package io.confluent.kafka.multitenant.integration.test;

import io.confluent.kafka.multitenant.MultiTenantPrincipalBuilder;
import io.confluent.kafka.multitenant.authorizer.MultiTenantAuditLogConfig;
import io.confluent.kafka.multitenant.authorizer.MultiTenantAuthorizer;
import io.confluent.kafka.multitenant.integration.cluster.LogicalClusterUser;
import io.confluent.kafka.multitenant.integration.cluster.PhysicalCluster;
import io.confluent.kafka.multitenant.quota.TenantQuotaCallback;
import io.confluent.kafka.security.authorizer.MockAuditLogProvider;
import io.confluent.kafka.server.plugins.auth.oauth.OAuthBearerServerLoginCallbackHandler;
import io.confluent.kafka.server.plugins.auth.oauth.OAuthBearerValidatorCallbackHandler;
import io.confluent.kafka.test.utils.KafkaTestUtils;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.function.Consumer;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import kafka.admin.RackAwareMode$Enforced$;
import kafka.server.KafkaConfig;
import kafka.zk.AdminZkClient;
import kafka.zk.KafkaZkClient;
import org.apache.kafka.clients.HostResolver;
import org.apache.kafka.clients.admin.AdminClient;
import org.apache.kafka.clients.admin.AdminClientConfig;
import org.apache.kafka.clients.consumer.KafkaConsumer;
import org.apache.kafka.clients.producer.KafkaProducer;
import org.apache.kafka.common.config.SslConfigs;
import org.apache.kafka.common.config.internals.BrokerSecurityConfigs;
import org.apache.kafka.common.config.internals.ConfluentConfigs;
import org.apache.kafka.common.config.types.Password;
import org.apache.kafka.common.errors.TimeoutException;
import org.apache.kafka.common.security.auth.SecurityProtocol;
import org.apache.kafka.common.security.scram.internals.ScramMechanism;
import org.apache.kafka.common.utils.Time;
import org.apache.kafka.test.TestUtils;
import org.junit.jupiter.api.TestInfo;
import scala.Option;

/* loaded from: input_file:io/confluent/kafka/multitenant/integration/test/IntegrationTestHarness.class */
public class IntegrationTestHarness {
    private static final int DEFAULT_BROKERS_IN_PHYSICAL_CLUSTER = 1;
    private PhysicalCluster physicalCluster;
    private final TestInfo testInfo;
    private final List<KafkaProducer<?, ?>> producers;
    private final List<KafkaConsumer<?, ?>> consumers;
    private final List<AdminClient> adminClients;
    private final int brokersInPhysicalCluster;
    private final List<String> brokerRacks;
    private final List<String> brokerCells;

    public IntegrationTestHarness(TestInfo testInfo) {
        this(testInfo, 1);
    }

    public IntegrationTestHarness(TestInfo testInfo, int i) {
        this(testInfo, i, Collections.emptyList());
    }

    public IntegrationTestHarness(TestInfo testInfo, int i, List<String> list) {
        this(testInfo, i, list, Collections.emptyList());
    }

    public IntegrationTestHarness(TestInfo testInfo, int i, List<String> list, List<String> list2) {
        this.producers = new ArrayList();
        this.consumers = new ArrayList();
        this.adminClients = new ArrayList();
        this.testInfo = testInfo;
        if (!list.isEmpty() && list.size() != i) {
            throw new IllegalArgumentException("Broker racks should be empty or should be same as number of brokers.");
        }
        if (!list2.isEmpty() && list2.size() != i) {
            throw new IllegalArgumentException("Broker cells should be empty or should be same as number of brokers.");
        }
        this.brokersInPhysicalCluster = i;
        this.brokerRacks = list;
        this.brokerCells = list2;
    }

    public PhysicalCluster start(Properties properties) {
        return start(properties, true, Optional.empty(), physicalCluster -> {
        });
    }

    public PhysicalCluster start(Properties properties, Time time) {
        return start(properties, true, Optional.of(time), physicalCluster -> {
        });
    }

    public PhysicalCluster start(Properties properties, boolean z, Optional<Time> optional, Consumer<PhysicalCluster> consumer) {
        return start(properties, new Properties(), z, optional, consumer);
    }

    public PhysicalCluster start(Properties properties, Properties properties2, boolean z, Set<String> set, Optional<Time> optional, Consumer<PhysicalCluster> consumer) {
        this.physicalCluster = createCluster(optional);
        if (!z) {
            this.physicalCluster.disableBrokerSuperUser();
        }
        this.physicalCluster.startQuorum(properties2, set);
        consumer.accept(this.physicalCluster);
        this.physicalCluster.startBrokers(properties, set);
        return this.physicalCluster;
    }

    public PhysicalCluster start(Properties properties, Properties properties2, boolean z, Optional<Time> optional, Consumer<PhysicalCluster> consumer) {
        return start(properties, properties2, z, Collections.emptySet(), optional, consumer);
    }

    public PhysicalCluster startWithTopic(String str, int i, int i2, long j, Properties properties) throws ExecutionException, InterruptedException {
        return startWithTopic(str, i, i2, j, properties, Optional.empty());
    }

    public PhysicalCluster startWithTopic(String str, int i, int i2, long j, Properties properties, Optional<Time> optional) throws ExecutionException, InterruptedException {
        this.physicalCluster = createCluster(optional);
        this.physicalCluster.startQuorum(new Properties());
        ExecutorService newFixedThreadPool = Executors.newFixedThreadPool(1);
        try {
            Future<?> submit = newFixedThreadPool.submit(() -> {
                tryCreateEarlyTopic(str, i, i2, j);
            });
            this.physicalCluster.startBrokers(properties);
            submit.get();
            newFixedThreadPool.shutdown();
            return this.physicalCluster;
        } catch (Throwable th) {
            newFixedThreadPool.shutdown();
            throw th;
        }
    }

    public void shutdownBrokers() {
        if (this.physicalCluster != null) {
            this.physicalCluster.kafkaCluster().shutdownBrokers();
        }
    }

    public void startBrokers() {
        if (this.physicalCluster != null) {
            this.physicalCluster.kafkaCluster().startBrokersAfterShutdown();
        }
    }

    public void shutdown() {
        this.producers.forEach((v0) -> {
            v0.close();
        });
        this.consumers.forEach((v0) -> {
            v0.close();
        });
        this.adminClients.forEach((v0) -> {
            v0.close();
        });
        if (this.physicalCluster != null) {
            this.physicalCluster.shutdown();
        }
    }

    public boolean isKraft() {
        return this.physicalCluster.isKRaft();
    }

    public String zkConnect() {
        return this.physicalCluster.kafkaCluster().zkConnect();
    }

    public KafkaProducer<String, String> createProducer(LogicalClusterUser logicalClusterUser, SecurityProtocol securityProtocol) {
        KafkaProducer<String, String> createProducer = KafkaTestUtils.createProducer(this.physicalCluster.bootstrapServers(), securityProtocol, ScramMechanism.SCRAM_SHA_256.mechanismName(), logicalClusterUser.saslJaasConfig());
        this.producers.add(createProducer);
        return createProducer;
    }

    public KafkaConsumer<String, String> createConsumer(LogicalClusterUser logicalClusterUser, String str, SecurityProtocol securityProtocol) {
        KafkaConsumer<String, String> createConsumer = KafkaTestUtils.createConsumer(this.physicalCluster.bootstrapServers(), securityProtocol, ScramMechanism.SCRAM_SHA_256.mechanismName(), logicalClusterUser.saslJaasConfig(), str);
        this.consumers.add(createConsumer);
        return createConsumer;
    }

    public AdminClient createAdminClient(LogicalClusterUser logicalClusterUser) {
        AdminClient createAdminClient = KafkaTestUtils.createAdminClient(this.physicalCluster.bootstrapServers(), SecurityProtocol.SASL_PLAINTEXT, ScramMechanism.SCRAM_SHA_256.mechanismName(), logicalClusterUser.saslJaasConfig());
        this.adminClients.add(createAdminClient);
        return createAdminClient;
    }

    public AdminClient createAdminClient(String str, SecurityProtocol securityProtocol, String str2, String str3, Properties properties) {
        AdminClient createAdminClient = KafkaTestUtils.createAdminClient(str, securityProtocol, str2, str3, properties);
        this.adminClients.add(createAdminClient);
        return createAdminClient;
    }

    public AdminClient createOAuthAdminClient(String str, Properties properties) {
        AdminClient createAdminClient = KafkaTestUtils.createAdminClient(this.physicalCluster.bootstrapServers(), SecurityProtocol.SASL_PLAINTEXT, "OAUTHBEARER", str, properties);
        this.adminClients.add(createAdminClient);
        return createAdminClient;
    }

    public KafkaProducer<String, String> createOAuthProducer(String str, Properties properties) {
        KafkaProducer<String, String> createProducer = KafkaTestUtils.createProducer(this.physicalCluster.bootstrapServers(), SecurityProtocol.SASL_PLAINTEXT, "OAUTHBEARER", str, properties);
        this.producers.add(createProducer);
        return createProducer;
    }

    public KafkaConsumer<String, String> createOAuthConsumer(String str, String str2, Properties properties) {
        KafkaConsumer<String, String> createConsumer = KafkaTestUtils.createConsumer(this.physicalCluster.bootstrapServers(), SecurityProtocol.SASL_PLAINTEXT, "OAUTHBEARER", str2, str, properties);
        this.consumers.add(createConsumer);
        return createConsumer;
    }

    public AdminClient createSSLOAuthAdminClient(String str, Properties properties, Map<String, Object> map, String str2) {
        if (map != null) {
            properties.putAll(map);
        }
        if (str2 != null) {
            properties.put(SslConfigs.SSL_ENGINE_FACTORY_CLASS_CONFIG, str2);
        }
        AdminClient createAdminClient = KafkaTestUtils.createAdminClient(this.physicalCluster.bootstrapServers(), SecurityProtocol.SASL_SSL, "OAUTHBEARER", str, properties);
        this.adminClients.add(createAdminClient);
        return createAdminClient;
    }

    public AdminClient createPlainAuthAdminClient(String str) {
        return createPlainAuthAdminClient(str, new Properties());
    }

    public AdminClient createPlainAuthAdminClient(String str, Properties properties) {
        AdminClient createAdminClient = KafkaTestUtils.createAdminClient(this.physicalCluster.bootstrapServers(), SecurityProtocol.SASL_PLAINTEXT, "PLAIN", str, properties);
        this.adminClients.add(createAdminClient);
        return createAdminClient;
    }

    public AdminClient createSSLAuthAdminClient(String str, Map<String, Object> map) {
        return createSSLAuthAdminClient(str, map, null, null);
    }

    public AdminClient createSSLAuthAdminClient(String str, Map<String, Object> map, Class<? extends HostResolver> cls) {
        return createSSLAuthAdminClient(str, map, null, cls);
    }

    public AdminClient createSSLAuthAdminClient(String str, Map<String, Object> map, String str2) {
        return createSSLAuthAdminClient(str, map, str2, null);
    }

    public AdminClient createSSLAuthAdminClient(String str, Map<String, Object> map, String str2, Class<? extends HostResolver> cls) {
        Properties properties = new Properties();
        properties.put("ssl.truststore.location", map.get("ssl.truststore.location"));
        properties.put("ssl.truststore.password", ((Password) map.get("ssl.truststore.password")).value());
        properties.put("security.protocol", "SSL");
        if (str2 != null) {
            properties.put(SslConfigs.SSL_ENGINE_FACTORY_CLASS_CONFIG, str2);
        }
        if (cls != null) {
            properties.put(AdminClientConfig.HOST_RESOLVER_CLASS_CONFIG, cls.getName());
        }
        AdminClient createAdminClient = KafkaTestUtils.createAdminClient(this.physicalCluster.bootstrapServers(), SecurityProtocol.SASL_SSL, "PLAIN", str, properties);
        this.adminClients.add(createAdminClient);
        return createAdminClient;
    }

    public void produceConsume(LogicalClusterUser logicalClusterUser, LogicalClusterUser logicalClusterUser2, String str, String str2, int i, SecurityProtocol securityProtocol) throws Throwable {
        produceConsume(logicalClusterUser, logicalClusterUser2, Arrays.asList(str), str2, i, securityProtocol, true);
    }

    public void produceConsume(LogicalClusterUser logicalClusterUser, LogicalClusterUser logicalClusterUser2, List<String> list, String str, int i, SecurityProtocol securityProtocol) throws Throwable {
        produceConsume(logicalClusterUser, logicalClusterUser2, list, str, i, securityProtocol, true);
    }

    public void produceConsume(LogicalClusterUser logicalClusterUser, LogicalClusterUser logicalClusterUser2, List<String> list, String str, int i, SecurityProtocol securityProtocol, boolean z) throws Throwable {
        if (z) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                this.physicalCluster.kafkaCluster().createTopic(logicalClusterUser.tenantPrefix() + it.next(), 2, 1);
            }
        }
        KafkaProducer<String, String> createProducer = createProducer(logicalClusterUser, securityProtocol);
        Throwable th = null;
        try {
            ArrayList arrayList = new ArrayList();
            Iterator<String> it2 = list.iterator();
            while (it2.hasNext()) {
                arrayList.addAll(KafkaTestUtils.produce(createProducer, it2.next(), i, 10));
            }
            Iterator it3 = arrayList.iterator();
            while (it3.hasNext()) {
                try {
                    ((Future) it3.next()).get();
                } catch (ExecutionException e) {
                    throw e.getCause();
                }
            }
            KafkaConsumer<String, String> createConsumer = createConsumer(logicalClusterUser2, str, securityProtocol);
            Throwable th2 = null;
            try {
                try {
                    Iterator<String> it4 = list.iterator();
                    while (it4.hasNext()) {
                        KafkaTestUtils.consumeRecords(createConsumer, it4.next(), i, 10);
                    }
                    if (createConsumer != null) {
                        if (0 == 0) {
                            createConsumer.close();
                            return;
                        }
                        try {
                            createConsumer.close();
                        } catch (Throwable th3) {
                            th2.addSuppressed(th3);
                        }
                    }
                } catch (Throwable th4) {
                    th2 = th4;
                    throw th4;
                }
            } catch (Throwable th5) {
                if (createConsumer != null) {
                    if (th2 != null) {
                        try {
                            createConsumer.close();
                        } catch (Throwable th6) {
                            th2.addSuppressed(th6);
                        }
                    } else {
                        createConsumer.close();
                    }
                }
                throw th5;
            }
        } finally {
            if (createProducer != null) {
                if (0 != 0) {
                    try {
                        createProducer.close();
                    } catch (Throwable th7) {
                        th.addSuppressed(th7);
                    }
                } else {
                    createProducer.close();
                }
            }
        }
    }

    public void produceConsume(LogicalClusterUser logicalClusterUser, LogicalClusterUser logicalClusterUser2, String str, String str2, int i, boolean z) throws Throwable {
        produceConsume(logicalClusterUser, logicalClusterUser2, Arrays.asList(str), str2, i, SecurityProtocol.SASL_PLAINTEXT, z);
    }

    public void produceConsume(LogicalClusterUser logicalClusterUser, LogicalClusterUser logicalClusterUser2, List<String> list, String str, int i, boolean z) throws Throwable {
        produceConsume(logicalClusterUser, logicalClusterUser2, list, str, i, SecurityProtocol.SASL_PLAINTEXT, z);
    }

    public void produceConsume(LogicalClusterUser logicalClusterUser, LogicalClusterUser logicalClusterUser2, String str, String str2, int i) throws Throwable {
        produceConsume(logicalClusterUser, logicalClusterUser2, Arrays.asList(str), str2, i, SecurityProtocol.SASL_PLAINTEXT);
    }

    public void produceConsume(LogicalClusterUser logicalClusterUser, LogicalClusterUser logicalClusterUser2, List<String> list, String str, int i) throws Throwable {
        produceConsume(logicalClusterUser, logicalClusterUser2, list, str, i, SecurityProtocol.SASL_PLAINTEXT);
    }

    public static SSLEngine setSniHostName(SSLEngine sSLEngine, String str) {
        SSLParameters sSLParameters = sSLEngine.getSSLParameters();
        sSLParameters.setServerNames(Collections.singletonList(new SNIHostName(str)));
        sSLEngine.setSSLParameters(sSLParameters);
        return sSLEngine;
    }

    public static String clientPlainJaasConfig(String str, String str2) {
        return "org.apache.kafka.common.security.plain.PlainLoginModule required  username=\"" + str + "\"  password=\"" + str2 + "\";";
    }

    public static Properties defaultOAuthBrokerProps() {
        Properties properties = new Properties();
        properties.put(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList("OAUTHBEARER"));
        properties.put(KafkaConfig.ClientQuotaCallbackClassProp(), TenantQuotaCallback.class.getName());
        properties.put(ConfluentConfigs.ENABLE_AUTHENTICATION_AUDIT_LOGS, "true");
        properties.put(KafkaConfig.AuthorizerClassNameProp(), MultiTenantAuthorizer.class.getName());
        properties.put(MultiTenantAuditLogConfig.MULTI_TENANT_AUDIT_LOGGER_ENABLE_CONFIG, "true");
        properties.put(MockAuditLogProvider.AUDIT_PROVIDER_CONFIG, "TEST");
        properties.put("listener.name.external.oauthbearer.sasl.login.callback.handler.class", OAuthBearerServerLoginCallbackHandler.class.getName());
        properties.put("listener.name.external.oauthbearer.sasl.server.callback.handler.class", OAuthBearerValidatorCallbackHandler.class.getName());
        properties.put("listener.name.external.principal.builder.class", MultiTenantPrincipalBuilder.class.getName());
        return properties;
    }

    private PhysicalCluster createCluster(Optional<Time> optional) {
        return new PhysicalCluster(this.brokersInPhysicalCluster, this.brokerRacks, this.brokerCells, optional, this.testInfo);
    }

    private void tryCreateEarlyTopic(String str, int i, int i2, long j) {
        try {
            KafkaZkClient createZkClient = this.physicalCluster.kafkaCluster().createZkClient();
            Throwable th = null;
            try {
                try {
                    TestUtils.waitForCondition(() -> {
                        return createZkClient.getAllBrokersInCluster().size() == i2;
                    }, j, "Not enough brokers in ZooKeeper");
                    new AdminZkClient(createZkClient).createTopic(str, i, i2, new Properties(), RackAwareMode$Enforced$.MODULE$, false, false, Option.empty());
                    if (createZkClient != null) {
                        if (0 != 0) {
                            try {
                                createZkClient.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            createZkClient.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (InterruptedException e) {
            throw new TimeoutException();
        }
    }
}
