package org.apache.impala.customcluster;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import java.io.File;
import java.io.IOException;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.client.KrbClient;
import org.apache.kerby.kerberos.kerb.server.SimpleKdcServer;
import org.apache.log4j.Logger;
import org.junit.rules.ExternalResource;
import org.junit.rules.TemporaryFolder;

/* loaded from: input_file:org/apache/impala/customcluster/KerberosKdcEnvironment.class */
class KerberosKdcEnvironment extends ExternalResource {
    private final Logger LOG = Logger.getLogger(KerberosKdcEnvironment.class);
    private static final String realm = "myorg.com";
    private static final String servicePrincipal = String.format("impala/localhost@%s", realm);
    private final TemporaryFolder testFolder;
    private SimpleKdcServer kerbyServer;

    public KerberosKdcEnvironment(TemporaryFolder temporaryFolder) {
        this.testFolder = temporaryFolder;
    }

    protected void before() throws Throwable {
        this.testFolder.create();
        this.kerbyServer = new SimpleKdcServer();
        this.kerbyServer.setKdcRealm(realm);
        this.kerbyServer.setAllowUdp(false);
        this.kerbyServer.setWorkDir(this.testFolder.getRoot());
        this.kerbyServer.init();
        this.kerbyServer.createPrincipal(servicePrincipal, "password");
        this.kerbyServer.exportPrincipal(servicePrincipal, new File(getServiceKeytabFilePath()));
        this.kerbyServer.start();
    }

    protected void after() {
        try {
            this.kerbyServer.stop();
        } catch (KrbException e) {
            this.LOG.error("An exception received while stopping KDC server", e);
        }
    }

    public String getServicePrincipal() {
        return servicePrincipal;
    }

    public String getServicePrincipal(String str, String str2) {
        return String.format("%s/%s@%s", str, str2, realm);
    }

    public String getServiceKeytabFilePath() throws IOException {
        return new File(this.kerbyServer.getWorkDir().getCanonicalPath() + "/impala.keytab").getCanonicalPath();
    }

    public String getKeytabFilePathWithServicePrincipal(String str, String str2) throws IOException, KrbException {
        String servicePrincipal2 = getServicePrincipal(str, str2);
        File file = new File(this.kerbyServer.getWorkDir().getCanonicalPath() + "/" + String.format("%s.%s.keytab", str, str2));
        this.kerbyServer.createPrincipal(servicePrincipal2, "password");
        this.kerbyServer.exportPrincipal(servicePrincipal2, file);
        return file.getCanonicalPath();
    }

    public String getKrb5ConfigPath() throws IOException {
        return this.kerbyServer.getWorkDir().getCanonicalPath() + "/krb5.conf";
    }

    public String getUserPrincipal(String str) {
        return String.format("%s@%s", str, realm);
    }

    public String createUserPrincipalAndCredentialsCache(String str) throws KrbException, IOException {
        String userPrincipal = getUserPrincipal(str);
        deleteUserPrincipalIfExists(userPrincipal);
        this.kerbyServer.createPrincipal(userPrincipal, "password");
        File newFile = this.testFolder.newFile();
        KrbClient krbClient = new KrbClient(this.kerbyServer.getWorkDir());
        krbClient.init();
        krbClient.storeTicket(krbClient.requestTgt(str, "password"), newFile);
        return newFile.getCanonicalPath();
    }

    private void deleteUserPrincipalIfExists(String str) throws KrbException {
        if (this.kerbyServer.getIdentityService().getIdentity(str) != null) {
            this.kerbyServer.deletePrincipal(str);
        }
    }

    public Map<String, String> getKerberosAuthFlags() throws IOException {
        return ImmutableMap.of("principal", getServicePrincipal(), "keytab_file", getServiceKeytabFilePath());
    }

    public Map<String, String> getKerberosAuthFlagsWithCustomServicePrincipal(String str, String str2) throws IOException, KrbException {
        return ImmutableMap.of("principal", getServicePrincipal(str, str2), "keytab_file", getKeytabFilePathWithServicePrincipal(str, str2), "skip_internal_kerberos_auth", "true");
    }

    private Map<String, String> getClusterEnv() throws IOException {
        String krb5ConfigPath = getKrb5ConfigPath();
        return ImmutableMap.of("KRB5_CONFIG", krb5ConfigPath, "KRB5_KDC_PROFILE", krb5ConfigPath);
    }

    private String overrideKrbCcNameFlag(String str) throws IOException {
        return String.format("%s --krb5_ccname=%s", str, this.testFolder.newFile().getCanonicalPath());
    }

    public int startImpalaClusterWithArgs(String str) throws IOException, InterruptedException {
        return CustomClusterRunner.StartImpalaCluster(overrideKrbCcNameFlag(str), overrideKrbCcNameFlag(str), overrideKrbCcNameFlag(str), getClusterEnv(), "--cluster_size=1");
    }

    public String[] getImpalaShellEnv(String str) throws IOException {
        List list = (List) System.getenv().entrySet().stream().map(entry -> {
            return String.format("%s=%s", entry.getKey(), entry.getValue());
        }).collect(Collectors.toList());
        String krb5ConfigPath = getKrb5ConfigPath();
        list.addAll(ImmutableList.of(String.format("KRB5_CONFIG=%s", krb5ConfigPath), String.format("KRB5_KDC_PROFILE=%s", krb5ConfigPath), String.format("KRB5CCNAME=FILE:%s", str)));
        return (String[]) list.toArray(new String[0]);
    }
}
