialsProvider());
        String region = this.clientConfig.getRegion();
        if (!region.equals("us-east-1")) {
            aWSSecurityTokenServiceClient.setEndpoint("sts." + region + ".amazonaws.com");
        }
        return aWSSecurityTokenServiceClient.assumeRole(new AssumeRoleRequest().withRoleArn("arn:aws:iam::" + str + ":role/" + this.serverConfig.getListAutoScalingGroupsRoleName()).withRoleSessionName("sts-session-" + str)).getCredentials();
    }

    private AutoScalingGroup retrieveAutoScalingGroupCrossAccount(String str, String str2) {
        logger.debug("Getting cross account ASG for asgName: {}, asgAccount: {}", str2, str);
        Credentials credentials = this.stsCredentials.get(str);
        if (credentials == null || credentials.getExpiration().getTime() < System.currentTimeMillis() + 1000) {
            this.stsCredentials.put(str, initializeStsSession(str));
            credentials = this.stsCredentials.get(str);
        }
        AmazonAutoScalingClient amazonAutoScalingClient = new AmazonAutoScalingClient(new BasicSessionCredentials(credentials.getAccessKeyId(), credentials.getSecretAccessKey(), credentials.getSessionToken()), new ClientConfiguration().withConnectionTimeout(this.serverConfig.getASGQueryTimeoutMs()));
        String region = this.clientConfig.getRegion();
        if (!region.equals("us-east-1")) {
            amazonAutoScalingClient.setEndpoint("autoscaling." + region + ".amazonaws.com");
        }
        List autoScalingGroups = amazonAutoScalingClient.describeAutoScalingGroups(new DescribeAutoScalingGroupsRequest().withAutoScalingGroupNames(new String[]{str2})).getAutoScalingGroups();
        if (autoScalingGroups.isEmpty()) {
            return null;
        }
        return (AutoScalingGroup) autoScalingGroups.get(0);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Boolean isASGEnabledinAWS(String str, String str2) {
        try {
            Stopwatch start = this.loadASGInfoTimer.start();
            boolean z = !isAddToLoadBalancerSuspended(str, str2);
            start.stop();
            return Boolean.valueOf(z);
        } catch (Throwable th) {
            logger.error("Could not get ASG information from AWS: ", th);
            return Boolean.TRUE;
        }
    }

    @Monitor(name = "numOfElementsinASGCache", description = "Number of elements in the ASG Cache", type = DataSourceType.GAUGE)
    public long getNumberofElementsinASGCache() {
        return this.asgCache.size();
    }

    @Monitor(name = "numOfASGQueries", description = "Number of queries made to AWS to retrieve ASG information", type = DataSourceType.COUNTER)
    public long getNumberofASGQueries() {
        return this.asgCache.stats().loadCount();
    }

    @Monitor(name = "numOfASGQueryFailures", description = "Number of queries made to AWS to retrieve ASG information and that failed", type = DataSourceType.COUNTER)
    public long getNumberofASGQueryFailures() {
        return this.asgCache.stats().loadExceptionCount();
    }

    private TimerTask getASGUpdateTask() {
        return new TimerTask() { // from class: com.netflix.eureka.aws.AwsAsgUtil.3
            @Override // java.util.TimerTask, java.lang.Runnable
            public void run() {
                try {
                    if (AwsAsgUtil.this.serverConfig.shouldUseAwsAsgApi()) {
                        Set<CacheKey> cacheKeys = AwsAsgUtil.this.getCacheKeys();
                        if (AwsAsgUtil.logger.isDebugEnabled()) {
                            AwsAsgUtil.logger.debug("Trying to  refresh the keys for {}", Arrays.toString(cacheKeys.toArray()));
                        }
                        for (CacheKey cacheKey : cacheKeys) {
                            try {
                                AwsAsgUtil.this.asgCache.refresh(cacheKey);
                            } catch (Throwable th) {
                                AwsAsgUtil.logger.error("Error updating the ASG cache for {}", cacheKey, th);
                            }
                        }
                    }
                } catch (Throwable th2) {
                    AwsAsgUtil.logger.error("Error updating the ASG cache", th2);
                }
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Set<CacheKey> getCacheKeys() {
        HashSet hashSet = new HashSet();
        Iterator<Application> it = this.registry.getApplicationsFromLocalRegionOnly().getRegisteredApplications().iterator();
        while (it.hasNext()) {
            for (InstanceInfo instanceInfo : it.next().getInstances()) {
                String accountId2 = getAccountId(instanceInfo, accountId);
                String aSGName = instanceInfo.getASGName();
                if (aSGName != null) {
                    hashSet.add(new CacheKey(accountId2, aSGName));
                }
            }
        }
        return hashSet;
    }

    private String getASGAccount(String str) {
        String accountId2;
        Iterator<Application> it = this.registry.getApplicationsFromLocalRegionOnly().getRegisteredApplications().iterator();
        while (it.hasNext()) {
            for (InstanceInfo instanceInfo : it.next().getInstances()) {
                String aSGName = instanceInfo.getASGName();
                if (aSGName != null && aSGName.equals(str) && (accountId2 = getAccountId(instanceInfo, null)) != null) {
                    return accountId2;
                }
            }
        }
        logger.info("Couldn't get the ASG account for {}, using the default accountId instead", str);
        return accountId;
    }

    private String getAccountId(InstanceInfo instanceInfo, String str) {
        String str2 = null;
        DataCenterInfo dataCenterInfo = instanceInfo.getDataCenterInfo();
        if (dataCenterInfo instanceof AmazonInfo) {
            str2 = ((AmazonInfo) dataCenterInfo).get(AmazonInfo.MetaDataKey.accountId);
        }
        return str2 == null ? str : str2;
    }

    private AmazonAutoScaling getAmazonAutoScalingClient() {
        String aWSAccessId = this.serverConfig.getAWSAccessId();
        String aWSSecretKey = this.serverConfig.getAWSSecretKey();
        ClientConfiguration withConnectionTimeout = new ClientConfiguration().withConnectionTimeout(this.serverConfig.getASGQueryTimeoutMs());
        return (null == aWSAccessId || "".equals(aWSAccessId) || null == aWSSecretKey || "".equals(aWSSecretKey)) ? new AmazonAutoScalingClient(new InstanceProfileCredentialsProvider(), withConnectionTimeout) : new AmazonAutoScalingClient(new BasicAWSCredentials(aWSAccessId, aWSSecretKey), withConnectionTimeout);
    }

    private static String getAccountId() {
        return ((AmazonInfo) ApplicationInfoManager.getInstance().getInfo().getDataCenterInfo()).get(AmazonInfo.MetaDataKey.accountId);
    }
}
