package kafka.api;

import java.util.Properties;
import kafka.utils.TestUtils$;
import org.apache.kafka.common.network.Mode;
import org.apache.kafka.common.security.auth.AuthenticationContext;
import org.apache.kafka.common.security.auth.KafkaPrincipal;
import org.apache.kafka.common.security.auth.KafkaPrincipalBuilder;
import org.apache.kafka.common.security.auth.SecurityProtocol;
import org.apache.kafka.common.security.auth.SslAuthenticationContext;
import org.junit.Before;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.StringContext;
import scala.collection.LinearSeqOptimized;
import scala.collection.immutable.List$;
import scala.collection.immutable.StringOps;
import scala.reflect.ScalaSignature;
import scala.util.matching.Regex;

/* compiled from: SslEndToEndAuthorizationTest.scala */
@ScalaSignature(bytes = "\u0006\u0001\u0005mq!B\u0001\u0003\u0011\u00039\u0011\u0001H*tY\u0016sG\rV8F]\u0012\fU\u000f\u001e5pe&T\u0018\r^5p]R+7\u000f\u001e\u0006\u0003\u0007\u0011\t1!\u00199j\u0015\u0005)\u0011!B6bM.\f7\u0001\u0001\t\u0003\u0011%i\u0011A\u0001\u0004\u0006\u0015\tA\ta\u0003\u0002\u001d'NdWI\u001c3U_\u0016sG-Q;uQ>\u0014\u0018N_1uS>tG+Z:u'\rIAB\u0005\t\u0003\u001bAi\u0011A\u0004\u0006\u0002\u001f\u0005)1oY1mC&\u0011\u0011C\u0004\u0002\u0007\u0003:L(+\u001a4\u0011\u00055\u0019\u0012B\u0001\u000b\u000f\u00051\u0019VM]5bY&T\u0018M\u00197f\u0011\u00151\u0012\u0002\"\u0001\u0018\u0003\u0019a\u0014N\\5u}Q\tqA\u0002\u0003\u001a\u0013\u0001Q\"\u0001\u0006+fgR\u0004&/\u001b8dSB\fGNQ;jY\u0012,'oE\u0002\u00197\r\u0002\"\u0001H\u0011\u000e\u0003uQ!AH\u0010\u0002\t1\fgn\u001a\u0006\u0002A\u0005!!.\u0019<b\u0013\t\u0011SD\u0001\u0004PE*,7\r\u001e\t\u0003IAj\u0011!\n\u0006\u0003M\u001d\nA!Y;uQ*\u0011\u0001&K\u0001\tg\u0016\u001cWO]5us*\u0011!fK\u0001\u0007G>lWn\u001c8\u000b\u0005\u0015a#BA\u0017/\u0003\u0019\t\u0007/Y2iK*\tq&A\u0002pe\u001eL!!M\u0013\u0003+-\u000bgm[1Qe&t7-\u001b9bY\n+\u0018\u000e\u001c3fe\")a\u0003\u0007C\u0001gQ\tA\u0007\u0005\u0002615\t\u0011\u0002C\u000481\t\u0007I\u0011\u0002\u001d\u0002\u000fA\u000bG\u000f^3s]V\t\u0011\b\u0005\u0002;\u007f5\t1H\u0003\u0002={\u0005AQ.\u0019;dQ&twM\u0003\u0002?\u001d\u0005!Q\u000f^5m\u0013\t\u00015HA\u0003SK\u001e,\u0007\u0010\u0003\u0004C1\u0001\u0006I!O\u0001\t!\u0006$H/\u001a:oA!)A\t\u0007C!\u000b\u0006)!-^5mIR\u0011a)\u0013\t\u0003I\u001dK!\u0001S\u0013\u0003\u001d-\u000bgm[1Qe&t7-\u001b9bY\")!j\u0011a\u0001\u0017\u000691m\u001c8uKb$\bC\u0001\u0013M\u0013\tiUEA\u000bBkRDWM\u001c;jG\u0006$\u0018n\u001c8D_:$X\r\u001f;\t\u000f=K\u0011\u0011!C\u0005!\u0006Y!/Z1e%\u0016\u001cx\u000e\u001c<f)\u0005Yb\u0001\u0002\u0006\u0003\u0001I\u001b\"!U*\u0011\u0005!!\u0016BA+\u0003\u0005e)e\u000e\u001a+p\u000b:$\u0017)\u001e;i_JL'0\u0019;j_:$Vm\u001d;\t\u000bY\tF\u0011A,\u0015\u0003a\u0003\"\u0001C)\t\u000bi\u000bF\u0011K.\u0002!M,7-\u001e:jif\u0004&o\u001c;pG>dW#\u0001/\u0011\u0005\u0011j\u0016B\u00010&\u0005A\u0019VmY;sSRL\bK]8u_\u000e|G\u000eC\u0004a#\n\u0007I\u0011B1\u0002\u0011\rd\u0017.\u001a8u\u0007:,\u0012A\u0019\t\u00039\rL!\u0001Z\u000f\u0003\rM#(/\u001b8h\u0011\u00191\u0017\u000b)A\u0005E\u0006I1\r\\5f]R\u001ce\u000e\t\u0005\bQF\u0013\r\u0011\"\u0011j\u0003=\u0019G.[3oiB\u0013\u0018N\\2ja\u0006dW#\u00016\u0011\u0005-tgBA\u0007m\u0013\tig\"\u0001\u0004Qe\u0016$WMZ\u0005\u0003I>T!!\u001c\b\t\rE\f\u0006\u0015!\u0003k\u0003A\u0019G.[3oiB\u0013\u0018N\\2ja\u0006d\u0007\u0005C\u0004t#\n\u0007I\u0011I1\u0002\u001d-\fgm[1Qe&t7-\u001b9bY\"1Q/\u0015Q\u0001\n\t\fqb[1gW\u0006\u0004&/\u001b8dSB\fG\u000e\t\u0005\u0006oF#\t\u0005_\u0001\u0006g\u0016$X\u000b\u001d\u000b\u0002sB\u0011QB_\u0005\u0003w:\u0011A!\u00168ji\"\u0012a/ \t\u0004}\u0006\rQ\"A@\u000b\u0007\u0005\u0005a&A\u0003kk:LG/C\u0002\u0002\u0006}\u0014aAQ3g_J,\u0007bBA\u0005#\u0012\u0005\u00131B\u0001\u0014G2LWM\u001c;TK\u000e,(/\u001b;z!J|\u0007o\u001d\u000b\u0005\u0003\u001b\t9\u0002\u0005\u0003\u0002\u0010\u0005MQBAA\t\u0015\tqt$\u0003\u0003\u0002\u0016\u0005E!A\u0003)s_B,'\u000f^5fg\"9\u0011\u0011DA\u0004\u0001\u0004Q\u0017!C2feR\fE.[1t\u0001")
/* loaded from: input_file:kafka/api/SslEndToEndAuthorizationTest.class */
public class SslEndToEndAuthorizationTest extends EndToEndAuthorizationTest {
    private final String clientCn;
    private final String clientPrincipal;
    private final String kafkaPrincipal;

    /* compiled from: SslEndToEndAuthorizationTest.scala */
    /* loaded from: input_file:kafka/api/SslEndToEndAuthorizationTest$TestPrincipalBuilder.class */
    public static class TestPrincipalBuilder implements KafkaPrincipalBuilder {
        private final Regex Pattern = new StringOps(Predef$.MODULE$.augmentString("O=A (.*?),CN=(.*?)")).r();

        private Regex Pattern() {
            return this.Pattern;
        }

        public KafkaPrincipal build(AuthenticationContext authenticationContext) {
            KafkaPrincipal kafkaPrincipal;
            if (!(authenticationContext instanceof SslAuthenticationContext)) {
                throw new MatchError(authenticationContext);
            }
            String name = ((SslAuthenticationContext) authenticationContext).session().getPeerPrincipal().getName();
            Option unapplySeq = Pattern().unapplySeq(name);
            if (unapplySeq.isEmpty() || unapplySeq.get() == null || ((LinearSeqOptimized) unapplySeq.get()).lengthCompare(2) != 0) {
                kafkaPrincipal = KafkaPrincipal.ANONYMOUS;
            } else {
                String str = (String) ((LinearSeqOptimized) unapplySeq.get()).apply(0);
                kafkaPrincipal = new KafkaPrincipal("User", (str != null ? !str.equals("server") : "server" != 0) ? name : str);
            }
            return kafkaPrincipal;
        }
    }

    @Override // kafka.integration.KafkaServerTestHarness
    public SecurityProtocol securityProtocol() {
        return SecurityProtocol.SSL;
    }

    private String clientCn() {
        return this.clientCn;
    }

    @Override // kafka.api.EndToEndAuthorizationTest
    public String clientPrincipal() {
        return this.clientPrincipal;
    }

    @Override // kafka.api.EndToEndAuthorizationTest
    public String kafkaPrincipal() {
        return this.kafkaPrincipal;
    }

    @Override // kafka.api.EndToEndAuthorizationTest, kafka.api.IntegrationTestHarness, kafka.integration.KafkaServerTestHarness, kafka.zk.ZooKeeperTestHarness
    @Before
    public void setUp() {
        startSasl(jaasSections(List$.MODULE$.empty(), None$.MODULE$, ZkSasl$.MODULE$, jaasSections$default$4()));
        super.setUp();
    }

    @Override // kafka.api.IntegrationTestHarness
    public Properties clientSecurityProps(String str) {
        Properties securityConfigs = TestUtils$.MODULE$.securityConfigs(Mode.CLIENT, securityProtocol(), mo269trustStoreFile(), str, clientCn(), mo307clientSaslProperties());
        securityConfigs.remove("ssl.endpoint.identification.algorithm");
        return securityConfigs;
    }

    public SslEndToEndAuthorizationTest() {
        serverConfig().setProperty("ssl.client.auth", "required");
        serverConfig().setProperty("principal.builder.class", TestPrincipalBuilder.class.getName());
        this.clientCn = "\\#A client with special chars in CN : (\\, \\+ \\\" \\\\ \\< \\> \\; ')";
        this.clientPrincipal = new StringContext(Predef$.MODULE$.wrapRefArray(new String[]{"O=A client,CN=", ""})).s(Predef$.MODULE$.genericWrapArray(new Object[]{clientCn()}));
        this.kafkaPrincipal = "server";
    }
}
