package com.cloudera.server.cmf.cluster;

import com.cloudera.cmf.command.datacollection.UtilizationReportArchiverTest;
import com.cloudera.cmf.model.DbCluster;
import com.cloudera.cmf.model.DbService;
import com.cloudera.cmf.service.ClusterClientConfigHandler;
import com.cloudera.cmf.service.SecurityParams;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.config.StringEnumParamSpec;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.cmf.version.CdhReleases;
import com.cloudera.enterprise.config.ZipUtil;
import com.cloudera.server.cmf.Authentication;
import com.cloudera.server.cmf.MockBaseTest;
import com.google.common.collect.ImmutableList;
import java.io.File;
import java.util.Map;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:com/cloudera/server/cmf/cluster/ClusterClientConfigsTest.class */
public class ClusterClientConfigsTest extends MockBaseTest {
    private DbCluster cluster;
    private DbService hdfs;

    @Before
    public void populateCluster() {
        this.cluster = createCluster((Long) 1L, UtilizationReportArchiverTest.CLUSTER_NAME1, CdhReleases.OLDEST_SUPPORTED_CDH_RELEASE);
        this.hdfs = createService(1L, "hdfs1", "HDFS", this.cluster);
        createConfig(this.hdfs, (ParamSpec<StringEnumParamSpec>) SecurityParams.SECURE_AUTHENTICATION, (StringEnumParamSpec) Authentication.AUTHENTICATION_TYPES.kerberos.name());
        createScmConfig(ScmParams.SECURITY_REALM, "FOO.COM");
        createScmConfig(ScmParams.KDC_HOST, "foo.host.com");
        createScmConfig(ScmParams.KRB_DOMAIN, ImmutableList.of("test.com", ".test.com"));
        createScmConfig(ScmParams.KRB_REALMS_SAFETY_VALVE, "krb_realms_safety_text");
        createScmConfig(ScmParams.KRB_OTHER_SAFETY_VALVE, "[other_section]\nkrb_other_safety_text");
        createScmConfig(ScmParams.KRB_MANAGE_KRB5_CONF, true);
        createScmConfig(ScmParams.KERBEROS_TRUSTED_REALMS, "[{\"adminHost\":null,\"domain\":\"bar.com, .bar.com\",\"host\":\"bar.host.com\",\"realm\":\"BAR.COM\"}]");
    }

    @Test
    public void testConfigGenerateConfig() throws Exception {
        String path = new File("krb-conf", "krb5.conf").getPath();
        ClusterClientConfigHandler clientConfigHandler = sdp.getServiceHandlerRegistry().get(this.cluster).getClientConfigHandler();
        Assert.assertTrue(clientConfigHandler.isCreateClientConfigAvailable(this.em, this.cluster));
        Map unzip = ZipUtil.unzip(clientConfigHandler.buildClientConfig(this.cluster));
        Assert.assertTrue(unzip.containsKey(path));
        Assert.assertEquals("[libdefaults]\ndefault_realm = FOO.COM\ndns_lookup_kdc = false\ndns_lookup_realm = false\nticket_lifetime = 86400\nrenew_lifetime = 604800\nforwardable = true\ndefault_tgs_enctypes = rc4-hmac\ndefault_tkt_enctypes = rc4-hmac\npermitted_enctypes = rc4-hmac\nudp_preference_limit = 1\nkdc_timeout = 3000\n[realms]\nFOO.COM = {\nkdc = foo.host.com\nadmin_server = foo.host.com\ndefault_domain = test.com\nkrb_realms_safety_text\n}\nBAR.COM = {\nkdc = bar.host.com\nadmin_server = bar.host.com\ndefault_domain = bar.com\n}\n[domain_realm]\ntest.com = FOO.COM\n.test.com = FOO.COM\nbar.com = BAR.COM\n.bar.com = BAR.COM\n[other_section]\nkrb_other_safety_text", (String) unzip.get(path));
    }

    @Test
    public void testConfigGenerateConfigSafetyValve() throws Exception {
        createScmConfig(ScmParams.KRB_OTHER_SAFETY_VALVE, "[domain_realm]\nfoo.com = FOO.COM\n.foo.com = FOO.COM\n[other_section]\nkrb_other_safety_text");
        String path = new File("krb-conf", "krb5.conf").getPath();
        ClusterClientConfigHandler clientConfigHandler = sdp.getServiceHandlerRegistry().get(this.cluster).getClientConfigHandler();
        Assert.assertTrue(clientConfigHandler.isCreateClientConfigAvailable(this.em, this.cluster));
        Map unzip = ZipUtil.unzip(clientConfigHandler.buildClientConfig(this.cluster));
        Assert.assertTrue(unzip.containsKey(path));
        Assert.assertEquals("[libdefaults]\ndefault_realm = FOO.COM\ndns_lookup_kdc = false\ndns_lookup_realm = false\nticket_lifetime = 86400\nrenew_lifetime = 604800\nforwardable = true\ndefault_tgs_enctypes = rc4-hmac\ndefault_tkt_enctypes = rc4-hmac\npermitted_enctypes = rc4-hmac\nudp_preference_limit = 1\nkdc_timeout = 3000\n[realms]\nFOO.COM = {\nkdc = foo.host.com\nadmin_server = foo.host.com\ndefault_domain = test.com\nkrb_realms_safety_text\n}\nBAR.COM = {\nkdc = bar.host.com\nadmin_server = bar.host.com\ndefault_domain = bar.com\n}\n[domain_realm]\nfoo.com = FOO.COM\n.foo.com = FOO.COM\n[other_section]\nkrb_other_safety_text", (String) unzip.get(path));
        createScmConfig(ScmParams.KRB_OTHER_SAFETY_VALVE, "[other_section]\nkrb_other_safety_text");
    }

    @Test
    public void testConfigAvailableCdh4() {
        this.cluster = createCluster((Long) 2L, UtilizationReportArchiverTest.CLUSTER_NAME2, CdhReleases.OLDEST_SUPPORTED_CDH_RELEASE);
        this.hdfs = createService(2L, "hdfs2", "HDFS", this.cluster);
        createConfig(this.hdfs, (ParamSpec<StringEnumParamSpec>) SecurityParams.SECURE_AUTHENTICATION, (StringEnumParamSpec) Authentication.AUTHENTICATION_TYPES.kerberos.name());
        Assert.assertTrue(sdp.getServiceHandlerRegistry().get(this.cluster).getClientConfigHandler().isCreateClientConfigAvailable(this.em, this.cluster));
    }

    @Test
    public void testConfigAvailableNoServicesKerb() {
        this.cluster = createCluster((Long) 2L, UtilizationReportArchiverTest.CLUSTER_NAME2, CdhReleases.OLDEST_SUPPORTED_CDH_RELEASE);
        this.hdfs = createService(2L, "hdfs2", "HDFS", this.cluster);
        Assert.assertTrue(sdp.getServiceHandlerRegistry().get(this.cluster).getClientConfigHandler().isCreateClientConfigAvailable(this.em, this.cluster));
    }

    @Test
    public void testNotAvailableWhenKrb5NotManaged() {
        createScmConfig(ScmParams.KRB_MANAGE_KRB5_CONF, false);
        this.cluster = createCluster((Long) 2L, UtilizationReportArchiverTest.CLUSTER_NAME2, CdhReleases.OLDEST_SUPPORTED_CDH_RELEASE);
        this.hdfs = createService(2L, "hdfs2", "HDFS", this.cluster);
        Assert.assertFalse(sdp.getServiceHandlerRegistry().get(this.cluster).getClientConfigHandler().isCreateClientConfigAvailable(this.em, this.cluster));
    }
}
