package org.apache.hadoop.hdfs.server.namenode;

import java.io.IOException;
import java.security.PrivilegedExceptionAction;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.permission.FsPermission;
import org.apache.hadoop.hdfs.DFSConfigKeys;
import org.apache.hadoop.hdfs.DistributedFileSystem;
import org.apache.hadoop.hdfs.HdfsConfiguration;
import org.apache.hadoop.hdfs.MiniDFSCluster;
import org.apache.hadoop.security.SecurityUtilTestHelper;
import org.apache.hadoop.security.UserGroupInformation;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Before;
import org.junit.Test;

/* JADX WARN: Classes with same name are omitted:
  input_file:hadoop-hdfs-2.5.1-mapr-1501-tests.jar:org/apache/hadoop/hdfs/server/namenode/TestSecureNameNodeWithExternalKdc.class
  input_file:test-classes/org/apache/hadoop/hdfs/server/namenode/TestSecureNameNodeWithExternalKdc.class
 */
/* loaded from: input_file:hadoop-hdfs-2.5.1-mapr-1501/share/hadoop/hdfs/hadoop-hdfs-2.5.1-mapr-1501-tests.jar:org/apache/hadoop/hdfs/server/namenode/TestSecureNameNodeWithExternalKdc.class */
public class TestSecureNameNodeWithExternalKdc {
    private static final int NUM_OF_DATANODES = 0;

    @Before
    public void testExternalKdcRunning() {
        Assume.assumeTrue(SecurityUtilTestHelper.isExternalKdcRunning());
    }

    @Test
    public void testSecureNameNode() throws IOException, InterruptedException {
        final MiniDFSCluster miniDFSCluster = null;
        try {
            String property = System.getProperty("dfs.namenode.kerberos.principal");
            String property2 = System.getProperty("dfs.namenode.kerberos.internal.spnego.principal");
            String property3 = System.getProperty(DFSConfigKeys.DFS_NAMENODE_KEYTAB_FILE_KEY);
            Assert.assertNotNull("NameNode principal was not specified", property);
            Assert.assertNotNull("NameNode SPNEGO principal was not specified", property2);
            Assert.assertNotNull("NameNode keytab was not specified", property3);
            HdfsConfiguration hdfsConfiguration = new HdfsConfiguration();
            hdfsConfiguration.set("hadoop.security.authentication", "kerberos");
            hdfsConfiguration.set("dfs.namenode.kerberos.principal", property);
            hdfsConfiguration.set("dfs.namenode.kerberos.internal.spnego.principal", property2);
            hdfsConfiguration.set(DFSConfigKeys.DFS_NAMENODE_KEYTAB_FILE_KEY, property3);
            miniDFSCluster = new MiniDFSCluster.Builder(hdfsConfiguration).numDataNodes(0).build();
            miniDFSCluster.waitActive();
            DistributedFileSystem fileSystem = miniDFSCluster.getFileSystem();
            fileSystem.mkdirs(new Path("/tmp"));
            fileSystem.setPermission(new Path("/tmp"), new FsPermission((short) 511));
            String property4 = System.getProperty("user.principal");
            String property5 = System.getProperty("user.keytab");
            Assert.assertNotNull("User principal was not specified", property4);
            Assert.assertNotNull("User keytab was not specified", property5);
            UserGroupInformation loginUserFromKeytabAndReturnUGI = UserGroupInformation.loginUserFromKeytabAndReturnUGI(property4, property5);
            FileSystem fileSystem2 = (FileSystem) loginUserFromKeytabAndReturnUGI.doAs(new PrivilegedExceptionAction<FileSystem>() { // from class: org.apache.hadoop.hdfs.server.namenode.TestSecureNameNodeWithExternalKdc.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public FileSystem run() throws Exception {
                    return miniDFSCluster.getFileSystem();
                }
            });
            try {
                fileSystem2.mkdirs(new Path("/users"));
                Assert.fail("User must not be allowed to write in /");
            } catch (IOException e) {
            }
            Path path = new Path("/tmp/alpha");
            fileSystem2.mkdirs(path);
            Assert.assertNotNull(fileSystem2.listStatus(path));
            Assert.assertEquals(UserGroupInformation.AuthenticationMethod.KERBEROS, loginUserFromKeytabAndReturnUGI.getAuthenticationMethod());
            if (miniDFSCluster != null) {
                miniDFSCluster.shutdown();
            }
        } catch (Throwable th) {
            if (miniDFSCluster != null) {
                miniDFSCluster.shutdown();
            }
            throw th;
        }
    }
}
