package com.cloudera.cmf.security.components;

import com.cloudera.api.internal.KerberosCredentials;
import com.cloudera.cmf.CommandRunner;
import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.model.HeartbeatStore;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.TestUtils;
import com.cloudera.server.cmf.AbstractBaseTest;
import com.cloudera.server.cmf.BaseTest;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.apache.commons.io.FileUtils;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.mockito.Mockito;
import org.mockito.invocation.InvocationOnMock;
import org.mockito.stubbing.Answer;

/* loaded from: input_file:com/cloudera/cmf/security/components/SecurityUtilsTest.class */
public class SecurityUtilsTest extends BaseTest {
    @BeforeClass
    public static void init() {
        TestUtils.interpretCli(sdp, Lists.newArrayList(new String[]{"createhost foo foo 1.1.1.1 /default", "createhost bar bar 2.2.2.2 /default", "createcluster cdh4 5", "createservice hdfs1 HDFS cdh4", "createrole nn1 hdfs1 foo NAMENODE", "createrole dn1 hdfs1 foo DATANODE", "createrole sbn1 hdfs1 bar NAMENODE", "createconfig hadoop_security_authentication kerberos hdfs1"}));
        runInTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.security.components.SecurityUtilsTest.1
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                cmfEntityManager.findRoleByName("nn1").setMergedKeytab(new byte[]{10, 20, 30});
                cmfEntityManager.findRoleByName("sbn1").setMergedKeytab(new byte[]{10, 20, 30});
            }
        });
    }

    @AfterClass
    public static void cleanUp() {
        HeartbeatStore.getInstance().clear();
        cleanDatabase();
    }

    @Test
    public void testGetRolePrincipal() {
        runInTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.security.components.SecurityUtilsTest.2
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                DbRole findRoleByName = cmfEntityManager.findRoleByName("nn1");
                Assert.assertEquals("hdfs/" + findRoleByName.getHost().getHostId() + "@HADOOP.COM", new SecurityUtils().getRolePrincipal(SecurityUtilsTest.sdp, cmfEntityManager, findRoleByName));
            }
        });
    }

    @Test
    public void testGetRealmFromPrincipal() {
        Assert.assertEquals("A.CLOUDERA.COM", new SecurityUtils().getRealmFromPrincipal("hdfs/_HOST@A.CLOUDERA.COM"));
        Assert.assertEquals("A.CLOUDERA.COM", new SecurityUtils().getRealmFromPrincipal("hdfs/foo.ent.cloudera.com@A.CLOUDERA.COM"));
    }

    @Test
    public void testGetCredentialsForRole() throws IOException {
        final SecurityUtils securityUtils = (SecurityUtils) Mockito.spy(new SecurityUtils());
        final ArrayList newArrayList = Lists.newArrayList();
        final byte[] bArr = {25, 50};
        ((SecurityUtils) Mockito.doAnswer(new Answer<CommandRunner.CommandResult>() { // from class: com.cloudera.cmf.security.components.SecurityUtilsTest.3
            /* renamed from: answer, reason: merged with bridge method [inline-methods] */
            public CommandRunner.CommandResult m163answer(InvocationOnMock invocationOnMock) throws Throwable {
                List list = (List) invocationOnMock.getArguments()[0];
                newArrayList.add(list);
                Assert.assertEquals(4L, list.size());
                Assert.assertTrue(((String) list.get(0)).endsWith("gen_tgt.sh"));
                Assert.assertTrue(new File((String) list.get(0)).exists());
                Assert.assertTrue(((String) list.get(1)).endsWith(".tgt"));
                Assert.assertFalse(new File((String) list.get(1)).exists());
                FileUtils.writeByteArrayToFile(new File((String) list.get(1)), bArr);
                Assert.assertEquals("hdfs/foo@HADOOP.COM", list.get(2));
                Assert.assertTrue(((String) list.get(3)).endsWith(".keytab"));
                Assert.assertTrue(new File((String) list.get(3)).exists());
                return (CommandRunner.CommandResult) Mockito.mock(CommandRunner.CommandResult.class);
            }
        }).when(securityUtils)).runCommand((List) Mockito.isA(List.class));
        ((SecurityUtils) Mockito.doReturn("/tmp").when(securityUtils)).getRunKeytabDir();
        runInTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.security.components.SecurityUtilsTest.4
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                KerberosCredentials credentialsForRole = securityUtils.getCredentialsForRole(SecurityUtilsTest.sdp, cmfEntityManager, cmfEntityManager.findRoleByName("nn1"));
                Assert.assertEquals("hdfs/foo@HADOOP.COM", credentialsForRole.getPrincipal());
                Assert.assertArrayEquals(bArr, credentialsForRole.getTgt());
            }
        });
    }

    @Test
    public void testCreateProcess() throws IOException, InterruptedException {
        CommandRunner.CommandResult runCommand = new SecurityUtils().runCommand(Arrays.asList("echo", "some", "values"));
        Assert.assertEquals(0L, runCommand.retcode);
        Assert.assertEquals("some values\n", runCommand.stdout);
    }

    @Test
    public void testGetScmHttpPrincipal() throws UnknownHostException {
        Assert.assertEquals(String.format("HTTP/%s@HADOOP.COM", InetAddress.getLocalHost().getCanonicalHostName()), SecurityUtils.getScmHttpPrincipal(sdp));
    }

    @Test
    public void testGetScmPrincipals() throws UnknownHostException {
        String format = String.format("HTTP/%s@HADOOP.COM", InetAddress.getLocalHost().getCanonicalHostName());
        Assert.assertEquals(ImmutableSet.of(), SecurityUtils.getScmPrincipals(sdp));
        TestUtils.interpretCli(sdp, Lists.newArrayList(new String[]{"setsettings krb_auth_enable true"}));
        Assert.assertEquals(ImmutableSet.of(format), SecurityUtils.getScmPrincipals(sdp));
        TestUtils.interpretCli(sdp, Lists.newArrayList(new String[]{"setsettings krb_auth_principal HTTP/foo@REALM", "setsettings krb_auth_keytab http.keytab"}));
        Assert.assertEquals(ImmutableSet.of(), SecurityUtils.getScmPrincipals(sdp));
    }
}
