package org.apache.hadoop.hdfs;

import java.io.IOException;
import java.lang.reflect.Field;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.URI;
import java.security.PrivilegedExceptionAction;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.SecurityUtilTestHelper;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.Token;
import org.junit.Assert;
import org.junit.Test;

/* JADX WARN: Classes with same name are omitted:
  input_file:hadoop-hdfs-0.23.3-tests.jar:org/apache/hadoop/hdfs/TestHftpDelegationToken.class
  input_file:hadoop-hdfs-0.23.3/share/hadoop/hdfs/hadoop-hdfs-0.23.3-tests.jar:org/apache/hadoop/hdfs/TestHftpDelegationToken.class
 */
/* loaded from: input_file:test-classes/org/apache/hadoop/hdfs/TestHftpDelegationToken.class */
public class TestHftpDelegationToken {

    /* JADX WARN: Classes with same name are omitted:
      input_file:hadoop-hdfs-0.23.3-tests.jar:org/apache/hadoop/hdfs/TestHftpDelegationToken$MyHftpFileSystem.class
      input_file:hadoop-hdfs-0.23.3/share/hadoop/hdfs/hadoop-hdfs-0.23.3-tests.jar:org/apache/hadoop/hdfs/TestHftpDelegationToken$MyHftpFileSystem.class
     */
    /* loaded from: input_file:test-classes/org/apache/hadoop/hdfs/TestHftpDelegationToken$MyHftpFileSystem.class */
    static class MyHftpFileSystem extends HftpFileSystem {
        MyHftpFileSystem() {
        }

        public URI getCanonicalUri() {
            return super.getCanonicalUri();
        }

        @Override // org.apache.hadoop.hdfs.HftpFileSystem
        public int getDefaultPort() {
            return super.getDefaultPort();
        }

        @Override // org.apache.hadoop.hdfs.HftpFileSystem
        protected void initDelegationToken() throws IOException {
        }
    }

    /* JADX WARN: Classes with same name are omitted:
      input_file:hadoop-hdfs-0.23.3-tests.jar:org/apache/hadoop/hdfs/TestHftpDelegationToken$MyHsftpFileSystem.class
      input_file:hadoop-hdfs-0.23.3/share/hadoop/hdfs/hadoop-hdfs-0.23.3-tests.jar:org/apache/hadoop/hdfs/TestHftpDelegationToken$MyHsftpFileSystem.class
     */
    /* loaded from: input_file:test-classes/org/apache/hadoop/hdfs/TestHftpDelegationToken$MyHsftpFileSystem.class */
    static class MyHsftpFileSystem extends HsftpFileSystem {
        MyHsftpFileSystem() {
        }

        public URI getCanonicalUri() {
            return super.getCanonicalUri();
        }

        @Override // org.apache.hadoop.hdfs.HsftpFileSystem, org.apache.hadoop.hdfs.HftpFileSystem
        public int getDefaultPort() {
            return super.getDefaultPort();
        }

        @Override // org.apache.hadoop.hdfs.HftpFileSystem
        protected void initDelegationToken() throws IOException {
        }
    }

    @Test
    public void testHdfsDelegationToken() throws Exception {
        final Configuration configuration = new Configuration();
        configuration.set("hadoop.security.authentication", "kerberos");
        UserGroupInformation.setConfiguration(configuration);
        UserGroupInformation createUserForTesting = UserGroupInformation.createUserForTesting("oom", new String[]{"memory"});
        Token token = new Token(new byte[0], new byte[0], DelegationTokenIdentifier.HDFS_DELEGATION_KIND, new Text("127.0.0.1:8020"));
        createUserForTesting.addToken(token);
        createUserForTesting.addToken(new Token((byte[]) null, (byte[]) null, new Text("other token"), new Text("127.0.0.1:8021")));
        Assert.assertEquals("wrong tokens in user", 2L, createUserForTesting.getTokens().size());
        FileSystem fileSystem = (FileSystem) createUserForTesting.doAs(new PrivilegedExceptionAction<FileSystem>() { // from class: org.apache.hadoop.hdfs.TestHftpDelegationToken.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public FileSystem run() throws Exception {
                return FileSystem.get(new URI("hftp://localhost:50470/"), configuration);
            }
        });
        Assert.assertSame("wrong kind of file system", HftpFileSystem.class, fileSystem.getClass());
        Field declaredField = HftpFileSystem.class.getDeclaredField("renewToken");
        declaredField.setAccessible(true);
        Assert.assertSame("wrong token", token, declaredField.get(fileSystem));
    }

    @Test
    public void testSelectHftpDelegationToken() throws Exception {
        SecurityUtilTestHelper.setTokenServiceUseIp(true);
        Configuration configuration = new Configuration();
        configuration.setClass("fs.hftp.impl", MyHftpFileSystem.class, FileSystem.class);
        configuration.setInt(DFSConfigKeys.DFS_NAMENODE_HTTP_PORT_KEY, 80);
        configuration.setInt("dfs.https.port", 443);
        MyHftpFileSystem myHftpFileSystem = (MyHftpFileSystem) FileSystem.newInstance(URI.create("hftp://localhost"), configuration);
        Assert.assertEquals(80, myHftpFileSystem.getCanonicalUri().getPort());
        checkTokenSelection(myHftpFileSystem, 443, configuration);
        MyHftpFileSystem myHftpFileSystem2 = (MyHftpFileSystem) FileSystem.newInstance(URI.create("hftp://localhost:80"), configuration);
        Assert.assertEquals(80, myHftpFileSystem2.getCanonicalUri().getPort());
        checkTokenSelection(myHftpFileSystem2, 443, configuration);
        MyHftpFileSystem myHftpFileSystem3 = (MyHftpFileSystem) FileSystem.newInstance(URI.create("hftp://localhost:" + (80 + 1)), configuration);
        Assert.assertEquals(80 + 1, myHftpFileSystem3.getCanonicalUri().getPort());
        checkTokenSelection(myHftpFileSystem3, 443, configuration);
        configuration.setInt("dfs.https.port", 5);
    }

    @Test
    public void testSelectHsftpDelegationToken() throws Exception {
        SecurityUtilTestHelper.setTokenServiceUseIp(true);
        Configuration configuration = new Configuration();
        configuration.setClass("fs.hsftp.impl", MyHsftpFileSystem.class, FileSystem.class);
        configuration.setInt(DFSConfigKeys.DFS_NAMENODE_HTTP_PORT_KEY, 80);
        configuration.setInt("dfs.https.port", 443);
        MyHsftpFileSystem myHsftpFileSystem = (MyHsftpFileSystem) FileSystem.newInstance(URI.create("hsftp://localhost"), configuration);
        Assert.assertEquals(443, myHsftpFileSystem.getCanonicalUri().getPort());
        checkTokenSelection(myHsftpFileSystem, 443, configuration);
        MyHsftpFileSystem myHsftpFileSystem2 = (MyHsftpFileSystem) FileSystem.newInstance(URI.create("hsftp://localhost:443"), configuration);
        Assert.assertEquals(443, myHsftpFileSystem2.getCanonicalUri().getPort());
        checkTokenSelection(myHsftpFileSystem2, 443, configuration);
        MyHsftpFileSystem myHsftpFileSystem3 = (MyHsftpFileSystem) FileSystem.newInstance(URI.create("hsftp://localhost:" + (443 + 1)), configuration);
        Assert.assertEquals(443 + 1, myHsftpFileSystem3.getCanonicalUri().getPort());
        checkTokenSelection(myHsftpFileSystem3, 443 + 1, configuration);
        configuration.setInt("dfs.https.port", 5);
    }

    @Test
    public void testInsecureRemoteCluster() throws Exception {
        ServerSocket serverSocket = new ServerSocket(0);
        serverSocket.close();
        Assert.assertNull(FileSystem.newInstance(URI.create("hsftp://localhost:" + serverSocket.getLocalPort()), new Configuration()).getDelegationToken((String) null));
    }

    @Test
    public void testSecureClusterError() throws Exception {
        final ServerSocket serverSocket = new ServerSocket(0);
        Thread thread = new Thread() { // from class: org.apache.hadoop.hdfs.TestHftpDelegationToken.2
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                while (true) {
                    try {
                        Socket accept = serverSocket.accept();
                        accept.getOutputStream().write(1234);
                        accept.shutdownOutput();
                    } catch (Exception e) {
                        return;
                    }
                }
            }
        };
        thread.start();
        try {
            Exception exc = null;
            try {
                FileSystem.newInstance(URI.create("hsftp://localhost:" + serverSocket.getLocalPort()), new Configuration()).getDelegationToken((String) null);
            } catch (Exception e) {
                exc = e;
            }
            Assert.assertNotNull(exc);
            Assert.assertNotNull(exc.getCause());
            Assert.assertEquals("Can't get service ticket for: host/localhost", exc.getCause().getMessage());
            thread.interrupt();
        } catch (Throwable th) {
            thread.interrupt();
            throw th;
        }
    }

    private void checkTokenSelection(HftpFileSystem hftpFileSystem, int i, Configuration configuration) throws IOException {
        UserGroupInformation createUserForTesting = UserGroupInformation.createUserForTesting(hftpFileSystem.getUri().getAuthority(), new String[0]);
        SecurityUtilTestHelper.setTokenServiceUseIp(true);
        Token token = new Token(new byte[0], new byte[0], DelegationTokenIdentifier.HDFS_DELEGATION_KIND, new Text("127.0.0.1:8020"));
        createUserForTesting.addToken(token);
        Token<DelegationTokenIdentifier> selectDelegationToken = hftpFileSystem.selectDelegationToken(createUserForTesting);
        Assert.assertNotNull(selectDelegationToken);
        Assert.assertEquals(token, selectDelegationToken);
        Token token2 = new Token(new byte[0], new byte[0], HftpFileSystem.TOKEN_KIND, new Text("127.0.0.1:" + i));
        createUserForTesting.addToken(token2);
        Token<DelegationTokenIdentifier> selectDelegationToken2 = hftpFileSystem.selectDelegationToken(createUserForTesting);
        Assert.assertNotNull(selectDelegationToken2);
        Assert.assertEquals(token2, selectDelegationToken2);
        SecurityUtilTestHelper.setTokenServiceUseIp(false);
        Assert.assertNull(hftpFileSystem.selectDelegationToken(createUserForTesting));
        Token token3 = new Token(new byte[0], new byte[0], DelegationTokenIdentifier.HDFS_DELEGATION_KIND, new Text("localhost:8020"));
        createUserForTesting.addToken(token3);
        Token<DelegationTokenIdentifier> selectDelegationToken3 = hftpFileSystem.selectDelegationToken(createUserForTesting);
        Assert.assertNotNull(selectDelegationToken3);
        Assert.assertEquals(token3, selectDelegationToken3);
        Token token4 = new Token(new byte[0], new byte[0], HftpFileSystem.TOKEN_KIND, new Text("localhost:" + i));
        createUserForTesting.addToken(token4);
        Token<DelegationTokenIdentifier> selectDelegationToken4 = hftpFileSystem.selectDelegationToken(createUserForTesting);
        Assert.assertNotNull(selectDelegationToken4);
        Assert.assertEquals(token4, selectDelegationToken4);
    }
}
