package io.confluent.kafka.test.utils;

import java.io.File;
import javax.security.auth.login.Configuration;
import kafka.admin.ConfigCommand;
import kafka.security.auth.Authorizer;
import kafka.security.auth.Operation;
import kafka.security.auth.Resource;
import org.apache.kafka.common.resource.PatternType;
import org.apache.kafka.common.security.auth.KafkaPrincipal;
import org.apache.kafka.common.security.authenticator.LoginManager;
import org.apache.kafka.test.TestUtils;
import scala.collection.JavaConversions;

/* loaded from: input_file:io/confluent/kafka/test/utils/SecurityTestUtils.class */
public class SecurityTestUtils {
    public static String createScramUser(String str, String str2, String str3) {
        ConfigCommand.main(new String[]{"--zookeeper", str, "--alter", "--add-config", String.format("SCRAM-SHA-256=[iterations=4096,password=%s]", str3), "--entity-type", "users", "--entity-name", str2});
        return str3;
    }

    public static String scramSaslJaasConfig(String str, String str2) {
        return "org.apache.kafka.common.security.scram.ScramLoginModule required\nusername=\"" + str + "\"\npassword=\"" + str2 + "\";\n";
    }

    public static String gssapiSaslJaasConfig(File file, String str, String str2) {
        StringBuilder sb = new StringBuilder();
        sb.append("com.sun.security.auth.module.Krb5LoginModule required\n");
        sb.append("debug=true\n");
        if (str2 != null) {
            sb.append("serviceName=\"");
            sb.append(str2);
            sb.append("\"\n");
        }
        sb.append("keyTab=\"" + file.getAbsolutePath() + "\"\n");
        sb.append("principal=\"");
        sb.append(str);
        sb.append("\"\n");
        sb.append("storeKey=\"true\"\n");
        sb.append("useKeyTab=\"true\";\n");
        return sb.toString();
    }

    public static void clearSecurityConfigs() {
        System.getProperties().stringPropertyNames().stream().filter(str -> {
            return str.startsWith("java.security.krb5");
        }).forEach(System::clearProperty);
        LoginManager.closeAll();
        Configuration.setConfiguration((Configuration) null);
    }

    public static String[] clusterAclArgs(String str, KafkaPrincipal kafkaPrincipal, String str2) {
        return new String[]{"--authorizer-properties", "zookeeper.connect=" + str, "--add", "--cluster", "--operation=" + str2, "--allow-principal=" + kafkaPrincipal};
    }

    public static String[] topicBrokerReadAclArgs(String str, KafkaPrincipal kafkaPrincipal) {
        return new String[]{"--authorizer-properties", "zookeeper.connect=" + str, "--add", "--topic=*", "--operation=Read", "--allow-principal=" + kafkaPrincipal};
    }

    public static String[] produceAclArgs(String str, KafkaPrincipal kafkaPrincipal, String str2, PatternType patternType) {
        return new String[]{"--authorizer-properties", "zookeeper.connect=" + str, "--add", "--resource-pattern-type=" + patternType.name(), "--topic=" + str2, "--producer", "--allow-principal=" + kafkaPrincipal};
    }

    public static String[] consumeAclArgs(String str, KafkaPrincipal kafkaPrincipal, String str2, String str3, PatternType patternType) {
        return new String[]{"--authorizer-properties", "zookeeper.connect=" + str, "--add", "--resource-pattern-type=" + patternType.name(), "--topic=" + str2, "--group=" + str3, "--consumer", "--allow-principal=" + kafkaPrincipal};
    }

    public static String[] addConsumerGroupAclArgs(String str, KafkaPrincipal kafkaPrincipal, String str2, Operation operation, PatternType patternType) {
        return new String[]{"--authorizer-properties", "zookeeper.connect=" + str, "--add", "--resource-pattern-type=" + patternType.name(), "--group=" + str2, "--operation=" + operation.name(), "--allow-principal=" + kafkaPrincipal};
    }

    public static String[] addTopicAclArgs(String str, KafkaPrincipal kafkaPrincipal, String str2, Operation operation, PatternType patternType) {
        return new String[]{"--authorizer-properties", "zookeeper.connect=" + str, "--add", "--resource-pattern-type=" + patternType.name(), "--topic=" + str2, "--operation=" + operation.name(), "--allow-principal=" + kafkaPrincipal};
    }

    public static String[] deleteTopicAclArgs(String str, KafkaPrincipal kafkaPrincipal, String str2, String str3) {
        return new String[]{"--authorizer-properties", "zookeeper.connect=" + str, "--remove", "--force", "--topic=" + str2, "--operation=" + str3, "--allow-principal=" + kafkaPrincipal};
    }

    public static void waitForAclUpdate(Authorizer authorizer, Resource resource, Operation operation, boolean z) {
        try {
            TestUtils.waitForCondition(() -> {
                return z != JavaConversions.setAsJavaSet(authorizer.getAcls(resource)).stream().anyMatch(acl -> {
                    return acl.operation().equals(operation);
                });
            }, "ACLs not updated");
        } catch (InterruptedException e) {
            throw new RuntimeException("Wait was interrupted", e);
        }
    }
}
