package io.confluent.kafka.secretregistry;

import java.io.File;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Properties;
import javax.security.auth.login.Configuration;
import kafka.security.minikdc.MiniKdc;
import kafka.server.KafkaConfig;
import kafka.utils.JaasTestUtils;
import kafka.utils.TestUtils;
import org.apache.kafka.common.security.auth.SecurityProtocol;
import org.apache.kafka.common.security.authenticator.LoginManager;
import org.junit.After;
import org.junit.Before;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import scala.Option;
import scala.collection.JavaConverters;
import scala.collection.immutable.List;
import scala.jdk.javaapi.CollectionConverters;

/* loaded from: input_file:io/confluent/kafka/secretregistry/SASLClusterTestHarness.class */
public class SASLClusterTestHarness extends ClusterTestHarness {
    public static final String JAAS_CONF = "java.security.auth.login.config";
    public static final String ZK_AUTH_PROVIDER = "zookeeper.authProvider.1";
    private MiniKdc kdc;
    private File kdcHome;
    private Properties kdcProps;
    private static final Logger log = LoggerFactory.getLogger(SASLClusterTestHarness.class);

    public SASLClusterTestHarness() {
        super(1);
        this.kdc = null;
        this.kdcHome = TestUtils.tempDir();
        this.kdcProps = MiniKdc.createConfig();
    }

    @Override // io.confluent.kafka.secretregistry.ClusterTestHarness
    protected SecurityProtocol getSecurityProtocol() {
        return SecurityProtocol.SASL_PLAINTEXT;
    }

    @Override // io.confluent.kafka.secretregistry.ClusterTestHarness
    @Before
    public void setUp() throws Exception {
        LoginManager.closeAll();
        File createTempFile = File.createTempFile("server-", ".keytab");
        File createTempFile2 = File.createTempFile("client-", ".keytab");
        Option apply = Option.apply(createTempFile);
        Option apply2 = Option.apply(createTempFile2);
        List list = JavaConverters.asScalaBuffer(Arrays.asList("GSSAPI")).toList();
        Option apply3 = Option.apply("GSSAPI");
        ArrayList arrayList = new ArrayList();
        arrayList.add(JaasTestUtils.kafkaServerSection(JaasTestUtils.KafkaServerContextName(), list, apply));
        arrayList.add(JaasTestUtils.kafkaClientSection(apply3, apply2));
        arrayList.addAll(CollectionConverters.asJavaCollection(JaasTestUtils.zkSections()));
        String absolutePath = JaasTestUtils.writeJaasContextsToFile(JavaConverters.asScalaBuffer(arrayList).toSeq()).getAbsolutePath();
        log.info("Using KDC home: " + this.kdcHome.getAbsolutePath());
        this.kdc = new MiniKdc(this.kdcProps, this.kdcHome);
        this.kdc.start();
        createPrincipal(createTempFile, "kafka/localhost");
        createPrincipal(createTempFile2, "client");
        createPrincipal(createTempFile2, "client2");
        Configuration.setConfiguration((Configuration) null);
        System.setProperty(JAAS_CONF, absolutePath);
        System.setProperty(ZK_AUTH_PROVIDER, "org.apache.zookeeper.server.auth.SASLAuthenticationProvider");
        super.setUp();
    }

    private void createPrincipal(File file, String str) throws Exception {
        this.kdc.createPrincipal(file, JavaConverters.asScalaBuffer(Arrays.asList(str)).toList());
    }

    @Override // io.confluent.kafka.secretregistry.ClusterTestHarness
    protected KafkaConfig getKafkaConfig(int i) {
        Option apply = Option.apply((Object) null);
        Properties createBrokerConfig = TestUtils.createBrokerConfig(i, this.zkConnect, false, false, TestUtils.RandomPort(), Option.apply(SecurityProtocol.SASL_PLAINTEXT), apply, EMPTY_SASL_PROPERTIES, false, true, TestUtils.RandomPort(), false, TestUtils.RandomPort(), false, TestUtils.RandomPort(), Option.empty(), 1, false, 1, (short) 1);
        injectProperties(createBrokerConfig);
        createBrokerConfig.setProperty("sasl.mechanism.inter.broker.protocol", "GSSAPI");
        createBrokerConfig.setProperty("sasl.enabled.mechanisms", "GSSAPI");
        return KafkaConfig.fromProps(createBrokerConfig);
    }

    @Override // io.confluent.kafka.secretregistry.ClusterTestHarness
    @After
    public void tearDown() throws Exception {
        if (this.kdc != null) {
            this.kdc.stop();
        }
        LoginManager.closeAll();
        System.clearProperty(JAAS_CONF);
        System.clearProperty(ZK_AUTH_PROVIDER);
        Configuration.setConfiguration((Configuration) null);
        super.tearDown();
    }
}
