package org.apache.drill.exec.rpc.security;

import java.io.File;
import java.io.IOException;
import java.net.ServerSocket;
import java.nio.file.Files;
import org.apache.drill.exec.ExecTest;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.server.SimpleKdcServer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/drill/exec/rpc/security/KerberosHelper.class */
public class KerberosHelper {
    private static final Logger logger = LoggerFactory.getLogger(KerberosHelper.class);
    public File workspace;
    private File kdcDir;
    private SimpleKdcServer kdc;
    private int kdcPort;
    private final String HOSTNAME = "localhost";
    public final String CLIENT_SHORT_NAME = "testUser";
    public final String CLIENT_PRINCIPAL = "testUser@EXAMPLE.COM";
    public String SERVER_PRINCIPAL = System.getProperty("user.name") + "/localhost@EXAMPLE.COM";
    private final String testName;
    private File keytabDir;
    public File clientKeytab;
    public File serverKeytab;
    private boolean kdcStarted;

    public KerberosHelper(String str) {
        this.testName = str;
    }

    public void setupKdc() throws Exception {
        this.kdc = new SimpleKdcServer();
        this.workspace = new File(ExecTest.getTempDir("kerberos_target"));
        this.kdcDir = new File(this.workspace, this.testName);
        if (!this.kdcDir.mkdirs()) {
            throw new Exception(String.format("Failed to create the kdc directory %s", this.kdcDir.getName()));
        }
        this.kdc.setWorkDir(this.kdcDir);
        this.kdc.setKdcHost("localhost");
        this.kdcPort = getFreePort();
        this.kdc.setAllowTcp(true);
        this.kdc.setAllowUdp(false);
        this.kdc.setKdcTcpPort(this.kdcPort);
        logger.debug("Starting KDC server at {}:{}", "localhost", Integer.valueOf(this.kdcPort));
        this.kdc.init();
        this.kdc.start();
        this.kdcStarted = true;
        this.keytabDir = new File(this.workspace, this.testName + "_keytabs");
        if (!this.keytabDir.mkdirs()) {
            throw new Exception(String.format("Failed to create the keytab directory %s", this.keytabDir.getName()));
        }
        setupUsers(this.keytabDir);
        System.clearProperty("java.security.auth.login.config");
        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
    }

    private int getFreePort() throws IOException {
        ServerSocket serverSocket = null;
        try {
            serverSocket = new ServerSocket(0);
            serverSocket.setReuseAddress(true);
            int localPort = serverSocket.getLocalPort();
            if (serverSocket != null) {
                serverSocket.close();
            }
            return localPort;
        } catch (Throwable th) {
            if (serverSocket != null) {
                serverSocket.close();
            }
            throw th;
        }
    }

    private void setupUsers(File file) throws KrbException {
        String substring = this.CLIENT_PRINCIPAL.substring(0, this.CLIENT_PRINCIPAL.indexOf(64));
        this.clientKeytab = new File(file, substring.replace('/', '_') + ".keytab");
        logger.debug("Creating {} with keytab {}", substring, this.clientKeytab);
        setupUser(this.kdc, this.clientKeytab, substring);
        this.serverKeytab = new File(file, this.SERVER_PRINCIPAL.substring(0, this.SERVER_PRINCIPAL.indexOf(64)).replace('/', '_') + ".keytab");
        logger.debug("Creating {} with keytab {}", this.SERVER_PRINCIPAL, this.serverKeytab);
        setupUser(this.kdc, this.serverKeytab, this.SERVER_PRINCIPAL);
    }

    private void setupUser(SimpleKdcServer simpleKdcServer, File file, String str) throws KrbException {
        simpleKdcServer.createPrincipal(str);
        simpleKdcServer.exportPrincipal(str, file);
    }

    public void stopKdc() throws Exception {
        if (this.kdcStarted) {
            logger.info("Stopping KDC on {}", Integer.valueOf(this.kdcPort));
            this.kdc.stop();
        }
        deleteIfExists(this.clientKeytab);
        deleteIfExists(this.serverKeytab);
        deleteIfExists(this.keytabDir);
        deleteIfExists(this.kdcDir);
        deleteIfExists(this.workspace);
    }

    private void deleteIfExists(File file) throws IOException {
        if (file != null) {
            Files.deleteIfExists(file.toPath());
        }
    }
}
