package org.apache.hadoop.hive.metastore;

import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.sasl.AuthenticationException;
import org.apache.commons.io.FileUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.metastore.annotation.MetastoreCheckinTest;
import org.apache.hadoop.hive.metastore.api.MetaException;
import org.apache.hadoop.hive.metastore.conf.MetastoreConf;
import org.apache.hadoop.security.alias.CredentialProvider;
import org.apache.hadoop.security.alias.CredentialProviderFactory;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.experimental.categories.Category;

@Category({MetastoreCheckinTest.class})
/* loaded from: input_file:org/apache/hadoop/hive/metastore/TestRemoteHiveMetaStoreCustomAuth.class */
public class TestRemoteHiveMetaStoreCustomAuth extends TestRemoteHiveMetaStore {
    private static String correctUser = "correct_user";
    private static String correctPassword = "correct_passwd";
    private static String wrongPassword = "wrong_password";
    private static String wrongUser = "wrong_user";
    private static String testDataDir = new File(System.getProperty("java.io.tmpdir") + File.separator + TestRemoteHiveMetaStoreCustomAuth.class.getCanonicalName() + "-" + System.currentTimeMillis()).getPath().replaceAll("\\\\", "/");

    /* loaded from: input_file:org/apache/hadoop/hive/metastore/TestRemoteHiveMetaStoreCustomAuth$SimpleAuthenticationProviderImpl.class */
    public static class SimpleAuthenticationProviderImpl implements MetaStorePasswdAuthenticationProvider {
        private Map<String, String> userMap = new HashMap();

        public SimpleAuthenticationProviderImpl() {
            init();
        }

        private void init() {
            this.userMap.put(TestRemoteHiveMetaStoreCustomAuth.correctUser, TestRemoteHiveMetaStoreCustomAuth.correctPassword);
        }

        public void authenticate(String str, String str2) throws AuthenticationException {
            if (!this.userMap.containsKey(str)) {
                throw new AuthenticationException("Invalid user : " + str);
            }
            if (!this.userMap.get(str).equals(str2)) {
                throw new AuthenticationException("Invalid passwd : " + str2);
            }
        }
    }

    @BeforeClass
    public static void beforeTests() throws Exception {
        createTestDir();
    }

    @AfterClass
    public static void afterTests() throws IOException {
        FileUtils.deleteDirectory(new File(testDataDir));
    }

    @Override // org.apache.hadoop.hive.metastore.TestRemoteHiveMetaStore, org.apache.hadoop.hive.metastore.TestHiveMetaStore
    @Before
    public void setUp() throws Exception {
        initConf();
        MetastoreConf.setVar(conf, MetastoreConf.ConfVars.THRIFT_METASTORE_AUTHENTICATION, "CUSTOM");
        MetastoreConf.setVar(conf, MetastoreConf.ConfVars.METASTORE_CUSTOM_AUTHENTICATION_CLASS, "org.apache.hadoop.hive.metastore.TestRemoteHiveMetaStoreCustomAuth$SimpleAuthenticationProviderImpl");
        MetastoreConf.setBoolVar(conf, MetastoreConf.ConfVars.EXECUTE_SET_UGI, false);
        super.setUp();
    }

    private static void createTestDir() {
        if (!new File(testDataDir).mkdirs()) {
            throw new RuntimeException("Could not create " + testDataDir);
        }
    }

    private String createCredFile(String str, String str2) throws Exception {
        String str3 = "jceks://file" + testDataDir + File.separator + ("hms_auth_" + str + "_" + str2 + ".jceks");
        Configuration configuration = new Configuration();
        configuration.set("hadoop.security.credential.provider.path", str3);
        CredentialProvider credentialProvider = (CredentialProvider) CredentialProviderFactory.getProviders(configuration).get(0);
        credentialProvider.createCredentialEntry(str, str2.toCharArray());
        credentialProvider.flush();
        return str3;
    }

    @Override // org.apache.hadoop.hive.metastore.TestRemoteHiveMetaStore, org.apache.hadoop.hive.metastore.TestHiveMetaStore
    protected HiveMetaStoreClient createClient() throws Exception {
        MetastoreConf.setVar(conf, MetastoreConf.ConfVars.THRIFT_URIS, "thrift://localhost:" + port);
        MetastoreConf.setVar(conf, MetastoreConf.ConfVars.METASTORE_CLIENT_AUTH_MODE, "PLAIN");
        conf.set("hadoop.security.credential.provider.path", createCredFile(correctUser, wrongPassword));
        String str = null;
        try {
            MetastoreConf.setVar(conf, MetastoreConf.ConfVars.METASTORE_CLIENT_PLAIN_USERNAME, correctUser);
            new HiveMetaStoreClient(conf);
        } catch (MetaException e) {
            str = e.getMessage();
        }
        Assert.assertNotNull(str);
        Assert.assertTrue(str.contains("Error validating the login"));
        String str2 = null;
        try {
            MetastoreConf.setVar(conf, MetastoreConf.ConfVars.METASTORE_CLIENT_PLAIN_USERNAME, wrongUser);
            new HiveMetaStoreClient(conf);
        } catch (MetaException e2) {
            str2 = e2.getMessage();
        }
        Assert.assertNotNull(str2);
        Assert.assertTrue(str2.contains("No password found for user"));
        String str3 = null;
        conf.set("hadoop.security.credential.provider.path", createCredFile(wrongUser, wrongPassword));
        try {
            MetastoreConf.setVar(conf, MetastoreConf.ConfVars.METASTORE_CLIENT_PLAIN_USERNAME, wrongUser);
            new HiveMetaStoreClient(conf);
        } catch (MetaException e3) {
            str3 = e3.getMessage();
        }
        Assert.assertNotNull(str3);
        Assert.assertTrue(str3.contains("Error validating the login"));
        conf.set("hadoop.security.credential.provider.path", createCredFile(correctUser, correctPassword));
        MetastoreConf.setVar(conf, MetastoreConf.ConfVars.METASTORE_CLIENT_PLAIN_USERNAME, correctUser);
        return new HiveMetaStoreClient(conf);
    }
}
