package org.infinispan.test.integration.security.tasks;

import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.text.StrSubstitutor;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
import org.apache.directory.server.kerberos.shared.keytab.Keytab;
import org.apache.directory.shared.kerberos.KerberosTime;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.apache.directory.shared.kerberos.components.EncryptionKey;
import org.infinispan.test.integration.security.utils.Utils;
import org.jboss.as.arquillian.api.ServerSetupTask;
import org.jboss.as.arquillian.container.ManagementClient;
import org.jboss.logging.Logger;

/* loaded from: input_file:org/infinispan/test/integration/security/tasks/AbstractKrb5ConfServerSetupTask.class */
public abstract class AbstractKrb5ConfServerSetupTask implements ServerSetupTask {
    private static Logger LOGGER = Logger.getLogger(AbstractKrb5ConfServerSetupTask.class);
    private static final String JAVA_IO_TMP_DIR = System.getProperty("java.io.tmpdir");
    protected static final File KEYTABS_DIR = new File(JAVA_IO_TMP_DIR + File.separator + "keytabs");
    private static final String KRB5_CONF = "krb5.conf";
    private static final File KRB5_CONF_FILE = new File(JAVA_IO_TMP_DIR, KRB5_CONF);
    public static final File LDAP_KEYTAB_FILE = new File(KEYTABS_DIR, "ldap-service.keytab");
    private String origKrb5Conf;
    private String origKrbDebug;
    private String origIbmJGSSDebug;
    private String origIbmKrbDebug;

    /* loaded from: input_file:org/infinispan/test/integration/security/tasks/AbstractKrb5ConfServerSetupTask$UserForKeyTab.class */
    public static class UserForKeyTab {
        private final String user;
        private final String password;
        private final File keyTabFileName;

        public UserForKeyTab(String str, String str2, File file) {
            this.user = str;
            this.password = str2;
            this.keyTabFileName = file;
        }

        public String getUser() {
            return this.user;
        }

        public String getPassword() {
            return this.password;
        }

        public File getKeyTabFileName() {
            return this.keyTabFileName;
        }
    }

    public void setup(ManagementClient managementClient, String str) throws Exception {
        LOGGER.info("(Re)Creating workdir: " + KEYTABS_DIR.getAbsolutePath());
        FileUtils.deleteDirectory(KEYTABS_DIR);
        KEYTABS_DIR.mkdirs();
        String cannonicalHost = Utils.getCannonicalHost(managementClient);
        HashMap hashMap = new HashMap();
        hashMap.put("hostname", cannonicalHost);
        String supportedEncTypes = getSupportedEncTypes();
        hashMap.put("enctypes", supportedEncTypes);
        LOGGER.info("Supported enctypes in krb5.conf: " + supportedEncTypes);
        FileUtils.write(KRB5_CONF_FILE, StrSubstitutor.replace(IOUtils.toString(Utils.getResource(KRB5_CONF), "UTF-8"), hashMap), "UTF-8");
        createLdapServerKeytab(cannonicalHost);
        List<UserForKeyTab> kerberosUsers = kerberosUsers();
        if (kerberosUsers != null) {
            for (UserForKeyTab userForKeyTab : kerberosUsers) {
                createKeytab(userForKeyTab.getUser(), userForKeyTab.getPassword(), userForKeyTab.getKeyTabFileName());
            }
        }
        LOGGER.info("Setting Kerberos configuration: " + KRB5_CONF_FILE);
        this.origKrb5Conf = Utils.setSystemProperty("java.security.krb5.conf", KRB5_CONF_FILE.getAbsolutePath());
        this.origKrbDebug = Utils.setSystemProperty("sun.security.krb5.debug", "true");
        this.origIbmJGSSDebug = Utils.setSystemProperty("com.ibm.security.jgss.debug", "all");
        this.origIbmKrbDebug = Utils.setSystemProperty("com.ibm.security.krb5.Krb5Debug", "all");
    }

    public void tearDown(ManagementClient managementClient, String str) throws Exception {
        FileUtils.deleteDirectory(KEYTABS_DIR);
        FileUtils.deleteQuietly(KRB5_CONF_FILE);
        Utils.setSystemProperty("java.security.krb5.conf", this.origKrb5Conf);
        Utils.setSystemProperty("sun.security.krb5.debug", this.origKrbDebug);
        Utils.setSystemProperty("com.ibm.security.jgss.debug", this.origIbmJGSSDebug);
        Utils.setSystemProperty("com.ibm.security.krb5.Krb5Debug", this.origIbmKrbDebug);
    }

    public static final String getKrb5ConfFullPath() {
        return KRB5_CONF_FILE.getAbsolutePath();
    }

    public static final String getKeyTabFullPath() {
        return LDAP_KEYTAB_FILE.getAbsolutePath();
    }

    protected void createLdapServerKeytab(String str) throws IOException {
        createKeytab("ldap/" + str + "@INFINISPAN.ORG", "ldapPassword", LDAP_KEYTAB_FILE);
    }

    private String getSupportedEncTypes() {
        ArrayList arrayList = new ArrayList();
        Iterator it = KerberosKeyFactory.getKerberosKeys("dummy@INFINISPAN.ORG", "dummy").keySet().iterator();
        while (it.hasNext()) {
            arrayList.add(((EncryptionType) it.next()).getName());
        }
        return StringUtils.join(arrayList, ',');
    }

    protected void createKeytab(String str, String str2, File file) throws IOException {
        LOGGER.info("Principal name: " + str);
        KerberosTime kerberosTime = new KerberosTime();
        DataOutputStream dataOutputStream = null;
        try {
            dataOutputStream = new DataOutputStream(new FileOutputStream(file));
            dataOutputStream.write(Keytab.VERSION_0X502_BYTES);
            Iterator it = KerberosKeyFactory.getKerberosKeys(str, str2).entrySet().iterator();
            while (it.hasNext()) {
                EncryptionKey encryptionKey = (EncryptionKey) ((Map.Entry) it.next()).getValue();
                byte keyVersion = (byte) encryptionKey.getKeyVersion();
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                DataOutputStream dataOutputStream2 = new DataOutputStream(byteArrayOutputStream);
                String[] split = str.split("@");
                String str3 = split[0];
                String str4 = split[1];
                String[] split2 = str3.split("/");
                try {
                    dataOutputStream2.writeShort((short) split2.length);
                    dataOutputStream2.writeUTF(str4);
                    for (String str5 : split2) {
                        dataOutputStream2.writeUTF(str5);
                    }
                    dataOutputStream2.writeInt(1);
                    dataOutputStream2.writeInt((int) (kerberosTime.getTime() / 1000));
                    dataOutputStream2.write(keyVersion);
                    dataOutputStream2.writeShort((short) encryptionKey.getKeyType().getValue());
                    byte[] keyValue = encryptionKey.getKeyValue();
                    dataOutputStream2.writeShort((short) keyValue.length);
                    dataOutputStream2.write(keyValue);
                    IOUtils.closeQuietly(dataOutputStream2);
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    dataOutputStream.writeInt(byteArray.length);
                    dataOutputStream.write(byteArray);
                } finally {
                }
            }
            IOUtils.closeQuietly(dataOutputStream);
        } catch (Throwable th) {
            IOUtils.closeQuietly(dataOutputStream);
            throw th;
        }
    }

    protected abstract List<UserForKeyTab> kerberosUsers();
}
