package org.apache.drill.exec.rpc.user.security;

import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.util.Arrays;
import java.util.Iterator;
import org.apache.drill.test.ClientFixture;
import org.apache.drill.test.ClusterFixture;
import org.apache.drill.test.ClusterTest;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/drill/exec/rpc/user/security/TestHtpasswdFileUserAuthenticator.class */
public class TestHtpasswdFileUserAuthenticator extends ClusterTest {
    private File tempPasswdFile;

    private void setupCluster(String str) throws IOException {
        this.tempPasswdFile = new File(dirTestWatcher.getTmpDir(), "htpasswd." + System.currentTimeMillis());
        Files.write(this.tempPasswdFile.toPath(), str.getBytes(), new OpenOption[0]);
        cluster = ClusterFixture.bareBuilder(dirTestWatcher).clusterSize(3).configProperty("drill.exec.allow_loopback_address_binding", true).configProperty("drill.exec.security.user.auth.enabled", true).configProperty("drill.exec.security.user.auth.impl", "htpasswd").configProperty("drill.exec.security.user.auth.htpasswd.path", this.tempPasswdFile.toString()).build();
    }

    @Test
    public void passwordChecksGiveCorrectResults() throws Exception {
        setupCluster("alice:pass1\nbob:buzzkill\njane:$apr1$PrwDfXy9$ajkhotQW6RFnoVQtPKoW4/\njohn:$apr1$UxZgBU8k$K4UzdubNa741TnWAZY2QV0\n");
        Assert.assertTrue(true);
        tryCredentials("alice", "pass1", cluster, true);
        tryCredentials("bob", "buzzkill", cluster, true);
        tryCredentials("notalice", "pass1", cluster, false);
        tryCredentials("notbob", "buzzkill", cluster, false);
        tryCredentials("alice", "wrong", cluster, false);
        tryCredentials("bob", "incorrect", cluster, false);
        tryCredentials("jane", "pass", cluster, true);
        tryCredentials("john", "foobar", cluster, true);
        tryCredentials("jane", "wrong", cluster, false);
        tryCredentials("john", "incorrect1", cluster, false);
    }

    @Test
    public void rejectsLoginsWhenHtpasswdFileMissing() throws Exception {
        cluster = ClusterFixture.bareBuilder(dirTestWatcher).clusterSize(3).configProperty("drill.exec.allow_loopback_address_binding", true).configProperty("drill.exec.security.user.auth.enabled", true).configProperty("drill.exec.security.user.auth.impl", "htpasswd").configProperty("drill.exec.security.user.auth.htpasswd.path", "/nonexistant-file").build();
        tryCredentials("bob", "bob", cluster, false);
    }

    @Test
    public void detectsChanges() throws Exception {
        setupCluster("alice:pass1\nbob:buzzkill\n");
        tryCredentials("alice", "pass1", cluster, true);
        tryCredentials("alice", "pass2", cluster, false);
        tryCredentials("bob", "buzzkill", cluster, true);
        tryCredentials("bob", "yolo", cluster, false);
        Files.write(this.tempPasswdFile.toPath(), "alice:pass2\nbob:yolo\n".getBytes(), new OpenOption[0]);
        tryCredentials("alice", "pass1", cluster, false);
        tryCredentials("alice", "pass2", cluster, true);
        tryCredentials("bob", "buzzkill", cluster, false);
        tryCredentials("bob", "yolo", cluster, true);
        Files.write(this.tempPasswdFile.toPath(), "invalid file".getBytes(), new OpenOption[0]);
        tryCredentials("alice", "pass1", cluster, false);
        tryCredentials("alice", "pass2", cluster, false);
        Files.delete(this.tempPasswdFile.toPath());
        tryCredentials("alice", "pass1", cluster, false);
        tryCredentials("alice", "pass2", cluster, false);
    }

    private static void tryCredentials(String str, String str2, ClusterFixture clusterFixture, boolean z) throws Exception {
        try {
            ClientFixture build = clusterFixture.clientBuilder().property("user", str).property("password", str2).build();
            Iterator it = Arrays.asList("SHOW SCHEMAS", "USE INFORMATION_SCHEMA", "SHOW TABLES", "SELECT * FROM INFORMATION_SCHEMA.`TABLES` WHERE TABLE_NAME LIKE 'COLUMNS'", "SELECT * FROM cp.`region.json` LIMIT 5").iterator();
            while (it.hasNext()) {
                build.queryBuilder().sql((String) it.next()).run();
            }
            if (!z) {
                Assert.fail("Expected connect to fail because of incorrect username / password combination, but it succeeded");
            }
        } catch (IllegalStateException e) {
            if (z) {
                throw e;
            }
        }
    }
}
