package org.apache.hive.org.apache.zookeeper.server.auth;

import java.io.IOException;
import org.apache.hive.org.apache.zookeeper.AuthInfoProvider;
import org.apache.hive.org.apache.zookeeper.CreateMode;
import org.apache.hive.org.apache.zookeeper.KeeperException;
import org.apache.hive.org.apache.zookeeper.TestableZooKeeper;
import org.apache.hive.org.apache.zookeeper.ZooDefs;
import org.apache.hive.org.apache.zookeeper.common.ZKConfig;
import org.apache.hive.org.apache.zookeeper.data.Id;
import org.apache.hive.org.apache.zookeeper.server.ServerCnxn;
import org.apache.hive.org.apache.zookeeper.test.ClientBase;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/hive/org/apache/zookeeper/server/auth/CustomAuthenticationProviderTest.class */
public class CustomAuthenticationProviderTest extends ClientBase {

    /* loaded from: input_file:org/apache/hive/org/apache/zookeeper/server/auth/CustomAuthenticationProviderTest$EmptySchemeNameInInvalidAuthInfo.class */
    public static class EmptySchemeNameInInvalidAuthInfo implements AuthInfoProvider {
        @Override // org.apache.hive.org.apache.zookeeper.AuthInfoProvider
        public String getAuthScheme() {
            return null;
        }

        @Override // org.apache.hive.org.apache.zookeeper.AuthInfoProvider
        public byte[] getAuthData() {
            return null;
        }
    }

    /* loaded from: input_file:org/apache/hive/org/apache/zookeeper/server/auth/CustomAuthenticationProviderTest$IAMAuthenticationProvider.class */
    public static class IAMAuthenticationProvider implements ExtAuthenticationProvider {
        public static final String SCHEME = "IAM_AK_SK";
        private AKSKStore akskStore = new AKSKStore();

        /* loaded from: input_file:org/apache/hive/org/apache/zookeeper/server/auth/CustomAuthenticationProviderTest$IAMAuthenticationProvider$AKSKStore.class */
        public static class AKSKStore {
            public String getSK(String str, String str2) {
                return str.equals("User1") ? "User1_SK" : "OTHER_SK";
            }
        }

        /* loaded from: input_file:org/apache/hive/org/apache/zookeeper/server/auth/CustomAuthenticationProviderTest$IAMAuthenticationProvider$AKSKUtil.class */
        public static class AKSKUtil {
            public static String generateSecret(String str, String str2, String str3) {
                return str + str2 + str3;
            }
        }

        /* loaded from: input_file:org/apache/hive/org/apache/zookeeper/server/auth/CustomAuthenticationProviderTest$IAMAuthenticationProvider$IAMAuthInfo.class */
        public static class IAMAuthInfo {
            private String userName;
            private String ak;
            private String secret;

            private IAMAuthInfo() {
            }

            public IAMAuthInfo(String str, String str2, String str3) {
                if (IAMAuthUtil.isEmpty(str) || IAMAuthUtil.isEmpty(str2) || IAMAuthUtil.isEmpty(str3)) {
                    throw new IllegalArgumentException("Empty parameters");
                }
                this.userName = str;
                this.ak = str2;
                this.secret = str3;
            }

            public byte[] write() {
                byte[] bytes = this.userName.getBytes();
                byte[] bytes2 = this.ak.getBytes();
                byte[] bytes3 = this.secret.getBytes();
                byte[] bArr = new byte[8 + bytes.length + 4 + bytes2.length + 4 + bytes3.length];
                fill(IAMAuthUtil.toBytes(bArr.length), bArr, 0, 4);
                fillString(bytes3, bArr, fillString(bytes2, bArr, fillString(bytes, bArr, 0 + 4)));
                return bArr;
            }

            private int fillString(byte[] bArr, byte[] bArr2, int i) {
                fill(IAMAuthUtil.toBytes(bArr.length), bArr2, i, 4);
                int i2 = i + 4;
                fill(bArr, bArr2, i2, bArr.length);
                return i2 + bArr.length;
            }

            private void fill(byte[] bArr, byte[] bArr2, int i, int i2) {
                System.arraycopy(bArr, 0, bArr2, i, i2);
            }

            public static IAMAuthInfo parse(byte[] bArr) {
                IAMAuthInfo iAMAuthInfo = new IAMAuthInfo();
                if (bArr.length != IAMAuthUtil.toInt(bArr, 0, 4)) {
                    throw new IllegalArgumentException("Corrupted auth Data");
                }
                int i = 0 + 4;
                int i2 = IAMAuthUtil.toInt(bArr, i, 4);
                if (i2 == 0) {
                    throw new IllegalArgumentException("Corrupted auth Data");
                }
                int i3 = i + 4;
                iAMAuthInfo.userName = new String(bArr, i3, i2);
                int i4 = i3 + i2;
                int i5 = IAMAuthUtil.toInt(bArr, i4, 4);
                if (i5 == 0) {
                    throw new IllegalArgumentException("Corrupted auth Data");
                }
                int i6 = i4 + 4;
                iAMAuthInfo.ak = new String(bArr, i6, i5);
                int i7 = i6 + i5;
                int i8 = IAMAuthUtil.toInt(bArr, i7, 4);
                if (i8 == 0) {
                    throw new IllegalArgumentException("Corrupted auth Data");
                }
                int i9 = i7 + 4;
                iAMAuthInfo.secret = new String(bArr, i9, i8);
                int i10 = i9 + i8;
                return iAMAuthInfo;
            }
        }

        /* loaded from: input_file:org/apache/hive/org/apache/zookeeper/server/auth/CustomAuthenticationProviderTest$IAMAuthenticationProvider$IAMAuthUtil.class */
        public static class IAMAuthUtil {
            public static byte[] toBytes(int i) {
                byte[] bArr = new byte[4];
                for (int i2 = 3; i2 > 0; i2--) {
                    bArr[i2] = (byte) i;
                    i >>>= 8;
                }
                bArr[0] = (byte) i;
                return bArr;
            }

            public static int toInt(byte[] bArr, int i, int i2) {
                int i3 = 0;
                for (int i4 = i; i4 < i + i2; i4++) {
                    i3 = (i3 << 8) ^ (bArr[i4] & 255);
                }
                return i3;
            }

            public static boolean isEmpty(String str) {
                return str == null || str.length() == 0;
            }

            public static boolean isEmpty(byte[] bArr) {
                return bArr == null || bArr.length == 0;
            }

            public static byte[] generateAuthInfo(String str, String str2, String str3) {
                return new IAMAuthInfo(str, str2, generateSecret(str, str2, str3)).write();
            }

            public static String generateSecret(String str, String str2, String str3) {
                if (isEmpty(str) || isEmpty(str2) || isEmpty(str3)) {
                    throw new IllegalArgumentException("Empty parameters");
                }
                String generateSecret = AKSKUtil.generateSecret(str, str2, str3);
                if (isEmpty(generateSecret)) {
                    throw new IllegalArgumentException("Can not generate secret");
                }
                return generateSecret;
            }
        }

        @Override // org.apache.hive.org.apache.zookeeper.server.auth.AuthenticationProvider
        public String getScheme() {
            return SCHEME;
        }

        @Override // org.apache.hive.org.apache.zookeeper.server.auth.AuthenticationProvider
        public KeeperException.Code handleAuthentication(ServerCnxn serverCnxn, byte[] bArr) {
            if (IAMAuthUtil.isEmpty(bArr)) {
                throw new IllegalArgumentException("Auth data is empty");
            }
            IAMAuthInfo parse = IAMAuthInfo.parse(bArr);
            String sk = this.akskStore.getSK(parse.userName, parse.ak);
            if (IAMAuthUtil.isEmpty(sk)) {
                throw new IllegalArgumentException("Auth data is empty");
            }
            if (!parse.secret.equals(IAMAuthUtil.generateSecret(parse.userName, parse.ak, sk))) {
                return KeeperException.Code.AUTHFAILED;
            }
            serverCnxn.addAuthInfo(new Id(getScheme(), parse.userName));
            return KeeperException.Code.OK;
        }

        @Override // org.apache.hive.org.apache.zookeeper.server.auth.AuthenticationProvider
        public boolean matches(String str, String str2) {
            return str.equals(str2);
        }

        @Override // org.apache.hive.org.apache.zookeeper.server.auth.AuthenticationProvider
        public boolean isAuthenticated() {
            return true;
        }

        @Override // org.apache.hive.org.apache.zookeeper.server.auth.AuthenticationProvider
        public boolean isValid(String str) {
            return true;
        }

        @Override // org.apache.hive.org.apache.zookeeper.server.auth.ExtAuthenticationProvider
        public String getUserName(String str) {
            return str;
        }
    }

    /* loaded from: input_file:org/apache/hive/org/apache/zookeeper/server/auth/CustomAuthenticationProviderTest$TestInvalidIAMAuthInfoProvider.class */
    public static class TestInvalidIAMAuthInfoProvider implements AuthInfoProvider {
        @Override // org.apache.hive.org.apache.zookeeper.AuthInfoProvider
        public String getAuthScheme() {
            return IAMAuthenticationProvider.SCHEME;
        }

        @Override // org.apache.hive.org.apache.zookeeper.AuthInfoProvider
        public byte[] getAuthData() {
            return IAMAuthenticationProvider.IAMAuthUtil.generateAuthInfo("User1", "AUTH_KEY", "FAIL_SK");
        }
    }

    /* loaded from: input_file:org/apache/hive/org/apache/zookeeper/server/auth/CustomAuthenticationProviderTest$TestValidIAMAuthInfoProvider.class */
    public static class TestValidIAMAuthInfoProvider implements AuthInfoProvider {
        @Override // org.apache.hive.org.apache.zookeeper.AuthInfoProvider
        public String getAuthScheme() {
            return IAMAuthenticationProvider.SCHEME;
        }

        @Override // org.apache.hive.org.apache.zookeeper.AuthInfoProvider
        public byte[] getAuthData() {
            return IAMAuthenticationProvider.IAMAuthUtil.generateAuthInfo("User1", "AUTH_KEY", "User1_SK");
        }
    }

    @BeforeClass
    public static void init() {
        System.setProperty("zookeeper.authProvider.1", IAMAuthenticationProvider.class.getName());
    }

    @Test
    public void testCustomAuthenticationSuccess() throws IOException, InterruptedException {
        System.setProperty(ZKConfig.CUSTOM_AUTH_INFO_PROVIDERS, TestValidIAMAuthInfoProvider.class.getName());
        TestableZooKeeper createClient = createClient();
        try {
            createClient.create("/check1", new byte[]{0}, ZooDefs.Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT);
            createClient.create("/check2", new byte[]{0}, ZooDefs.Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT);
        } catch (KeeperException e) {
            if (e.code() == KeeperException.Code.AUTHFAILED) {
                System.out.println("Authentication failed");
            }
            Assert.fail("Failed");
        }
    }

    @Test
    public void testCustomAuthenticationFail() throws IOException, InterruptedException {
        System.setProperty(ZKConfig.CUSTOM_AUTH_INFO_PROVIDERS, TestInvalidIAMAuthInfoProvider.class.getName());
        try {
            createClient().create("/check", new byte[]{0}, ZooDefs.Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT);
        } catch (KeeperException e) {
            if (e.code() != KeeperException.Code.AUTHFAILED) {
                Assert.fail("Failed");
            }
        }
    }

    @Test
    public void testEmptySchemeNameInInvalidAuthInfo() throws IOException, InterruptedException {
        System.setProperty(ZKConfig.CUSTOM_AUTH_INFO_PROVIDERS, EmptySchemeNameInInvalidAuthInfo.class.getName());
        try {
            createClient();
            Assert.fail("Empty scheme should not be supported");
        } catch (IOException e) {
        }
    }
}
