package org.apache.hadoop.security.token.delegation;

import java.io.ByteArrayInputStream;
import java.io.DataInput;
import java.io.DataInputStream;
import java.io.DataOutput;
import java.io.IOException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.io.DataInputBuffer;
import org.apache.hadoop.io.DataOutputBuffer;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.io.Writable;
import org.apache.hadoop.security.AccessControlException;
import org.apache.hadoop.security.token.SecretManager;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager;
import org.apache.hadoop.util.Daemon;
import org.apache.hadoop.util.StringUtils;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/hadoop/security/token/delegation/TestDelegationToken.class */
public class TestDelegationToken {
    private static final Log LOG = LogFactory.getLog(TestDelegationToken.class);
    private static final Text KIND = new Text("MY KIND");

    /* loaded from: input_file:org/apache/hadoop/security/token/delegation/TestDelegationToken$TestDelegationTokenIdentifier.class */
    public static class TestDelegationTokenIdentifier extends AbstractDelegationTokenIdentifier implements Writable {
        public TestDelegationTokenIdentifier() {
        }

        public TestDelegationTokenIdentifier(Text text, Text text2, Text text3) {
            super(text, text2, text3);
        }

        public Text getKind() {
            return TestDelegationToken.KIND;
        }

        public void write(DataOutput dataOutput) throws IOException {
            super.write(dataOutput);
        }

        public void readFields(DataInput dataInput) throws IOException {
            super.readFields(dataInput);
        }
    }

    /* loaded from: input_file:org/apache/hadoop/security/token/delegation/TestDelegationToken$TestDelegationTokenSecretManager.class */
    public static class TestDelegationTokenSecretManager extends AbstractDelegationTokenSecretManager<TestDelegationTokenIdentifier> {
        public TestDelegationTokenSecretManager(long j, long j2, long j3, long j4) {
            super(j, j2, j3, j4);
        }

        /* renamed from: createIdentifier, reason: merged with bridge method [inline-methods] */
        public TestDelegationTokenIdentifier m334createIdentifier() {
            return new TestDelegationTokenIdentifier();
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public byte[] createPassword(TestDelegationTokenIdentifier testDelegationTokenIdentifier) {
            return super.createPassword(testDelegationTokenIdentifier);
        }

        public byte[] createPassword(TestDelegationTokenIdentifier testDelegationTokenIdentifier, DelegationKey delegationKey) {
            return SecretManager.createPassword(testDelegationTokenIdentifier.getBytes(), delegationKey.getKey());
        }

        public Map<TestDelegationTokenIdentifier, AbstractDelegationTokenSecretManager.DelegationTokenInformation> getAllTokens() {
            return this.currentTokens;
        }

        public DelegationKey getKey(TestDelegationTokenIdentifier testDelegationTokenIdentifier) {
            return (DelegationKey) this.allKeys.get(Integer.valueOf(testDelegationTokenIdentifier.getMasterKeyId()));
        }
    }

    /* loaded from: input_file:org/apache/hadoop/security/token/delegation/TestDelegationToken$TokenSelector.class */
    public static class TokenSelector extends AbstractDelegationTokenSelector<TestDelegationTokenIdentifier> {
        protected TokenSelector() {
            super(TestDelegationToken.KIND);
        }
    }

    @Test
    public void testSerialization() throws Exception {
        TestDelegationTokenIdentifier testDelegationTokenIdentifier = new TestDelegationTokenIdentifier(new Text("alice"), new Text("bob"), new Text("colin"));
        TestDelegationTokenIdentifier testDelegationTokenIdentifier2 = new TestDelegationTokenIdentifier();
        testDelegationTokenIdentifier.setIssueDate(123L);
        testDelegationTokenIdentifier.setMasterKeyId(321);
        testDelegationTokenIdentifier.setMaxDate(314L);
        testDelegationTokenIdentifier.setSequenceNumber(12345);
        DataInputBuffer dataInputBuffer = new DataInputBuffer();
        DataOutputBuffer dataOutputBuffer = new DataOutputBuffer();
        testDelegationTokenIdentifier.write(dataOutputBuffer);
        dataInputBuffer.reset(dataOutputBuffer.getData(), 0, dataOutputBuffer.getLength());
        testDelegationTokenIdentifier2.readFields(dataInputBuffer);
        Assert.assertEquals("alice", testDelegationTokenIdentifier2.getUser().getUserName());
        Assert.assertEquals(new Text("bob"), testDelegationTokenIdentifier2.getRenewer());
        Assert.assertEquals("colin", testDelegationTokenIdentifier2.getUser().getRealUser().getUserName());
        Assert.assertEquals(123L, testDelegationTokenIdentifier2.getIssueDate());
        Assert.assertEquals(321L, testDelegationTokenIdentifier2.getMasterKeyId());
        Assert.assertEquals(314L, testDelegationTokenIdentifier2.getMaxDate());
        Assert.assertEquals(12345L, testDelegationTokenIdentifier2.getSequenceNumber());
        Assert.assertEquals(testDelegationTokenIdentifier, testDelegationTokenIdentifier2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Token<TestDelegationTokenIdentifier> generateDelegationToken(TestDelegationTokenSecretManager testDelegationTokenSecretManager, String str, String str2) {
        return new Token<>(new TestDelegationTokenIdentifier(new Text(str), new Text(str2), null), testDelegationTokenSecretManager);
    }

    private void shouldThrow(PrivilegedExceptionAction<Object> privilegedExceptionAction, Class<? extends Throwable> cls) {
        try {
            privilegedExceptionAction.run();
            junit.framework.Assert.fail("action did not throw " + cls);
        } catch (Throwable th) {
            LOG.info("Caught an exception: " + StringUtils.stringifyException(th));
            Assert.assertEquals("action threw wrong exception", cls, th.getClass());
        }
    }

    @Test
    public void testDelegationTokenSecretManager() throws Exception {
        final TestDelegationTokenSecretManager testDelegationTokenSecretManager = new TestDelegationTokenSecretManager(86400000L, 3000L, 1000L, 3600000L);
        try {
            testDelegationTokenSecretManager.startThreads();
            final Token<TestDelegationTokenIdentifier> generateDelegationToken = generateDelegationToken(testDelegationTokenSecretManager, "SomeUser", "JobTracker");
            shouldThrow(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.security.token.delegation.TestDelegationToken.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    testDelegationTokenSecretManager.renewToken(generateDelegationToken, "FakeRenewer");
                    return null;
                }
            }, AccessControlException.class);
            Assert.assertTrue("renew time is in future", testDelegationTokenSecretManager.renewToken(generateDelegationToken, "JobTracker") > System.currentTimeMillis());
            TestDelegationTokenIdentifier testDelegationTokenIdentifier = new TestDelegationTokenIdentifier();
            testDelegationTokenIdentifier.readFields(new DataInputStream(new ByteArrayInputStream(generateDelegationToken.getIdentifier())));
            junit.framework.Assert.assertTrue(null != testDelegationTokenSecretManager.retrievePassword(testDelegationTokenIdentifier));
            LOG.info("Sleep to expire the token");
            Thread.sleep(2000L);
            try {
                testDelegationTokenSecretManager.retrievePassword(testDelegationTokenIdentifier);
                junit.framework.Assert.fail("Token should have expired");
            } catch (SecretManager.InvalidToken e) {
            }
            testDelegationTokenSecretManager.renewToken(generateDelegationToken, "JobTracker");
            LOG.info("Sleep beyond the max lifetime");
            Thread.sleep(2000L);
            shouldThrow(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.security.token.delegation.TestDelegationToken.2
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    testDelegationTokenSecretManager.renewToken(generateDelegationToken, "JobTracker");
                    return null;
                }
            }, SecretManager.InvalidToken.class);
            testDelegationTokenSecretManager.stopThreads();
        } catch (Throwable th) {
            testDelegationTokenSecretManager.stopThreads();
            throw th;
        }
    }

    @Test
    public void testCancelDelegationToken() throws Exception {
        final TestDelegationTokenSecretManager testDelegationTokenSecretManager = new TestDelegationTokenSecretManager(86400000L, 10000L, 1000L, 3600000L);
        try {
            testDelegationTokenSecretManager.startThreads();
            final Token<TestDelegationTokenIdentifier> generateDelegationToken = generateDelegationToken(testDelegationTokenSecretManager, "SomeUser", "JobTracker");
            shouldThrow(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.security.token.delegation.TestDelegationToken.3
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    testDelegationTokenSecretManager.renewToken(generateDelegationToken, "FakeCanceller");
                    return null;
                }
            }, AccessControlException.class);
            testDelegationTokenSecretManager.cancelToken(generateDelegationToken, "JobTracker");
            shouldThrow(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.security.token.delegation.TestDelegationToken.4
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    testDelegationTokenSecretManager.renewToken(generateDelegationToken, "JobTracker");
                    return null;
                }
            }, SecretManager.InvalidToken.class);
            testDelegationTokenSecretManager.stopThreads();
        } catch (Throwable th) {
            testDelegationTokenSecretManager.stopThreads();
            throw th;
        }
    }

    @Test
    public void testRollMasterKey() throws Exception {
        TestDelegationTokenSecretManager testDelegationTokenSecretManager = new TestDelegationTokenSecretManager(86400000L, 10000L, 1000L, 3600000L);
        try {
            testDelegationTokenSecretManager.startThreads();
            Token<TestDelegationTokenIdentifier> generateDelegationToken = generateDelegationToken(testDelegationTokenSecretManager, "SomeUser", "JobTracker");
            byte[] password = generateDelegationToken.getPassword();
            int length = testDelegationTokenSecretManager.getAllKeys().length;
            testDelegationTokenSecretManager.rollMasterKey();
            junit.framework.Assert.assertEquals(testDelegationTokenSecretManager.getAllKeys().length - length >= 1, true);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(generateDelegationToken.getIdentifier());
            TestDelegationTokenIdentifier m334createIdentifier = testDelegationTokenSecretManager.m334createIdentifier();
            m334createIdentifier.readFields(new DataInputStream(byteArrayInputStream));
            junit.framework.Assert.assertEquals(password, testDelegationTokenSecretManager.retrievePassword(m334createIdentifier));
            testDelegationTokenSecretManager.stopThreads();
        } catch (Throwable th) {
            testDelegationTokenSecretManager.stopThreads();
            throw th;
        }
    }

    @Test
    public void testDelegationTokenSelector() throws Exception {
        TestDelegationTokenSecretManager testDelegationTokenSecretManager = new TestDelegationTokenSecretManager(86400000L, 10000L, 1000L, 3600000L);
        try {
            testDelegationTokenSecretManager.startThreads();
            AbstractDelegationTokenSelector abstractDelegationTokenSelector = new AbstractDelegationTokenSelector(KIND);
            Token<TestDelegationTokenIdentifier> generateDelegationToken = generateDelegationToken(testDelegationTokenSecretManager, "SomeUser1", "JobTracker");
            generateDelegationToken.setService(new Text("MY-SERVICE1"));
            Token<TestDelegationTokenIdentifier> generateDelegationToken2 = generateDelegationToken(testDelegationTokenSecretManager, "SomeUser2", "JobTracker");
            generateDelegationToken2.setService(new Text("MY-SERVICE2"));
            ArrayList arrayList = new ArrayList();
            arrayList.add(generateDelegationToken);
            arrayList.add(generateDelegationToken2);
            junit.framework.Assert.assertEquals(abstractDelegationTokenSelector.selectToken(new Text("MY-SERVICE1"), arrayList), generateDelegationToken);
            testDelegationTokenSecretManager.stopThreads();
        } catch (Throwable th) {
            testDelegationTokenSecretManager.stopThreads();
            throw th;
        }
    }

    @Test
    public void testParallelDelegationTokenCreation() throws Exception {
        final TestDelegationTokenSecretManager testDelegationTokenSecretManager = new TestDelegationTokenSecretManager(2000L, 86400000L, 604800000L, 2000L);
        try {
            testDelegationTokenSecretManager.startThreads();
            Thread[] threadArr = new Thread[100];
            for (int i = 0; i < 100; i++) {
                threadArr[i] = new Daemon(new Runnable() { // from class: org.apache.hadoop.security.token.delegation.TestDelegationToken.1tokenIssuerThread
                    @Override // java.lang.Runnable
                    public void run() {
                        for (int i2 = 0; i2 < 100; i2++) {
                            TestDelegationToken.this.generateDelegationToken(testDelegationTokenSecretManager, "auser", "arenewer");
                            try {
                                Thread.sleep(250L);
                            } catch (Exception e) {
                            }
                        }
                    }
                });
                threadArr[i].start();
            }
            for (int i2 = 0; i2 < 100; i2++) {
                threadArr[i2].join();
            }
            Map<TestDelegationTokenIdentifier, AbstractDelegationTokenSecretManager.DelegationTokenInformation> allTokens = testDelegationTokenSecretManager.getAllTokens();
            junit.framework.Assert.assertEquals(100 * 100, allTokens.size());
            for (TestDelegationTokenIdentifier testDelegationTokenIdentifier : allTokens.keySet()) {
                junit.framework.Assert.assertTrue(allTokens.get(testDelegationTokenIdentifier) != null);
                DelegationKey key = testDelegationTokenSecretManager.getKey(testDelegationTokenIdentifier);
                junit.framework.Assert.assertTrue(key != null);
                junit.framework.Assert.assertTrue(Arrays.equals(testDelegationTokenSecretManager.createPassword(testDelegationTokenIdentifier, key), testDelegationTokenSecretManager.retrievePassword(testDelegationTokenIdentifier)));
            }
        } finally {
            testDelegationTokenSecretManager.stopThreads();
        }
    }

    @Test
    public void testDelegationTokenNullRenewer() throws Exception {
        TestDelegationTokenSecretManager testDelegationTokenSecretManager = new TestDelegationTokenSecretManager(86400000L, 10000L, 1000L, 3600000L);
        testDelegationTokenSecretManager.startThreads();
        Token token = new Token(new TestDelegationTokenIdentifier(new Text("theuser"), null, null), testDelegationTokenSecretManager);
        junit.framework.Assert.assertTrue(token != null);
        try {
            testDelegationTokenSecretManager.renewToken(token, "");
            junit.framework.Assert.fail("Renewal must not succeed");
        } catch (IOException e) {
        }
    }
}
