package eu.radoop.connections.service.test.connection;

import eu.radoop.connections.RadoopConnectionEntry;
import eu.radoop.connections.proxy.channel.RadoopProxyChannelConfig;
import eu.radoop.connections.service.test.RadoopTest;
import eu.radoop.connections.service.test.RadoopTestContext;
import eu.radoop.connections.service.test.RadoopTestType;
import eu.radoop.connections.service.test.integration.TestNetworking;
import eu.radoop.exception.ConnectionException;
import eu.radoop.security.UgiWrapper;
import java.io.IOException;
import java.net.Socket;
import java.net.SocketAddress;
import sun.security.krb5.KrbException;

/* loaded from: input_file:eu/radoop/connections/service/test/connection/TestKDC.class */
public class TestKDC extends TestNetworking {
    private TestKDC(RadoopTestContext radoopTestContext) throws ConnectionException {
        super(RadoopTestType.KDC, radoopTestContext);
    }

    public static RadoopTest create(RadoopTestContext radoopTestContext) throws ConnectionException {
        return new TestKDC(radoopTestContext);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.util.concurrent.Callable
    public RadoopTest.RadoopTestStatus call() throws ConnectionException, KrbException {
        RadoopConnectionEntry connection = getTestContext().getConnection();
        if (!connection.isKerberosSecurityEnabled()) {
            log(2, "Kerberos security is disabled. No need to run this test.");
            return RadoopTest.RadoopTestStatus.DISABLED;
        }
        if (isKerberosAuthSuccess(connection)) {
            return RadoopTest.RadoopTestStatus.SUCCESS;
        }
        checkKDCServiceReachableViaProxyChannel(connection);
        return RadoopTest.RadoopTestStatus.ERROR;
    }

    private boolean isKerberosAuthSuccess(RadoopConnectionEntry radoopConnectionEntry) {
        UgiWrapper ugiWrapper = null;
        try {
            try {
                ugiWrapper = UgiWrapper.doSecureLogin(radoopConnectionEntry.getClientPrincipal(), radoopConnectionEntry.getKeytabFile(), getTestContext().getHadoopContext().getImpersonatedUser());
                log(2, "Kerberos login succeed");
                if (ugiWrapper != null) {
                    try {
                        ugiWrapper.logoutUserFromKeytab();
                        log(2, "Kerberos logout succeed");
                    } catch (IOException e) {
                        log(8, "Kerberos logout failed with: " + e.getMessage());
                        return false;
                    }
                }
                return true;
            } catch (RuntimeException e2) {
                log(8, "Kerberos login failed with: " + e2.getMessage());
                if (ugiWrapper != null) {
                    try {
                        ugiWrapper.logoutUserFromKeytab();
                        log(2, "Kerberos logout succeed");
                    } catch (IOException e3) {
                        log(8, "Kerberos logout failed with: " + e3.getMessage());
                        return false;
                    }
                }
                return false;
            }
        } catch (Throwable th) {
            if (ugiWrapper != null) {
                try {
                    ugiWrapper.logoutUserFromKeytab();
                    log(2, "Kerberos logout succeed");
                } catch (IOException e4) {
                    log(8, "Kerberos logout failed with: " + e4.getMessage());
                    return false;
                }
            }
            throw th;
        }
    }

    private boolean checkKDCServiceReachableViaProxyChannel(RadoopConnectionEntry radoopConnectionEntry) throws KrbException {
        for (SocketAddress socketAddress : RadoopProxyChannelConfig.collectKDCAddresses(radoopConnectionEntry)) {
            try {
                Socket socket = new Socket();
                try {
                    log(4, String.format("Checking network layer connectivity to KDC (%s) via Radoop Proxy", socketAddress.toString()));
                    socket.connect(socketAddress, 20000);
                    log(4, "KDC service is reachable over Radoop Proxy");
                    socket.close();
                    return true;
                } finally {
                }
            } catch (IOException e) {
                log(4, "Network layer connectivity to KDC service failed with: " + e.getMessage());
            }
        }
        log(8, "Network layer connectivity is not present to any of the configured KDC services");
        return false;
    }
}
