package com.cloudera.cmf.service.hadoopcommon;

import com.cloudera.cmf.LicenseBaseTest;
import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.MonitoringParams;
import com.cloudera.cmf.service.RoleHandler;
import com.cloudera.cmf.service.SecurityParams;
import com.cloudera.cmf.service.ServiceDataProvider;
import com.cloudera.cmf.service.ServiceHandler;
import com.cloudera.cmf.service.ServiceHandlerRegistry;
import com.cloudera.cmf.service.components.ConfigHelper;
import com.cloudera.cmf.service.config.CommonParamSpecs;
import com.cloudera.cmf.service.config.MetricsSourceConfigEvaluatorTest;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.hdfs.HdfsParams;
import com.cloudera.cmf.service.scm.ScmParamTrackerStore;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.cmf.version.CdhReleases;
import com.cloudera.cmf.version.Release;
import com.cloudera.server.cmf.MockTestCluster;
import com.cloudera.server.common.KerberosAuthentication;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Maps;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.HashMap;
import org.apache.hadoop.security.authentication.util.KerberosName;
import org.junit.Assert;
import org.junit.Test;
import org.mockito.Mockito;
import sun.security.krb5.Config;
import sun.security.krb5.KrbException;

/* loaded from: input_file:com/cloudera/cmf/service/hadoopcommon/HadoopCommonHelpersTest.class */
public class HadoopCommonHelpersTest extends LicenseBaseTest {
    private static final String TRUSTED_REALMS = HdfsParams.TRUSTED_REALMS.getTemplateName();
    private static final String EXTRA_RULES = HdfsParams.EXTRA_AUTH_TO_LOCAL_RULES.getTemplateName();
    private static final String SHORT_NAME = "hdfs";
    private static final String LONG_NAME = "hdfs/test.host.com";
    private static final String PFX_SHORT_NAME = "App.hdfs";
    private static final String PFX_LONG_NAME = "App.hdfs/test.host.com";
    private static final String PFX_REMOVING_RULES = "RULE:[1:$1](App\\..*)s/App\\.(.*)/$1/g\nRULE:[2:$1](App\\..*)s/App\\.(.*)/$1/g\n";
    private static final String FIRST_REALM = "HADOOP.COM";
    private static final String SECOND_REALM = "CLOUDERA.COM";
    private static final String DEFAULT_REALM;

    private void translateWithRealm(String str, boolean z) {
        KerberosName kerberosName = new KerberosName("hdfs@" + str);
        try {
            if (z) {
                Assert.assertEquals(SHORT_NAME, kerberosName.getShortName());
            } else {
                Assert.assertNotEquals(SHORT_NAME, kerberosName.getShortName());
            }
            KerberosName kerberosName2 = new KerberosName("hdfs/test.host.com@" + str);
            try {
                if (z) {
                    Assert.assertEquals(SHORT_NAME, kerberosName2.getShortName());
                } else {
                    Assert.assertNotEquals(SHORT_NAME, kerberosName2.getShortName());
                }
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        } catch (IOException e2) {
            throw new RuntimeException(e2);
        }
    }

    private void translateWithPrefix(String str, boolean z) {
        try {
            Assert.assertEquals(z ? SHORT_NAME : PFX_SHORT_NAME, new KerberosName("App.hdfs@" + str).getShortName());
        } catch (IOException e) {
            Assert.fail();
        }
        try {
            Assert.assertEquals(z ? SHORT_NAME : PFX_SHORT_NAME, new KerberosName("App.hdfs/test.host.com@" + str).getShortName());
        } catch (IOException e2) {
            Assert.fail();
        }
    }

    @Test
    public void testAuthToLocalEmpty() {
        if (DEFAULT_REALM == null) {
            return;
        }
        DbService dbService = (DbService) Mockito.mock(DbService.class);
        Mockito.when(dbService.getServiceVersion()).thenReturn(CdhReleases.CDH4_0_0);
        Mockito.when(dbService.getServiceConfigsMap()).thenReturn(Collections.emptyMap());
        KerberosName.setRules(HadoopCommonHelpers.makeAuthToLocalRules(dbService, HdfsParams.EXTRA_AUTH_TO_LOCAL_RULES, HdfsParams.TRUSTED_REALMS, "{DEFAULT_RULES}"));
        translateWithRealm(DEFAULT_REALM, true);
        translateWithRealm(FIRST_REALM, false);
        translateWithRealm(SECOND_REALM, false);
        translateWithPrefix(DEFAULT_REALM, false);
    }

    @Test
    public void testAuthToLocalOneRealm() {
        if (DEFAULT_REALM == null) {
            return;
        }
        DbService dbService = (DbService) Mockito.mock(DbService.class);
        Mockito.when(dbService.getServiceVersion()).thenReturn(CdhReleases.CDH4_0_0);
        Mockito.when(dbService.getServiceConfigsMap()).thenReturn(ImmutableMap.of(TRUSTED_REALMS, FIRST_REALM));
        KerberosName.setRules(HadoopCommonHelpers.makeAuthToLocalRules(dbService, HdfsParams.EXTRA_AUTH_TO_LOCAL_RULES, HdfsParams.TRUSTED_REALMS, "{DEFAULT_RULES}"));
        translateWithRealm(DEFAULT_REALM, true);
        translateWithRealm(FIRST_REALM, true);
        translateWithRealm(SECOND_REALM, false);
        translateWithPrefix(FIRST_REALM, false);
    }

    @Test
    public void testAuthToLocalTwoRealms() {
        if (DEFAULT_REALM == null) {
            return;
        }
        DbService dbService = (DbService) Mockito.mock(DbService.class);
        Mockito.when(dbService.getServiceVersion()).thenReturn(CdhReleases.CDH4_0_0);
        Mockito.when(dbService.getServiceConfigsMap()).thenReturn(ImmutableMap.of(TRUSTED_REALMS, "HADOOP.COM,CLOUDERA.COM"));
        KerberosName.setRules(HadoopCommonHelpers.makeAuthToLocalRules(dbService, HdfsParams.EXTRA_AUTH_TO_LOCAL_RULES, HdfsParams.TRUSTED_REALMS, "{DEFAULT_RULES}"));
        translateWithRealm(DEFAULT_REALM, true);
        translateWithRealm(FIRST_REALM, true);
        translateWithRealm(SECOND_REALM, true);
        translateWithPrefix(SECOND_REALM, false);
    }

    @Test
    public void testAuthToLocalExtra() throws IOException {
        if (DEFAULT_REALM == null) {
            return;
        }
        DbService dbService = (DbService) Mockito.mock(DbService.class);
        Mockito.when(dbService.getServiceVersion()).thenReturn(CdhReleases.CDH4_0_0);
        Mockito.when(dbService.getServiceConfigsMap()).thenReturn(ImmutableMap.of(EXTRA_RULES, PFX_REMOVING_RULES));
        KerberosName.setRules(HadoopCommonHelpers.makeAuthToLocalRules(dbService, HdfsParams.EXTRA_AUTH_TO_LOCAL_RULES, HdfsParams.TRUSTED_REALMS, "{DEFAULT_RULES}"));
        translateWithRealm(DEFAULT_REALM, true);
        translateWithRealm(FIRST_REALM, false);
        translateWithRealm(SECOND_REALM, false);
        translateWithPrefix(DEFAULT_REALM, true);
    }

    @Test
    public void testAuthToLocalExtraRealm() throws IOException {
        if (DEFAULT_REALM == null) {
            return;
        }
        DbService dbService = (DbService) Mockito.mock(DbService.class);
        Mockito.when(dbService.getServiceVersion()).thenReturn(CdhReleases.CDH4_0_0);
        Mockito.when(dbService.getServiceConfigsMap()).thenReturn(ImmutableMap.of(TRUSTED_REALMS, FIRST_REALM, EXTRA_RULES, PFX_REMOVING_RULES));
        KerberosName.setRules(HadoopCommonHelpers.makeAuthToLocalRules(dbService, HdfsParams.EXTRA_AUTH_TO_LOCAL_RULES, HdfsParams.TRUSTED_REALMS, "{DEFAULT_RULES}"));
        translateWithRealm(DEFAULT_REALM, true);
        translateWithRealm(FIRST_REALM, true);
        translateWithRealm(SECOND_REALM, false);
        translateWithPrefix(FIRST_REALM, true);
    }

    @Test
    public void testGenerateZKDigestAuthKey() throws NoSuchAlgorithmException, UnsupportedEncodingException {
        Assert.assertEquals("hdfs-fcs:4Z4crAqHhdXOAMHKmdFvQNbH60U=", HadoopCommonHelpers.generateZKDigestAuthKey("hdfs-fcs:password"));
    }

    @Test
    public void testAddHttpPrincForSecureWebUI() {
        DbRole dbRole = (DbRole) Mockito.mock(DbRole.class);
        DbService dbService = (DbService) Mockito.mock(DbService.class);
        Mockito.when(dbService.getServiceVersion()).thenReturn(Release.NULL);
        HashMap newHashMap = Maps.newHashMap();
        Mockito.when(dbRole.getService()).thenReturn(dbService);
        Mockito.when(dbService.getServiceConfigsMap()).thenReturn(newHashMap);
        HashMap newHashMap2 = Maps.newHashMap();
        HadoopCommonHelpers.addHttpPrincForSecureWebUI(dbRole, newHashMap2);
        Assert.assertNull(newHashMap2.get(KerberosAuthentication.KERBEROS_HTTP_PRINCIPAL));
        newHashMap.put(SecurityParams.SECURE_WEB_UI.getTemplateName(), "true");
        HadoopCommonHelpers.addHttpPrincForSecureWebUI(dbRole, newHashMap2);
        Assert.assertEquals("HTTP", newHashMap2.get(KerberosAuthentication.KERBEROS_HTTP_PRINCIPAL));
    }

    @Test
    public void testMakeJavaOpts() {
        ParamSpec javaHeapSizeParamSpec = CommonParamSpecs.javaHeapSizeParamSpec("foo", "foo_heap", 524288000L);
        ParamSpec javaHeapSizeParamSpec2 = CommonParamSpecs.javaHeapSizeParamSpec("foo", "foo_direct_mem", 734003200L);
        ParamSpec build = CommonParamSpecs.javaAdditionalOptionsBuilder("foo", "foo_jvm_opts").build();
        ParamSpec build2 = MonitoringParams.enableEventCaptureBuilder().build();
        HashMap newHashMap = Maps.newHashMap();
        for (ParamSpec paramSpec : new ParamSpec[]{javaHeapSizeParamSpec, javaHeapSizeParamSpec2, build, build2}) {
            newHashMap.put(paramSpec.getTemplateName(), paramSpec.getDefaultValueNoVersion());
        }
        ServiceDataProvider serviceDataProvider = (ServiceDataProvider) Mockito.mock(ServiceDataProvider.class);
        ServiceHandlerRegistry serviceHandlerRegistry = (ServiceHandlerRegistry) Mockito.mock(ServiceHandlerRegistry.class);
        Mockito.when(serviceDataProvider.getServiceHandlerRegistry()).thenReturn(serviceHandlerRegistry);
        ConfigHelper configHelper = (ConfigHelper) Mockito.mock(ConfigHelper.class);
        Mockito.when(serviceDataProvider.getConfigHelper()).thenReturn(configHelper);
        DbService dbService = (DbService) Mockito.mock(DbService.class);
        Mockito.when(serviceHandlerRegistry.get(dbService)).thenReturn((ServiceHandler) Mockito.mock(ServiceHandler.class));
        DbRole dbRole = (DbRole) Mockito.mock(DbRole.class);
        RoleHandler roleHandler = (RoleHandler) Mockito.mock(RoleHandler.class);
        Mockito.when(Boolean.valueOf(roleHandler.requiresCredentials((CmfEntityManager) Mockito.any(CmfEntityManager.class), (DbRole) Mockito.any(DbRole.class)))).thenReturn(false);
        ScmParamTrackerStore scmParamTrackerStore = (ScmParamTrackerStore) Mockito.mock(ScmParamTrackerStore.class);
        Mockito.when(serviceDataProvider.getScmParamTrackerStore()).thenReturn(scmParamTrackerStore);
        Assert.assertEquals("-Xms524288000 -Xmx524288000 -XX:MaxDirectMemorySize=734003200 -Dhadoop.event.appender=,EventCatcher -Dhadoop.security.logger=INFO,RFAS -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/heap/dump/path", HadoopCommonHelpers.makeJavaOpts(javaHeapSizeParamSpec, javaHeapSizeParamSpec2, build, build2, true, "/heap/dump/path", newHashMap, roleHandler, dbRole, dbService, serviceDataProvider));
        Mockito.when(scmParamTrackerStore.get(ScmParams.EXTRA_JVM_OPTS)).thenReturn("-Dsun.security.krb5.disableReferrals=true");
        Assert.assertEquals("-Xms524288000 -Xmx524288000 -XX:MaxDirectMemorySize=734003200 -Dhadoop.event.appender=,EventCatcher -Dhadoop.security.logger=INFO,RFAS -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/heap/dump/path -Dsun.security.krb5.disableReferrals=true", HadoopCommonHelpers.makeJavaOpts(javaHeapSizeParamSpec, javaHeapSizeParamSpec2, build, build2, true, "/heap/dump/path", newHashMap, roleHandler, dbRole, dbService, serviceDataProvider));
        Mockito.when(scmParamTrackerStore.get(ScmParams.EXTRA_JVM_OPTS)).thenReturn(MetricsSourceConfigEvaluatorTest.PLACE_HOLDER);
        Mockito.when(Boolean.valueOf(roleHandler.requiresCredentials((CmfEntityManager) Mockito.any(CmfEntityManager.class), (DbRole) Mockito.any(DbRole.class)))).thenReturn(true);
        DbService dbService2 = (DbService) Mockito.mock(DbService.class);
        Mockito.when(dbService2.getServiceVersion()).thenReturn(CdhReleases.CDH5_0_0);
        Mockito.when(dbService2.getServiceType()).thenReturn(MockTestCluster.ZK_ST);
        ServiceHandler serviceHandler = (ServiceHandler) Mockito.mock(ServiceHandler.class);
        Mockito.when(serviceHandler.getKerberosPrincipalName(dbService2)).thenReturn("zookeeper");
        Mockito.when(serviceHandlerRegistry.get(dbService2)).thenReturn(serviceHandler);
        Mockito.when(configHelper.getDependencyTypeFromChain(dbService, (CmfEntityManager) null, MockTestCluster.ZK_ST)).thenReturn(dbService2);
        Assert.assertEquals("-Xms524288000 -Xmx524288000 -XX:MaxDirectMemorySize=734003200 -Dhadoop.event.appender=,EventCatcher -Dhadoop.security.logger=INFO,RFAS -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/heap/dump/path", HadoopCommonHelpers.makeJavaOpts(javaHeapSizeParamSpec, javaHeapSizeParamSpec2, build, build2, true, "/heap/dump/path", newHashMap, roleHandler, dbRole, dbService, serviceDataProvider));
        Mockito.when(serviceHandler.getKerberosPrincipalName(dbService2)).thenReturn("zkfoo");
        Assert.assertEquals("-Xms524288000 -Xmx524288000 -XX:MaxDirectMemorySize=734003200 -Dhadoop.event.appender=,EventCatcher -Dhadoop.security.logger=INFO,RFAS -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/heap/dump/path -Dzookeeper.sasl.client.username=zkfoo", HadoopCommonHelpers.makeJavaOpts(javaHeapSizeParamSpec, javaHeapSizeParamSpec2, build, build2, true, "/heap/dump/path", newHashMap, roleHandler, dbRole, dbService, serviceDataProvider));
    }

    static {
        String str;
        try {
            str = Config.getInstance().getDefaultRealm();
        } catch (KrbException e) {
            str = null;
        }
        DEFAULT_REALM = str;
    }
}
