package org.apache.hadoop.security.authentication.util;

import java.io.File;
import java.io.IOException;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Locale;
import java.util.regex.Pattern;
import org.apache.commons.codec.binary.Base64;
import org.apache.directory.server.kerberos.shared.keytab.Keytab;
import org.apache.directory.server.kerberos.shared.keytab.KeytabEntry;
import org.apache.directory.shared.kerberos.KerberosTime;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.apache.directory.shared.kerberos.components.EncryptionKey;
import org.junit.After;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/hadoop/security/authentication/util/TestKerberosUtil.class */
public class TestKerberosUtil {
    static String testKeytab = "test.keytab";
    static String[] testPrincipals = {"HTTP@testRealm", "test/testhost@testRealm", "HTTP/testhost@testRealm", "HTTP1/testhost@testRealm", "HTTP/testhostanother@testRealm"};

    @After
    public void deleteKeytab() {
        File file = new File(testKeytab);
        if (file.exists()) {
            file.delete();
        }
    }

    @Test
    public void testGetServerPrincipal() throws IOException, UnknownHostException {
        String localHostName = KerberosUtil.getLocalHostName();
        String defaultRealmProtected = KerberosUtil.getDefaultRealmProtected();
        String str = (defaultRealmProtected == null || defaultRealmProtected.equals("")) ? "" : "@" + defaultRealmProtected;
        Assert.assertEquals("testGetServerPrincipal assumes localhost realm is default", KerberosUtil.getDomainRealm("TestKerberosUtil/" + localHostName.toLowerCase(Locale.ENGLISH)), defaultRealmProtected);
        Assert.assertEquals("testGetServerPrincipal assumes realm of testHost 'FooBar' is default", KerberosUtil.getDomainRealm("TestKerberosUtil/" + "FooBar".toLowerCase(Locale.ENGLISH)), defaultRealmProtected);
        Assert.assertEquals("When no hostname is sent", "TestKerberosUtil/" + localHostName.toLowerCase(Locale.ENGLISH) + str, KerberosUtil.getServicePrincipal("TestKerberosUtil", (String) null));
        Assert.assertEquals("When empty hostname is sent", "TestKerberosUtil/" + localHostName.toLowerCase(Locale.ENGLISH) + str, KerberosUtil.getServicePrincipal("TestKerberosUtil", ""));
        Assert.assertEquals("When 0.0.0.0 hostname is sent", "TestKerberosUtil/" + localHostName.toLowerCase(Locale.ENGLISH) + str, KerberosUtil.getServicePrincipal("TestKerberosUtil", "0.0.0.0"));
        Assert.assertEquals("When uppercase hostname is sent", "TestKerberosUtil/" + "FooBar".toLowerCase(Locale.ENGLISH) + str, KerberosUtil.getServicePrincipal("TestKerberosUtil", "FooBar"));
        Assert.assertEquals("When lowercase hostname is sent", "TestKerberosUtil/" + "FooBar".toLowerCase(Locale.ENGLISH) + str, KerberosUtil.getServicePrincipal("TestKerberosUtil", "FooBar".toLowerCase(Locale.ENGLISH)));
    }

    @Test
    public void testGetPrincipalNamesMissingKeytab() {
        try {
            KerberosUtil.getPrincipalNames(testKeytab);
            Assert.fail("Exception should have been thrown");
        } catch (IOException e) {
        }
    }

    @Test
    public void testGetPrincipalNamesMissingPattern() throws IOException {
        createKeyTab(testKeytab, new String[]{"test/testhost@testRealm"});
        try {
            KerberosUtil.getPrincipalNames(testKeytab, (Pattern) null);
            Assert.fail("Exception should have been thrown");
        } catch (Exception e) {
        }
    }

    @Test
    public void testGetPrincipalNamesFromKeytab() throws IOException {
        createKeyTab(testKeytab, testPrincipals);
        String[] principalNames = KerberosUtil.getPrincipalNames(testKeytab);
        Assert.assertNotNull("principals cannot be null", principalNames);
        int i = 0;
        List asList = Arrays.asList(principalNames);
        for (String str : testPrincipals) {
            Assert.assertTrue("missing principal " + str, asList.contains(str));
            i++;
        }
        Assert.assertEquals(i, principalNames.length);
    }

    @Test
    public void testGetPrincipalNamesFromKeytabWithPattern() throws IOException {
        createKeyTab(testKeytab, testPrincipals);
        Pattern compile = Pattern.compile("HTTP/.*");
        String[] principalNames = KerberosUtil.getPrincipalNames(testKeytab, compile);
        Assert.assertNotNull("principals cannot be null", principalNames);
        int i = 0;
        List asList = Arrays.asList(principalNames);
        for (String str : testPrincipals) {
            if (compile.matcher(str).matches()) {
                Assert.assertTrue("missing principal " + str, asList.contains(str));
                i++;
            }
        }
        Assert.assertEquals(i, principalNames.length);
    }

    private void createKeyTab(String str, String[] strArr) throws IOException {
        ArrayList arrayList = new ArrayList();
        for (String str2 : strArr) {
            for (int i = 1; i <= 3; i++) {
                arrayList.add(new KeytabEntry(str2, 1L, new KerberosTime(), (byte) 1, new EncryptionKey(EncryptionType.UNKNOWN, "samplekey1".getBytes(), i)));
            }
        }
        Keytab keytab = Keytab.getInstance();
        keytab.setEntries(arrayList);
        keytab.write(new File(testKeytab));
    }

    @Test
    public void testServicePrincipalDecode() throws Exception {
        Assert.assertEquals("HTTP/localhost@EXAMPLE.COM", getPrincipal("YIIB2AYJKoZIhvcSAQICAQBuggHHMIIBw6ADAgEFoQMCAQ6iBwMFACAAAACjgethgegwgeWgAwIBBaENGwtFWEFNUExFLkNPTaIcMBqgAwIBAKETMBEbBEhUVFAbCWxvY2FsaG9zdKOBsDCBraADAgERoQMCAQGigaAEgZ23QsT1+16T23niJI1uFRU0FN13hhPSLAl4+oAqpV5s1Z6E+G2VKGx2+rUF21utOdlwUK/J5CKFHxM4zfNsmzRFhdk5moJW6AWHuRqGJ9hrZgTxA2vOBIn/tju+n/vJVEcUvW0fDiPfjPIPFOlc7V9GlWvZFyr5NMJSFwspKJXYh/FSNpSVTecfGskjded9TZzR2tOVzgpjFvAu/DETpIG/MIG8oAMCARGigbQEgbGWnbKlV1oo7/gzT4hi/Q41ff2luDnSxADEmo6M8LC42scsYMLNgU4iLJhuf4YLb7ueh790HrbB6Kdes71/gSBiLI2/mn3BqNE43gt94dQ8VFBix4nJCsYnuORYxLJjRSJE+3ImJNsSjqafGRI0sp9w3hc4IVm8afb3Ggm6PgRIyyGNdTzK/p03v+zA01MJh3htuOgLKUOVz002pHnGzu/purZ5mOyaQT12vHxJ2T+Cwi8="));
        Assert.assertEquals("HTTP/otherhost@ABCDEFG.ORG", getPrincipal("YIIB2AYJKoZIhvcSAQICAQBuggHHMIIBw6ADAgEFoQMCAQ6iBwMFACAAAACjgethgegwgeWgAwIBBaENGwtBQkNERUZHLk9SR6IcMBqgAwIBAKETMBEbBEhUVFAbCW90aGVyaG9zdKOBsDCBraADAgERoQMCAQGigaAEgZ23QsT1+16T23niJI1uFRU0FN13hhPSLAl4+oAqpV5s1Z6E+G2VKGx2+rUF21utOdlwUK/J5CKFHxM4zfNsmzRFhdk5moJW6AWHuRqGJ9hrZgTxA2vOBIn/tju+n/vJVEcUvW0fDiPfjPIPFOlc7V9GlWvZFyr5NMJSFwspKJXYh/FSNpSVTecfGskjded9TZzR2tOVzgpjFvAu/DETpIG/MIG8oAMCARGigbQEgbGWnbKlV1oo7/gzT4hi/Q41ff2luDnSxADEmo6M8LC42scsYMLNgU4iLJhuf4YLb7ueh790HrbB6Kdes71/gSBiLI2/mn3BqNE43gt94dQ8VFBix4nJCsYnuORYxLJjRSJE+3ImJNsSjqafGRI0sp9w3hc4IVm8afb3Ggm6PgRIyyGNdTzK/p03v+zA01MJh3htuOgLKUOVz002pHnGzu/purZ5mOyaQT12vHxJ2T+Cwi8K"));
        Assert.assertEquals("HTTP/localhost@EXAMPLE.COM", getPrincipal("YIICCQYGKwYBBQUCoIIB/TCCAfmgDTALBgkqhkiG9xIBAgKhBAMCAXaiggHgBIIB3GCCAdgGCSqGSIb3EgECAgEAboIBxzCCAcOgAwIBBaEDAgEOogcDBQAgAAAAo4HrYYHoMIHloAMCAQWhDRsLRVhBTVBMRS5DT02iHDAaoAMCAQChEzARGwRIVFRQGwlsb2NhbGhvc3SjgbAwga2gAwIBEaEDAgEBooGgBIGdBWbzvV1RIqb7WuPIW3RTkFtwjU9P/oFAbujGPd8h/qkCszroNdvHhUkPntuOqhFBntMobilgTqNEdDUGvBbfkJaRklNGqT/IAOUV6tlGpBUCXquR5UdPzPpUvGZiVRUuFGH5DGGHvYF1CwXPp2l1Jq373vSLQ1kBl6TXl+aKLsZYhVUjKvE7Auippclbhv/GGGex/TcjNH48k47OQaSBvzCBvKADAgERooG0BIGxeChp3TMVtWbCdFGoYL+35r2762j+OEwZRfcj4xCK7j0mUTcxLtyVGxyY9Ax+ljl5gTwzRhXcJq0TTjiQwKJckeZ837mXQAURbfJpFc3VLAXGfNkMFCR7ZkWpGA1Vzc3PeUNczn2DLpu8sme55HFFQDi/0akW6Lwv/iCrpwIkZPyZPjaEmwLVALu4E8m0Ka3fJkPVGAhamg9OQpuREIK0pCk3ZSHhJz8qMwduzRZHc4vN"));
        Assert.assertEquals("HTTP/otherhost@ABCDEFG.ORG", getPrincipal("YIICCQYGKwYBBQUCoIIB/TCCAfmgDTALBgkqhkiG9xIBAgKhBAMCAXaiggHgBIIB3GCCAdgGCSqGSIb3EgECAgEAboIBxzCCAcOgAwIBBaEDAgEOogcDBQAgAAAAo4HrYYHoMIHloAMCAQWhDRsLQUJDREVGRy5PUkeiHDAaoAMCAQChEzARGwRIVFRQGwlvdGhlcmhvc3SjgbAwga2gAwIBEaEDAgEBooGgBIGdBWbzvV1RIqb7WuPIW3RTkFtwjU9P/oFAbujGPd8h/qkCszroNdvHhUkPntuOqhFBntMobilgTqNEdDUGvBbfkJaRklNGqT/IAOUV6tlGpBUCXquR5UdPzPpUvGZiVRUuFGH5DGGHvYF1CwXPp2l1Jq373vSLQ1kBl6TXl+aKLsZYhVUjKvE7Auippclbhv/GGGex/TcjNH48k47OQaSBvzCBvKADAgERooG0BIGxeChp3TMVtWbCdFGoYL+35r2762j+OEwZRfcj4xCK7j0mUTcxLtyVGxyY9Ax+ljl5gTwzRhXcJq0TTjiQwKJckeZ837mXQAURbfJpFc3VLAXGfNkMFCR7ZkWpGA1Vzc3PeUNczn2DLpu8sme55HFFQDi/0akW6Lwv/iCrpwIkZPyZPjaEmwLVALu4E8m0Ka3fJkPVGAhamg9OQpuREIK0pCk3ZSHhJz8qMwduzRZHc4vNCg=="));
    }

    private static String getPrincipal(String str) {
        return KerberosUtil.getTokenServerName(Base64.decodeBase64(str));
    }
}
