package com.google.cloud.broker.testing;

import com.sun.security.auth.module.Krb5LoginModule;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import org.apache.commons.io.FileUtils;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.server.SimpleKdcServer;
import org.apache.kerby.util.NetworkUtil;

/* loaded from: input_file:com/google/cloud/broker/testing/FakeKDC.class */
public class FakeKDC {
    private String realm;
    private SimpleKdcServer kdcServer;
    private Path rootDir;
    private Path brokerKeytabDir;
    private Path userKeytabDir;
    private List<String> principals = new ArrayList();

    public FakeKDC(String str) {
        this.realm = str;
    }

    public Subject login(String str) {
        Path keytabPath = getKeytabPath(str);
        HashMap hashMap = new HashMap();
        hashMap.put("keyTab", keytabPath.toString());
        hashMap.put("principal", str);
        hashMap.put("doNotPrompt", "true");
        hashMap.put("isInitiator", "true");
        hashMap.put("refreshKrb5Config", "true");
        hashMap.put("storeKey", "true");
        hashMap.put("useKeyTab", "true");
        Subject subject = new Subject();
        Krb5LoginModule krb5LoginModule = new Krb5LoginModule();
        krb5LoginModule.initialize(subject, (CallbackHandler) null, new HashMap(), hashMap);
        try {
            krb5LoginModule.login();
            krb5LoginModule.commit();
            return subject;
        } catch (LoginException e) {
            throw new RuntimeException(e);
        }
    }

    public Path getKeytabPath(String str) {
        String str2 = str.split("@")[0].split("/")[0];
        return str2.equals("broker") ? this.brokerKeytabDir.resolve("broker.keytab") : this.userKeytabDir.resolve(str2 + ".keytab");
    }

    public void createPrincipal(String str) {
        try {
            this.kdcServer.createPrincipal(str);
            this.kdcServer.exportPrincipal(str, getKeytabPath(str).toFile());
            this.principals.add(str);
        } catch (KrbException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public void start() {
        try {
            this.rootDir = Files.createTempDirectory("root", new FileAttribute[0]);
            this.brokerKeytabDir = Files.createDirectory(this.rootDir.resolve("broker-keytabs"), new FileAttribute[0]);
            this.userKeytabDir = Files.createDirectory(this.rootDir.resolve("user-keytabs"), new FileAttribute[0]);
            this.kdcServer = new SimpleKdcServer();
            this.kdcServer.setWorkDir(this.rootDir.toFile());
            this.kdcServer.setKdcRealm(this.realm);
            this.kdcServer.setKdcHost("localhost");
            this.kdcServer.setAllowTcp(false);
            this.kdcServer.setAllowUdp(true);
            this.kdcServer.setKdcUdpPort(NetworkUtil.getServerPort());
            this.kdcServer.init();
            this.kdcServer.start();
        } catch (KrbException | IOException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public void stop() {
        try {
            this.kdcServer.getKadmin().deleteBuiltinPrincipals();
            Iterator<String> it = this.principals.iterator();
            while (it.hasNext()) {
                this.kdcServer.deletePrincipal(it.next());
            }
            this.kdcServer.stop();
            FileUtils.deleteDirectory(this.rootDir.toFile());
        } catch (KrbException | IOException e) {
            throw new RuntimeException((Throwable) e);
        }
    }
}
