package org.apache.hadoop.hdfs.protocol.datatransfer.sasl;

import java.io.File;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.hadoop.fs.FileUtil;
import org.apache.hadoop.hdfs.HdfsConfiguration;
import org.apache.hadoop.http.HttpConfig;
import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;

/* loaded from: input_file:org/apache/hadoop/hdfs/protocol/datatransfer/sasl/SaslDataTransferTestCase.class */
public abstract class SaslDataTransferTestCase {
    private static File baseDir;
    private static String keystoresDir;
    private static String sslConfDir;
    private static String hdfsPrincipal;
    private static String userPrincipal;
    private static MiniKdc kdc;
    private static String hdfsKeytab;
    private static String userKeyTab;
    private static String spnegoPrincipal;

    public static String getUserKeyTab() {
        return userKeyTab;
    }

    public static String getUserPrincipal() {
        return userPrincipal;
    }

    public static String getHdfsPrincipal() {
        return hdfsPrincipal;
    }

    public static String getHdfsKeytab() {
        return hdfsKeytab;
    }

    @BeforeClass
    public static void initKdc() throws Exception {
        baseDir = new File(System.getProperty("test.build.dir", "target/test-dir"), SaslDataTransferTestCase.class.getSimpleName());
        FileUtil.fullyDelete(baseDir);
        Assert.assertTrue(baseDir.mkdirs());
        kdc = new MiniKdc(MiniKdc.createConf(), baseDir);
        kdc.start();
        String randomAlphabetic = RandomStringUtils.randomAlphabetic(8);
        File file = new File(baseDir, randomAlphabetic + ".keytab");
        userKeyTab = file.getAbsolutePath();
        kdc.createPrincipal(file, new String[]{randomAlphabetic + "/localhost"});
        userPrincipal = randomAlphabetic + "/localhost@" + kdc.getRealm();
        File file2 = new File(baseDir, "hdfs.keytab");
        hdfsKeytab = file2.getAbsolutePath();
        kdc.createPrincipal(file2, new String[]{"hdfs/localhost", "HTTP/localhost"});
        hdfsPrincipal = "hdfs/localhost@" + kdc.getRealm();
        spnegoPrincipal = "HTTP/localhost@" + kdc.getRealm();
    }

    @AfterClass
    public static void shutdownKdc() throws Exception {
        if (kdc != null) {
            kdc.stop();
        }
        FileUtil.fullyDelete(baseDir);
        KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HdfsConfiguration createSecureConfig(String str) throws Exception {
        HdfsConfiguration hdfsConfiguration = new HdfsConfiguration();
        SecurityUtil.setAuthenticationMethod(UserGroupInformation.AuthenticationMethod.KERBEROS, hdfsConfiguration);
        hdfsConfiguration.set("dfs.namenode.kerberos.principal", hdfsPrincipal);
        hdfsConfiguration.set("dfs.namenode.keytab.file", hdfsKeytab);
        hdfsConfiguration.set("dfs.datanode.kerberos.principal", hdfsPrincipal);
        hdfsConfiguration.set("dfs.datanode.keytab.file", hdfsKeytab);
        hdfsConfiguration.set("dfs.web.authentication.kerberos.principal", spnegoPrincipal);
        hdfsConfiguration.setBoolean("dfs.block.access.token.enable", true);
        hdfsConfiguration.set("dfs.data.transfer.protection", str);
        hdfsConfiguration.set("dfs.http.policy", HttpConfig.Policy.HTTPS_ONLY.name());
        hdfsConfiguration.set("dfs.namenode.https-address", "localhost:0");
        hdfsConfiguration.set("dfs.datanode.https.address", "localhost:0");
        hdfsConfiguration.setInt("ipc.client.connect.max.retries.on.sasl", 10);
        keystoresDir = baseDir.getAbsolutePath();
        sslConfDir = KeyStoreTestUtil.getClasspathDir(getClass());
        KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, hdfsConfiguration, false);
        hdfsConfiguration.set("dfs.client.https.keystore.resource", KeyStoreTestUtil.getClientSSLConfigFileName());
        hdfsConfiguration.set("dfs.https.server.keystore.resource", KeyStoreTestUtil.getServerSSLConfigFileName());
        return hdfsConfiguration;
    }
}
