package org.apache.hadoop.ozone.container.server;

import com.google.common.collect.Maps;
import java.io.File;
import java.io.IOException;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import java.util.function.Consumer;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.RandomUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.hadoop.hdds.client.BlockID;
import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.hdds.protocol.DatanodeDetails;
import org.apache.hadoop.hdds.protocol.MockDatanodeDetails;
import org.apache.hadoop.hdds.protocol.datanode.proto.ContainerProtos;
import org.apache.hadoop.hdds.protocol.proto.HddsProtos;
import org.apache.hadoop.hdds.scm.XceiverClientGrpc;
import org.apache.hadoop.hdds.scm.XceiverClientRatis;
import org.apache.hadoop.hdds.scm.XceiverClientSpi;
import org.apache.hadoop.hdds.scm.pipeline.MockPipeline;
import org.apache.hadoop.hdds.scm.pipeline.Pipeline;
import org.apache.hadoop.hdds.scm.storage.ContainerProtocolCalls;
import org.apache.hadoop.hdds.security.token.BlockTokenVerifier;
import org.apache.hadoop.hdds.security.x509.SecurityConfig;
import org.apache.hadoop.metrics2.lib.DefaultMetricsSystem;
import org.apache.hadoop.ozone.RatisTestHelper;
import org.apache.hadoop.ozone.client.CertificateClientTestImpl;
import org.apache.hadoop.ozone.container.ContainerTestHelper;
import org.apache.hadoop.ozone.container.common.helpers.ContainerMetrics;
import org.apache.hadoop.ozone.container.common.impl.ContainerSet;
import org.apache.hadoop.ozone.container.common.impl.HddsDispatcher;
import org.apache.hadoop.ozone.container.common.impl.TestHddsDispatcher;
import org.apache.hadoop.ozone.container.common.interfaces.Handler;
import org.apache.hadoop.ozone.container.common.statemachine.DatanodeStateMachine;
import org.apache.hadoop.ozone.container.common.statemachine.StateContext;
import org.apache.hadoop.ozone.container.common.transport.server.XceiverServerGrpc;
import org.apache.hadoop.ozone.container.common.transport.server.XceiverServerSpi;
import org.apache.hadoop.ozone.container.common.transport.server.ratis.XceiverServerRatis;
import org.apache.hadoop.ozone.container.common.volume.MutableVolumeSet;
import org.apache.hadoop.ozone.container.ozoneimpl.ContainerController;
import org.apache.hadoop.ozone.container.replication.GrpcReplicationService;
import org.apache.hadoop.ozone.container.replication.OnDemandContainerReplicationSource;
import org.apache.hadoop.ozone.security.OzoneBlockTokenSecretManager;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.test.GenericTestUtils;
import org.apache.hadoop.test.LambdaTestUtils;
import org.apache.hadoop.util.Time;
import org.apache.ratis.rpc.RpcType;
import org.apache.ratis.rpc.SupportedRpcType;
import org.apache.ratis.thirdparty.io.grpc.BindableService;
import org.apache.ratis.util.function.CheckedBiConsumer;
import org.junit.After;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Test;
import org.mockito.Mockito;

@Ignore
/* loaded from: input_file:org/apache/hadoop/ozone/container/server/TestSecureContainerServer.class */
public class TestSecureContainerServer {
    static final String TEST_DIR = GenericTestUtils.getTestDir("dfs").getAbsolutePath() + File.separator;
    private static final OzoneConfiguration CONF = new OzoneConfiguration();
    private static CertificateClientTestImpl caClient;

    /* JADX INFO: Access modifiers changed from: package-private */
    @FunctionalInterface
    /* loaded from: input_file:org/apache/hadoop/ozone/container/server/TestSecureContainerServer$CheckedBiFunction.class */
    public interface CheckedBiFunction<LEFT, RIGHT, OUT, THROWABLE extends Throwable> {
        OUT apply(LEFT left, RIGHT right) throws Throwable;
    }

    private GrpcReplicationService createReplicationService(ContainerController containerController) {
        return new GrpcReplicationService(new OnDemandContainerReplicationSource(containerController));
    }

    @BeforeClass
    public static void setup() throws Exception {
        DefaultMetricsSystem.setMiniClusterMode(true);
        CONF.set("hdds.metadata.dir", TEST_DIR);
        CONF.setBoolean("ozone.security.enabled", true);
        CONF.setBoolean("hdds.block.token.enabled", true);
        caClient = new CertificateClientTestImpl(CONF);
    }

    @After
    public void cleanUp() {
        FileUtils.deleteQuietly(new File(CONF.get("hdds.datanode.dir")));
    }

    @Test
    public void testClientServer() throws Exception {
        DatanodeDetails randomDatanodeDetails = MockDatanodeDetails.randomDatanodeDetails();
        ContainerController containerController = new ContainerController(new ContainerSet(), (Map) null);
        HddsDispatcher createDispatcher = createDispatcher(randomDatanodeDetails, UUID.randomUUID(), CONF);
        runTestClientServer(1, (pipeline, ozoneConfiguration) -> {
            ozoneConfiguration.setInt("dfs.container.ipc", pipeline.getFirstNode().getPort(DatanodeDetails.Port.Name.STANDALONE).getValue().intValue());
        }, (v1, v2) -> {
            return new XceiverClientGrpc(v1, v2);
        }, (datanodeDetails, ozoneConfiguration2) -> {
            return new XceiverServerGrpc(randomDatanodeDetails, ozoneConfiguration2, createDispatcher, caClient, new BindableService[]{createReplicationService(containerController)});
        }, (datanodeDetails2, pipeline2) -> {
        }, pipeline3 -> {
        });
    }

    private static HddsDispatcher createDispatcher(DatanodeDetails datanodeDetails, UUID uuid, OzoneConfiguration ozoneConfiguration) throws IOException {
        ContainerSet containerSet = new ContainerSet();
        ozoneConfiguration.set("hdds.datanode.dir", Paths.get(TEST_DIR, "dfs", "data", "hdds", RandomStringUtils.randomAlphabetic(4)).toString());
        MutableVolumeSet mutableVolumeSet = new MutableVolumeSet(datanodeDetails.getUuidString(), ozoneConfiguration);
        DatanodeStateMachine datanodeStateMachine = (DatanodeStateMachine) Mockito.mock(DatanodeStateMachine.class);
        StateContext stateContext = (StateContext) Mockito.mock(StateContext.class);
        Mockito.when(datanodeStateMachine.getDatanodeDetails()).thenReturn(datanodeDetails);
        Mockito.when(stateContext.getParent()).thenReturn(datanodeStateMachine);
        ContainerMetrics create = ContainerMetrics.create(ozoneConfiguration);
        HashMap newHashMap = Maps.newHashMap();
        for (ContainerProtos.ContainerType containerType : ContainerProtos.ContainerType.values()) {
            newHashMap.put(containerType, Handler.getHandlerForContainerType(containerType, ozoneConfiguration, datanodeDetails.getUuid().toString(), containerSet, mutableVolumeSet, create, TestHddsDispatcher.NO_OP_ICR_SENDER));
        }
        HddsDispatcher hddsDispatcher = new HddsDispatcher(ozoneConfiguration, containerSet, mutableVolumeSet, newHashMap, stateContext, create, new BlockTokenVerifier(new SecurityConfig(ozoneConfiguration), caClient));
        hddsDispatcher.setScmId(uuid.toString());
        return hddsDispatcher;
    }

    @Test
    public void testClientServerRatisGrpc() throws Exception {
        runTestClientServerRatis(SupportedRpcType.GRPC, 1);
        runTestClientServerRatis(SupportedRpcType.GRPC, 3);
    }

    static XceiverServerRatis newXceiverServerRatis(DatanodeDetails datanodeDetails, OzoneConfiguration ozoneConfiguration) throws IOException {
        ozoneConfiguration.setInt("dfs.container.ratis.ipc", datanodeDetails.getPort(DatanodeDetails.Port.Name.RATIS).getValue().intValue());
        ozoneConfiguration.set("dfs.container.ratis.datanode.storage.dir", TEST_DIR + datanodeDetails.getUuid());
        return XceiverServerRatis.newXceiverServerRatis(datanodeDetails, ozoneConfiguration, createDispatcher(datanodeDetails, UUID.randomUUID(), ozoneConfiguration), new ContainerController(new ContainerSet(), Maps.newHashMap()), caClient, (StateContext) null);
    }

    static void runTestClientServerRatis(RpcType rpcType, int i) throws Exception {
        runTestClientServer(i, (pipeline, ozoneConfiguration) -> {
            RatisTestHelper.initRatisConf(rpcType, ozoneConfiguration);
        }, (v0, v1) -> {
            return XceiverClientRatis.newXceiverClientRatis(v0, v1);
        }, TestSecureContainerServer::newXceiverServerRatis, (datanodeDetails, pipeline2) -> {
            RatisTestHelper.initXceiverServerRatis(rpcType, datanodeDetails, pipeline2);
        }, pipeline3 -> {
        });
    }

    static void runTestClientServer(int i, CheckedBiConsumer<Pipeline, OzoneConfiguration, IOException> checkedBiConsumer, CheckedBiFunction<Pipeline, OzoneConfiguration, XceiverClientSpi, IOException> checkedBiFunction, CheckedBiFunction<DatanodeDetails, OzoneConfiguration, XceiverServerSpi, IOException> checkedBiFunction2, CheckedBiConsumer<DatanodeDetails, Pipeline, IOException> checkedBiConsumer2, Consumer<Pipeline> consumer) throws Exception {
        ArrayList arrayList = new ArrayList();
        XceiverClientSpi xceiverClientSpi = null;
        Pipeline createPipeline = MockPipeline.createPipeline(i);
        try {
            checkedBiConsumer.accept(createPipeline, CONF);
            for (DatanodeDetails datanodeDetails : createPipeline.getNodes()) {
                XceiverServerSpi apply = checkedBiFunction2.apply(datanodeDetails, CONF);
                arrayList.add(apply);
                apply.start();
                checkedBiConsumer2.accept(datanodeDetails, createPipeline);
            }
            xceiverClientSpi = checkedBiFunction.apply(createPipeline, CONF);
            xceiverClientSpi.connect();
            long testContainerID = ContainerTestHelper.getTestContainerID();
            BlockID testBlockID = ContainerTestHelper.getTestBlockID(testContainerID);
            ContainerProtocolCalls.createContainer(xceiverClientSpi, testContainerID, (String) null);
            ContainerProtos.ContainerCommandRequestProto putBlockRequest = ContainerTestHelper.getPutBlockRequest(createPipeline, (String) null, ContainerTestHelper.getWriteChunkRequest(createPipeline, testBlockID, 1024, (String) null).getWriteChunk());
            Assert.assertNotNull(putBlockRequest.getTraceID());
            if (xceiverClientSpi instanceof XceiverClientGrpc) {
                ContainerProtos.ContainerCommandResponseProto sendCommand = xceiverClientSpi.sendCommand(putBlockRequest);
                Assert.assertNotEquals(sendCommand.getResult(), ContainerProtos.Result.SUCCESS);
                String message = sendCommand.getMessage();
                Assert.assertTrue(message, message.contains("Block token verification failed"));
            } else {
                String message2 = ExceptionUtils.getRootCause((IOException) LambdaTestUtils.intercept(IOException.class, () -> {
                    return xceiverClientSpi.sendCommand(putBlockRequest);
                })).getMessage();
                Assert.assertTrue(message2, message2.contains("Block token verification failed"));
            }
            OzoneBlockTokenSecretManager ozoneBlockTokenSecretManager = new OzoneBlockTokenSecretManager(new SecurityConfig(CONF), Time.monotonicNow() + 86400, caClient.getCertificate().getSerialNumber().toString());
            ozoneBlockTokenSecretManager.start(caClient);
            Token generateToken = ozoneBlockTokenSecretManager.generateToken(testBlockID.getContainerBlockID().toString(), EnumSet.allOf(HddsProtos.BlockTokenSecretProto.AccessModeProto.class), RandomUtils.nextLong());
            ContainerProtos.ContainerCommandRequestProto putBlockRequest2 = ContainerTestHelper.getPutBlockRequest(createPipeline, generateToken.encodeToUrlString(), ContainerTestHelper.getWriteChunkRequest(createPipeline, testBlockID, 1024, generateToken.encodeToUrlString()).getWriteChunk());
            Assert.assertNotNull(putBlockRequest2.getTraceID());
            Assert.assertEquals(ContainerProtos.Result.SUCCESS, xceiverClientSpi.sendCommand(putBlockRequest2).getResult());
            if (xceiverClientSpi != null) {
                xceiverClientSpi.close();
            }
            if (createPipeline != null) {
                consumer.accept(createPipeline);
            }
            arrayList.stream().forEach((v0) -> {
                v0.stop();
            });
        } catch (Throwable th) {
            if (xceiverClientSpi != null) {
                xceiverClientSpi.close();
            }
            if (createPipeline != null) {
                consumer.accept(createPipeline);
            }
            arrayList.stream().forEach((v0) -> {
                v0.stop();
            });
            throw th;
        }
    }
}
