package org.apache.pulsar.broker.admin;

import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.Base64;
import java.util.Collections;
import java.util.EnumSet;
import java.util.HashSet;
import java.util.Set;
import javax.crypto.SecretKey;
import org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest;
import org.apache.pulsar.broker.authentication.AuthenticationProviderToken;
import org.apache.pulsar.broker.authentication.utils.AuthTokenUtils;
import org.apache.pulsar.client.admin.PulsarAdmin;
import org.apache.pulsar.client.admin.PulsarAdminBuilder;
import org.apache.pulsar.client.admin.PulsarAdminException;
import org.apache.pulsar.client.api.Schema;
import org.apache.pulsar.client.impl.auth.AuthenticationToken;
import org.apache.pulsar.client.impl.schema.SchemaInfoImpl;
import org.apache.pulsar.common.policies.data.AuthAction;
import org.apache.pulsar.common.policies.data.ClusterData;
import org.apache.pulsar.common.policies.data.TenantInfoImpl;
import org.apache.pulsar.common.schema.SchemaInfo;
import org.mockito.Mockito;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testng.Assert;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

@Test(groups = {"broker-admin"})
/* loaded from: input_file:org/apache/pulsar/broker/admin/AdminApiSchemaWithAuthTest.class */
public class AdminApiSchemaWithAuthTest extends MockedPulsarServiceBaseTest {
    private static final Logger log = LoggerFactory.getLogger(AdminApiSchemaWithAuthTest.class);
    private static final SecretKey SECRET_KEY = AuthTokenUtils.createSecretKey(SignatureAlgorithm.HS256);
    private static final String ADMIN_TOKEN = Jwts.builder().setSubject("admin").signWith(SECRET_KEY).compact();
    private static final String CONSUME_TOKEN = Jwts.builder().setSubject("consumer").signWith(SECRET_KEY).compact();
    private static final String PRODUCE_TOKEN = Jwts.builder().setSubject("producer").signWith(SECRET_KEY).compact();

    @Override // org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest
    @BeforeMethod
    public void setup() throws Exception {
        this.conf.setAuthorizationEnabled(true);
        this.conf.setAuthenticationEnabled(true);
        this.conf.getProperties().setProperty("tokenSecretKey", "data:;base64," + Base64.getEncoder().encodeToString(SECRET_KEY.getEncoded()));
        HashSet hashSet = new HashSet();
        hashSet.add(AuthenticationProviderToken.class.getName());
        HashSet hashSet2 = new HashSet();
        hashSet2.add("admin");
        this.conf.setSuperUserRoles(hashSet2);
        this.conf.setAuthenticationProviders(hashSet);
        this.conf.setSystemTopicEnabled(false);
        this.conf.setTopicLevelPoliciesEnabled(false);
        super.internalSetup();
        PulsarAdminBuilder authentication = PulsarAdmin.builder().serviceHttpUrl(this.brokerUrl != null ? this.brokerUrl.toString() : this.brokerUrlTls.toString()).authentication(AuthenticationToken.class.getName(), ADMIN_TOKEN);
        closeAdmin();
        this.admin = (PulsarAdmin) Mockito.spy(authentication.build());
        this.admin.clusters().createCluster("test", ClusterData.builder().serviceUrl(this.pulsar.getWebServiceAddress()).build());
        this.admin.tenants().createTenant("schematest", new TenantInfoImpl(Set.of("role1", "role2"), Set.of("test")));
        this.admin.namespaces().createNamespace("schematest/test", Set.of("test"));
    }

    @Override // org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest
    @AfterMethod(alwaysRun = true)
    public void cleanup() throws Exception {
        super.internalCleanup();
    }

    @Test
    public void testGetCreateDeleteSchema() throws Exception {
        String str = "persistent://schematest/test/testCreateSchema";
        PulsarAdmin build = PulsarAdmin.builder().serviceHttpUrl(this.brokerUrl != null ? this.brokerUrl.toString() : this.brokerUrlTls.toString()).build();
        try {
            build = PulsarAdmin.builder().serviceHttpUrl(this.brokerUrl != null ? this.brokerUrl.toString() : this.brokerUrlTls.toString()).authentication(AuthenticationToken.class.getName(), ADMIN_TOKEN).build();
            try {
                PulsarAdmin build2 = PulsarAdmin.builder().serviceHttpUrl(this.brokerUrl != null ? this.brokerUrl.toString() : this.brokerUrlTls.toString()).authentication(AuthenticationToken.class.getName(), CONSUME_TOKEN).build();
                try {
                    PulsarAdmin build3 = PulsarAdmin.builder().serviceHttpUrl(this.brokerUrl != null ? this.brokerUrl.toString() : this.brokerUrlTls.toString()).authentication(AuthenticationToken.class.getName(), PRODUCE_TOKEN).build();
                    try {
                        this.admin.topics().createNonPartitionedTopic("persistent://schematest/test/testCreateSchema");
                        this.admin.topics().grantPermission("persistent://schematest/test/testCreateSchema", "consumer", EnumSet.of(AuthAction.consume));
                        this.admin.topics().grantPermission("persistent://schematest/test/testCreateSchema", "producer", EnumSet.of(AuthAction.produce));
                        SchemaInfo schemaInfo = Schema.BOOL.getSchemaInfo();
                        Assert.assertThrows(PulsarAdminException.class, () -> {
                            build2.schemas().getSchemaInfo(str);
                        });
                        Assert.assertThrows(PulsarAdminException.class, () -> {
                            build.schemas().createSchema(str, schemaInfo);
                        });
                        build3.schemas().createSchema("persistent://schematest/test/testCreateSchema", schemaInfo);
                        build.schemas().createSchema("persistent://schematest/test/testCreateSchema", schemaInfo);
                        Assert.assertThrows(PulsarAdminException.class, () -> {
                            build.schemas().getSchemaInfo(str);
                        });
                        SchemaInfoImpl schemaInfo2 = build2.schemas().getSchemaInfo("persistent://schematest/test/testCreateSchema");
                        schemaInfo2.setTimestamp(0L);
                        Assert.assertEquals(schemaInfo2, schemaInfo);
                        Assert.assertThrows(PulsarAdminException.class, () -> {
                            build.schemas().getSchemaInfo(str, 0L);
                        });
                        SchemaInfoImpl schemaInfo3 = build2.schemas().getSchemaInfo("persistent://schematest/test/testCreateSchema", 0L);
                        schemaInfo3.setTimestamp(0L);
                        Assert.assertEquals(schemaInfo3, schemaInfo);
                        Assert.assertEquals(build2.schemas().getAllSchemas("persistent://schematest/test/testCreateSchema").size(), 1);
                        SchemaInfo schemaInfo4 = Schema.BOOL.getSchemaInfo();
                        Assert.assertThrows(PulsarAdminException.class, () -> {
                            build.schemas().testCompatibility(str, schemaInfo4);
                        });
                        Assert.assertTrue(build.schemas().testCompatibility("persistent://schematest/test/testCreateSchema", schemaInfo4).isCompatibility());
                        Assert.assertThrows(PulsarAdminException.class, () -> {
                            build.schemas().getVersionBySchema(str, schemaInfo);
                        });
                        Assert.assertEquals(build2.schemas().getVersionBySchema("persistent://schematest/test/testCreateSchema", schemaInfo), 0L);
                        Assert.assertThrows(PulsarAdminException.class, () -> {
                            build.schemas().deleteSchema(str);
                        });
                        build.schemas().deleteSchema("persistent://schematest/test/testCreateSchema");
                        if (Collections.singletonList(build3).get(0) != null) {
                            build3.close();
                        }
                        if (Collections.singletonList(build2).get(0) != null) {
                            build2.close();
                        }
                        if (Collections.singletonList(build).get(0) != null) {
                            build.close();
                        }
                    } finally {
                        if (Collections.singletonList(build3).get(0) != null) {
                            build3.close();
                        }
                    }
                } finally {
                    if (Collections.singletonList(build2).get(0) != null) {
                        build2.close();
                    }
                }
            } finally {
                if (Collections.singletonList(build).get(0) != null) {
                    build.close();
                }
            }
        } catch (Throwable th) {
            if (Collections.singletonList(build).get(0) != null) {
                build.close();
            }
            throw th;
        }
    }
}
