package org.apache.kudu.client;

import java.io.BufferedReader;
import java.io.Closeable;
import java.io.File;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.concurrent.NotThreadSafe;
import org.apache.commons.io.FileUtils;
import org.apache.kudu.client.MiniKuduCluster;
import org.apache.kudu.shaded.com.google.common.base.Charsets;
import org.apache.kudu.shaded.com.google.common.base.Joiner;
import org.apache.kudu.shaded.com.google.common.base.MoreObjects;
import org.apache.kudu.shaded.com.google.common.base.Preconditions;
import org.apache.kudu.shaded.com.google.common.collect.ImmutableList;
import org.apache.kudu.shaded.com.google.common.collect.ImmutableMap;
import org.apache.kudu.shaded.com.google.common.io.CharStreams;
import org.apache.yetus.audience.InterfaceAudience;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@InterfaceAudience.Private
@NotThreadSafe
/* loaded from: input_file:org/apache/kudu/client/MiniKdc.class */
public class MiniKdc implements Closeable {
    private static final int PORT_START = 64530;
    private final Options options;
    private Process kdcProcess;
    private Thread kdcProcessLogRedirector;
    private static final Logger LOG = LoggerFactory.getLogger(MiniKuduCluster.class);
    private static final List<String> KRB5_BINARY_PATHS = ImmutableList.of("/usr/local/opt/krb5/sbin", "/usr/local/opt/krb5/bin", "/opt/local/sbin", "/opt/local/bin", "/usr/lib/mit/sbin", "/usr/sbin");

    /* loaded from: input_file:org/apache/kudu/client/MiniKdc$Options.class */
    public static class Options {
        private final String realm;
        private final Path dataRoot;
        private final int port;

        public Options(String str, Path path, int i) {
            Preconditions.checkArgument(i > 0);
            this.realm = str;
            this.dataRoot = path;
            this.port = i;
        }

        public String getRealm() {
            return this.realm;
        }

        public Path getDataRoot() {
            return this.dataRoot;
        }

        public int getPort() {
            return this.port;
        }

        public String toString() {
            return MoreObjects.toStringHelper(this).add("realm", this.realm).add("dataRoot", this.dataRoot).add("port", this.port).toString();
        }
    }

    public MiniKdc(Options options) {
        this.options = options;
    }

    public static MiniKdc withDefaults() throws IOException {
        return new MiniKdc(new Options("KRBTEST.COM", Paths.get(TestUtils.getBaseDir(), "krb5kdc-" + System.currentTimeMillis()), TestUtils.findFreeUdpPort(PORT_START)));
    }

    public void start() throws IOException {
        Preconditions.checkState(this.kdcProcess == null);
        LOG.debug("starting KDC {}", this.options);
        File file = this.options.dataRoot.toFile();
        if (!file.exists()) {
            if (!file.mkdir()) {
                throw new RuntimeException(String.format("unable to create krb5 state directory: %s", file));
            }
            createKdcConf();
            createKrb5Conf();
            checkReturnCode(startProcessWithKrbEnv(getBinaryPath("kdb5_util"), "create", "-s", "-P", "masterpw", "-W"), "kdb5_util", true);
        }
        this.kdcProcess = startProcessWithKrbEnv(getBinaryPath("krb5kdc"), "-n");
        this.kdcProcessLogRedirector = new Thread(new MiniKuduCluster.ProcessInputStreamLogPrinterRunnable(this.kdcProcess.getInputStream()), "krb5kdc:" + this.options.port);
        this.kdcProcessLogRedirector.setDaemon(true);
        this.kdcProcessLogRedirector.start();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void createUserPrincipal(String str) throws IOException {
        checkReturnCode(startProcessWithKrbEnv(getBinaryPath("kadmin.local"), "-q", String.format("add_principal -pw %s %s", str, str)), "kadmin.local", true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void kinit(String str) throws IOException {
        Process startProcessWithKrbEnv = startProcessWithKrbEnv(getBinaryPath("kinit"), str);
        startProcessWithKrbEnv.getOutputStream().write(str.getBytes());
        startProcessWithKrbEnv.getOutputStream().close();
        checkReturnCode(startProcessWithKrbEnv, "kinit", true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String klist() throws IOException {
        Process startProcessWithKrbEnv = startProcessWithKrbEnv(getBinaryPath("klist"), "-A");
        checkReturnCode(startProcessWithKrbEnv, "klist", false);
        return CharStreams.toString(new InputStreamReader(startProcessWithKrbEnv.getInputStream()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Path createServiceKeytab(String str) throws IOException {
        Path resolve = this.options.dataRoot.resolve(str.replace('/', '_') + ".keytab");
        String binaryPath = getBinaryPath("kadmin.local");
        checkReturnCode(startProcessWithKrbEnv(binaryPath, "-q", String.format("add_principal -randkey %s", str)), "kadmin.local", true);
        checkReturnCode(startProcessWithKrbEnv(binaryPath, "-q", String.format("ktadd -k %s %s", resolve, str)), "kadmin.local", true);
        return resolve;
    }

    private void createKrb5Conf() throws IOException {
        Files.write(this.options.dataRoot.resolve("krb5.conf"), ImmutableList.of("[logging]", "   kdc = FILE:/dev/stderr", "[libdefaults]", "   default_realm = " + this.options.realm, "   dns_lookup_kdc = false", "   dns_lookup_realm = false", "   forwardable = true", "   renew_lifetime = 7d", "   ticket_lifetime = 24h", "   default_tkt_enctypes = aes128-cts des3-cbc-sha1", "   default_tgs_enctypes = aes128-cts des3-cbc-sha1", "   permitted_enctypes = aes128-cts des3-cbc-sha1", new String[]{"   rdns = false", "   ignore_acceptor_hostname = true", "[realms]", this.options.realm + " = {", "   kdc = 127.0.0.1:" + this.options.port, "}"}), Charsets.UTF_8, new OpenOption[0]);
    }

    private void createKdcConf() throws IOException {
        Files.write(this.options.dataRoot.resolve("kdc.conf"), ImmutableList.of("[kdcdefaults]", "   kdc_ports = " + this.options.port, "   kdc_tcp_ports = \"\"", "[realms]", this.options.realm + " = {", "   acl_file = " + this.options.dataRoot.resolve("kadm5.acl"), "   admin_keytab = " + this.options.dataRoot.resolve("kadm5.keytab"), "   database_name = " + this.options.dataRoot.resolve("principal"), "   key_stash_file = " + this.options.dataRoot.resolve(".k5." + this.options.realm), "   max_renewable_life = 7d 0h 0m 0s", "}"), Charsets.UTF_8, new OpenOption[0]);
    }

    public void stop() throws IOException {
        Preconditions.checkState(this.kdcProcess != null);
        LOG.debug("stopping KDC {}", this.options);
        try {
            this.kdcProcess.destroy();
            this.kdcProcess.waitFor();
            this.kdcProcessLogRedirector.join();
        } catch (InterruptedException e) {
            Thread.currentThread().interrupt();
        } finally {
            this.kdcProcess = null;
            this.kdcProcessLogRedirector = null;
        }
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        LOG.debug("closing KDC {}", this.options);
        try {
            if (this.kdcProcess != null) {
                stop();
            }
        } finally {
            FileUtils.deleteDirectory(this.options.dataRoot.toFile());
        }
    }

    public Map<String, String> getEnvVars() {
        return ImmutableMap.of("KRB5_CONFIG", this.options.dataRoot.resolve("krb5.conf").toString(), "KRB5_KDC_PROFILE", this.options.dataRoot.resolve("kdc.conf").toString(), "KRB5CCNAME", getTicketCachePath(), "KUDU_ENABLE_KRB5_REALM_FIX", "yes");
    }

    public String getTicketCachePath() {
        return this.options.dataRoot.resolve("krb5cc").toString();
    }

    private Process startProcessWithKrbEnv(String... strArr) throws IOException {
        ProcessBuilder processBuilder = new ProcessBuilder(strArr);
        processBuilder.environment().putAll(getEnvVars());
        LOG.debug("executing '{}', env: '{}'", Joiner.on(" ").join(processBuilder.command()), Joiner.on(", ").withKeyValueSeparator("=").join(processBuilder.environment()));
        return processBuilder.redirectErrorStream(true).start();
    }

    private static void checkReturnCode(Process process, String str, boolean z) throws IOException {
        try {
            int waitFor = process.waitFor();
            if (z) {
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(process.getInputStream()));
                Throwable th = null;
                while (true) {
                    try {
                        try {
                            String readLine = bufferedReader.readLine();
                            if (readLine == null) {
                                break;
                            } else {
                                LOG.debug(readLine);
                            }
                        } finally {
                        }
                    } finally {
                    }
                }
                if (bufferedReader != null) {
                    if (0 != 0) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        bufferedReader.close();
                    }
                }
            }
            if (waitFor != 0) {
                throw new IOException(String.format("process '%s' failed: %s", str, Integer.valueOf(waitFor)));
            }
        } catch (InterruptedException e) {
            Thread.interrupted();
            throw new IOException(String.format("process '%s' interrupted", str));
        }
    }

    private static String getBinaryPath(String str) throws IOException {
        return getBinaryPath(str, KRB5_BINARY_PATHS);
    }

    private static String getBinaryPath(String str, List<String> list) throws IOException {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            File file = Paths.get(it.next(), new String[0]).resolve(str).toFile();
            if (file.exists() && file.canExecute()) {
                return file.getPath();
            }
        }
        Process start = new ProcessBuilder(new String[0]).command("which", str).start();
        checkReturnCode(start, "which", false);
        return CharStreams.toString(new InputStreamReader(start.getInputStream())).trim();
    }
}
