package org.apache.hadoop.hdfs.server.aliasmap;

import java.io.Closeable;
import java.io.File;
import java.io.IOException;
import java.util.Iterator;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.FileUtil;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.StorageType;
import org.apache.hadoop.hdfs.HdfsConfiguration;
import org.apache.hadoop.hdfs.MiniDFSCluster;
import org.apache.hadoop.hdfs.qjournal.TestSecureNNWithQJM;
import org.apache.hadoop.hdfs.server.blockmanagement.BlockManager;
import org.apache.hadoop.hdfs.server.common.blockaliasmap.BlockAliasMap;
import org.apache.hadoop.hdfs.server.datanode.fsdataset.FsVolumeSpi;
import org.apache.hadoop.io.IOUtils;
import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.net.NetUtils;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
import org.apache.hadoop.test.GenericTestUtils;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.slf4j.Logger;

/* loaded from: input_file:org/apache/hadoop/hdfs/server/aliasmap/TestSecureAliasMap.class */
public class TestSecureAliasMap {
    private static HdfsConfiguration baseConf;
    private static File baseDir;
    private static MiniKdc kdc;
    private static String keystoresDir;
    private static String sslConfDir;
    private MiniDFSCluster cluster;
    private HdfsConfiguration conf;
    private FileSystem fs;

    @BeforeClass
    public static void init() throws Exception {
        baseDir = GenericTestUtils.getTestDir(TestSecureAliasMap.class.getSimpleName());
        FileUtil.fullyDelete(baseDir);
        Assert.assertTrue(baseDir.mkdirs());
        kdc = new MiniKdc(MiniKdc.createConf(), baseDir);
        kdc.start();
        baseConf = new HdfsConfiguration();
        SecurityUtil.setAuthenticationMethod(UserGroupInformation.AuthenticationMethod.KERBEROS, baseConf);
        UserGroupInformation.setConfiguration(baseConf);
        Assert.assertTrue("Expected configuration to enable security", UserGroupInformation.isSecurityEnabled());
        String shortUserName = UserGroupInformation.getLoginUser().getShortUserName();
        File file = new File(baseDir, shortUserName + ".keytab");
        String absolutePath = file.getAbsolutePath();
        String str = Path.WINDOWS ? "127.0.0.1" : "localhost";
        kdc.createPrincipal(file, new String[]{shortUserName + "/" + str, "HTTP/" + str});
        keystoresDir = baseDir.getAbsolutePath();
        sslConfDir = KeyStoreTestUtil.getClasspathDir(TestSecureNNWithQJM.class);
        MiniDFSCluster.setupKerberosConfiguration(baseConf, shortUserName, kdc.getRealm(), absolutePath, keystoresDir, sslConfDir);
    }

    @AfterClass
    public static void destroy() throws Exception {
        if (kdc != null) {
            kdc.stop();
        }
        FileUtil.fullyDelete(baseDir);
        KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir);
    }

    @After
    public void shutdown() throws IOException {
        IOUtils.cleanupWithLogger((Logger) null, new Closeable[]{this.fs});
        if (this.cluster != null) {
            this.cluster.shutdown();
            this.cluster = null;
        }
    }

    @Test
    public void testSecureConnectionToAliasMap() throws Exception {
        this.conf = new HdfsConfiguration(baseConf);
        MiniDFSCluster.setupNamenodeProvidedConfiguration(this.conf);
        this.conf.set("dfs.provided.aliasmap.inmemory.dnrpc-address", "127.0.0.1:" + NetUtils.getFreeSocketPort());
        this.cluster = new MiniDFSCluster.Builder(this.conf).numDataNodes(1).storageTypes(new StorageType[]{StorageType.DISK, StorageType.PROVIDED}).build();
        this.cluster.waitActive();
        this.fs = this.cluster.getFileSystem();
        BlockManager blockManager = this.cluster.getNamesystem().getBlockManager();
        FsVolumeSpi fsVolumeSpi = null;
        Iterator it = this.cluster.getDataNodes().get(0).getFSDataset().getFsVolumeReferences().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            FsVolumeSpi fsVolumeSpi2 = (FsVolumeSpi) it.next();
            if (fsVolumeSpi2.getStorageType().equals(StorageType.PROVIDED)) {
                fsVolumeSpi = fsVolumeSpi2;
                break;
            }
        }
        String[] blockPoolList = fsVolumeSpi.getBlockPoolList();
        Assert.assertEquals("Missing provided volume", 1L, blockPoolList.length);
        Assert.assertNotNull("Failed to create blockAliasMap reader", blockManager.getProvidedStorageMap().getAliasMap().getReader((BlockAliasMap.Reader.Options) null, blockPoolList[0]));
    }
}
