package io.confluent.rbacapi.utils;

import io.confluent.security.test.utils.RbacClusters;
import java.io.File;
import java.io.IOException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.kafka.common.config.ConfigException;

/* loaded from: input_file:io/confluent/rbacapi/utils/KafkaConfigSetupHelper.class */
public class KafkaConfigSetupHelper {

    /* loaded from: input_file:io/confluent/rbacapi/utils/KafkaConfigSetupHelper$TokenPemFiles.class */
    public static class TokenPemFiles {
        public final String tokenKeyPair;
        public final String tokenPublicKey;

        public TokenPemFiles(String str, String str2) {
            this.tokenPublicKey = str2;
            this.tokenKeyPair = str;
        }
    }

    public static RbacClusters.Config justLDAP(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("confluent.metadata.server.listeners", MdsConfigUtil.DEFAULT_HTTP_LISTENER);
        hashMap.put("confluent.metadata.server.advertised.listeners", MdsConfigUtil.DEFAULT_HTTP_ADVERTISED_LISTENER);
        hashMap.put("authorizer.class.name", "io.confluent.kafka.security.authorizer.ConfluentServerAuthorizer");
        hashMap.put("confluent.metadata.server.authentication.method", "BASIC");
        hashMap.put("confluent.metadata.server.authentication.roles", "**");
        hashMap.put("ldap.java.naming.provider.url", "ldap://localhost:8389/dc=example,dc=com");
        hashMap.put("ldap.refresh.interval.ms", "50");
        hashMap.put("ldap.java.naming.security.principal", "uid=admin,ou=system");
        hashMap.put("ldap.java.naming.security.credentials", "secret");
        hashMap.put("ldap.java.naming.security.authentication", "simple");
        hashMap.put("ldap.group.name.attribute", "cn");
        hashMap.put("ldap.group.member.attribute.pattern", "uid=(.*),ou=users,dc=example,dc=com");
        hashMap.put("confluent.metadata.server.token.auth.enable", "false");
        RbacClusters.Config users = new RbacClusters.Config().users(str, Collections.emptyList());
        applyProperties(hashMap, users);
        return users;
    }

    public static RbacClusters.Config ldapWithTokens(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("confluent.metadata.server.listeners", MdsConfigUtil.DEFAULT_HTTP_LISTENER);
        hashMap.put("confluent.metadata.server.advertised.listeners", MdsConfigUtil.DEFAULT_HTTP_ADVERTISED_LISTENER);
        hashMap.put("authorizer.class.name", "io.confluent.kafka.security.authorizer.ConfluentServerAuthorizer");
        hashMap.put("confluent.metadata.server.authentication.method", "BASIC");
        hashMap.put("confluent.metadata.server.authentication.roles", "**");
        hashMap.put("ldap.java.naming.provider.url", "ldap://localhost:8389/dc=example,dc=com");
        hashMap.put("ldap.refresh.interval.ms", "50");
        hashMap.put("ldap.java.naming.security.principal", "uid=admin,ou=system");
        hashMap.put("ldap.java.naming.security.credentials", "secret");
        hashMap.put("ldap.java.naming.security.authentication", "simple");
        hashMap.put("ldap.group.name.attribute", "cn");
        hashMap.put("ldap.group.member.attribute.pattern", "uid=(.*),ou=users,dc=example,dc=com");
        hashMap.put("confluent.metadata.server.token.auth.enable", "true");
        TokenPemFiles createTokenPemFiles = createTokenPemFiles();
        hashMap.put("confluent.metadata.server.token.key.path", createTokenPemFiles.tokenKeyPair);
        hashMap.put("confluent.metadata.server.public.key.path", createTokenPemFiles.tokenPublicKey);
        RbacClusters.Config users = new RbacClusters.Config().users(str, Collections.emptyList());
        applyProperties(hashMap, users);
        users.withTokenLogin(createTokenPemFiles.tokenPublicKey);
        return users;
    }

    private static void applyProperties(Map<String, String> map, RbacClusters.Config config) {
        for (Map.Entry<String, String> entry : map.entrySet()) {
            config.overrideMetadataBrokerConfig(entry.getKey(), entry.getValue());
        }
    }

    public static TokenPemFiles createTokenPemFiles() {
        try {
            File createTempFile = File.createTempFile("integTest-token-public", ".pem");
            createTempFile.deleteOnExit();
            File createTempFile2 = File.createTempFile("integTest-token-keypair", ".pem");
            createTempFile2.deleteOnExit();
            JwtTestHelper.generateKeyPair(createTempFile2.toPath());
            JwtTestHelper.writeKeys(createTempFile2.toPath(), createTempFile.toPath());
            return new TokenPemFiles(createTempFile2.getPath(), createTempFile.getPath());
        } catch (IOException e) {
            throw new ConfigException("Failed to generate required pem file", e);
        }
    }
}
