package org.apache.ambari.server.serveraction.kerberos;

import com.google.inject.AbstractModule;
import com.google.inject.Guice;
import com.google.inject.Injector;
import com.google.inject.Module;
import java.io.File;
import java.nio.charset.Charset;
import javax.persistence.EntityManager;
import junit.framework.Assert;
import org.apache.ambari.server.audit.AuditLogger;
import org.apache.ambari.server.controller.KerberosHelper;
import org.apache.ambari.server.controller.RootComponent;
import org.apache.ambari.server.controller.RootService;
import org.apache.ambari.server.orm.DBAccessor;
import org.apache.ambari.server.orm.dao.HostDAO;
import org.apache.ambari.server.orm.dao.KerberosKeytabPrincipalDAO;
import org.apache.ambari.server.orm.entities.HostEntity;
import org.apache.ambari.server.orm.entities.KerberosKeytabEntity;
import org.apache.ambari.server.orm.entities.KerberosKeytabPrincipalEntity;
import org.apache.ambari.server.orm.entities.KerberosPrincipalEntity;
import org.apache.ambari.server.serveraction.ActionLog;
import org.apache.ambari.server.serveraction.kerberos.stageutils.ResolvedKerberosPrincipal;
import org.apache.ambari.server.state.Clusters;
import org.apache.ambari.server.state.stack.OsFamily;
import org.apache.ambari.server.utils.StageUtils;
import org.apache.commons.io.FileUtils;
import org.easymock.EasyMock;
import org.easymock.EasyMockSupport;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;

/* loaded from: input_file:org/apache/ambari/server/serveraction/kerberos/ConfigureAmbariIdentitiesServerActionTest.class */
public class ConfigureAmbariIdentitiesServerActionTest extends EasyMockSupport {

    @Rule
    public TemporaryFolder testFolder = new TemporaryFolder();

    @Test
    public void installAmbariServerIdentity() throws Exception {
        installAmbariServerIdentity((ActionLog) createNiceMock(ActionLog.class), true);
    }

    @Test
    public void installAmbariServerIdentityWithNoAgentOnAmbariServer() throws Exception {
        installAmbariServerIdentity((ActionLog) createNiceMock(ActionLog.class), false);
    }

    @Test
    public void installAmbariServerIdentityWithNullActionLog() throws Exception {
        installAmbariServerIdentity(null, true);
    }

    private void installAmbariServerIdentity(ActionLog actionLog, boolean z) throws Exception {
        HostEntity hostEntity;
        File newFile = this.testFolder.newFile();
        File file = new File(this.testFolder.getRoot().getAbsolutePath(), "ambari-server.keytab");
        Injector createInjector = createInjector();
        HostDAO hostDAO = (HostDAO) createInjector.getInstance(HostDAO.class);
        if (z) {
            hostEntity = (HostEntity) createMock(HostEntity.class);
            EasyMock.expect(hostEntity.getHostId()).andReturn(1L).once();
            EasyMock.expect(hostDAO.findById(1L)).andReturn(hostEntity).once();
        } else {
            hostEntity = null;
        }
        EasyMock.expect(hostDAO.findByName(StageUtils.getHostName())).andReturn(hostEntity).once();
        KerberosKeytabPrincipalDAO kerberosKeytabPrincipalDAO = (KerberosKeytabPrincipalDAO) createInjector.getInstance(KerberosKeytabPrincipalDAO.class);
        KerberosKeytabPrincipalEntity kerberosKeytabPrincipalEntity = (KerberosKeytabPrincipalEntity) createNiceMock(KerberosKeytabPrincipalEntity.class);
        KerberosKeytabPrincipalDAO.KeytabPrincipalFindOrCreateResult keytabPrincipalFindOrCreateResult = new KerberosKeytabPrincipalDAO.KeytabPrincipalFindOrCreateResult();
        keytabPrincipalFindOrCreateResult.created = true;
        keytabPrincipalFindOrCreateResult.kkp = kerberosKeytabPrincipalEntity;
        EasyMock.expect(kerberosKeytabPrincipalDAO.findOrCreate((KerberosKeytabEntity) EasyMock.anyObject(), (HostEntity) EasyMock.eq(hostEntity), (KerberosPrincipalEntity) EasyMock.anyObject())).andReturn(keytabPrincipalFindOrCreateResult).once();
        EasyMock.expect(kerberosKeytabPrincipalDAO.merge(kerberosKeytabPrincipalEntity)).andReturn(createNiceMock(KerberosKeytabPrincipalEntity.class)).once();
        ConfigureAmbariIdentitiesServerAction configureAmbariIdentitiesServerAction = (ConfigureAmbariIdentitiesServerAction) createMockBuilder(ConfigureAmbariIdentitiesServerAction.class).addMockedMethod(ConfigureAmbariIdentitiesServerAction.class.getDeclaredMethod("copyFile", String.class, String.class)).addMockedMethod(ConfigureAmbariIdentitiesServerAction.class.getDeclaredMethod("setFileACL", String.class, String.class, Boolean.TYPE, Boolean.TYPE, String.class, Boolean.TYPE, Boolean.TYPE)).createMock();
        configureAmbariIdentitiesServerAction.copyFile(newFile.getAbsolutePath(), file.getAbsolutePath());
        EasyMock.expectLastCall().once();
        configureAmbariIdentitiesServerAction.setFileACL(file.getAbsolutePath(), "user1", true, true, "groupA", true, false);
        EasyMock.expectLastCall().once();
        replayAll();
        createInjector.injectMembers(configureAmbariIdentitiesServerAction);
        configureAmbariIdentitiesServerAction.installAmbariServerIdentity(new ResolvedKerberosPrincipal((Long) null, (String) null, "ambari-server@EXAMPLE.COM", false, (String) null, RootService.AMBARI.name(), RootComponent.AMBARI_SERVER.name(), file.getPath()), newFile.getAbsolutePath(), file.getAbsolutePath(), "user1", "rw", "groupA", "r", actionLog);
        verifyAll();
    }

    @Test
    public void configureJAAS() throws Exception {
        configureJAAS((ActionLog) createNiceMock(ActionLog.class));
    }

    @Test
    public void configureJAASWithNullActionLog() throws Exception {
        configureJAAS(null);
    }

    private void configureJAAS(ActionLog actionLog) throws Exception {
        File newFile = this.testFolder.newFile();
        File file = new File(newFile.getAbsolutePath() + ".bak");
        FileUtils.writeStringToFile(newFile, "com.sun.security.jgss.krb5.initiate {\n    com.sun.security.auth.module.Krb5LoginModule required\n    renewTGT=false\n    doNotPrompt=true\n    useKeyTab=true\n    keyTab=\"/etc/security/keytabs/ambari.keytab\"\n    principal=\"ambari@EXAMPLE.COM\"\n    storeKey=true\n    useTicketCache=false;\n};\n", Charset.defaultCharset());
        Injector createInjector = createInjector();
        ConfigureAmbariIdentitiesServerAction configureAmbariIdentitiesServerAction = (ConfigureAmbariIdentitiesServerAction) createMockBuilder(ConfigureAmbariIdentitiesServerAction.class).addMockedMethod(ConfigureAmbariIdentitiesServerAction.class.getDeclaredMethod("getJAASConfFilePath", new Class[0])).createMock();
        EasyMock.expect(configureAmbariIdentitiesServerAction.getJAASConfFilePath()).andReturn(newFile.getAbsolutePath());
        replayAll();
        createInjector.injectMembers(configureAmbariIdentitiesServerAction);
        configureAmbariIdentitiesServerAction.configureJAAS("ambari-server@EXAMPLE.COM", "/etc/security/keytabs/ambari.server.keytab", actionLog);
        verifyAll();
        Assert.assertEquals("com.sun.security.jgss.krb5.initiate {\n    com.sun.security.auth.module.Krb5LoginModule required\n    renewTGT=false\n    doNotPrompt=true\n    useKeyTab=true\n    keyTab=\"/etc/security/keytabs/ambari.server.keytab\"\n    principal=\"ambari-server@EXAMPLE.COM\"\n    storeKey=true\n    useTicketCache=false;\n};\n", FileUtils.readFileToString(newFile, Charset.defaultCharset()));
        Assert.assertEquals("com.sun.security.jgss.krb5.initiate {\n    com.sun.security.auth.module.Krb5LoginModule required\n    renewTGT=false\n    doNotPrompt=true\n    useKeyTab=true\n    keyTab=\"/etc/security/keytabs/ambari.keytab\"\n    principal=\"ambari@EXAMPLE.COM\"\n    storeKey=true\n    useTicketCache=false;\n};\n", FileUtils.readFileToString(file, Charset.defaultCharset()));
    }

    private Injector createInjector() {
        return Guice.createInjector(new Module[]{new AbstractModule() { // from class: org.apache.ambari.server.serveraction.kerberos.ConfigureAmbariIdentitiesServerActionTest.1
            protected void configure() {
                bind(EntityManager.class).toInstance(ConfigureAmbariIdentitiesServerActionTest.this.createNiceMock(EntityManager.class));
                bind(DBAccessor.class).toInstance(ConfigureAmbariIdentitiesServerActionTest.this.createNiceMock(DBAccessor.class));
                bind(AuditLogger.class).toInstance(ConfigureAmbariIdentitiesServerActionTest.this.createNiceMock(AuditLogger.class));
                bind(Clusters.class).toInstance(ConfigureAmbariIdentitiesServerActionTest.this.createNiceMock(Clusters.class));
                bind(KerberosHelper.class).toInstance(ConfigureAmbariIdentitiesServerActionTest.this.createNiceMock(KerberosHelper.class));
                bind(OsFamily.class).toInstance(ConfigureAmbariIdentitiesServerActionTest.this.createNiceMock(OsFamily.class));
                bind(HostDAO.class).toInstance(ConfigureAmbariIdentitiesServerActionTest.this.createMock(HostDAO.class));
                bind(KerberosKeytabPrincipalDAO.class).toInstance(ConfigureAmbariIdentitiesServerActionTest.this.createMock(KerberosKeytabPrincipalDAO.class));
            }
        }});
    }
}
