package org.apache.bookkeeper.bookie;

import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.util.List;
import javax.security.auth.login.Configuration;
import org.apache.bookkeeper.client.BookKeeper;
import org.apache.bookkeeper.client.LedgerHandle;
import org.apache.bookkeeper.conf.ClientConfiguration;
import org.apache.bookkeeper.test.BookKeeperClusterTestCase;
import org.apache.bookkeeper.zookeeper.ZooKeeperClient;
import org.apache.zookeeper.KeeperException;
import org.apache.zookeeper.Watcher;
import org.apache.zookeeper.ZooKeeper;
import org.apache.zookeeper.data.ACL;
import org.apache.zookeeper.data.Stat;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/bookkeeper/bookie/EnableZkSecurityBasicTest.class */
public class EnableZkSecurityBasicTest extends BookKeeperClusterTestCase {
    public EnableZkSecurityBasicTest() {
        super(0);
        this.baseClientConf.setZkEnableSecurity(true);
        this.baseConf.setZkEnableSecurity(true);
    }

    @BeforeClass
    public static void setupJAAS() throws IOException {
        System.setProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider");
        File file = new File(new File("target").getAbsoluteFile(), "jaas.conf");
        Files.write(file.toPath(), "Server {\n       org.apache.zookeeper.server.auth.DigestLoginModule required\n       user_foo=\"bar\";\n};\n\nClient {\n       org.apache.zookeeper.server.auth.DigestLoginModule required\n       username=\"foo\"\n       password=\"bar\";\n};".getBytes(StandardCharsets.UTF_8), new OpenOption[0]);
        System.setProperty("java.security.auth.login.config", file.getAbsolutePath());
        Configuration.getConfiguration().refresh();
    }

    @AfterClass
    public static void cleanUpJAAS() {
        System.clearProperty("java.security.auth.login.config");
        Configuration.getConfiguration().refresh();
        System.clearProperty("zookeeper.authProvider.1");
    }

    @Test
    public void testCreateLedgerAddEntryOnSecureZooKeepeer() throws Exception {
        startNewBookie();
        ClientConfiguration clientConfiguration = new ClientConfiguration();
        clientConfiguration.setMetadataServiceUri(this.zkUtil.getMetadataServiceUri());
        clientConfiguration.setZkTimeout(20000);
        clientConfiguration.setZkEnableSecurity(true);
        BookKeeper bookKeeper = new BookKeeper(clientConfiguration);
        Throwable th = null;
        try {
            LedgerHandle createLedger = bookKeeper.createLedger(1, 1, 1, BookKeeper.DigestType.CRC32, "testPasswd".getBytes());
            Throwable th2 = null;
            try {
                createLedger.addEntry("foo".getBytes(StandardCharsets.UTF_8));
                if (createLedger != null) {
                    if (0 != 0) {
                        try {
                            createLedger.close();
                        } catch (Throwable th3) {
                            th2.addSuppressed(th3);
                        }
                    } else {
                        createLedger.close();
                    }
                }
                checkAllAcls();
            } catch (Throwable th4) {
                if (createLedger != null) {
                    if (0 != 0) {
                        try {
                            createLedger.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        createLedger.close();
                    }
                }
                throw th4;
            }
        } finally {
            if (bookKeeper != null) {
                if (0 != 0) {
                    try {
                        bookKeeper.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    bookKeeper.close();
                }
            }
        }
    }

    private void checkAllAcls() throws IOException, InterruptedException, KeeperException {
        ZooKeeperClient build = ZooKeeperClient.newBuilder().connectString(this.zkUtil.getZooKeeperConnectString()).sessionTimeoutMs(20000).build();
        checkACls(build, "/");
        build.close();
    }

    private void checkACls(ZooKeeper zooKeeper, String str) throws KeeperException, InterruptedException {
        for (String str2 : zooKeeper.getChildren(str, (Watcher) null)) {
            if (!str2.equals("readonly")) {
                String str3 = str.equals("/") ? str + str2 : str + "/" + str2;
                List acl = zooKeeper.getACL(str3, new Stat());
                checkACls(zooKeeper, str3);
                if (!str3.startsWith("/zookeeper") && !str3.equals("/ledgers") && !str3.equals("/ledgers/available")) {
                    Assert.assertEquals(1L, acl.size());
                    Assert.assertEquals(31L, ((ACL) acl.get(0)).getPerms());
                    Assert.assertEquals(31L, ((ACL) acl.get(0)).getPerms());
                    Assert.assertEquals("unexpected ACLS on " + str3 + ": " + acl.get(0), "foo", ((ACL) acl.get(0)).getId().getId());
                    Assert.assertEquals("unexpected ACLS on " + str3 + ": " + acl.get(0), "sasl", ((ACL) acl.get(0)).getId().getScheme());
                }
            }
        }
    }
}
