package org.apache.hadoop.security;

import com.mapr.fs.jni.MapRConstants;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hdfs.MiniDFSCluster;
import org.apache.hadoop.hdfs.tools.DFSAdmin;
import org.apache.hadoop.security.authorize.AuthorizationException;
import org.apache.hadoop.security.authorize.ProxyUsers;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:lib/hadoop-hdfs-2.3.0-mapr-4.0.0-FCS-tests.jar:org/apache/hadoop/security/TestRefreshUserMappings.class */
public class TestRefreshUserMappings {
    private MiniDFSCluster cluster;
    Configuration config;
    private static long groupRefreshTimeoutSec = 1;
    private String tempResource = null;

    /* loaded from: input_file:lib/hadoop-hdfs-2.3.0-mapr-4.0.0-FCS-tests.jar:org/apache/hadoop/security/TestRefreshUserMappings$MockUnixGroupsMapping.class */
    public static class MockUnixGroupsMapping implements GroupMappingServiceProvider {
        private int i = 0;

        @Override // org.apache.hadoop.security.GroupMappingServiceProvider
        public List<String> getGroups(String str) throws IOException {
            System.out.println("Getting groups in MockUnixGroupsMapping");
            String str2 = str + ((10 * this.i) + 1);
            String str3 = str + ((10 * this.i) + 2);
            ArrayList arrayList = new ArrayList(2);
            arrayList.add(str2);
            arrayList.add(str3);
            this.i++;
            return arrayList;
        }

        @Override // org.apache.hadoop.security.GroupMappingServiceProvider
        public void cacheGroupsRefresh() throws IOException {
            System.out.println("Refreshing groups in MockUnixGroupsMapping");
        }

        @Override // org.apache.hadoop.security.GroupMappingServiceProvider
        public void cacheGroupsAdd(List<String> list) throws IOException {
        }
    }

    @Before
    public void setUp() throws Exception {
        this.config = new Configuration();
        this.config.setClass(CommonConfigurationKeysPublic.HADOOP_SECURITY_GROUP_MAPPING, MockUnixGroupsMapping.class, GroupMappingServiceProvider.class);
        this.config.setLong(CommonConfigurationKeysPublic.HADOOP_SECURITY_GROUPS_CACHE_SECS, groupRefreshTimeoutSec);
        Groups.getUserToGroupsMappingService(this.config);
        FileSystem.setDefaultUri(this.config, "hdfs://localhost:0");
        this.cluster = new MiniDFSCluster.Builder(this.config).buildHDFS();
        this.cluster.waitActive();
    }

    @After
    public void tearDown() throws Exception {
        if (this.cluster != null) {
            this.cluster.shutdown();
        }
        if (this.tempResource != null) {
            new File(this.tempResource).delete();
        }
    }

    @Test
    public void testGroupMappingRefresh() throws Exception {
        DFSAdmin dFSAdmin = new DFSAdmin(this.config);
        String[] strArr = {"-refreshUserToGroupsMappings"};
        Groups userToGroupsMappingService = Groups.getUserToGroupsMappingService(this.config);
        String userName = UserGroupInformation.getCurrentUser().getUserName();
        System.out.println("first attempt:");
        List<String> groups = userToGroupsMappingService.getGroups(userName);
        String[] strArr2 = new String[groups.size()];
        groups.toArray(strArr2);
        System.out.println(Arrays.toString(strArr2));
        System.out.println("second attempt, should be same:");
        List<String> groups2 = userToGroupsMappingService.getGroups(userName);
        groups2.toArray(strArr2);
        System.out.println(Arrays.toString(strArr2));
        for (int i = 0; i < groups2.size(); i++) {
            Assert.assertEquals("Should be same group ", groups.get(i), groups2.get(i));
        }
        dFSAdmin.run(strArr);
        System.out.println("third attempt(after refresh command), should be different:");
        List<String> groups3 = userToGroupsMappingService.getGroups(userName);
        groups3.toArray(strArr2);
        System.out.println(Arrays.toString(strArr2));
        for (int i2 = 0; i2 < groups3.size(); i2++) {
            Assert.assertFalse("Should be different group: " + groups.get(i2) + " and " + groups3.get(i2), groups.get(i2).equals(groups3.get(i2)));
        }
        Thread.sleep(groupRefreshTimeoutSec * 1100);
        System.out.println("fourth attempt(after timeout), should be different:");
        List<String> groups4 = userToGroupsMappingService.getGroups(userName);
        groups4.toArray(strArr2);
        System.out.println(Arrays.toString(strArr2));
        for (int i3 = 0; i3 < groups4.size(); i3++) {
            Assert.assertFalse("Should be different group ", groups3.get(i3).equals(groups4.get(i3)));
        }
    }

    @Test
    public void testRefreshSuperUserGroupsConfiguration() throws Exception {
        String proxySuperuserGroupConfKey = ProxyUsers.getProxySuperuserGroupConfKey("super_user");
        String proxySuperuserIpConfKey = ProxyUsers.getProxySuperuserIpConfKey("super_user");
        this.config.set(proxySuperuserGroupConfKey, "gr3,gr4,gr5");
        this.config.set(proxySuperuserIpConfKey, MapRConstants.DefaultCLDBIp);
        ProxyUsers.refreshSuperUserGroupsConfiguration(this.config);
        UserGroupInformation userGroupInformation = (UserGroupInformation) Mockito.mock(UserGroupInformation.class);
        UserGroupInformation userGroupInformation2 = (UserGroupInformation) Mockito.mock(UserGroupInformation.class);
        UserGroupInformation userGroupInformation3 = (UserGroupInformation) Mockito.mock(UserGroupInformation.class);
        Mockito.when(userGroupInformation.getRealUser()).thenReturn(userGroupInformation3);
        Mockito.when(userGroupInformation2.getRealUser()).thenReturn(userGroupInformation3);
        Mockito.when(userGroupInformation3.getShortUserName()).thenReturn("super_user");
        Mockito.when(userGroupInformation3.getUserName()).thenReturn("super_userL");
        Mockito.when(userGroupInformation.getShortUserName()).thenReturn("user1");
        Mockito.when(userGroupInformation2.getShortUserName()).thenReturn("user2");
        Mockito.when(userGroupInformation.getUserName()).thenReturn("userL1");
        Mockito.when(userGroupInformation2.getUserName()).thenReturn("userL2");
        Mockito.when(userGroupInformation.getGroupNames()).thenReturn(new String[]{"gr1", "gr2"});
        Mockito.when(userGroupInformation2.getGroupNames()).thenReturn(new String[]{"gr3", "gr4"});
        try {
            ProxyUsers.authorize(userGroupInformation, MapRConstants.DefaultCLDBIp, this.config);
            Assert.fail("first auth for " + userGroupInformation.getShortUserName() + " should've failed ");
        } catch (AuthorizationException e) {
            System.err.println("auth for " + userGroupInformation.getUserName() + " failed");
        }
        try {
            ProxyUsers.authorize(userGroupInformation2, MapRConstants.DefaultCLDBIp, this.config);
            System.err.println("auth for " + userGroupInformation2.getUserName() + " succeeded");
        } catch (AuthorizationException e2) {
            Assert.fail("first auth for " + userGroupInformation2.getShortUserName() + " should've succeeded: " + e2.getLocalizedMessage());
        }
        addNewConfigResource("testGroupMappingRefresh_rsrc.xml", proxySuperuserGroupConfKey, "gr2", proxySuperuserIpConfKey, MapRConstants.DefaultCLDBIp);
        new DFSAdmin(this.config).run(new String[]{"-refreshSuperUserGroupsConfiguration"});
        try {
            ProxyUsers.authorize(userGroupInformation2, MapRConstants.DefaultCLDBIp, this.config);
            Assert.fail("second auth for " + userGroupInformation2.getShortUserName() + " should've failed ");
        } catch (AuthorizationException e3) {
            System.err.println("auth for " + userGroupInformation2.getUserName() + " failed");
        }
        try {
            ProxyUsers.authorize(userGroupInformation, MapRConstants.DefaultCLDBIp, this.config);
            System.err.println("auth for " + userGroupInformation.getUserName() + " succeeded");
        } catch (AuthorizationException e4) {
            Assert.fail("second auth for " + userGroupInformation.getShortUserName() + " should've succeeded: " + e4.getLocalizedMessage());
        }
    }

    private void addNewConfigResource(String str, String str2, String str3, String str4, String str5) throws FileNotFoundException {
        this.tempResource = new Path(new Configuration().getResource("hdfs-site.xml").getPath()).getParent().toString() + "/" + str;
        PrintWriter printWriter = new PrintWriter(new FileOutputStream(this.tempResource));
        printWriter.println("<configuration><property><name>" + str2 + "</name><value>" + str3 + "</value></property><property><name>" + str4 + "</name><value>" + str5 + "</value></property></configuration>");
        printWriter.close();
        Configuration.addDefaultResource(str);
    }
}
