package org.apache.pulsar.broker.admin;

import com.google.common.collect.ImmutableSet;
import java.lang.reflect.Method;
import java.util.Optional;
import org.apache.bookkeeper.test.PortManager;
import org.apache.pulsar.broker.ServiceConfiguration;
import org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest;
import org.apache.pulsar.client.admin.PulsarAdmin;
import org.apache.pulsar.client.admin.PulsarAdminException;
import org.apache.pulsar.common.policies.data.AuthAction;
import org.apache.pulsar.common.policies.data.BundlesData;
import org.apache.pulsar.common.policies.data.ClusterData;
import org.apache.pulsar.common.policies.data.Policies;
import org.apache.pulsar.common.policies.data.TenantInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testng.Assert;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:org/apache/pulsar/broker/admin/BrokerAdminClientTlsAuthTest.class */
public class BrokerAdminClientTlsAuthTest extends MockedPulsarServiceBaseTest {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) BrokerAdminClientTlsAuthTest.class);
    protected String methodName;

    @BeforeMethod
    public void beforeMethod(Method method) throws Exception {
        this.methodName = method.getName();
    }

    private static String getTLSFile(String str) {
        return String.format("./src/test/resources/authentication/tls-http/%s.pem", str);
    }

    @Override // org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest
    @BeforeMethod
    public void setup() throws Exception {
        this.conf.setBrokerServicePortTls(Optional.of(Integer.valueOf(this.BROKER_PORT_TLS)));
        this.conf.setWebServicePortTls(Optional.of(Integer.valueOf(this.BROKER_WEBSERVICE_PORT_TLS)));
        buildConf(this.conf);
        super.internalSetup();
    }

    private void buildConf(ServiceConfiguration serviceConfiguration) {
        serviceConfiguration.setLoadBalancerEnabled(true);
        serviceConfiguration.setTlsCertificateFilePath(getTLSFile("broker.cert"));
        serviceConfiguration.setTlsKeyFilePath(getTLSFile("broker.key-pk8"));
        serviceConfiguration.setTlsTrustCertsFilePath(getTLSFile("ca.cert"));
        serviceConfiguration.setAuthenticationEnabled(true);
        serviceConfiguration.setSuperUserRoles(ImmutableSet.of("superproxy", "broker.pulsar.apache.org"));
        serviceConfiguration.setAuthenticationProviders(ImmutableSet.of("org.apache.pulsar.broker.authentication.AuthenticationProviderTls"));
        serviceConfiguration.setAuthorizationEnabled(true);
        serviceConfiguration.setBrokerClientTlsEnabled(true);
        serviceConfiguration.setBrokerClientAuthenticationParameters(String.format("tlsCertFile:%s,tlsKeyFile:%s", getTLSFile("broker.cert"), getTLSFile("broker.key-pk8")));
        serviceConfiguration.setBrokerClientAuthenticationPlugin("org.apache.pulsar.client.impl.auth.AuthenticationTls");
        serviceConfiguration.setBrokerClientTrustCertsFilePath(getTLSFile("ca.cert"));
        serviceConfiguration.setTlsAllowInsecureConnection(true);
    }

    @Override // org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest
    @AfterMethod
    public void cleanup() throws Exception {
        super.internalCleanup();
    }

    PulsarAdmin buildAdminClient(String str) throws Exception {
        return PulsarAdmin.builder().allowTlsInsecureConnection(false).enableTlsHostnameVerification(false).serviceHttpUrl(this.brokerUrlTls.toString()).authentication("org.apache.pulsar.client.impl.auth.AuthenticationTls", String.format("tlsCertFile:%s,tlsKeyFile:%s", getTLSFile(str + ".cert"), getTLSFile(str + ".key-pk8"))).tlsTrustCertsFilePath(getTLSFile("ca.cert")).build();
    }

    @Test
    public void testPersistentList() throws Exception {
        log.info("-- Starting {} test --", this.methodName);
        ServiceConfiguration serviceConfiguration = new ServiceConfiguration();
        serviceConfiguration.setBrokerServicePort(Optional.ofNullable(Integer.valueOf(PortManager.nextFreePort())));
        serviceConfiguration.setBrokerServicePortTls(Optional.ofNullable(Integer.valueOf(PortManager.nextFreePort())));
        serviceConfiguration.setWebServicePort(Optional.ofNullable(Integer.valueOf(PortManager.nextFreePort())));
        serviceConfiguration.setWebServicePortTls(Optional.ofNullable(Integer.valueOf(PortManager.nextFreePort())));
        serviceConfiguration.setAdvertisedAddress("localhost");
        serviceConfiguration.setClusterName(this.conf.getClusterName());
        serviceConfiguration.setZookeeperServers("localhost:2181");
        buildConf(serviceConfiguration);
        startBroker(serviceConfiguration);
        PulsarAdmin buildAdminClient = buildAdminClient("superproxy");
        Throwable th = null;
        try {
            try {
                buildAdminClient.clusters().createCluster("test", new ClusterData(this.brokerUrl.toString()));
                buildAdminClient.tenants().createTenant("tenant", new TenantInfo(ImmutableSet.of("admin"), ImmutableSet.of("test")));
                if (buildAdminClient != null) {
                    if (0 != 0) {
                        try {
                            buildAdminClient.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        buildAdminClient.close();
                    }
                }
                PulsarAdmin buildAdminClient2 = buildAdminClient("admin");
                Throwable th3 = null;
                try {
                    Policies policies = new Policies();
                    policies.bundles = new BundlesData(4);
                    policies.auth_policies.namespace_auth.put("admin", ImmutableSet.of(AuthAction.produce, AuthAction.consume));
                    policies.replication_clusters = ImmutableSet.of("test");
                    buildAdminClient2.namespaces().createNamespace("tenant/ns", policies);
                    try {
                        buildAdminClient2.topics().getList("tenant/ns");
                    } catch (PulsarAdminException e) {
                        e.printStackTrace();
                        Assert.fail("Should not have thrown an exception");
                    }
                    if (buildAdminClient2 != null) {
                        if (0 == 0) {
                            buildAdminClient2.close();
                            return;
                        }
                        try {
                            buildAdminClient2.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                } catch (Throwable th5) {
                    if (buildAdminClient2 != null) {
                        if (0 != 0) {
                            try {
                                buildAdminClient2.close();
                            } catch (Throwable th6) {
                                th3.addSuppressed(th6);
                            }
                        } else {
                            buildAdminClient2.close();
                        }
                    }
                    throw th5;
                }
            } catch (Throwable th7) {
                th = th7;
                throw th7;
            }
        } catch (Throwable th8) {
            if (buildAdminClient != null) {
                if (th != null) {
                    try {
                        buildAdminClient.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    buildAdminClient.close();
                }
            }
            throw th8;
        }
    }
}
