package alluxio.security.authentication;

import alluxio.Configuration;
import alluxio.util.network.NetworkAddressUtils;
import java.net.InetSocketAddress;
import javax.security.sasl.AuthenticationException;
import javax.security.sasl.SaslException;
import org.apache.thrift.TProcessor;
import org.apache.thrift.protocol.TBinaryProtocol;
import org.apache.thrift.server.TThreadPoolServer;
import org.apache.thrift.transport.TServerSocket;
import org.apache.thrift.transport.TSocket;
import org.apache.thrift.transport.TTransport;
import org.apache.thrift.transport.TTransportException;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;

/* loaded from: input_file:alluxio/security/authentication/AuthenticationUtilsTest.class */
public class AuthenticationUtilsTest {
    private TThreadPoolServer mServer;
    private Configuration mConfiguration;
    private InetSocketAddress mServerAddress;
    private TServerSocket mServerTSocket;
    private TSocket mClientTSocket;

    @Rule
    public ExpectedException mThrown = ExpectedException.none();

    /* loaded from: input_file:alluxio/security/authentication/AuthenticationUtilsTest$ExactlyMatchAuthenticationProvider.class */
    public static class ExactlyMatchAuthenticationProvider implements AuthenticationProvider {
        public void authenticate(String str, String str2) throws AuthenticationException {
            if (!str.equals("alluxio") || !str2.equals("correct-password")) {
                throw new AuthenticationException("User authentication fails");
            }
        }
    }

    @Before
    public void before() throws Exception {
        this.mConfiguration = new Configuration();
        String localHostName = NetworkAddressUtils.getLocalHostName(new Configuration());
        this.mServerTSocket = new TServerSocket(new InetSocketAddress(localHostName, 0));
        this.mServerAddress = new InetSocketAddress(localHostName, NetworkAddressUtils.getThriftPort(this.mServerTSocket));
        this.mClientTSocket = AuthenticationUtils.createTSocket(this.mServerAddress, this.mConfiguration.getInt("alluxio.security.authentication.socket.timeout.ms"));
    }

    @Test
    public void nosaslAuthenticationTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "NOSASL");
        startServerThread();
        TTransport clientTransport = AuthenticationUtils.getClientTransport(this.mConfiguration, this.mServerAddress);
        clientTransport.open();
        Assert.assertTrue(clientTransport.isOpen());
        clientTransport.close();
        this.mServer.stop();
    }

    @Test
    public void simpleAuthenticationTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "SIMPLE");
        startServerThread();
        TTransport plainClientTransport = PlainSaslUtils.getPlainClientTransport("anyone", "whatever", this.mClientTSocket);
        plainClientTransport.open();
        Assert.assertTrue(plainClientTransport.isOpen());
        plainClientTransport.close();
        this.mServer.stop();
    }

    @Test
    public void simpleAuthenticationNullUserTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "SIMPLE");
        this.mThrown.expect(SaslException.class);
        this.mThrown.expectMessage("PLAIN: authorization ID and password must be specified");
        PlainSaslUtils.getPlainClientTransport((String) null, "whatever", this.mClientTSocket);
    }

    @Test
    public void simpleAuthenticationNullPasswordTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "SIMPLE");
        this.mThrown.expect(SaslException.class);
        this.mThrown.expectMessage("PLAIN: authorization ID and password must be specified");
        PlainSaslUtils.getPlainClientTransport("anyone", (String) null, this.mClientTSocket);
    }

    @Test
    public void simpleAuthenticationEmptyUserTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "SIMPLE");
        startServerThread();
        this.mThrown.expect(TTransportException.class);
        this.mThrown.expectMessage("Peer indicated failure: Plain authentication failed: No authentication identity provided");
        try {
            PlainSaslUtils.getPlainClientTransport("", "whatever", this.mClientTSocket).open();
            this.mServer.stop();
        } catch (Throwable th) {
            this.mServer.stop();
            throw th;
        }
    }

    @Test
    public void simpleAuthenticationEmptyPasswordTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "SIMPLE");
        startServerThread();
        this.mThrown.expect(TTransportException.class);
        this.mThrown.expectMessage("Peer indicated failure: Plain authentication failed: No password provided");
        try {
            PlainSaslUtils.getPlainClientTransport("anyone", "", this.mClientTSocket).open();
            this.mServer.stop();
        } catch (Throwable th) {
            this.mServer.stop();
            throw th;
        }
    }

    @Test
    public void customAuthenticationExactNamePasswordMatchTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "CUSTOM");
        this.mConfiguration.set("alluxio.security.authentication.custom.provider.class", ExactlyMatchAuthenticationProvider.class.getName());
        startServerThread();
        TTransport plainClientTransport = PlainSaslUtils.getPlainClientTransport("alluxio", "correct-password", this.mClientTSocket);
        plainClientTransport.open();
        Assert.assertTrue(plainClientTransport.isOpen());
        plainClientTransport.close();
        this.mServer.stop();
    }

    @Test
    public void customAuthenticationExactNamePasswordNotMatchTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "CUSTOM");
        this.mConfiguration.set("alluxio.security.authentication.custom.provider.class", ExactlyMatchAuthenticationProvider.class.getName());
        startServerThread();
        TTransport plainClientTransport = PlainSaslUtils.getPlainClientTransport("alluxio", "wrong-password", this.mClientTSocket);
        this.mThrown.expect(TTransportException.class);
        this.mThrown.expectMessage("Peer indicated failure: Plain authentication failed: User authentication fails");
        try {
            plainClientTransport.open();
            this.mServer.stop();
        } catch (Throwable th) {
            this.mServer.stop();
            throw th;
        }
    }

    @Test
    public void customAuthenticationNullUserTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "CUSTOM");
        this.mThrown.expect(SaslException.class);
        this.mThrown.expectMessage("PLAIN: authorization ID and password must be specified");
        PlainSaslUtils.getPlainClientTransport((String) null, "correct-password", this.mClientTSocket);
    }

    @Test
    public void customAuthenticationNullPasswordTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "CUSTOM");
        this.mThrown.expect(SaslException.class);
        this.mThrown.expectMessage("PLAIN: authorization ID and password must be specified");
        PlainSaslUtils.getPlainClientTransport("alluxio", (String) null, this.mClientTSocket);
    }

    @Test
    public void customAuthenticationEmptyUserTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "CUSTOM");
        this.mConfiguration.set("alluxio.security.authentication.custom.provider.class", ExactlyMatchAuthenticationProvider.class.getName());
        startServerThread();
        this.mThrown.expect(TTransportException.class);
        this.mThrown.expectMessage("Peer indicated failure: Plain authentication failed: No authentication identity provided");
        try {
            PlainSaslUtils.getPlainClientTransport("", "correct-password", this.mClientTSocket).open();
            this.mServer.stop();
        } catch (Throwable th) {
            this.mServer.stop();
            throw th;
        }
    }

    @Test
    public void customAuthenticationEmptyPasswordTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "CUSTOM");
        this.mConfiguration.set("alluxio.security.authentication.custom.provider.class", ExactlyMatchAuthenticationProvider.class.getName());
        startServerThread();
        this.mThrown.expect(TTransportException.class);
        this.mThrown.expectMessage("Peer indicated failure: Plain authentication failed: No password provided");
        try {
            PlainSaslUtils.getPlainClientTransport("alluxio", "", this.mClientTSocket).open();
            this.mServer.stop();
        } catch (Throwable th) {
            this.mServer.stop();
            throw th;
        }
    }

    @Test
    public void kerberosAuthenticationTest() throws Exception {
        this.mConfiguration.set("alluxio.security.authentication.type", "KERBEROS");
        this.mThrown.expect(UnsupportedOperationException.class);
        this.mThrown.expectMessage("Kerberos is not supported currently.");
        startServerThread();
    }

    private void startServerThread() throws Exception {
        this.mServer = new TThreadPoolServer(new TThreadPoolServer.Args(this.mServerTSocket).maxWorkerThreads(2).minWorkerThreads(1).processor((TProcessor) null).transportFactory(AuthenticationUtils.getServerTransportFactory(this.mConfiguration)).protocolFactory(new TBinaryProtocol.Factory(true, true)));
        Thread thread = new Thread(new Runnable() { // from class: alluxio.security.authentication.AuthenticationUtilsTest.1
            @Override // java.lang.Runnable
            public void run() {
                AuthenticationUtilsTest.this.mServer.serve();
            }
        });
        thread.start();
        int i = 40;
        while (!this.mServer.isServing() && thread.isAlive()) {
            if (i <= 0) {
                throw new RuntimeException("TThreadPoolServer does not start serving");
            }
            Thread.sleep(50L);
            i--;
        }
    }
}
