package io.confluent.connect.hdfs;

import java.io.File;
import java.io.IOException;
import java.util.Map;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileStatus;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.FileUtil;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hdfs.HdfsConfiguration;
import org.apache.hadoop.hdfs.MiniDFSCluster;
import org.apache.hadoop.http.HttpConfig;
import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;

/* loaded from: input_file:io/confluent/connect/hdfs/TestWithSecureMiniDFSCluster.class */
public class TestWithSecureMiniDFSCluster extends HdfsSinkConnectorTestBase {
    private static File baseDir;
    private static FileSystem fs;
    private static MiniDFSCluster cluster;
    private static String hdfsPrincipal;
    private static MiniKdc kdc;
    private static String keytab;
    private static String spnegoPrincipal;
    private static String connectorPrincipal;
    private static String connectorKeytab;

    @BeforeClass
    public static void setup() throws Exception {
        initKdc();
        cluster = createDFSCluster();
        fs = cluster.getFileSystem();
    }

    @AfterClass
    public static void cleanup() throws IOException {
        if (fs != null) {
            fs.close();
        }
        if (cluster != null) {
            cluster.shutdown(true);
        }
        UserGroupInformation.reset();
        shutdownKdc();
    }

    private static void initKdc() throws Exception {
        baseDir = new File(System.getProperty("test.build.dir", "target/test-dir"));
        FileUtil.fullyDelete(baseDir);
        Assert.assertTrue(baseDir.mkdirs());
        kdc = new MiniKdc(MiniKdc.createConf(), baseDir);
        kdc.start();
        File file = new File(baseDir, "hdfs.keytab");
        keytab = file.getAbsolutePath();
        kdc.createPrincipal(file, new String[]{"hdfs/localhost", "HTTP/localhost"});
        hdfsPrincipal = "hdfs/localhost@" + kdc.getRealm();
        spnegoPrincipal = "HTTP/localhost@" + kdc.getRealm();
        File file2 = new File(baseDir, "connect-hdfs.keytab");
        connectorKeytab = file2.getAbsolutePath();
        kdc.createPrincipal(file2, new String[]{"connect-hdfs/localhost"});
        connectorPrincipal = "connect-hdfs/localhost@" + kdc.getRealm();
    }

    private static void shutdownKdc() {
        if (kdc != null) {
            kdc.stop();
        }
        FileUtil.fullyDelete(baseDir);
    }

    @Override // io.confluent.connect.hdfs.HdfsSinkConnectorTestBase
    public void setUp() throws Exception {
        this.connectorConfig = new HdfsSinkConnectorConfig(createProps());
        super.setUp();
    }

    @Override // io.confluent.connect.hdfs.HdfsSinkConnectorTestBase
    @After
    public void tearDown() throws Exception {
        if (fs.exists(new Path("/")) && fs.isDirectory(new Path("/"))) {
            for (FileStatus fileStatus : fs.listStatus(new Path("/"))) {
                if (fileStatus.isDirectory()) {
                    fs.delete(fileStatus.getPath(), true);
                } else {
                    fs.delete(fileStatus.getPath(), false);
                }
            }
        }
    }

    private static Configuration createSecureConfig(String str) throws Exception {
        HdfsConfiguration hdfsConfiguration = new HdfsConfiguration();
        SecurityUtil.setAuthenticationMethod(UserGroupInformation.AuthenticationMethod.KERBEROS, hdfsConfiguration);
        hdfsConfiguration.set("dfs.namenode.kerberos.principal", hdfsPrincipal);
        hdfsConfiguration.set("dfs.namenode.keytab.file", keytab);
        hdfsConfiguration.set("dfs.datanode.kerberos.principal", hdfsPrincipal);
        hdfsConfiguration.set("dfs.datanode.keytab.file", keytab);
        hdfsConfiguration.set("dfs.web.authentication.kerberos.principal", spnegoPrincipal);
        hdfsConfiguration.setBoolean("dfs.block.access.token.enable", true);
        hdfsConfiguration.set("dfs.data.transfer.protection", str);
        hdfsConfiguration.set("dfs.http.policy", HttpConfig.Policy.HTTPS_ONLY.name());
        hdfsConfiguration.set("dfs.namenode.https-address", "localhost:0");
        hdfsConfiguration.set("dfs.datanode.https.address", "localhost:0");
        hdfsConfiguration.setInt("ipc.client.connect.max.retries.on.sasl", 10);
        hdfsConfiguration.set("dfs.encrypt.data.transfer", "true");
        KeyStoreTestUtil.setupSSLConfig(baseDir.getAbsolutePath(), KeyStoreTestUtil.getClasspathDir(TestWithSecureMiniDFSCluster.class), hdfsConfiguration, false);
        return hdfsConfiguration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // io.confluent.connect.hdfs.HdfsSinkConnectorTestBase
    public Map<String, String> createProps() {
        Map<String, String> createProps = super.createProps();
        this.url = "hdfs://" + cluster.getNameNode().getClientNamenodeAddress();
        createProps.put("hdfs.url", this.url);
        createProps.put("store.url", this.url);
        createProps.put("hdfs.authentication.kerberos", "true");
        createProps.put("connect.hdfs.principal", hdfsPrincipal);
        createProps.put("connect.hdfs.keytab", keytab);
        createProps.put("hdfs.namenode.principal", hdfsPrincipal);
        return createProps;
    }

    private static MiniDFSCluster createDFSCluster() throws Exception {
        MiniDFSCluster build = new MiniDFSCluster.Builder(createSecureConfig("authentication")).hosts(new String[]{"localhost", "localhost", "localhost"}).nameNodePort(9001).numDataNodes(3).build();
        build.waitActive();
        return build;
    }
}
