package org.apache.storm.utils;

import java.io.File;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.curator.test.InstanceSpec;
import org.apache.curator.test.TestingServer;
import org.apache.storm.cluster.DaemonType;
import org.apache.storm.shade.org.apache.curator.ensemble.fixed.FixedEnsembleProvider;
import org.apache.storm.shade.org.apache.curator.framework.AuthInfo;
import org.apache.storm.shade.org.apache.curator.framework.CuratorFramework;
import org.apache.storm.shade.org.apache.curator.framework.CuratorFrameworkFactory;
import org.apache.storm.shade.org.apache.zookeeper.ClientCnxnSocketNetty;
import org.apache.storm.shade.org.apache.zookeeper.ZooKeeper;
import org.apache.storm.shade.org.apache.zookeeper.common.ClientX509Util;
import org.apache.storm.utils.CuratorUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/storm/utils/CuratorUtilsTest.class */
public class CuratorUtilsTest {
    private static final int JUTE_MAXBUFFER = 400000000;
    private static final int SECURE_CLIENT_PORT = 6065;
    private static final boolean DELETE_DATA_DIRECTORY_ON_CLOSE = true;
    private static final int SERVER_ID = 1;
    private static final int TICK_TIME = 100;
    private static final int MAX_CLIENT_CNXNS = 10;
    private static final int ELECTION_PORT = -1;
    private static final int QUORUM_PORT = -1;
    private TestingServer server;
    private static final Logger LOG = LoggerFactory.getLogger(CuratorUtilsTest.class);
    static final File ZK_DATA_DIR = new File("testZkSSLClientConnectionDataDir");

    @Test
    public void newCuratorUsesExponentialBackoffTest() {
        Map readDefaultConfig = Utils.readDefaultConfig();
        readDefaultConfig.put("storm.zookeeper.retry.interval", 2400);
        readDefaultConfig.put("storm.zookeeper.retry.times", Integer.valueOf(MAX_CLIENT_CNXNS));
        readDefaultConfig.put("storm.zookeeper.retry.intervalceiling.millis", 3000);
        StormBoundedExponentialBackoffRetry retryPolicy = CuratorUtils.newCurator(readDefaultConfig, Collections.singletonList("bogus_server"), 42, "", DaemonType.WORKER.getDefaultZkAcls(readDefaultConfig)).getZookeeperClient().getRetryPolicy();
        Assertions.assertEquals(retryPolicy.getBaseSleepTimeMs(), 2400);
        Assertions.assertEquals(retryPolicy.getN(), MAX_CLIENT_CNXNS);
        Assertions.assertEquals(retryPolicy.getSleepTimeMs(MAX_CLIENT_CNXNS, 0L), 3000L);
    }

    @Test
    public void givenNoExhibitorServersBuilderUsesFixedProviderTest() {
        CuratorFrameworkFactory.Builder builder = setupBuilder(false);
        Assertions.assertEquals(builder.getEnsembleProvider().getConnectionString(), "zk_connection_string");
        Assertions.assertEquals(builder.getEnsembleProvider().getClass(), FixedEnsembleProvider.class);
    }

    @Test
    public void givenSchemeAndPayloadBuilderUsesAuthTest() {
        AuthInfo authInfo = (AuthInfo) setupBuilder(true).getAuthInfos().get(0);
        Assertions.assertEquals(authInfo.getScheme(), "scheme");
        Assertions.assertArrayEquals(authInfo.getAuth(), "abc".getBytes());
    }

    private CuratorFrameworkFactory.Builder setupBuilder(boolean z) {
        CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.builder();
        HashMap hashMap = new HashMap();
        hashMap.put("storm.zookeeper.connection.timeout", 0);
        hashMap.put("storm.zookeeper.session.timeout", 0);
        hashMap.put("storm.zookeeper.retry.interval", 0);
        hashMap.put("storm.zookeeper.retry.intervalceiling.millis", 0);
        hashMap.put("storm.zookeeper.retry.times", 0);
        ZookeeperAuthInfo zookeeperAuthInfo = null;
        if (z) {
            zookeeperAuthInfo = new ZookeeperAuthInfo("scheme", "abc".getBytes());
        }
        CuratorUtils.testSetupBuilder(builder, "zk_connection_string", hashMap, zookeeperAuthInfo);
        return builder;
    }

    public Map<String, Object> setUpSecureConfig(String str) throws Exception {
        System.setProperty("zookeeper.ssl.keyStore.location", str + "testKeyStore.jks");
        System.setProperty("zookeeper.ssl.keyStore.password", "testpass");
        System.setProperty("zookeeper.ssl.trustStore.location", str + "testTrustStore.jks");
        System.setProperty("zookeeper.ssl.trustStore.password", "testpass");
        System.setProperty("zookeeper.request.timeout", "12345");
        System.setProperty("zookeeper.serverCnxnFactory", "org.apache.zookeeper.server.NettyServerCnxnFactory");
        System.setProperty("jute.maxbuffer", String.valueOf(JUTE_MAXBUFFER));
        System.setProperty("javax.net.debug", "ssl");
        System.setProperty("zookeeper.authProvider.x509", "org.apache.zookeeper.server.auth.X509AuthenticationProvider");
        HashMap hashMap = new HashMap();
        hashMap.put("secureClientPort", String.valueOf(SECURE_CLIENT_PORT));
        hashMap.put("audit.enable", "true");
        this.server = new TestingServer(new InstanceSpec(ZK_DATA_DIR, SECURE_CLIENT_PORT, -1, -1, true, 1, TICK_TIME, MAX_CLIENT_CNXNS, hashMap), false);
        HashMap hashMap2 = new HashMap();
        hashMap2.put("storm.zookeeper.ssl.keystore.path", str + "testKeyStore.jks");
        hashMap2.put("storm.zookeeper.ssl.keystore.password", "testpass");
        hashMap2.put("storm.zookeeper.ssl.truststore.path", str + "testTrustStore.jks");
        hashMap2.put("storm.zookeeper.ssl.truststore.password", "testpass");
        hashMap2.put("storm.zookeeper.ssl.hostnameVerification", false);
        return hashMap2;
    }

    @Test
    public void testSecureZKConfiguration() throws Exception {
        LOG.info("Entered to the testSecureZKConfiguration test case.");
        Map<String, Object> upSecureConfig = setUpSecureConfig("test/resources/ssl/");
        upSecureConfig.put("storm.zookeeper.connection.timeout", 0);
        upSecureConfig.put("storm.zookeeper.session.timeout", 0);
        upSecureConfig.put("storm.zookeeper.retry.interval", 0);
        upSecureConfig.put("storm.zookeeper.retry.intervalceiling.millis", 0);
        upSecureConfig.put("storm.zookeeper.retry.times", 0);
        upSecureConfig.put("storm.zookeeper.ssl.enable", true);
        String connectString = this.server.getConnectString();
        CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.builder();
        CuratorUtils.testSetupBuilder(builder, connectString, upSecureConfig, (ZookeeperAuthInfo) null);
        CuratorFramework build = builder.build();
        build.start();
        validateSSLConfiguration(ObjectReader.getString(upSecureConfig.get("storm.zookeeper.ssl.keystore.path")), ObjectReader.getString(upSecureConfig.get("storm.zookeeper.ssl.keystore.password")), ObjectReader.getString(upSecureConfig.get("storm.zookeeper.ssl.truststore.path")), ObjectReader.getString(upSecureConfig.get("storm.zookeeper.ssl.truststore.password")), Boolean.valueOf(ObjectReader.getBoolean(upSecureConfig.get("storm.zookeeper.ssl.hostnameVerification"), true)), build.getZookeeperClient().getZooKeeper());
        this.server.close();
    }

    private void validateSSLConfiguration(String str, String str2, String str3, String str4, Boolean bool, ZooKeeper zooKeeper) {
        ClientX509Util clientX509Util = new ClientX509Util();
        try {
            Assertions.assertEquals(str, zooKeeper.getClientConfig().getProperty(clientX509Util.getSslKeystoreLocationProperty()), "Validate that expected clientConfig is set in ZK config");
            Assertions.assertEquals(str2, zooKeeper.getClientConfig().getProperty(clientX509Util.getSslKeystorePasswdProperty()), "Validate that expected clientConfig is set in ZK config");
            Assertions.assertEquals(str3, zooKeeper.getClientConfig().getProperty(clientX509Util.getSslTruststoreLocationProperty()), "Validate that expected clientConfig is set in ZK config");
            Assertions.assertEquals(str4, zooKeeper.getClientConfig().getProperty(clientX509Util.getSslTruststorePasswdProperty()), "Validate that expected clientConfig is set in ZK config");
            Assertions.assertEquals(bool.toString(), zooKeeper.getClientConfig().getProperty(clientX509Util.getSslHostnameVerificationEnabledProperty()), "Validate that expected clientConfig is set in ZK config");
            clientX509Util.close();
            Assertions.assertEquals(Boolean.TRUE.toString(), zooKeeper.getClientConfig().getProperty("zookeeper.client.secure"), "Validate that expected clientConfig is set in ZK config");
            Assertions.assertEquals(ClientCnxnSocketNetty.class.getCanonicalName(), zooKeeper.getClientConfig().getProperty("zookeeper.clientCnxnSocket"), "Validate that expected clientConfig is set in ZK config");
        } catch (Throwable th) {
            try {
                clientX509Util.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    public void testTruststoreKeystoreConfiguration() {
        LOG.info("Entered to the testTruststoreKeystoreConfiguration test case.");
        HashMap hashMap = new HashMap();
        CuratorUtils.SslConf sslConf = CuratorUtils.getSslConf(hashMap);
        Assertions.assertEquals("", sslConf.getKeystoreLocation(), "Validate that null value is converted to empty string.");
        Assertions.assertEquals("", sslConf.getKeystorePassword(), "Validate that null value is converted to empty string.");
        Assertions.assertEquals("", sslConf.getTruststoreLocation(), "Validate that null value is converted to empty string.");
        Assertions.assertEquals("", sslConf.getTruststorePassword(), "Validate that null value is converted to empty string.");
        Assertions.assertEquals(true, sslConf.getHostnameVerification(), "Validate that null value is converted to false.");
        hashMap.put("storm.zookeeper.ssl.keystore.path", "/keystore.jks");
        hashMap.put("storm.zookeeper.ssl.keystore.password", "keystorePassword");
        hashMap.put("storm.zookeeper.ssl.truststore.path", "/truststore.jks");
        hashMap.put("storm.zookeeper.ssl.truststore.password", "truststorePassword");
        hashMap.put("storm.zookeeper.ssl.hostnameVerification", false);
        CuratorUtils.SslConf sslConf2 = CuratorUtils.getSslConf(hashMap);
        Assertions.assertEquals("/keystore.jks", sslConf2.getKeystoreLocation(), "Validate that non-null value kept intact.");
        Assertions.assertEquals("keystorePassword", sslConf2.getKeystorePassword(), "Validate that non-null value kept intact.");
        Assertions.assertEquals("/truststore.jks", sslConf2.getTruststoreLocation(), "Validate that non-null value kept intact.");
        Assertions.assertEquals("truststorePassword", sslConf2.getTruststorePassword(), "Validate that non-null value kept intact.");
        Assertions.assertEquals(false, sslConf2.getHostnameVerification(), "Validate that non-null value kept intact.");
    }
}
