package com.cloudera.cmf.service.solr;

import com.cloudera.cmf.model.DbConfig;
import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.AbstractServiceTest;
import com.cloudera.cmf.service.RoleHandler;
import com.cloudera.cmf.service.TestUtils;
import com.cloudera.cmf.service.config.transform.CredentialProviderConfigTransform;
import com.cloudera.cmf.version.CdhReleases;
import com.google.common.collect.Maps;
import com.google.common.io.ByteStreams;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import javax.crypto.spec.SecretKeySpec;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:com/cloudera/cmf/service/solr/SolrConfigFileTest.class */
public class SolrConfigFileTest extends AbstractServiceTest {
    @Before
    public void setupTest() throws Exception {
        TestUtils.interpretCli(sdp, Arrays.asList("createcluster cluster1 6", "createservice zk1 ZOOKEEPER cluster1", "createservice hdfs1 HDFS cluster1", "createservice search1 SOLR cluster1", "createconfig solr_security_authentication kerberos search1", "createhost h1 h1 1.1.1.1", "createrole zks1 zk1 h1 SERVER", "createrole nn1 hdfs1 h1 NAMENODE", "createrole solr1 search1 h1 SOLR_SERVER", "createconfig dfs_name_dir_list /data hdfs1 nn1", "createconfig zookeeper_service zk1 search1", "createconfig hdfs_service hdfs1 search1", "createconfig hdfs_data_dir /blah search1", "createconfig zookeeper_znode /foobar search1"));
    }

    @After
    public void after() {
        cleanDatabase();
    }

    @Test
    public void testCredstoreGeneration() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableKeyException {
        CmfEntityManager cmfEntityManager = new CmfEntityManager(emf);
        try {
            cmfEntityManager.begin();
            DbService findServiceByName = cmfEntityManager.findServiceByName("search1");
            DbRole findRoleByName = cmfEntityManager.findRoleByName("solr1");
            findServiceByName.addConfig(new DbConfig(findServiceByName, SolrParams.SOLR_SECURE_AUTHENTICATION.getTemplateName(), "kerberos"));
            findServiceByName.addConfig(new DbConfig(findServiceByName, SolrParams.SOLR_USE_SSL.getTemplateName(), "true"));
            findServiceByName.addConfig(new DbConfig(findServiceByName, SolrParams.SOLR_HTTPS_KEYSTORE_FILE.getTemplateName(), "/dir1/keystore.jks"));
            findServiceByName.addConfig(new DbConfig(findServiceByName, SolrParams.SOLR_HTTPS_KEYSTORE_PASSWORD.getTemplateName(), "password1"));
            findServiceByName.addConfig(new DbConfig(findServiceByName, SolrParams.SOLR_HTTPS_TRUSTSTORE_FILE.getTemplateName(), "/dir1/truststore.jks"));
            findServiceByName.addConfig(new DbConfig(findServiceByName, SolrParams.SOLR_HTTPS_TRUSTSTORE_PASSWORD.getTemplateName(), "password2"));
            RoleHandler roleHandler = sdp.getServiceHandlerRegistry().get(findServiceByName).getRoleHandler("SOLR_SERVER");
            byte[] generateConfiguration = roleHandler.generateConfiguration(findRoleByName, roleHandler.prepareConfiguration(findRoleByName));
            String configValue = findRoleByName.getConfigValue("role_jceks_password");
            CredentialProviderConfigTransform credentialProviderConfigTransform = new CredentialProviderConfigTransform(configValue, "jceks");
            Map<String, byte[]> files = getFiles(generateConfiguration);
            Assert.assertTrue(files.containsKey(credentialProviderConfigTransform.keyStoreFileName));
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(files.get(credentialProviderConfigTransform.keyStoreFileName));
            KeyStore keyStore = KeyStore.getInstance("jceks");
            keyStore.load(byteArrayInputStream, configValue.toCharArray());
            SecretKeySpec secretKeySpec = (SecretKeySpec) keyStore.getKey(SolrParams.SOLR_HTTPS_KEYSTORE_PASSWORD.getPropertyName(CdhReleases.CDH6_0_0), configValue.toCharArray());
            Assert.assertNotNull("Password key was not found", secretKeySpec);
            Assert.assertEquals("password1", new String(secretKeySpec.getEncoded()));
            SecretKeySpec secretKeySpec2 = (SecretKeySpec) keyStore.getKey(SolrParams.SOLR_HTTPS_TRUSTSTORE_PASSWORD.getPropertyName(CdhReleases.CDH6_0_0), configValue.toCharArray());
            Assert.assertNotNull("Password key was not found", secretKeySpec2);
            Assert.assertEquals("password2", new String(secretKeySpec2.getEncoded()));
            cmfEntityManager.rollback();
            cmfEntityManager.close();
        } catch (Throwable th) {
            cmfEntityManager.rollback();
            cmfEntityManager.close();
            throw th;
        }
    }

    private Map<String, byte[]> getFiles(byte[] bArr) throws IOException {
        ZipInputStream zipInputStream = new ZipInputStream(new ByteArrayInputStream(bArr));
        LinkedHashMap newLinkedHashMap = Maps.newLinkedHashMap();
        while (true) {
            ZipEntry nextEntry = zipInputStream.getNextEntry();
            if (nextEntry == null) {
                return newLinkedHashMap;
            }
            newLinkedHashMap.put(nextEntry.getName(), ByteStreams.toByteArray(zipInputStream));
        }
    }
}
