package org.apache.hadoop.hdfs.server.federation.router;

import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import java.util.UUID;
import java.util.concurrent.Callable;
import java.util.concurrent.TimeUnit;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.conf.Configured;
import org.apache.hadoop.fs.FileContext;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.permission.FsPermission;
import org.apache.hadoop.ha.ClientBaseWithFixes;
import org.apache.hadoop.hdfs.server.federation.FederationTestUtils;
import org.apache.hadoop.hdfs.server.federation.MiniRouterDFSCluster;
import org.apache.hadoop.hdfs.server.federation.RouterConfigBuilder;
import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authorize.AuthorizationException;
import org.apache.hadoop.security.authorize.ImpersonationProvider;
import org.apache.hadoop.test.GenericTestUtils;
import org.apache.hadoop.tools.fedbalance.DistCpProcedure;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/hadoop/hdfs/server/federation/router/TestRouterFederationRenameInKerberosEnv.class */
public class TestRouterFederationRenameInKerberosEnv extends ClientBaseWithFixes {
    private static final int NUM_SUBCLUSTERS = 2;
    private static final int NUM_DNS = 6;
    private static String clientPrincipal = "client@EXAMPLE.COM";
    private static String serverPrincipal = System.getenv().get("USERNAME") + "/localhost@EXAMPLE.COM";
    private static String keytab = new File(System.getProperty("test.dir", "target"), UUID.randomUUID().toString()).getAbsolutePath();
    private static Configuration baseConf = new Configuration(false);
    private static MiniKdc kdc;
    private MiniRouterDFSCluster cluster;
    private MiniRouterDFSCluster.RouterContext router;

    /* loaded from: input_file:org/apache/hadoop/hdfs/server/federation/router/TestRouterFederationRenameInKerberosEnv$AllowUserImpersonationProvider.class */
    private static class AllowUserImpersonationProvider extends Configured implements ImpersonationProvider {
        private AllowUserImpersonationProvider() {
        }

        public void init(String str) {
        }

        public void authorize(UserGroupInformation userGroupInformation, InetAddress inetAddress) throws AuthorizationException {
            try {
                if (userGroupInformation.getRealUser().getShortUserName().equals(UserGroupInformation.getCurrentUser().getShortUserName())) {
                } else {
                    throw new AuthorizationException();
                }
            } catch (IOException e) {
                throw new AuthorizationException(e);
            }
        }
    }

    @BeforeClass
    public static void globalSetUp() throws Exception {
        kdc = new MiniKdc(MiniKdc.createConf(), new File(System.getProperty("test.dir", "target")));
        kdc.start();
        kdc.createPrincipal(new File(keytab), new String[]{clientPrincipal, serverPrincipal});
        baseConf.setBoolean("hadoop.caller.context.enabled", true);
        SecurityUtil.setAuthenticationMethod(UserGroupInformation.AuthenticationMethod.KERBEROS, baseConf);
        baseConf.set("dfs.federation.router.kerberos.principal", serverPrincipal);
        baseConf.set("dfs.federation.router.keytab.file", keytab);
        baseConf.set("dfs.namenode.kerberos.principal", serverPrincipal);
        baseConf.set("dfs.namenode.keytab.file", keytab);
        baseConf.set("dfs.datanode.kerberos.principal", serverPrincipal);
        baseConf.set("dfs.datanode.keytab.file", keytab);
        baseConf.setBoolean("dfs.block.access.token.enable", true);
        baseConf.set("dfs.data.transfer.protection", "");
        baseConf.setBoolean("ignore.secure.ports.for.testing", true);
        baseConf.setClass("hadoop.security.impersonation.provider.class", AllowUserImpersonationProvider.class, ImpersonationProvider.class);
        DistCpProcedure.enableForTest();
    }

    @AfterClass
    public static void globalTearDown() {
        kdc.stop();
        DistCpProcedure.disableForTest();
    }

    @After
    public void tearDown() throws Exception {
        super.tearDown();
        this.cluster.shutdown();
    }

    @Before
    public void setUp() throws Exception {
        super.setUp();
        this.cluster = new MiniRouterDFSCluster(false, NUM_SUBCLUSTERS);
        this.cluster.setNumDatanodesPerNameservice(NUM_DNS);
        this.cluster.addNamenodeOverrides(baseConf);
        this.cluster.setIndependentDNs();
        this.cluster.startCluster();
        Configuration build = new RouterConfigBuilder().metrics().rpc().routerRenameOption().set("hdfs.fedbalance.procedure.scheduler.journal.uri", "hdfs://" + this.cluster.getCluster().getNameNode(1).getClientNamenodeAddress() + "/journal").set("dfs.federation.router.federation.rename.map", "1").set("dfs.federation.router.federation.rename.bandwidth", "1").set("zk-dt-secret-manager.zkConnectionString", this.hostPort).set("zk-dt-secret-manager.zkAuthType", "none").set("yarn.resourcemanager.principal", serverPrincipal).build();
        build.setTimeDuration("dfs.federation.router.dn-report.cache-expire", 1L, TimeUnit.SECONDS);
        this.cluster.addRouterOverrides(baseConf);
        this.cluster.addRouterOverrides(build);
        this.cluster.startRouters();
        this.cluster.registerNamenodes();
        this.cluster.waitNamenodeRegistration();
        this.cluster.getCluster().getNamesystem(0).getBlockManager().getDatanodeManager().setHeartbeatInterval(1L);
        this.cluster.getCluster().getNamesystem(1).getBlockManager().getDatanodeManager().setHeartbeatInterval(1L);
        this.cluster.getCluster().getNamesystem(0).getBlockManager().getDatanodeManager().setHeartbeatExpireInterval(3000L);
        this.cluster.getCluster().getNamesystem(1).getBlockManager().getDatanodeManager().setHeartbeatExpireInterval(3000L);
        this.cluster.installMockLocations();
        this.cluster.createTestDirectoriesNamenode();
        setRouter(this.cluster.getRandomRouter());
    }

    protected void prepareEnv(FileSystem fileSystem, Path path, Path path2) throws IOException {
        fileSystem.setPermission(path.getParent(), FsPermission.createImmutable((short) 511));
        fileSystem.setPermission(path2.getParent(), FsPermission.createImmutable((short) 511));
        fileSystem.mkdirs(path);
        String str = path.toString() + "/file";
        FederationTestUtils.createFile(fileSystem, str, 32L);
        FederationTestUtils.verifyFileExists(fileSystem, path.toString());
        FederationTestUtils.verifyFileExists(fileSystem, str);
    }

    protected void testRenameDir(MiniRouterDFSCluster.RouterContext routerContext, String str, String str2, boolean z, Callable<Object> callable) throws IOException {
        prepareEnv(routerContext.getFileSystem(), new Path(str), new Path(str2));
        boolean z2 = false;
        try {
            try {
                callable.call();
                Assert.assertFalse(FederationTestUtils.verifyFileExists(routerContext.getFileSystem(), str));
                Assert.assertTrue(FederationTestUtils.verifyFileExists(routerContext.getFileSystem(), str2 + "/file"));
                FileContext fileContext = routerContext.getFileContext();
                fileContext.delete(new Path(str), true);
                fileContext.delete(new Path(str2), true);
            } catch (Exception e) {
                z2 = true;
                Assert.assertTrue(FederationTestUtils.verifyFileExists(routerContext.getFileSystem(), str + "/file"));
                Assert.assertFalse(FederationTestUtils.verifyFileExists(routerContext.getFileSystem(), str2));
                FileContext fileContext2 = routerContext.getFileContext();
                fileContext2.delete(new Path(str), true);
                fileContext2.delete(new Path(str2), true);
            }
            if (z) {
                Assert.assertTrue(z2);
            } else {
                Assert.assertFalse(z2);
            }
        } catch (Throwable th) {
            FileContext fileContext3 = routerContext.getFileContext();
            fileContext3.delete(new Path(str), true);
            fileContext3.delete(new Path(str2), true);
            throw th;
        }
    }

    protected void setRouter(MiniRouterDFSCluster.RouterContext routerContext) throws IOException {
        this.router = routerContext;
    }

    @Test
    public void testClientRename() throws IOException {
        String str = this.cluster.getNameservices().get(0);
        String str2 = this.cluster.getNameservices().get(1);
        String str3 = this.cluster.getFederatedTestDirectoryForNS(str) + "/" + GenericTestUtils.getMethodName();
        String str4 = this.cluster.getFederatedTestDirectoryForNS(str2) + "/" + GenericTestUtils.getMethodName();
        testRenameDir(this.router, str3, str4, false, () -> {
            UserGroupInformation.loginUserFromKeytabAndReturnUGI(clientPrincipal, keytab).doAs(() -> {
                this.router.getClient().getNamenode().rename(str3, str4);
                return null;
            });
            return null;
        });
    }
}
