package org.apache.hadoop.security.token.delegation;

import org.apache.curator.test.TestingServer;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.SecretManager;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.delegation.web.DelegationTokenManager;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/hadoop/security/token/delegation/TestZKDelegationTokenSecretManager.class */
public class TestZKDelegationTokenSecretManager {
    private static final long DAY_IN_SECS = 86400;
    private TestingServer zkServer;

    @Before
    public void setup() throws Exception {
        this.zkServer = new TestingServer();
        this.zkServer.start();
    }

    @After
    public void tearDown() throws Exception {
        if (this.zkServer != null) {
            this.zkServer.close();
        }
    }

    protected Configuration getSecretConf(String str) {
        Configuration configuration = new Configuration();
        configuration.setBoolean(DelegationTokenManager.ENABLE_ZK_KEY, true);
        configuration.set(ZKDelegationTokenSecretManager.ZK_DTSM_ZK_CONNECTION_STRING, str);
        configuration.set(ZKDelegationTokenSecretManager.ZK_DTSM_ZNODE_WORKING_PATH, "testPath");
        configuration.set(ZKDelegationTokenSecretManager.ZK_DTSM_ZK_AUTH_TYPE, "none");
        configuration.setLong(DelegationTokenManager.UPDATE_INTERVAL, 86400L);
        configuration.setLong(DelegationTokenManager.MAX_LIFETIME, 86400L);
        configuration.setLong(DelegationTokenManager.RENEW_INTERVAL, 86400L);
        configuration.setLong(DelegationTokenManager.REMOVAL_SCAN_INTERVAL, 86400L);
        return configuration;
    }

    @Test
    public void testMultiNodeOperations() throws Exception {
        Configuration secretConf = getSecretConf(this.zkServer.getConnectString());
        DelegationTokenManager delegationTokenManager = new DelegationTokenManager(secretConf, new Text("bla"));
        delegationTokenManager.init();
        DelegationTokenManager delegationTokenManager2 = new DelegationTokenManager(secretConf, new Text("bla"));
        delegationTokenManager2.init();
        Token<? extends AbstractDelegationTokenIdentifier> createToken = delegationTokenManager.createToken(UserGroupInformation.getCurrentUser(), "foo");
        Assert.assertNotNull(createToken);
        delegationTokenManager2.verifyToken(createToken);
        delegationTokenManager2.renewToken(createToken, "foo");
        delegationTokenManager.verifyToken(createToken);
        delegationTokenManager.cancelToken(createToken, "foo");
        try {
            delegationTokenManager2.verifyToken(createToken);
            Assert.fail("Expected InvalidToken");
        } catch (SecretManager.InvalidToken e) {
        }
        Token<? extends AbstractDelegationTokenIdentifier> createToken2 = delegationTokenManager2.createToken(UserGroupInformation.getCurrentUser(), "bar");
        Assert.assertNotNull(createToken2);
        delegationTokenManager.verifyToken(createToken2);
        delegationTokenManager.renewToken(createToken2, "bar");
        delegationTokenManager2.verifyToken(createToken2);
        delegationTokenManager2.cancelToken(createToken2, "bar");
        try {
            delegationTokenManager.verifyToken(createToken2);
            Assert.fail("Expected InvalidToken");
        } catch (SecretManager.InvalidToken e2) {
        }
    }

    @Test
    public void testRenewTokenSingleManager() throws Exception {
        DelegationTokenManager delegationTokenManager = new DelegationTokenManager(getSecretConf(this.zkServer.getConnectString()), new Text("foo"));
        delegationTokenManager.init();
        Token<? extends AbstractDelegationTokenIdentifier> createToken = delegationTokenManager.createToken(UserGroupInformation.getCurrentUser(), "foo");
        Assert.assertNotNull(createToken);
        delegationTokenManager.renewToken(createToken, "foo");
        delegationTokenManager.verifyToken(createToken);
    }

    @Test
    public void testCancelTokenSingleManager() throws Exception {
        DelegationTokenManager delegationTokenManager = new DelegationTokenManager(getSecretConf(this.zkServer.getConnectString()), new Text("foo"));
        delegationTokenManager.init();
        Token<? extends AbstractDelegationTokenIdentifier> createToken = delegationTokenManager.createToken(UserGroupInformation.getCurrentUser(), "foo");
        Assert.assertNotNull(createToken);
        delegationTokenManager.cancelToken(createToken, "foo");
        try {
            delegationTokenManager.verifyToken(createToken);
            Assert.fail("Expected InvalidToken");
        } catch (SecretManager.InvalidToken e) {
            e.printStackTrace();
        }
    }
}
