package org.apache.hadoop.hbase.http.log;

import java.io.File;
import java.net.BindException;
import java.net.SocketException;
import java.net.URI;
import java.util.Properties;
import javax.net.ssl.SSLException;
import org.apache.commons.io.FileUtils;
import org.apache.hadoop.HadoopIllegalArgumentException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileUtil;
import org.apache.hadoop.hbase.HBaseClassTestRule;
import org.apache.hadoop.hbase.HBaseCommonTestingUtility;
import org.apache.hadoop.hbase.http.HttpConfig;
import org.apache.hadoop.hbase.http.HttpServer;
import org.apache.hadoop.hbase.http.log.LogLevel;
import org.apache.hadoop.hbase.http.ssl.KeyStoreTestUtil;
import org.apache.hadoop.hbase.testclassification.MiscTests;
import org.apache.hadoop.hbase.testclassification.SmallTests;
import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.net.NetUtils;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authorize.AccessControlList;
import org.apache.hadoop.test.GenericTestUtils;
import org.apache.hadoop.util.StringUtils;
import org.apache.log4j.Level;
import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.experimental.categories.Category;

@Category({MiscTests.class, SmallTests.class})
/* loaded from: input_file:org/apache/hadoop/hbase/http/log/TestLogLevel.class */
public class TestLogLevel {
    private static String keystoresDir;
    private static String sslConfDir;
    private static Configuration serverConf;
    private static Configuration clientConf;
    private static Configuration sslConf;
    private static final String PRINCIPAL = "loglevel.principal";
    private static final String KEYTAB = "loglevel.keytab";
    private static MiniKdc kdc;
    private static final String LOCALHOST = "localhost";
    private static final String clientPrincipal = "client/localhost";
    private static HBaseCommonTestingUtility HTU;
    private static File keyTabFile;

    @ClassRule
    public static final HBaseClassTestRule CLASS_RULE = HBaseClassTestRule.forClass(TestLogLevel.class);
    private static final String logName = TestLogLevel.class.getName();
    private static final Logger log = LogManager.getLogger(logName);
    private static String HTTP_PRINCIPAL = "HTTP/localhost";

    @BeforeClass
    public static void setUp() throws Exception {
        serverConf = new Configuration();
        HTU = new HBaseCommonTestingUtility(serverConf);
        File file = new File(HTU.getDataTestDir("keystore").toString());
        file.mkdirs();
        keyTabFile = new File(HTU.getDataTestDir("keytab").toString(), "keytabfile");
        keyTabFile.getParentFile().mkdirs();
        clientConf = new Configuration();
        setupSSL(file);
        kdc = setupMiniKdc();
        kdc.createPrincipal(keyTabFile, new String[]{clientPrincipal, HTTP_PRINCIPAL});
    }

    private static MiniKdc setupMiniKdc() throws Exception {
        boolean z;
        Properties createConf = MiniKdc.createConf();
        createConf.put("debug", true);
        MiniKdc miniKdc = null;
        File file = null;
        int i = 0;
        do {
            try {
                z = false;
                file = new File(HTU.getDataTestDir("kdc").toUri().getPath());
                miniKdc = new MiniKdc(createConf, file);
                miniKdc.start();
            } catch (BindException e) {
                FileUtils.deleteDirectory(file);
                i++;
                if (i == 3) {
                    log.error("Failed setting up MiniKDC. Tried " + i + " times.");
                    throw e;
                }
                log.error("BindException encountered when setting up MiniKdc. Trying again.");
                z = true;
            }
        } while (z);
        return miniKdc;
    }

    private static void setupSSL(File file) throws Exception {
        clientConf.set("dfs.http.policy", HttpConfig.Policy.HTTPS_ONLY.name());
        clientConf.set("dfs.namenode.https-address", "localhost:0");
        clientConf.set("dfs.datanode.https.address", "localhost:0");
        keystoresDir = file.getAbsolutePath();
        sslConfDir = KeyStoreTestUtil.getClasspathDir(TestLogLevel.class);
        KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, serverConf, false);
        sslConf = getSslConfig(serverConf);
    }

    private static Configuration getSslConfig(Configuration configuration) {
        Configuration configuration2 = new Configuration(false);
        String str = configuration.get("hadoop.ssl.server.conf");
        String str2 = configuration.get("hadoop.ssl.client.conf");
        configuration2.addResource(str);
        configuration2.addResource(str2);
        configuration2.set("hadoop.ssl.server.conf", str);
        configuration2.set("hadoop.ssl.client.conf", str2);
        return configuration2;
    }

    @AfterClass
    public static void tearDown() {
        if (kdc != null) {
            kdc.stop();
        }
        FileUtil.fullyDelete(new File(HTU.getDataTestDir().toString()));
    }

    @Test
    public void testCommandOptions() throws Exception {
        String name = getClass().getName();
        Assert.assertFalse(validateCommand(new String[]{"-foo"}));
        Assert.assertFalse(validateCommand(new String[0]));
        Assert.assertFalse(validateCommand(new String[]{"-getlevel"}));
        Assert.assertFalse(validateCommand(new String[]{"-setlevel"}));
        Assert.assertFalse(validateCommand(new String[]{"-getlevel", "foo.bar:8080"}));
        Assert.assertTrue(validateCommand(new String[]{"-getlevel", "foo.bar:8080", name}));
        Assert.assertTrue(validateCommand(new String[]{"-setlevel", "foo.bar:8080", name, "DEBUG"}));
        Assert.assertTrue(validateCommand(new String[]{"-getlevel", "foo.bar:8080", name}));
        Assert.assertTrue(validateCommand(new String[]{"-setlevel", "foo.bar:8080", name, "DEBUG"}));
        Assert.assertFalse(validateCommand(new String[]{"-getlevel", "foo.bar:8080", name, "blah"}));
        Assert.assertFalse(validateCommand(new String[]{"-setlevel", "foo.bar:8080", name, "DEBUG", "blah"}));
        Assert.assertFalse(validateCommand(new String[]{"-getlevel", "foo.bar:8080", name, "-setlevel", "foo.bar:8080", name}));
    }

    private boolean validateCommand(String[] strArr) {
        try {
            new LogLevel.CLI(clientConf).parseArguments(strArr);
            return true;
        } catch (Exception e) {
            return true;
        } catch (HadoopIllegalArgumentException e2) {
            return false;
        }
    }

    private HttpServer createServer(String str, boolean z) throws Exception {
        HttpServer.Builder conf = new HttpServer.Builder().setName("..").addEndpoint(new URI(str + "://localhost:0")).setFindPort(true).setConf(serverConf);
        if (z) {
            conf.setSecurityEnabled(true).setUsernameConfKey(PRINCIPAL).setKeytabConfKey(KEYTAB).setACL(new AccessControlList("client"));
        }
        if (str.equals("https")) {
            conf = conf.keyPassword(sslConf.get("ssl.server.keystore.keypassword")).keyStore(sslConf.get("ssl.server.keystore.location"), sslConf.get("ssl.server.keystore.password"), sslConf.get("ssl.server.keystore.type", "jks")).trustStore(sslConf.get("ssl.server.truststore.location"), sslConf.get("ssl.server.truststore.password"), sslConf.get("ssl.server.truststore.type", "jks"));
        }
        HttpServer build = conf.build();
        build.start();
        return build;
    }

    private void testDynamicLogLevel(String str, String str2, boolean z) throws Exception {
        testDynamicLogLevel(str, str2, z, Level.DEBUG.toString());
    }

    private void testDynamicLogLevel(String str, String str2, boolean z, String str3) throws Exception {
        if (!LogLevel.isValidProtocol(str)) {
            throw new Exception("Invalid server protocol " + str);
        }
        if (!LogLevel.isValidProtocol(str2)) {
            throw new Exception("Invalid client protocol " + str2);
        }
        Level effectiveLevel = log.getEffectiveLevel();
        Assert.assertNotEquals("Get default Log Level which shouldn't be ERROR.", Level.ERROR, effectiveLevel);
        if (z) {
            serverConf.set(PRINCIPAL, HTTP_PRINCIPAL);
            serverConf.set(KEYTAB, keyTabFile.getAbsolutePath());
            serverConf.set("hadoop.security.authentication", "kerberos");
            serverConf.setBoolean("hadoop.security.authorization", true);
            UserGroupInformation.setConfiguration(serverConf);
        } else {
            serverConf.set("hadoop.security.authentication", "simple");
            serverConf.setBoolean("hadoop.security.authorization", false);
            UserGroupInformation.setConfiguration(serverConf);
        }
        HttpServer createServer = createServer(str, z);
        String hostPortString = NetUtils.getHostPortString(createServer.getConnectorAddress(0));
        UserGroupInformation loginUserFromKeytabAndReturnUGI = UserGroupInformation.loginUserFromKeytabAndReturnUGI(clientPrincipal, keyTabFile.getAbsolutePath());
        try {
            loginUserFromKeytabAndReturnUGI.doAs(() -> {
                getLevel(str2, hostPortString);
                setLevel(str2, hostPortString, str3);
                return null;
            });
            loginUserFromKeytabAndReturnUGI.logoutUserFromKeytab();
            createServer.stop();
            GenericTestUtils.setLogLevel(log, effectiveLevel);
        } catch (Throwable th) {
            loginUserFromKeytabAndReturnUGI.logoutUserFromKeytab();
            createServer.stop();
            throw th;
        }
    }

    private void getLevel(String str, String str2) throws Exception {
        new LogLevel.CLI(str.equalsIgnoreCase("https") ? sslConf : clientConf).run(new String[]{"-getlevel", str2, logName, "-protocol", str});
    }

    private void setLevel(String str, String str2, String str3) throws Exception {
        new LogLevel.CLI(str.equalsIgnoreCase("https") ? sslConf : clientConf).run(new String[]{"-setlevel", str2, logName, str3, "-protocol", str});
        Assert.assertEquals("new level not equal to expected: ", str3.toUpperCase(), log.getEffectiveLevel().toString());
    }

    @Test
    public void testInfoLogLevel() throws Exception {
        testDynamicLogLevel("http", "http", true, "INFO");
    }

    @Test
    public void testErrorLogLevel() throws Exception {
        testDynamicLogLevel("http", "http", true, "ERROR");
    }

    @Test
    public void testLogLevelByHttp() throws Exception {
        testDynamicLogLevel("http", "http", false);
        try {
            testDynamicLogLevel("http", "https", false);
            Assert.fail("An HTTPS Client should not have succeeded in connecting to a HTTP server");
        } catch (SSLException e) {
            exceptionShouldContains("Unrecognized SSL message", e);
        }
    }

    @Test
    public void testLogLevelByHttpWithSpnego() throws Exception {
        testDynamicLogLevel("http", "http", true);
        try {
            testDynamicLogLevel("http", "https", true);
            Assert.fail("An HTTPS Client should not have succeeded in connecting to a HTTP server");
        } catch (SSLException e) {
            exceptionShouldContains("Unrecognized SSL message", e);
        }
    }

    @Test
    public void testLogLevelByHttps() throws Exception {
        testDynamicLogLevel("https", "https", false);
        try {
            testDynamicLogLevel("https", "http", false);
            Assert.fail("An HTTP Client should not have succeeded in connecting to a HTTPS server");
        } catch (SocketException e) {
            exceptionShouldContains("Unexpected end of file from server", e);
        }
    }

    @Test
    public void testLogLevelByHttpsWithSpnego() throws Exception {
        testDynamicLogLevel("https", "https", true);
        try {
            testDynamicLogLevel("https", "http", true);
            Assert.fail("An HTTP Client should not have succeeded in connecting to a HTTPS server");
        } catch (SocketException e) {
            exceptionShouldContains("Unexpected end of file from server", e);
        }
    }

    private static void exceptionShouldContains(String str, Throwable th) {
        Throwable th2 = th;
        while (true) {
            Throwable th3 = th2;
            if (th3 == null) {
                throw new AssertionError("Expected to find '" + str + "' but got unexpected exception:" + StringUtils.stringifyException(th), th);
            }
            String th4 = th3.toString();
            if (th4 != null && th4.toLowerCase().contains(str.toLowerCase())) {
                return;
            } else {
                th2 = th3.getCause();
            }
        }
    }
}
