package org.apache.hadoop.hbase.security;

import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseCommonTestingUtility;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.http.ssl.KeyStoreTestUtil;
import org.apache.hadoop.http.HttpConfig;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hbase.thirdparty.com.google.common.base.Strings;
import org.apache.yetus.audience.InterfaceAudience;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@InterfaceAudience.Private
/* loaded from: input_file:org/apache/hadoop/hbase/security/HBaseKerberosUtils.class */
public final class HBaseKerberosUtils {
    private static final Logger LOG = LoggerFactory.getLogger(HBaseKerberosUtils.class);
    public static final String KRB_PRINCIPAL = "hbase.regionserver.kerberos.principal";
    public static final String MASTER_KRB_PRINCIPAL = "hbase.master.kerberos.principal";
    public static final String KRB_KEYTAB_FILE = "hbase.regionserver.keytab.file";
    public static final String CLIENT_PRINCIPAL = "hbase.client.keytab.principal";
    public static final String CLIENT_KEYTAB = "hbase.client.keytab.file";

    private HBaseKerberosUtils() {
    }

    public static boolean isKerberosPropertySetted() {
        return (Strings.isNullOrEmpty(System.getProperty(KRB_PRINCIPAL)) || Strings.isNullOrEmpty(System.getProperty(KRB_KEYTAB_FILE))) ? false : true;
    }

    public static void setPrincipalForTesting(String str) {
        setSystemProperty(KRB_PRINCIPAL, str);
    }

    public static void setKeytabFileForTesting(String str) {
        setSystemProperty(KRB_KEYTAB_FILE, str);
    }

    public static void setClientPrincipalForTesting(String str) {
        setSystemProperty(CLIENT_PRINCIPAL, str);
    }

    public static void setClientKeytabForTesting(String str) {
        setSystemProperty(CLIENT_KEYTAB, str);
    }

    public static void setSystemProperty(String str, String str2) {
        System.setProperty(str, str2);
    }

    public static String getKeytabFileForTesting() {
        return System.getProperty(KRB_KEYTAB_FILE);
    }

    public static String getPrincipalForTesting() {
        return System.getProperty(KRB_PRINCIPAL);
    }

    public static String getClientPrincipalForTesting() {
        return System.getProperty(CLIENT_PRINCIPAL);
    }

    public static String getClientKeytabForTesting() {
        return System.getProperty(CLIENT_KEYTAB);
    }

    public static Configuration getConfigurationWoPrincipal() {
        Configuration create = HBaseConfiguration.create();
        create.set("hadoop.security.authentication", "kerberos");
        create.set("hbase.security.authentication", "kerberos");
        create.setBoolean("hbase.security.authorization", true);
        return create;
    }

    public static Configuration getSecuredConfiguration() {
        Configuration create = HBaseConfiguration.create();
        setSecuredConfiguration(create);
        return create;
    }

    public static void setSecuredConfiguration(Configuration configuration, String str, String str2) {
        setPrincipalForTesting(str);
        setSecuredConfiguration(configuration);
        setSecuredHadoopConfiguration(configuration, str2);
    }

    public static void setSecuredConfiguration(Configuration configuration) {
        configuration.set("hadoop.security.authentication", "kerberos");
        configuration.set("hbase.security.authentication", "kerberos");
        configuration.setBoolean("hbase.security.authorization", true);
        configuration.set(KRB_KEYTAB_FILE, System.getProperty(KRB_KEYTAB_FILE));
        configuration.set(KRB_PRINCIPAL, System.getProperty(KRB_PRINCIPAL));
        configuration.set(MASTER_KRB_PRINCIPAL, System.getProperty(KRB_PRINCIPAL));
    }

    private static void setSecuredHadoopConfiguration(Configuration configuration, String str) {
        String property = System.getProperty(KRB_PRINCIPAL);
        String property2 = System.getProperty(KRB_KEYTAB_FILE);
        configuration.set("dfs.namenode.kerberos.principal", property);
        configuration.set("dfs.namenode.keytab.file", property2);
        configuration.set("dfs.datanode.kerberos.principal", property);
        configuration.set("dfs.datanode.keytab.file", property2);
        configuration.setBoolean("dfs.block.access.token.enable", true);
        configuration.set("yarn.resourcemanager.principal", KRB_PRINCIPAL);
        configuration.set("yarn.nodemanager.principal", KRB_PRINCIPAL);
        if (str != null) {
            configuration.set("dfs.web.authentication.kerberos.principal", str);
        }
        configuration.setBoolean("ignore.secure.ports.for.testing", true);
        UserGroupInformation.setConfiguration(configuration);
    }

    public static void setSSLConfiguration(HBaseCommonTestingUtility hBaseCommonTestingUtility, Class<?> cls) throws Exception {
        Configuration configuration = hBaseCommonTestingUtility.getConfiguration();
        configuration.set("dfs.http.policy", HttpConfig.Policy.HTTPS_ONLY.name());
        configuration.set("dfs.namenode.https-address", "localhost:0");
        configuration.set("dfs.datanode.https.address", "localhost:0");
        File file = new File(hBaseCommonTestingUtility.getDataTestDir("keystore").toUri().getPath());
        file.mkdirs();
        KeyStoreTestUtil.setupSSLConfig(file.getAbsolutePath(), KeyStoreTestUtil.getClasspathDir(cls), configuration, false);
    }

    public static UserGroupInformation loginAndReturnUGI(Configuration configuration, String str) throws IOException {
        String hostName = InetAddress.getLocalHost().getHostName();
        String str2 = "hbase." + str + ".keytab.file";
        String str3 = configuration.get(str2);
        String str4 = "hbase." + str + ".kerberos.principal";
        String serverPrincipal = SecurityUtil.getServerPrincipal(configuration.get(str4), hostName);
        if (str3 == null || serverPrincipal == null) {
            LOG.warn("Principal or key tab file null for : " + str4 + ", " + str2);
        }
        return UserGroupInformation.loginUserFromKeytabAndReturnUGI(serverPrincipal, str3);
    }

    public static UserGroupInformation loginKerberosPrincipal(String str, String str2) throws Exception {
        Configuration configuration = new Configuration();
        configuration.set("hadoop.security.authentication", "kerberos");
        UserGroupInformation.setConfiguration(configuration);
        UserGroupInformation.loginUserFromKeytab(str2, str);
        return UserGroupInformation.getLoginUser();
    }
}
