package org.apache.pulsar.security;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.Sets;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.HashMap;
import java.util.Optional;
import java.util.Properties;
import java.util.Set;
import javax.crypto.SecretKey;
import lombok.Generated;
import org.apache.pulsar.broker.PulsarService;
import org.apache.pulsar.broker.ServiceConfiguration;
import org.apache.pulsar.broker.authentication.AuthenticationProviderToken;
import org.apache.pulsar.broker.authentication.utils.AuthTokenUtils;
import org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider;
import org.apache.pulsar.broker.testcontext.PulsarTestContext;
import org.apache.pulsar.client.admin.PulsarAdmin;
import org.apache.pulsar.client.impl.auth.AuthenticationToken;
import org.apache.pulsar.common.policies.data.ClusterData;
import org.apache.pulsar.common.policies.data.TenantInfo;
import org.apache.pulsar.common.util.ObjectMapperFactory;

/* loaded from: input_file:org/apache/pulsar/security/MockedPulsarStandalone.class */
public abstract class MockedPulsarStandalone implements AutoCloseable {
    private final ServiceConfiguration serviceConfiguration = new ServiceConfiguration();
    private PulsarTestContext pulsarTestContext;
    private PulsarService pulsarService;
    private PulsarAdmin serviceInternalAdmin;
    private static final String DEFAULT_TENANT = "public";
    private static final String DEFAULT_NAMESPACE = "public/default";
    private static final String TEST_CLUSTER_NAME = "test-standalone";
    protected static final SecretKey SECRET_KEY = AuthTokenUtils.createSecretKey(SignatureAlgorithm.HS256);
    private static final String BROKER_INTERNAL_CLIENT_SUBJECT = "broker_internal";
    private static final String BROKER_INTERNAL_CLIENT_TOKEN = Jwts.builder().claim("sub", BROKER_INTERNAL_CLIENT_SUBJECT).signWith(SECRET_KEY).compact();
    protected static final String SUPER_USER_SUBJECT = "super-user";
    protected static final String SUPER_USER_TOKEN = Jwts.builder().claim("sub", SUPER_USER_SUBJECT).signWith(SECRET_KEY).compact();
    protected static final String NOBODY_SUBJECT = "nobody";
    protected static final String NOBODY_TOKEN = Jwts.builder().claim("sub", NOBODY_SUBJECT).signWith(SECRET_KEY).compact();
    protected static final ObjectMapper mapper = new ObjectMapper();
    private static final ObjectMapper MAPPER = ObjectMapperFactory.getMapper().getObjectMapper();

    public MockedPulsarStandalone() {
        this.serviceConfiguration.setClusterName(TEST_CLUSTER_NAME);
        this.serviceConfiguration.setBrokerShutdownTimeoutMs(0L);
        this.serviceConfiguration.setBrokerServicePort(Optional.of(0));
        this.serviceConfiguration.setBrokerServicePortTls(Optional.of(0));
        this.serviceConfiguration.setAdvertisedAddress("localhost");
        this.serviceConfiguration.setWebServicePort(Optional.of(0));
        this.serviceConfiguration.setWebServicePortTls(Optional.of(0));
        this.serviceConfiguration.setNumExecutorThreadPoolSize(5);
        this.serviceConfiguration.setExposeBundlesMetricsInPrometheus(true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void configureTokenAuthentication() {
        this.serviceConfiguration.setAuthenticationEnabled(true);
        this.serviceConfiguration.setAuthenticationProviders(Set.of(AuthenticationProviderToken.class.getName()));
        this.serviceConfiguration.setBrokerClientAuthenticationPlugin(AuthenticationToken.class.getName());
        HashMap hashMap = new HashMap();
        hashMap.put("token", BROKER_INTERNAL_CLIENT_TOKEN);
        this.serviceConfiguration.setBrokerClientAuthenticationParameters(MAPPER.writeValueAsString(hashMap));
        Properties properties = this.serviceConfiguration.getProperties();
        if (properties == null) {
            properties = new Properties();
            this.serviceConfiguration.setProperties(properties);
        }
        properties.put("tokenSecretKey", AuthTokenUtils.encodeKeyBase64(SECRET_KEY));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void configureDefaultAuthorization() {
        this.serviceConfiguration.setAuthorizationEnabled(true);
        this.serviceConfiguration.setAuthorizationProvider(PulsarAuthorizationProvider.class.getName());
        this.serviceConfiguration.setSuperUserRoles(Set.of(SUPER_USER_SUBJECT, BROKER_INTERNAL_CLIENT_SUBJECT));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void start() {
        this.pulsarTestContext = PulsarTestContext.builder().spyByDefault().config(this.serviceConfiguration).withMockZookeeper(false).build();
        this.pulsarService = this.pulsarTestContext.getPulsarService();
        this.serviceInternalAdmin = this.pulsarService.getAdminClient();
        setupDefaultTenantAndNamespace();
    }

    private void setupDefaultTenantAndNamespace() throws Exception {
        if (!this.serviceInternalAdmin.clusters().getClusters().contains(TEST_CLUSTER_NAME)) {
            this.serviceInternalAdmin.clusters().createCluster(TEST_CLUSTER_NAME, ClusterData.builder().serviceUrl(this.pulsarService.getWebServiceAddress()).build());
        }
        if (!this.serviceInternalAdmin.tenants().getTenants().contains(DEFAULT_TENANT)) {
            this.serviceInternalAdmin.tenants().createTenant(DEFAULT_TENANT, TenantInfo.builder().allowedClusters(Sets.newHashSet(new String[]{TEST_CLUSTER_NAME})).build());
        }
        if (this.serviceInternalAdmin.namespaces().getNamespaces(DEFAULT_TENANT).contains(DEFAULT_NAMESPACE)) {
            return;
        }
        this.serviceInternalAdmin.namespaces().createNamespace(DEFAULT_NAMESPACE);
    }

    @Override // java.lang.AutoCloseable
    public void close() throws Exception {
        if (this.pulsarTestContext != null) {
            this.pulsarTestContext.close();
        }
    }

    @Generated
    public ServiceConfiguration getServiceConfiguration() {
        return this.serviceConfiguration;
    }

    @Generated
    public PulsarService getPulsarService() {
        return this.pulsarService;
    }
}
