package org.apache.wss4j.integration.test.common;

import java.io.File;
import java.net.DatagramSocket;
import java.security.Provider;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.io.FileUtils;
import org.apache.directory.server.core.DirectoryService;
import org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory;
import org.apache.directory.server.core.factory.DirectoryServiceFactory;
import org.apache.directory.server.core.factory.PartitionFactory;
import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.kerberos.kdc.KdcServer;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.protocol.shared.transport.Transport;
import org.apache.directory.server.protocol.shared.transport.UdpTransport;
import org.apache.directory.shared.ldap.entry.DefaultServerEntry;
import org.apache.directory.shared.ldap.ldif.LdifEntry;
import org.apache.directory.shared.ldap.ldif.LdifReader;

/* loaded from: input_file:org/apache/wss4j/integration/test/common/KerberosServiceStarter.class */
public class KerberosServiceStarter {
    public static DirectoryService directoryService;
    public static KdcServer kdcServer;
    private static Provider provider = null;
    private static int providerPos = 2;
    private static final int kdcPort = 23749;

    public static boolean startKerberosServer() throws Exception {
        try {
            DatagramSocket datagramSocket = new DatagramSocket(kdcPort);
            datagramSocket.setReuseAddress(true);
            datagramSocket.close();
            DirectoryServiceFactory directoryServiceFactory = DefaultDirectoryServiceFactory.DEFAULT;
            directoryService = directoryServiceFactory.getDirectoryService();
            directoryService.setAccessControlEnabled(false);
            directoryService.setAllowAnonymousAccess(false);
            directoryService.getChangeLog().setEnabled(true);
            List interceptors = directoryService.getInterceptors();
            interceptors.add(new KeyDerivationInterceptor());
            directoryService.setInterceptors(interceptors);
            directoryServiceFactory.init("defaultDS");
            PartitionFactory partitionFactory = directoryServiceFactory.getPartitionFactory();
            Partition createPartition = partitionFactory.createPartition("example", "dc=example,dc=com", 1000, new File(directoryService.getWorkingDirectory(), "example"));
            partitionFactory.addIndex(createPartition, "objectClass", 1000);
            partitionFactory.addIndex(createPartition, "dc", 1000);
            partitionFactory.addIndex(createPartition, "ou", 1000);
            createPartition.setSchemaManager(directoryService.getSchemaManager());
            directoryService.addPartition(createPartition);
            LdifReader ldifReader = new LdifReader(KerberosServiceStarter.class.getClassLoader().getResourceAsStream("kerberos/kerberos.ldif"));
            Iterator it = ldifReader.iterator();
            while (it.hasNext()) {
                LdifEntry ldifEntry = (LdifEntry) it.next();
                if (ldifEntry.isChangeAdd()) {
                    directoryService.getAdminSession().add(new DefaultServerEntry(directoryService.getSchemaManager(), ldifEntry.getEntry()));
                } else if (ldifEntry.isChangeModify()) {
                    directoryService.getAdminSession().modify(ldifEntry.getDn(), ldifEntry.getModificationItems());
                }
            }
            ldifReader.close();
            kdcServer = new KdcServer();
            kdcServer.setServiceName("DefaultKrbServer");
            kdcServer.setKdcPrincipal("krbtgt/service.ws.apache.org@service.ws.apache.org");
            kdcServer.setPrimaryRealm("service.ws.apache.org");
            kdcServer.setMaximumTicketLifetime(86400000L);
            kdcServer.setMaximumRenewableLifetime(604800000L);
            kdcServer.addTransports(new Transport[]{new UdpTransport("localhost", kdcPort)});
            kdcServer.setEncryptionTypes(new EncryptionType[]{EncryptionType.AES128_CTS_HMAC_SHA1_96});
            kdcServer.setDirectoryService(directoryService);
            kdcServer.start();
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public static void stopKerberosServer() throws Exception {
        directoryService.shutdown();
        FileUtils.deleteDirectory(directoryService.getWorkingDirectory());
        kdcServer.stop();
    }
}
