package org.apache.drill.exec.server.rest.spnego;

import com.google.common.collect.Lists;
import com.typesafe.config.ConfigValueFactory;
import java.lang.reflect.Field;
import junit.framework.TestCase;
import org.apache.drill.categories.SecurityTest;
import org.apache.drill.common.config.DrillConfig;
import org.apache.drill.common.exceptions.DrillException;
import org.apache.drill.exec.rpc.security.KerberosHelper;
import org.apache.drill.exec.rpc.user.security.testing.UserAuthenticatorTestImpl;
import org.apache.drill.exec.server.rest.auth.SpnegoConfig;
import org.apache.drill.test.BaseDirTestWatcher;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.util.KerberosName;
import org.apache.hadoop.security.authentication.util.KerberosUtil;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import sun.security.krb5.Config;

@Ignore("See DRILL-5387")
@Category({SecurityTest.class})
/* loaded from: input_file:org/apache/drill/exec/server/rest/spnego/TestSpnegoConfig.class */
public class TestSpnegoConfig {
    private static KerberosHelper spnegoHelper;
    private static final String primaryName = "HTTP";
    private static final BaseDirTestWatcher dirTestWatcher = new BaseDirTestWatcher();

    @BeforeClass
    public static void setupTest() throws Exception {
        spnegoHelper = new KerberosHelper(TestSpnegoAuthentication.class.getSimpleName(), primaryName);
        spnegoHelper.setupKdc(dirTestWatcher.getTmpDir());
        Config.refresh();
        Field declaredField = KerberosName.class.getDeclaredField("defaultRealm");
        declaredField.setAccessible(true);
        declaredField.set(null, KerberosUtil.getDefaultRealm());
    }

    @AfterClass
    public static void cleanTest() throws Exception {
        spnegoHelper.stopKdc();
    }

    @Test
    public void testInvalidSpnegoConfig() throws Exception {
        try {
            new SpnegoConfig(new DrillConfig(DrillConfig.create().withValue("drill.exec.security.user.auth.enabled", ConfigValueFactory.fromAnyRef(true)).withValue("drill.exec.security.auth.mechanisms", ConfigValueFactory.fromIterable(Lists.newArrayList(new String[]{"plain"}))).withValue("drill.exec.security.user.auth.impl", ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)))).validateSpnegoConfig();
            TestCase.fail();
        } catch (Exception e) {
            Assert.assertTrue(e instanceof DrillException);
        }
    }

    @Test
    public void testSpnegoConfigOnlyKeytab() throws Exception {
        try {
            new SpnegoConfig(new DrillConfig(DrillConfig.create().withValue("drill.exec.security.user.auth.enabled", ConfigValueFactory.fromAnyRef(true)).withValue("drill.exec.security.auth.mechanisms", ConfigValueFactory.fromIterable(Lists.newArrayList(new String[]{"plain"}))).withValue("drill.exec.http.auth.spnego.keytab", ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())).withValue("drill.exec.security.user.auth.impl", ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)))).validateSpnegoConfig();
            TestCase.fail();
        } catch (Exception e) {
            Assert.assertTrue(e instanceof DrillException);
        }
    }

    @Test
    public void testSpnegoConfigOnlyPrincipal() throws Exception {
        try {
            new SpnegoConfig(new DrillConfig(DrillConfig.create().withValue("drill.exec.security.user.auth.enabled", ConfigValueFactory.fromAnyRef(true)).withValue("drill.exec.security.auth.mechanisms", ConfigValueFactory.fromIterable(Lists.newArrayList(new String[]{"plain"}))).withValue("drill.exec.http.auth.spnego.principal", ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue("drill.exec.security.user.auth.impl", ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)))).validateSpnegoConfig();
            TestCase.fail();
        } catch (Exception e) {
            Assert.assertTrue(e instanceof DrillException);
        }
    }

    @Test
    public void testValidSpnegoConfig() throws Exception {
        try {
            SpnegoConfig spnegoConfig = new SpnegoConfig(new DrillConfig(DrillConfig.create().withValue("drill.exec.security.user.auth.enabled", ConfigValueFactory.fromAnyRef(true)).withValue("drill.exec.security.auth.mechanisms", ConfigValueFactory.fromIterable(Lists.newArrayList(new String[]{"plain"}))).withValue("drill.exec.http.auth.spnego.principal", ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue("drill.exec.http.auth.spnego.keytab", ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())).withValue("drill.exec.security.user.auth.impl", ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE))));
            spnegoConfig.validateSpnegoConfig();
            UserGroupInformation loggedInUgi = spnegoConfig.getLoggedInUgi();
            Assert.assertEquals(primaryName, loggedInUgi.getShortUserName());
            Assert.assertEquals(spnegoHelper.SERVER_PRINCIPAL, loggedInUgi.getUserName());
        } catch (Exception e) {
            TestCase.fail();
        }
    }
}
