package org.apache.phoenix.end2end;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.calcite.avatica.server.AvaticaServerConfiguration;
import org.apache.calcite.avatica.server.ServerCustomizer;
import org.apache.hadoop.conf.Configuration;
import org.apache.phoenix.queryserver.server.ServerCustomizersFactory;
import org.apache.phoenix.util.InstanceResolver;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.security.Credential;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/phoenix/end2end/ServerCustomizersIT.class */
public class ServerCustomizersIT extends BaseHBaseManagedTimeIT {
    private static final Logger LOG = LoggerFactory.getLogger(ServerCustomizersIT.class);
    private static final String USER_AUTHORIZED = "user3";
    private static final String USER_NOT_AUTHORIZED = "user1";
    private static final String USER_PW = "s3cr3t";
    private static QueryServerTestUtil PQS_UTIL;

    @Rule
    public ExpectedException expected = ExpectedException.none();

    /* loaded from: input_file:org/apache/phoenix/end2end/ServerCustomizersIT$TestServerCustomizer.class */
    public static class TestServerCustomizer implements ServerCustomizer<Server> {
        public void customize(Server server) {
            ServerCustomizersIT.LOG.debug("Customizing server to allow requests for {}", ServerCustomizersIT.USER_AUTHORIZED);
            HashLoginService hashLoginService = new HashLoginService();
            hashLoginService.putUser(ServerCustomizersIT.USER_AUTHORIZED, Credential.getCredential(ServerCustomizersIT.USER_PW), new String[]{"users"});
            hashLoginService.setName("users");
            Constraint constraint = new Constraint();
            constraint.setName("BASIC");
            constraint.setRoles(new String[]{"users"});
            constraint.setAuthenticate(true);
            ConstraintMapping constraintMapping = new ConstraintMapping();
            constraintMapping.setConstraint(constraint);
            constraintMapping.setPathSpec("/*");
            ConstraintSecurityHandler constraintSecurityHandler = new ConstraintSecurityHandler();
            constraintSecurityHandler.setAuthenticator(new BasicAuthenticator());
            constraintSecurityHandler.setRealmName("users");
            constraintSecurityHandler.addConstraintMapping(constraintMapping);
            constraintSecurityHandler.setLoginService(hashLoginService);
            constraintSecurityHandler.setHandler(server.getHandlers()[0]);
            server.setHandler(constraintSecurityHandler);
        }
    }

    @BeforeClass
    public static void setup() throws Exception {
        Configuration testClusterConfig = getTestClusterConfig();
        testClusterConfig.set("phoenix.queryserver.customizers.enabled", "true");
        PQS_UTIL = new QueryServerTestUtil(testClusterConfig);
        PQS_UTIL.startLocalHBaseCluster(ServerCustomizersIT.class);
        InstanceResolver.clearSingletons();
        InstanceResolver.getSingleton(ServerCustomizersFactory.class, new ServerCustomizersFactory() { // from class: org.apache.phoenix.end2end.ServerCustomizersIT.1
            public List<ServerCustomizer<Server>> createServerCustomizers(Configuration configuration, AvaticaServerConfiguration avaticaServerConfiguration) {
                return Collections.singletonList(new TestServerCustomizer());
            }
        });
        PQS_UTIL.startQueryServer();
    }

    @AfterClass
    public static void teardown() throws Exception {
        InstanceResolver.clearSingletons();
        if (PQS_UTIL != null) {
            PQS_UTIL.stopQueryServer();
            PQS_UTIL.stopLocalHBaseCluster();
        }
    }

    @Test
    public void testUserAuthorized() throws Exception {
        Connection connection = DriverManager.getConnection(PQS_UTIL.getUrl(getBasicAuthParams(USER_AUTHORIZED)));
        Throwable th = null;
        try {
            Statement createStatement = connection.createStatement();
            Throwable th2 = null;
            try {
                try {
                    Assert.assertFalse("user3 should have access", createStatement.execute("create table " + ServerCustomizersIT.class.getSimpleName() + " (pk integer not null primary key)"));
                    if (createStatement != null) {
                        if (0 != 0) {
                            try {
                                createStatement.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            createStatement.close();
                        }
                    }
                    if (connection != null) {
                        if (0 == 0) {
                            connection.close();
                            return;
                        }
                        try {
                            connection.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    }
                } catch (Throwable th5) {
                    th2 = th5;
                    throw th5;
                }
            } catch (Throwable th6) {
                if (createStatement != null) {
                    if (th2 != null) {
                        try {
                            createStatement.close();
                        } catch (Throwable th7) {
                            th2.addSuppressed(th7);
                        }
                    } else {
                        createStatement.close();
                    }
                }
                throw th6;
            }
        } catch (Throwable th8) {
            if (connection != null) {
                if (0 != 0) {
                    try {
                        connection.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    connection.close();
                }
            }
            throw th8;
        }
    }

    @Test
    public void testUserNotAuthorized() throws Exception {
        this.expected.expect(RuntimeException.class);
        this.expected.expectMessage("HTTP/401");
        Connection connection = DriverManager.getConnection(PQS_UTIL.getUrl(getBasicAuthParams(USER_NOT_AUTHORIZED)));
        Throwable th = null;
        try {
            Statement createStatement = connection.createStatement();
            Throwable th2 = null;
            try {
                try {
                    Assert.assertFalse(createStatement.execute("select access from database"));
                    if (createStatement != null) {
                        if (0 != 0) {
                            try {
                                createStatement.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            createStatement.close();
                        }
                    }
                    if (connection != null) {
                        if (0 == 0) {
                            connection.close();
                            return;
                        }
                        try {
                            connection.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    }
                } catch (Throwable th5) {
                    th2 = th5;
                    throw th5;
                }
            } catch (Throwable th6) {
                if (createStatement != null) {
                    if (th2 != null) {
                        try {
                            createStatement.close();
                        } catch (Throwable th7) {
                            th2.addSuppressed(th7);
                        }
                    } else {
                        createStatement.close();
                    }
                }
                throw th6;
            }
        } catch (Throwable th8) {
            if (connection != null) {
                if (0 != 0) {
                    try {
                        connection.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    connection.close();
                }
            }
            throw th8;
        }
    }

    private Map<String, String> getBasicAuthParams(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("authentication", "BASIC");
        hashMap.put("avatica_user", str);
        hashMap.put("avatica_password", USER_PW);
        return hashMap;
    }
}
