package org.apache.phoenix.end2end;

import java.io.File;
import java.io.IOException;
import java.lang.reflect.Field;
import java.net.InetAddress;
import java.security.PrivilegedAction;
import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import org.apache.commons.io.FileUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseTestingUtility;
import org.apache.hadoop.hbase.LocalHBaseCluster;
import org.apache.hadoop.hbase.security.HBaseKerberosUtils;
import org.apache.hadoop.http.HttpConfig;
import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.util.KerberosName;
import org.apache.phoenix.query.ConfigurationFactory;
import org.apache.phoenix.queryserver.server.QueryServer;
import org.apache.phoenix.util.InstanceResolver;
import org.apache.phoenix.util.ThinClientUtil;
import org.junit.Assert;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/phoenix/end2end/QueryServerEnvironment.class */
public class QueryServerEnvironment {
    private static final Logger LOG = LoggerFactory.getLogger(QueryServerEnvironment.class);
    private static final String LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME;
    private static final String SPNEGO_PRINCIPAL;
    private static final String PQS_PRINCIPAL;
    private static final String SERVICE_PRINCIPAL;
    private File KEYTAB;
    private MiniKdc KDC;
    private LocalHBaseCluster HBASE_CLUSTER;
    private int NUM_CREATED_USERS;
    private ExecutorService PQS_EXECUTOR;
    private QueryServer PQS;
    private int PQS_PORT;
    private String PQS_URL;
    private boolean tls;
    private final File TEMP_DIR = new File(getTempDir());
    private final File KEYTAB_DIR = new File(this.TEMP_DIR, "keytabs");
    private final List<File> USER_KEYTAB_FILES = new ArrayList();
    private HBaseTestingUtility UTIL = new HBaseTestingUtility();

    private static String getTempDir() {
        StringBuilder sb = new StringBuilder(32);
        sb.append(System.getProperty("user.dir")).append(File.separator);
        sb.append("target").append(File.separator);
        sb.append(QueryServerEnvironment.class.getSimpleName());
        sb.append("-").append(UUID.randomUUID());
        return sb.toString();
    }

    public int getPqsPort() {
        return this.PQS_PORT;
    }

    public String getPqsUrl() {
        return this.PQS_URL;
    }

    public boolean getTls() {
        return this.tls;
    }

    public HBaseTestingUtility getUtil() {
        return this.UTIL;
    }

    public String getServicePrincipal() {
        return SERVICE_PRINCIPAL;
    }

    public File getServiceKeytab() {
        return this.KEYTAB;
    }

    private static void updateDefaultRealm() throws Exception {
        Field declaredField = KerberosName.class.getDeclaredField("defaultRealm");
        declaredField.setAccessible(true);
        declaredField.set(null, "EXAMPLE.COM");
    }

    private void createUsers(int i) throws Exception {
        Assert.assertNotNull("KDC is null, was setup method called?", this.KDC);
        this.NUM_CREATED_USERS = i;
        for (int i2 = 1; i2 <= i; i2++) {
            String str = "user" + i2;
            File file = new File(this.KEYTAB_DIR, str + ".keytab");
            this.KDC.createPrincipal(file, new String[]{str});
            this.USER_KEYTAB_FILES.add(file);
        }
    }

    public Map.Entry<String, File> getUser(int i) {
        if (i <= 0 || i > this.NUM_CREATED_USERS) {
            throw new IllegalArgumentException();
        }
        return new AbstractMap.SimpleImmutableEntry("user" + i, this.USER_KEYTAB_FILES.get(i - 1));
    }

    private void setHdfsSecuredConfiguration(Configuration configuration) throws Exception {
        configuration.set("dfs.namenode.kerberos.principal", SERVICE_PRINCIPAL + "@" + this.KDC.getRealm());
        configuration.set("dfs.namenode.keytab.file", this.KEYTAB.getAbsolutePath());
        configuration.set("dfs.datanode.kerberos.principal", SERVICE_PRINCIPAL + "@" + this.KDC.getRealm());
        configuration.set("dfs.datanode.keytab.file", this.KEYTAB.getAbsolutePath());
        configuration.set("dfs.web.authentication.kerberos.principal", SPNEGO_PRINCIPAL + "@" + this.KDC.getRealm());
        configuration.setBoolean("dfs.block.access.token.enable", true);
        configuration.set("dfs.http.policy", HttpConfig.Policy.HTTPS_ONLY.name());
        configuration.set("dfs.namenode.https-address", "localhost:0");
        configuration.set("dfs.datanode.https.address", "localhost:0");
        File file = new File(this.UTIL.getDataTestDir("keystore").toUri().getPath());
        file.mkdirs();
        TlsUtil.setupSSLConfig(file.getAbsolutePath(), TlsUtil.getClasspathDir(QueryServerEnvironment.class), configuration, false);
        configuration.setBoolean("ignore.secure.ports.for.testing", true);
    }

    private static void ensureIsEmptyDirectory(File file) throws IOException {
        if (file.exists()) {
            if (file.isDirectory()) {
                FileUtils.deleteDirectory(file);
            } else {
                Assert.assertTrue("Failed to delete keytab directory", file.delete());
            }
        }
        Assert.assertTrue("Failed to create keytab directory", file.mkdirs());
    }

    public QueryServerEnvironment(Configuration configuration, int i, boolean z) throws Exception {
        this.tls = z;
        final Configuration configuration2 = this.UTIL.getConfiguration();
        configuration2.addResource(configuration);
        ensureIsEmptyDirectory(this.TEMP_DIR);
        ensureIsEmptyDirectory(this.KEYTAB_DIR);
        this.KEYTAB = new File(this.KEYTAB_DIR, "test.keytab");
        this.KDC = this.UTIL.setupMiniKdc(this.KEYTAB);
        this.KDC.createPrincipal(this.KEYTAB, new String[]{SPNEGO_PRINCIPAL, PQS_PRINCIPAL, SERVICE_PRINCIPAL});
        this.UTIL.startMiniZKCluster();
        createUsers(i);
        HBaseKerberosUtils.setPrincipalForTesting(SERVICE_PRINCIPAL + "@" + this.KDC.getRealm());
        HBaseKerberosUtils.setSecuredConfiguration(configuration2);
        setHdfsSecuredConfiguration(configuration2);
        UserGroupInformation.setConfiguration(configuration2);
        configuration2.setInt("hbase.master.port", 0);
        configuration2.setInt("hbase.master.info.port", 0);
        configuration2.setInt("hbase.regionserver.port", 0);
        configuration2.setInt("hbase.regionserver.info.port", 0);
        if (z) {
            configuration2.setBoolean("phoenix.queryserver.tls.enabled", true);
            configuration2.set("phoenix.queryserver.tls.keystore", TlsUtil.getKeyStoreFile().getAbsolutePath());
            configuration2.set("phoenix.queryserver.tls.keystore.password", TlsUtil.getKeyStorePassword());
            configuration2.set("phoenix.queryserver.tls.truststore", TlsUtil.getTrustStoreFile().getAbsolutePath());
            configuration2.set("phoenix.queryserver.tls.truststore.password", TlsUtil.getTrustStorePassword());
        }
        configuration2.set("phoenix.queryserver.kerberos.http.principal", SPNEGO_PRINCIPAL + "@" + this.KDC.getRealm());
        configuration2.set("phoenix.queryserver.http.keytab.file", this.KEYTAB.getAbsolutePath());
        configuration2.set("phoenix.queryserver.kerberos.principal", PQS_PRINCIPAL + "@" + this.KDC.getRealm());
        configuration2.set("phoenix.queryserver.keytab.file", this.KEYTAB.getAbsolutePath());
        configuration2.setBoolean("phoenix.queryserver.disable.kerberos.login", true);
        configuration2.setInt("phoenix.queryserver.http.port", 0);
        configuration2.set("hadoop.proxyuser.phoenixqs.groups", "*");
        configuration2.set("hadoop.proxyuser.phoenixqs.hosts", "*");
        InstanceResolver.clearSingletons();
        InstanceResolver.getSingleton(ConfigurationFactory.class, new ConfigurationFactory() { // from class: org.apache.phoenix.end2end.QueryServerEnvironment.1
            public Configuration getConfiguration() {
                return configuration2;
            }

            public Configuration getConfiguration(Configuration configuration3) {
                Configuration configuration4 = new Configuration(configuration2);
                configuration4.addResource(configuration3);
                return configuration4;
            }
        });
        updateDefaultRealm();
        this.UTIL.startMiniDFSCluster(1);
        configuration2.set("hbase.rootdir", this.UTIL.getDataTestDirOnTestFS(QueryServerEnvironment.class.getSimpleName()).toString());
        this.HBASE_CLUSTER = new LocalHBaseCluster(configuration2, 1);
        this.HBASE_CLUSTER.startup();
        configureAndStartQueryServer(z);
    }

    private void configureAndStartQueryServer(boolean z) throws Exception {
        this.PQS = new QueryServer(new String[0], this.UTIL.getConfiguration());
        final UserGroupInformation loginUserFromKeytabAndReturnUGI = UserGroupInformation.loginUserFromKeytabAndReturnUGI(PQS_PRINCIPAL, this.KEYTAB.getAbsolutePath());
        this.PQS_EXECUTOR = Executors.newSingleThreadExecutor();
        this.PQS_EXECUTOR.submit(new Runnable() { // from class: org.apache.phoenix.end2end.QueryServerEnvironment.2
            @Override // java.lang.Runnable
            public void run() {
                loginUserFromKeytabAndReturnUGI.doAs(new PrivilegedAction<Void>() { // from class: org.apache.phoenix.end2end.QueryServerEnvironment.2.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public Void run() {
                        QueryServerEnvironment.this.PQS.run();
                        return null;
                    }
                });
            }
        });
        this.PQS.awaitRunning();
        this.PQS_PORT = this.PQS.getPort();
        this.PQS_URL = ThinClientUtil.getConnectionUrl(z ? "https" : "http", "localhost", this.PQS_PORT) + ";authentication=SPNEGO" + (z ? ";truststore=" + TlsUtil.getTrustStoreFile().getAbsolutePath() + ";truststore_password=" + TlsUtil.getTrustStorePassword() : "");
    }

    public void stop() throws Exception {
        InstanceResolver.clearSingletons();
        if (this.PQS_EXECUTOR != null) {
            this.PQS.stop();
            this.PQS_EXECUTOR.shutdown();
            if (!this.PQS_EXECUTOR.awaitTermination(5L, TimeUnit.SECONDS)) {
                LOG.info("PQS didn't exit in 5 seconds, proceeding anyways.");
            }
        }
        if (this.HBASE_CLUSTER != null) {
            this.HBASE_CLUSTER.shutdown();
            this.HBASE_CLUSTER.join();
        }
        if (this.UTIL != null) {
            this.UTIL.shutdownMiniZKCluster();
        }
        if (this.KDC != null) {
            this.KDC.stop();
        }
    }

    static {
        try {
            LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME = InetAddress.getByName("127.0.0.1").getCanonicalHostName();
            SPNEGO_PRINCIPAL = "HTTP/" + LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME;
            PQS_PRINCIPAL = "phoenixqs/" + LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME;
            SERVICE_PRINCIPAL = "securecluster/" + LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
