package com.cloudera.cmf.security;

import com.cloudera.cmf.command.BasicCmdArgs;
import com.cloudera.cmf.model.DbCommand;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.security.GenerateCredentialsCommand;
import com.cloudera.cmf.service.CommandUtils;
import com.cloudera.cmf.service.ServiceDataProvider;
import com.cloudera.cmf.service.TestUtils;
import com.cloudera.server.cmf.BaseTest;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Iterables;
import java.io.ByteArrayOutputStream;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.Callable;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.Future;
import java.util.concurrent.Semaphore;
import java.util.concurrent.TimeUnit;
import org.apache.kerby.kerberos.kerb.keytab.Keytab;
import org.apache.kerby.kerberos.kerb.keytab.KeytabEntry;
import org.apache.kerby.kerberos.kerb.type.KerberosTime;
import org.apache.kerby.kerberos.kerb.type.base.EncryptionKey;
import org.apache.kerby.kerberos.kerb.type.base.PrincipalName;
import org.junit.After;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:com/cloudera/cmf/security/GenerateCredentialsCommandAdhocTest.class */
public class GenerateCredentialsCommandAdhocTest extends BaseTest {
    private static List<String> extraPrincipals = ImmutableList.of("p1/host@HADOOP.COM", "p2/host@HADOOP.COM");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/cloudera/cmf/security/GenerateCredentialsCommandAdhocTest$MockGenerateCredentialsAdhocCommand.class */
    public static class MockGenerateCredentialsAdhocCommand extends GenerateCredentialsAdhocCommand {
        private final Semaphore start;

        MockGenerateCredentialsAdhocCommand(ServiceDataProvider serviceDataProvider, Semaphore semaphore) {
            super(serviceDataProvider, new BaseTest.MockKerberosCredentialsReader(serviceDataProvider));
            this.start = semaphore;
        }

        public String getName() {
            return "MockGenerateCredentialsAdhoc";
        }

        public final Callable<GenerateCredentialsCommand.GenerateCredentialsResult> createCallable(final GenerateCredentialsCommand.CredentialsToGenerate credentialsToGenerate) {
            return new Callable<GenerateCredentialsCommand.GenerateCredentialsResult>() { // from class: com.cloudera.cmf.security.GenerateCredentialsCommandAdhocTest.MockGenerateCredentialsAdhocCommand.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public GenerateCredentialsCommand.GenerateCredentialsResult call() throws Exception {
                    GenerateCredentialsCommand.GenerateCredentialsResult generateCredentialsResult = new GenerateCredentialsCommand.GenerateCredentialsResult();
                    for (Long l : credentialsToGenerate.role2Princ.keySet()) {
                        generateCredentialsResult.mergedKeytabs.put(l, GenerateCredentialsCommandAdhocTest.genKeytabBytes(credentialsToGenerate.role2Princ.get(l), "mergedKeytab"));
                        for (String str : credentialsToGenerate.role2Princ.get(l)) {
                            generateCredentialsResult.credentials.put(str, str.getBytes());
                        }
                    }
                    MockGenerateCredentialsAdhocCommand.this.start.acquire();
                    return generateCredentialsResult;
                }
            };
        }
    }

    @After
    public void cleanup() {
        cleanDatabase();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static byte[] genKeytabBytes(Collection<String> collection, String str) throws Exception {
        EncryptionKey encryptionKey = new EncryptionKey(0, str.getBytes());
        Keytab keytab = new Keytab();
        collection.forEach(str2 -> {
            keytab.addEntry(new KeytabEntry(new PrincipalName(str2), new KerberosTime(), -1, encryptionKey));
        });
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        keytab.store(byteArrayOutputStream);
        byteArrayOutputStream.flush();
        return byteArrayOutputStream.toByteArray();
    }

    @Test
    public void testIsAvailableAndExecutionOnUpdate() throws Exception {
        Semaphore semaphore = new Semaphore(0);
        MockGenerateCredentialsAdhocCommand mockGenerateCredentialsAdhocCommand = new MockGenerateCredentialsAdhocCommand(sdp, semaphore);
        ConcurrentMap runningCommands = mockGenerateCredentialsAdhocCommand.getRunningCommands();
        CmfEntityManager cmfEntityManager = new CmfEntityManager(emf);
        try {
            cmfEntityManager.begin();
            om.beginConfigWork(cmfEntityManager, "Test generate credentials");
            Assert.assertTrue(mockGenerateCredentialsAdhocCommand.isAvailable(null));
            BasicCmdArgs of = BasicCmdArgs.of(new String[]{"test1/host@HADOOP.COM"});
            DbCommand execute = mockGenerateCredentialsAdhocCommand.execute(null, of, null);
            CommandUtils.storeCmdArguments(execute, of);
            Assert.assertEquals(0L, runningCommands.size());
            Assert.assertTrue(mockGenerateCredentialsAdhocCommand.isAvailable(null));
            mockGenerateCredentialsAdhocCommand.update(cmfEntityManager, execute);
            Assert.assertEquals(execute.getId(), Iterables.getOnlyElement(runningCommands.keySet()));
            Assert.assertTrue(mockGenerateCredentialsAdhocCommand.isAvailable(null));
            BasicCmdArgs of2 = BasicCmdArgs.of(new String[]{"test2/host@HADOOP.COM"});
            DbCommand execute2 = mockGenerateCredentialsAdhocCommand.execute(null, of2, null);
            CommandUtils.storeCmdArguments(execute2, of2);
            mockGenerateCredentialsAdhocCommand.update(cmfEntityManager, execute);
            mockGenerateCredentialsAdhocCommand.update(cmfEntityManager, execute2);
            Assert.assertEquals(execute.getId(), Iterables.getOnlyElement(runningCommands.keySet()));
            Assert.assertTrue(mockGenerateCredentialsAdhocCommand.isAvailable(null));
            semaphore.release();
            ((Future) runningCommands.get(execute.getId())).get(10L, TimeUnit.SECONDS);
            mockGenerateCredentialsAdhocCommand.update(cmfEntityManager, execute);
            Assert.assertEquals(0L, runningCommands.size());
            Assert.assertTrue(mockGenerateCredentialsAdhocCommand.isAvailable(null));
            mockGenerateCredentialsAdhocCommand.update(cmfEntityManager, execute2);
            Assert.assertEquals(execute2.getId(), Iterables.getOnlyElement(runningCommands.keySet()));
            Assert.assertTrue(mockGenerateCredentialsAdhocCommand.isAvailable(null));
            semaphore.release();
            ((Future) runningCommands.get(execute2.getId())).get(10L, TimeUnit.SECONDS);
            mockGenerateCredentialsAdhocCommand.update(cmfEntityManager, execute2);
            Assert.assertEquals(0L, runningCommands.size());
            Assert.assertTrue(mockGenerateCredentialsAdhocCommand.isAvailable(null));
            cmfEntityManager.rollback();
            cmfEntityManager.close();
        } catch (Throwable th) {
            cmfEntityManager.rollback();
            cmfEntityManager.close();
            throw th;
        }
    }

    @Test
    public void testFindMissingCredentials() {
        TestUtils.interpretCli(sdp, ImmutableList.of("createcluster c1 5", "createservice zk1 ZOOKEEPER c1", "createconfig enableSecurity true zk1", "createhost h1 h1 1.1.1.1 /default", "createhost h2 h2 2.2.2.2 /default"));
        GenerateCredentialsAdhocCommand generateCredentialsAdhocCommand = new GenerateCredentialsAdhocCommand(sdp);
        runInTransaction(cmfEntityManager -> {
            GenerateCredentialsCommand.CredentialsToGenerate findMissingCredentials = generateCredentialsAdhocCommand.findMissingCredentials(cmfEntityManager, extraPrincipals);
            Assert.assertEquals(extraPrincipals.size(), findMissingCredentials.role2Princ.size());
            Collection values = findMissingCredentials.role2Princ.values();
            Iterator<String> it = extraPrincipals.iterator();
            while (it.hasNext()) {
                Assert.assertTrue(values.contains(it.next()));
            }
        });
    }
}
