package org.apache.hadoop.registry.secure;

import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import org.apache.hadoop.registry.client.api.RegistryConstants;
import org.apache.hadoop.registry.client.impl.zk.CuratorService;
import org.apache.hadoop.registry.client.impl.zk.RegistrySecurity;
import org.apache.hadoop.registry.client.impl.zk.ZookeeperConfigOptions;
import org.apache.hadoop.service.ServiceOperations;
import org.apache.zookeeper.CreateMode;
import org.apache.zookeeper.Login;
import org.apache.zookeeper.server.auth.SaslServerCallbackHandler;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX WARN: Classes with same name are omitted:
  input_file:hadoop-yarn-registry-2.7.0-mapr-1803-r1-tests.jar:org/apache/hadoop/registry/secure/TestSecureRegistry.class
 */
/* loaded from: input_file:test-classes/org/apache/hadoop/registry/secure/TestSecureRegistry.class */
public class TestSecureRegistry extends AbstractSecureRegistryTest {
    private static final Logger LOG = LoggerFactory.getLogger(TestSecureRegistry.class);

    @Before
    public void beforeTestSecureZKService() throws Throwable {
        enableKerberosDebugging();
    }

    @After
    public void afterTestSecureZKService() throws Throwable {
        disableKerberosDebugging();
        RegistrySecurity.clearZKSaslClientProperties();
    }

    @Test
    public void testLowlevelZKSaslLogin() throws Throwable {
        RegistrySecurity.bindZKToServerJAASContext(AbstractSecureRegistryTest.ZOOKEEPER_SERVER_CONTEXT);
        String property = System.getProperty(ZookeeperConfigOptions.PROP_ZK_SERVER_SASL_CONTEXT, "Server");
        assertEquals(AbstractSecureRegistryTest.ZOOKEEPER_SERVER_CONTEXT, property);
        assertNotNull("null entries", Configuration.getConfiguration().getAppConfigurationEntry(property));
        Login login = new Login(property, new SaslServerCallbackHandler(Configuration.getConfiguration()));
        try {
            login.startThreadIfNeeded();
            login.shutdown();
        } catch (Throwable th) {
            login.shutdown();
            throw th;
        }
    }

    @Test
    public void testCreateSecureZK() throws Throwable {
        startSecureZK();
        this.secureZK.stop();
    }

    @Test
    public void testInsecureClientToZK() throws Throwable {
        startSecureZK();
        userZookeeperToCreateRoot();
        RegistrySecurity.clearZKSaslClientProperties();
        CuratorService startCuratorServiceInstance = startCuratorServiceInstance("insecure client", false);
        startCuratorServiceInstance.zkList("/");
        startCuratorServiceInstance.zkMkPath("", CreateMode.PERSISTENT, false, RegistrySecurity.WorldReadWriteACL);
    }

    @Test
    public void testZookeeperCanWrite() throws Throwable {
        System.setProperty("curator-log-events", ZookeeperConfigOptions.DEFAULT_ZK_ENABLE_SASL_CLIENT);
        startSecureZK();
        CuratorService curatorService = null;
        LoginContext login = login(AbstractSecureRegistryTest.ZOOKEEPER_LOCALHOST, "zookeeper", keytab_zk);
        try {
            logLoginDetails("zookeeper", login);
            RegistrySecurity.setZKSaslClientProperties("zookeeper", "zookeeper");
            curatorService = startCuratorServiceInstance("ZK", true);
            LOG.info(curatorService.toString());
            addToTeardown(curatorService);
            curatorService.zkMkPath("/", CreateMode.PERSISTENT, false, RegistrySecurity.WorldReadWriteACL);
            curatorService.zkList("/");
            curatorService.zkMkPath("/zookeeper", CreateMode.PERSISTENT, false, RegistrySecurity.WorldReadWriteACL);
            logout(login);
            ServiceOperations.stop(curatorService);
        } catch (Throwable th) {
            logout(login);
            ServiceOperations.stop(curatorService);
            throw th;
        }
    }

    protected CuratorService startCuratorServiceInstance(String str, boolean z) {
        org.apache.hadoop.conf.Configuration configuration = new org.apache.hadoop.conf.Configuration();
        configuration.set(RegistryConstants.KEY_REGISTRY_ZK_ROOT, "/");
        configuration.setBoolean(RegistryConstants.KEY_REGISTRY_SECURE, z);
        describe(LOG, "Starting Curator service", new Object[0]);
        CuratorService curatorService = new CuratorService(str, this.secureZK);
        curatorService.init(configuration);
        curatorService.start();
        LOG.info("Curator Binding {}", curatorService.bindingDiagnosticDetails());
        return curatorService;
    }

    public void userZookeeperToCreateRoot() throws Throwable {
        System.setProperty("curator-log-events", ZookeeperConfigOptions.DEFAULT_ZK_ENABLE_SASL_CLIENT);
        CuratorService curatorService = null;
        LoginContext login = login(AbstractSecureRegistryTest.ZOOKEEPER_LOCALHOST, "zookeeper", keytab_zk);
        try {
            logLoginDetails("zookeeper", login);
            RegistrySecurity.setZKSaslClientProperties("zookeeper", "zookeeper");
            curatorService = startCuratorServiceInstance("ZK", true);
            LOG.info(curatorService.toString());
            addToTeardown(curatorService);
            curatorService.zkMkPath("/", CreateMode.PERSISTENT, false, RegistrySecurity.WorldReadWriteACL);
            LOG.info(curatorService.dumpPath(true).toString());
            logout(login);
            ServiceOperations.stop(curatorService);
        } catch (Throwable th) {
            logout(login);
            ServiceOperations.stop(curatorService);
            throw th;
        }
    }
}
