package org.apache.drill.exec.store.phoenix.secured;

import java.io.File;
import java.io.IOException;
import java.lang.reflect.Field;
import java.net.InetAddress;
import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.apache.commons.io.FileUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HBaseTestingUtility;
import org.apache.hadoop.hbase.LocalHBaseCluster;
import org.apache.hadoop.hbase.security.HBaseKerberosUtils;
import org.apache.hadoop.http.HttpConfig;
import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.util.KerberosName;
import org.apache.phoenix.query.ConfigurationFactory;
import org.apache.phoenix.util.InstanceResolver;
import org.junit.Assert;

/* loaded from: input_file:org/apache/drill/exec/store/phoenix/secured/PhoenixEnvironment.class */
public class PhoenixEnvironment {
    private static final String LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME;
    static final String LOGIN_USER;
    private static final String SPNEGO_PRINCIPAL;
    private static final String PQS_PRINCIPAL;
    private static final String SERVICE_PRINCIPAL;
    private final File keytab;
    private final MiniKdc kdc;
    private final LocalHBaseCluster hbaseCluster;
    private int numCreatedUsers;
    private final String phoenixUrl;
    private final File tempDir = new File(getTempDir());
    private final File keytabDir = new File(this.tempDir, "keytabs");
    private final List<File> userKeytabFiles = new ArrayList();
    private final HBaseTestingUtility util = new HBaseTestingUtility(conf());

    private static Configuration conf() {
        Configuration create = HBaseConfiguration.create();
        create.set("hbase.security.authentication", "kerberos");
        return create;
    }

    private static String getTempDir() {
        StringBuilder sb = new StringBuilder(32);
        sb.append(System.getProperty("user.dir")).append(File.separator);
        sb.append("target").append(File.separator);
        sb.append(PhoenixEnvironment.class.getSimpleName());
        sb.append("-").append(UUID.randomUUID());
        return sb.toString();
    }

    public String getPhoenixUrl() {
        return this.phoenixUrl;
    }

    public HBaseTestingUtility getUtil() {
        return this.util;
    }

    public File getServiceKeytab() {
        return this.keytab;
    }

    private static void updateDefaultRealm() throws Exception {
        Field declaredField = KerberosName.class.getDeclaredField("defaultRealm");
        declaredField.setAccessible(true);
        declaredField.set(null, "EXAMPLE.COM");
    }

    private void createUsers(int i) throws Exception {
        Assert.assertNotNull("KDC is null, was setup method called?", this.kdc);
        this.numCreatedUsers = i;
        for (int i2 = 1; i2 <= i; i2++) {
            String str = "user" + i2;
            File file = new File(this.keytabDir, str + ".keytab");
            this.kdc.createPrincipal(file, new String[]{str});
            this.userKeytabFiles.add(file);
        }
    }

    public Map.Entry<String, File> getUser(int i) {
        if (i <= 0 || i > this.numCreatedUsers) {
            throw new IllegalArgumentException();
        }
        return new AbstractMap.SimpleImmutableEntry("user" + i, this.userKeytabFiles.get(i - 1));
    }

    private void setHdfsSecuredConfiguration(Configuration configuration) throws Exception {
        configuration.set("dfs.namenode.kerberos.principal", SERVICE_PRINCIPAL + "@" + this.kdc.getRealm());
        configuration.set("dfs.namenode.keytab.file", this.keytab.getAbsolutePath());
        configuration.set("dfs.datanode.kerberos.principal", SERVICE_PRINCIPAL + "@" + this.kdc.getRealm());
        configuration.set("dfs.datanode.keytab.file", this.keytab.getAbsolutePath());
        configuration.set("dfs.web.authentication.kerberos.principal", SPNEGO_PRINCIPAL + "@" + this.kdc.getRealm());
        configuration.setBoolean("dfs.block.access.token.enable", true);
        configuration.set("dfs.http.policy", HttpConfig.Policy.HTTPS_ONLY.name());
        configuration.set("dfs.namenode.https-address", "localhost:0");
        configuration.set("dfs.datanode.https.address", "localhost:0");
        new File(this.util.getDataTestDir("keystore").toUri().getPath()).mkdirs();
        configuration.setBoolean("ignore.secure.ports.for.testing", true);
    }

    private static void ensureIsEmptyDirectory(File file) throws IOException {
        if (file.exists()) {
            if (file.isDirectory()) {
                FileUtils.deleteDirectory(file);
            } else {
                Assert.assertTrue("Failed to delete keytab directory", file.delete());
            }
        }
        Assert.assertTrue("Failed to create keytab directory", file.mkdirs());
    }

    public PhoenixEnvironment(Configuration configuration, int i, boolean z) throws Exception {
        final Configuration configuration2 = this.util.getConfiguration();
        configuration2.addResource(configuration);
        ensureIsEmptyDirectory(this.tempDir);
        ensureIsEmptyDirectory(this.keytabDir);
        this.keytab = new File(this.keytabDir, "test.keytab");
        this.kdc = this.util.setupMiniKdc(this.keytab);
        this.kdc.createPrincipal(this.keytab, new String[]{SPNEGO_PRINCIPAL, PQS_PRINCIPAL, SERVICE_PRINCIPAL});
        this.util.startMiniZKCluster();
        createUsers(i);
        HBaseKerberosUtils.setPrincipalForTesting(SERVICE_PRINCIPAL + "@" + this.kdc.getRealm());
        HBaseKerberosUtils.setSecuredConfiguration(configuration2);
        setHdfsSecuredConfiguration(configuration2);
        UserGroupInformation.setConfiguration(configuration2);
        configuration2.setInt("hbase.master.port", 0);
        configuration2.setInt("hbase.master.info.port", 0);
        configuration2.setInt("hbase.regionserver.port", 0);
        configuration2.setInt("hbase.regionserver.info.port", 0);
        InstanceResolver.clearSingletons();
        InstanceResolver.getSingleton(ConfigurationFactory.class, new ConfigurationFactory() { // from class: org.apache.drill.exec.store.phoenix.secured.PhoenixEnvironment.1
            public Configuration getConfiguration() {
                return configuration2;
            }

            public Configuration getConfiguration(Configuration configuration3) {
                Configuration configuration4 = new Configuration(configuration2);
                configuration4.addResource(configuration3);
                return configuration4;
            }
        });
        updateDefaultRealm();
        configuration2.set("hbase.rootdir", this.util.getDataTestDirOnTestFS(PhoenixEnvironment.class.getSimpleName()).toString());
        this.hbaseCluster = new LocalHBaseCluster(configuration2, 1);
        this.hbaseCluster.startup();
        this.phoenixUrl = "jdbc:phoenix:localhost:" + getZookeeperPort();
    }

    public int getZookeeperPort() {
        return this.util.getConfiguration().getInt("hbase.zookeeper.property.clientPort", 2181);
    }

    public void stop() throws Exception {
        InstanceResolver.clearSingletons();
        if (this.hbaseCluster != null) {
            this.hbaseCluster.shutdown();
            this.hbaseCluster.join();
        }
        this.util.shutdownMiniCluster();
        if (this.kdc != null) {
            this.kdc.stop();
        }
        this.util.closeConnection();
    }

    static {
        try {
            LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME = InetAddress.getByName("127.0.0.1").getCanonicalHostName();
            String property = System.getProperty("user.name");
            LOGIN_USER = property != null ? property : "securecluster";
            SPNEGO_PRINCIPAL = "HTTP/" + LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME;
            PQS_PRINCIPAL = "phoenixqs/" + LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME;
            SERVICE_PRINCIPAL = LOGIN_USER + "/" + LOCAL_HOST_REVERSE_DNS_LOOKUP_NAME;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
