package org.apache.ambari.server.serveraction.kerberos;

import java.io.File;
import java.io.FileInputStream;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import junit.framework.Assert;
import org.apache.ambari.server.security.credential.PrincipalKeyCredential;
import org.apache.commons.codec.binary.Base64;
import org.apache.directory.server.kerberos.shared.keytab.Keytab;
import org.apache.directory.server.kerberos.shared.keytab.KeytabEntry;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.easymock.EasyMockSupport;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;

/* loaded from: input_file:org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandlerTest.class */
public abstract class KerberosOperationHandlerTest extends EasyMockSupport {
    static final String DEFAULT_REALM = "EXAMPLE.COM";
    static final Map<String, String> DEFAULT_KERBEROS_ENV_MAP;

    @Rule
    public TemporaryFolder folder = new TemporaryFolder();
    static final String DEFAULT_ADMIN_PRINCIPAL = "admin";
    static final String DEFAULT_ADMIN_PASSWORD = "hadoop";
    static final PrincipalKeyCredential DEFAULT_ADMIN_CREDENTIALS = new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD);

    @Test
    public void testOpenSucceeded() throws Exception {
        KerberosOperationHandler createMockedHandler = createMockedHandler();
        setupOpenSuccess(createMockedHandler);
        replayAll();
        createMockedHandler.open(getAdminCredentials(), DEFAULT_REALM, getKerberosEnv());
        verifyAll();
        Assert.assertTrue(createMockedHandler.isOpen());
    }

    @Test
    public void testOpenFailed() throws Exception {
        KerberosOperationHandler createMockedHandler = createMockedHandler();
        setupOpenFailure(createMockedHandler);
        replayAll();
        try {
            createMockedHandler.open(getAdminCredentials(), DEFAULT_REALM, getKerberosEnv());
            Assert.fail("KerberosAdminAuthenticationException expected");
        } catch (KerberosAdminAuthenticationException e) {
        }
        verifyAll();
        Assert.assertFalse(createMockedHandler.isOpen());
    }

    @Test(expected = KerberosPrincipalAlreadyExistsException.class)
    public void testCreateUserPrincipalPrincipalAlreadyExists() throws Exception {
        testCreatePrincipalPrincipalAlreadyExists(false);
    }

    @Test(expected = KerberosPrincipalAlreadyExistsException.class)
    public void testCreateServicePrincipalPrincipalAlreadyExists() throws Exception {
        testCreatePrincipalPrincipalAlreadyExists(true);
    }

    private void testCreatePrincipalPrincipalAlreadyExists(boolean z) throws Exception {
        KerberosOperationHandler createMockedHandler = createMockedHandler();
        setupOpenSuccess(createMockedHandler);
        setupPrincipalAlreadyExists(createMockedHandler, z);
        replayAll();
        createMockedHandler.open(getAdminCredentials(), DEFAULT_REALM, getKerberosEnv());
        createMockedHandler.createPrincipal(createPrincipal(z), "password", z);
        createMockedHandler.close();
        verifyAll();
    }

    @Test
    public void testUserPrincipalExistsNotFound() throws Exception {
        testPrincipalExistsNotFound(false);
    }

    @Test
    public void testServicePrincipalExistsNotFound() throws Exception {
        testPrincipalExistsNotFound(true);
    }

    private void testPrincipalExistsNotFound(boolean z) throws Exception {
        KerberosOperationHandler createMockedHandler = createMockedHandler();
        setupOpenSuccess(createMockedHandler);
        setupPrincipalDoesNotExist(createMockedHandler, z);
        replayAll();
        createMockedHandler.open(getAdminCredentials(), DEFAULT_REALM, getKerberosEnv());
        Assert.assertFalse(createMockedHandler.principalExists(createPrincipal(z), z));
        createMockedHandler.close();
        verifyAll();
    }

    @Test
    public void testUserPrincipalExistsFound() throws Exception {
        testPrincipalExistsFound(false);
    }

    @Test
    public void testServicePrincipalExistsFound() throws Exception {
        testPrincipalExistsFound(true);
    }

    private void testPrincipalExistsFound(boolean z) throws Exception {
        KerberosOperationHandler createMockedHandler = createMockedHandler();
        setupOpenSuccess(createMockedHandler);
        setupPrincipalExists(createMockedHandler, z);
        replayAll();
        createMockedHandler.open(getAdminCredentials(), DEFAULT_REALM, getKerberosEnv());
        Assert.assertTrue(createMockedHandler.principalExists(createPrincipal(z), z));
        createMockedHandler.close();
        verifyAll();
    }

    @Test
    public void testCreateKeytabFileOneAtATime() throws Exception {
        KerberosOperationHandler createHandler = createHandler();
        File newFile = this.folder.newFile();
        Assert.assertTrue(createHandler.createKeytabFile("principal1@REALM.COM", "some password", 0, newFile));
        Keytab read = Keytab.read(newFile);
        Assert.assertNotNull(read);
        List entries = read.getEntries();
        Assert.assertNotNull(entries);
        Assert.assertFalse(entries.isEmpty());
        int size = entries.size();
        Iterator it = entries.iterator();
        while (it.hasNext()) {
            Assert.assertEquals("principal1@REALM.COM", ((KeytabEntry) it.next()).getPrincipalName());
        }
        Assert.assertTrue(createHandler.createKeytabFile("principal2@REALM.COM", "some password", 0, newFile));
        Keytab read2 = Keytab.read(newFile);
        Assert.assertNotNull(read2);
        List entries2 = read2.getEntries();
        Assert.assertNotNull(entries2);
        Assert.assertFalse(entries2.isEmpty());
        Assert.assertEquals(size * 2, entries2.size());
    }

    @Test
    public void testEnsureKeytabFileContainsNoDuplicates() throws Exception {
        KerberosOperationHandler createHandler = createHandler();
        File newFile = this.folder.newFile();
        HashSet hashSet = new HashSet();
        Assert.assertTrue(createHandler.createKeytabFile("principal1@REALM.COM", "some password", 0, newFile));
        Assert.assertTrue(createHandler.createKeytabFile("principal2@REALM.COM", "some password", 0, newFile));
        Assert.assertTrue(createHandler.createKeytabFile("principal2@REALM.COM", "some password", 0, newFile));
        Keytab read = Keytab.read(newFile);
        Assert.assertNotNull(read);
        List<KeytabEntry> entries = read.getEntries();
        Assert.assertNotNull(entries);
        Assert.assertFalse(entries.isEmpty());
        for (KeytabEntry keytabEntry : entries) {
            String format = String.format("%s|%s", keytabEntry.getPrincipalName(), keytabEntry.getKey().getKeyType().toString());
            Assert.assertFalse(hashSet.contains(format));
            hashSet.add(format);
        }
    }

    @Test
    public void testCreateKeytabFileExceptions() throws Exception {
        KerberosOperationHandler createHandler = createHandler();
        File newFile = this.folder.newFile();
        try {
            createHandler.createKeytabFile((String) null, "some password", 0, newFile);
            Assert.fail("KerberosOperationException not thrown with null principal");
        } catch (Throwable th) {
            Assert.assertEquals(KerberosOperationException.class, th.getClass());
        }
        try {
            createHandler.createKeytabFile("principal1@REALM.COM", (String) null, (Integer) null, newFile);
            Assert.fail("KerberosOperationException not thrown with null password");
        } catch (Throwable th2) {
            Assert.assertEquals(KerberosOperationException.class, th2.getClass());
        }
        try {
            createHandler.createKeytabFile("principal1@REALM.COM", "some password", 0, (File) null);
            Assert.fail("KerberosOperationException not thrown with null file");
        } catch (Throwable th3) {
            Assert.assertEquals(KerberosOperationException.class, th3.getClass());
        }
    }

    @Test
    public void testCreateKeytabFileFromBase64EncodedData() throws Exception {
        KerberosOperationHandler createHandler = createHandler();
        File newFile = this.folder.newFile();
        Assert.assertTrue(createHandler.createKeytabFile("principal@REALM.COM", "some password", 0, newFile));
        FileInputStream fileInputStream = new FileInputStream(newFile);
        byte[] bArr = new byte[(int) newFile.length()];
        Assert.assertEquals(bArr.length, fileInputStream.read(bArr));
        fileInputStream.close();
        File createKeytabFile = createHandler.createKeytabFile(Base64.encodeBase64String(bArr));
        if (createKeytabFile != null) {
            try {
                Keytab read = Keytab.read(createKeytabFile);
                Assert.assertNotNull(read);
                List entries = read.getEntries();
                Assert.assertNotNull(entries);
                Assert.assertFalse(entries.isEmpty());
                Iterator it = entries.iterator();
                while (it.hasNext()) {
                    Assert.assertEquals("principal@REALM.COM", ((KeytabEntry) it.next()).getPrincipalName());
                }
            } finally {
                if (!createKeytabFile.delete()) {
                    createKeytabFile.deleteOnExit();
                }
            }
        }
    }

    @Test
    public void testMergeKeytabs() throws KerberosOperationException {
        KerberosOperationHandler createHandler = createHandler();
        Keytab createKeytab = createHandler.createKeytab("principal@EXAMPLE.COM", "password", 1);
        Keytab createKeytab2 = createHandler.createKeytab("principal@EXAMPLE.COM", "password1", 1);
        Keytab createKeytab3 = createHandler.createKeytab("principal1@EXAMPLE.COM", "password", 4);
        Assert.assertEquals(createKeytab.getEntries().size(), createHandler.mergeKeytabs(createKeytab, createKeytab2).getEntries().size());
        Assert.assertEquals(createKeytab.getEntries().size() + createKeytab3.getEntries().size(), createHandler.mergeKeytabs(createKeytab, createKeytab3).getEntries().size());
        Keytab mergeKeytabs = createHandler.mergeKeytabs(createKeytab2, createKeytab3);
        Assert.assertEquals(createKeytab2.getEntries().size() + createKeytab3.getEntries().size(), mergeKeytabs.getEntries().size());
        Assert.assertEquals(createKeytab2.getEntries().size() + createKeytab3.getEntries().size(), createHandler.mergeKeytabs(createKeytab2, mergeKeytabs).getEntries().size());
    }

    @Test
    public void testTranslateEncryptionTypes() throws Exception {
        KerberosOperationHandler createHandler = createHandler();
        Assert.assertEquals(new HashSet<EncryptionType>() { // from class: org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest.1
            {
                add(EncryptionType.AES256_CTS_HMAC_SHA1_96);
                add(EncryptionType.AES128_CTS_HMAC_SHA1_96);
                add(EncryptionType.DES3_CBC_SHA1_KD);
                add(EncryptionType.DES_CBC_MD5);
                add(EncryptionType.DES_CBC_MD4);
                add(EncryptionType.DES_CBC_CRC);
                add(EncryptionType.UNKNOWN);
            }
        }, createHandler.translateEncryptionTypes("aes256-cts-hmac-sha1-96\n aes128-cts-hmac-sha1-96\tdes3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4", "\\s+"));
        Assert.assertEquals(new HashSet<EncryptionType>() { // from class: org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest.2
            {
                add(EncryptionType.AES256_CTS_HMAC_SHA1_96);
                add(EncryptionType.AES128_CTS_HMAC_SHA1_96);
            }
        }, createHandler.translateEncryptionTypes("aes", " "));
        Assert.assertEquals(new HashSet<EncryptionType>() { // from class: org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest.3
            {
                add(EncryptionType.AES256_CTS_HMAC_SHA1_96);
            }
        }, createHandler.translateEncryptionTypes("aes-256", " "));
        Assert.assertEquals(new HashSet<EncryptionType>() { // from class: org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest.4
            {
                add(EncryptionType.DES3_CBC_SHA1_KD);
            }
        }, createHandler.translateEncryptionTypes("des3", " "));
    }

    @Test(expected = KerberosOperationException.class)
    public void testTranslateWrongEncryptionTypes() throws Exception {
        createHandler().translateEncryptionTypes("aes-255", " ");
    }

    @Test
    public void testEscapeCharacters() throws KerberosOperationException {
        KerberosOperationHandler createHandler = createHandler();
        HashSet<Character> hashSet = new HashSet<Character>() { // from class: org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest.5
            {
                add('/');
                add(',');
                add('\\');
                add('#');
                add('+');
                add('<');
                add('>');
                add(';');
                add('\"');
                add('=');
                add(' ');
            }
        };
        Assert.assertEquals("\\/\\,\\\\\\#\\+\\<\\>\\;\\\"\\=\\ ", createHandler.escapeCharacters("/,\\#+<>;\"= ", hashSet, '\\'));
        Assert.assertNull(createHandler.escapeCharacters((String) null, hashSet, '\\'));
        Assert.assertEquals("", createHandler.escapeCharacters("", hashSet, '\\'));
        Assert.assertEquals("nothing_special_here", createHandler.escapeCharacters("nothing_special_here", hashSet, '\\'));
        Assert.assertEquals("\\/\\,\\\\\\#\\+\\<\\>\\;\\\"\\=\\ ", createHandler.escapeCharacters("/,\\#+<>;\"= ", hashSet, '\\'));
        Assert.assertEquals("nothing<>special#here!", createHandler.escapeCharacters("nothing<>special#here!", (Set) null, '\\'));
        Assert.assertEquals("nothing<>special#here!", createHandler.escapeCharacters("nothing<>special#here!", Collections.emptySet(), '\\'));
        Assert.assertEquals("nothing<>special#here!", createHandler.escapeCharacters("nothing<>special#here!", Collections.singleton('?'), '\\'));
        Assert.assertEquals("\\A's are special!", createHandler.escapeCharacters("A's are special!", Collections.singleton('A'), '\\'));
    }

    @Test(expected = KerberosAdminAuthenticationException.class)
    public void testAdminCredentialsNullPrincipal() throws KerberosOperationException {
        createHandler().setAdministratorCredential(new PrincipalKeyCredential((String) null, "password"));
    }

    @Test(expected = KerberosAdminAuthenticationException.class)
    public void testAdminCredentialsEmptyPrincipal() throws KerberosOperationException {
        createHandler().setAdministratorCredential(new PrincipalKeyCredential("", "password"));
    }

    @Test(expected = KerberosAdminAuthenticationException.class)
    public void testAdminCredentialsNullCredential() throws KerberosOperationException {
        createHandler().setAdministratorCredential(new PrincipalKeyCredential("principal", (char[]) null));
    }

    @Test(expected = KerberosAdminAuthenticationException.class)
    public void testAdminCredentialsEmptyCredential1() throws KerberosOperationException {
        createHandler().setAdministratorCredential(new PrincipalKeyCredential("principal", ""));
    }

    @Test
    public void testSetExecutableSearchPaths() throws KerberosOperationException {
        KerberosOperationHandler createHandler = createHandler();
        createHandler.setExecutableSearchPaths((String) null);
        Assert.assertNull(createHandler.getExecutableSearchPaths());
        createHandler.setExecutableSearchPaths((String[]) null);
        Assert.assertNull(createHandler.getExecutableSearchPaths());
        createHandler.setExecutableSearchPaths("");
        Assert.assertNotNull(createHandler.getExecutableSearchPaths());
        Assert.assertEquals(0, createHandler.getExecutableSearchPaths().length);
        createHandler.setExecutableSearchPaths(new String[0]);
        Assert.assertNotNull(createHandler.getExecutableSearchPaths());
        Assert.assertEquals(0, createHandler.getExecutableSearchPaths().length);
        createHandler.setExecutableSearchPaths(new String[]{""});
        Assert.assertNotNull(createHandler.getExecutableSearchPaths());
        Assert.assertEquals(1, createHandler.getExecutableSearchPaths().length);
        createHandler.setExecutableSearchPaths("/path1, path2, path3/");
        Assert.assertNotNull(createHandler.getExecutableSearchPaths());
        Assert.assertEquals(3, createHandler.getExecutableSearchPaths().length);
        Assert.assertEquals("/path1", createHandler.getExecutableSearchPaths()[0]);
        Assert.assertEquals("path2", createHandler.getExecutableSearchPaths()[1]);
        Assert.assertEquals("path3/", createHandler.getExecutableSearchPaths()[2]);
        createHandler.setExecutableSearchPaths("/path1, path2, ,path3/");
        Assert.assertNotNull(createHandler.getExecutableSearchPaths());
        Assert.assertEquals(3, createHandler.getExecutableSearchPaths().length);
        Assert.assertEquals("/path1", createHandler.getExecutableSearchPaths()[0]);
        Assert.assertEquals("path2", createHandler.getExecutableSearchPaths()[1]);
        Assert.assertEquals("path3/", createHandler.getExecutableSearchPaths()[2]);
        createHandler.setExecutableSearchPaths(new String[]{"/path1", "path2", "path3/"});
        Assert.assertNotNull(createHandler.getExecutableSearchPaths());
        Assert.assertEquals(3, createHandler.getExecutableSearchPaths().length);
        Assert.assertEquals("/path1", createHandler.getExecutableSearchPaths()[0]);
        Assert.assertEquals("path2", createHandler.getExecutableSearchPaths()[1]);
        Assert.assertEquals("path3/", createHandler.getExecutableSearchPaths()[2]);
    }

    protected abstract KerberosOperationHandler createMockedHandler() throws KerberosOperationException;

    protected abstract void setupOpenSuccess(KerberosOperationHandler kerberosOperationHandler) throws Exception;

    protected abstract void setupOpenFailure(KerberosOperationHandler kerberosOperationHandler) throws Exception;

    protected abstract void setupPrincipalAlreadyExists(KerberosOperationHandler kerberosOperationHandler, boolean z) throws Exception;

    protected abstract void setupPrincipalDoesNotExist(KerberosOperationHandler kerberosOperationHandler, boolean z) throws Exception;

    protected abstract void setupPrincipalExists(KerberosOperationHandler kerberosOperationHandler, boolean z) throws Exception;

    protected abstract Map<String, String> getKerberosEnv();

    /* JADX INFO: Access modifiers changed from: protected */
    public PrincipalKeyCredential getAdminCredentials() {
        return DEFAULT_ADMIN_CREDENTIALS;
    }

    private KerberosOperationHandler createHandler() throws KerberosOperationException {
        KerberosOperationHandler kerberosOperationHandler = new KerberosOperationHandler() { // from class: org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest.6
            public void open(PrincipalKeyCredential principalKeyCredential, String str, Map<String, String> map) throws KerberosOperationException {
                setAdministratorCredential(principalKeyCredential);
                setDefaultRealm(str);
                setExecutableSearchPaths("/usr/bin, /usr/kerberos/bin, /usr/sbin");
            }

            public void close() throws KerberosOperationException {
            }

            public boolean principalExists(String str, boolean z) throws KerberosOperationException {
                return false;
            }

            public Integer createPrincipal(String str, String str2, boolean z) throws KerberosOperationException {
                return 0;
            }

            public Integer setPrincipalPassword(String str, String str2, boolean z) throws KerberosOperationException {
                return 0;
            }

            public boolean removePrincipal(String str, boolean z) throws KerberosOperationException {
                return false;
            }
        };
        kerberosOperationHandler.open(new PrincipalKeyCredential("admin/admin", DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, (Map) null);
        return kerberosOperationHandler;
    }

    private String createPrincipal(boolean z) {
        Object[] objArr = new Object[2];
        objArr[0] = z ? "service/host" : "user";
        objArr[1] = DEFAULT_REALM;
        return String.format("%s@%s", objArr);
    }

    static {
        HashMap hashMap = new HashMap();
        hashMap.put("encryption_types", "aes des3-cbc-sha1 rc4 des-cbc-md5");
        hashMap.put("kdc_hosts", "localhost");
        hashMap.put("admin_server_host", "localhost");
        DEFAULT_KERBEROS_ENV_MAP = Collections.unmodifiableMap(hashMap);
    }
}
