package co.cask.cdap.gateway.router;

import co.cask.cdap.common.ServiceBindException;
import co.cask.cdap.common.conf.CConfiguration;
import co.cask.cdap.common.conf.SConfiguration;
import co.cask.cdap.gateway.router.handlers.HttpRequestHandler;
import co.cask.cdap.gateway.router.handlers.HttpStatusRequestHandler;
import co.cask.cdap.gateway.router.handlers.SecurityAuthenticationHttpHandler;
import co.cask.cdap.security.auth.AccessTokenTransformer;
import co.cask.cdap.security.auth.TokenValidator;
import co.cask.cdap.security.tools.SSLHandlerFactory;
import com.google.common.base.Throwables;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.util.concurrent.AbstractIdleService;
import com.google.common.util.concurrent.Service;
import com.google.common.util.concurrent.ThreadFactoryBuilder;
import com.google.inject.Inject;
import com.google.inject.name.Named;
import java.io.File;
import java.lang.Thread;
import java.net.BindException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.Executor;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.twill.discovery.DiscoveryServiceClient;
import org.jboss.netty.bootstrap.ClientBootstrap;
import org.jboss.netty.bootstrap.ServerBootstrap;
import org.jboss.netty.buffer.DirectChannelBufferFactory;
import org.jboss.netty.channel.Channel;
import org.jboss.netty.channel.ChannelException;
import org.jboss.netty.channel.ChannelHandlerContext;
import org.jboss.netty.channel.ChannelPipeline;
import org.jboss.netty.channel.ChannelPipelineFactory;
import org.jboss.netty.channel.ChannelStateEvent;
import org.jboss.netty.channel.ChannelUpstreamHandler;
import org.jboss.netty.channel.Channels;
import org.jboss.netty.channel.SimpleChannelUpstreamHandler;
import org.jboss.netty.channel.group.ChannelGroup;
import org.jboss.netty.channel.group.DefaultChannelGroup;
import org.jboss.netty.channel.socket.nio.NioClientBossPool;
import org.jboss.netty.channel.socket.nio.NioClientSocketChannelFactory;
import org.jboss.netty.channel.socket.nio.NioServerSocketChannelFactory;
import org.jboss.netty.channel.socket.nio.NioWorkerPool;
import org.jboss.netty.handler.codec.http.HttpRequestDecoder;
import org.jboss.netty.handler.codec.http.HttpResponseEncoder;
import org.jboss.netty.util.HashedWheelTimer;
import org.jboss.netty.util.Timer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:co/cask/cdap/gateway/router/NettyRouter.class */
public class NettyRouter extends AbstractIdleService {
    private static final Logger LOG = LoggerFactory.getLogger(NettyRouter.class);
    private static final int CLOSE_CHANNEL_TIMEOUT_SECS = 10;
    private final int serverBossThreadPoolSize;
    private final int serverWorkerThreadPoolSize;
    private final int serverConnectionBacklog;
    private final int clientBossThreadPoolSize;
    private final int clientWorkerThreadPoolSize;
    private final InetAddress hostname;
    private final RouterServiceLookup serviceLookup;
    private final boolean securityEnabled;
    private final TokenValidator tokenValidator;
    private final AccessTokenTransformer accessTokenTransformer;
    private final CConfiguration configuration;
    private final String realm;
    private final boolean sslEnabled;
    private final SSLHandlerFactory sslHandlerFactory;
    private final int connectionTimeout;
    private Timer timer;
    private ServerBootstrap serverBootstrap;
    private ClientBootstrap clientBootstrap;
    private DiscoveryServiceClient discoveryServiceClient;
    private final ChannelGroup channelGroup = new DefaultChannelGroup("server channels");
    private final Map<String, Integer> serviceToPortMap = new HashMap();

    @Inject
    public NettyRouter(CConfiguration cConfiguration, SConfiguration sConfiguration, @Named("router.bind.address") InetAddress inetAddress, RouterServiceLookup routerServiceLookup, TokenValidator tokenValidator, AccessTokenTransformer accessTokenTransformer, DiscoveryServiceClient discoveryServiceClient) {
        this.serverBossThreadPoolSize = cConfiguration.getInt("router.server.boss.threads");
        this.serverWorkerThreadPoolSize = cConfiguration.getInt("router.server.worker.threads");
        this.serverConnectionBacklog = cConfiguration.getInt("router.connection.backlog");
        this.clientBossThreadPoolSize = cConfiguration.getInt("router.client.boss.threads");
        this.clientWorkerThreadPoolSize = cConfiguration.getInt("router.client.worker.threads");
        this.hostname = inetAddress;
        this.serviceLookup = routerServiceLookup;
        this.securityEnabled = cConfiguration.getBoolean("security.enabled", false);
        this.realm = cConfiguration.get("security.realm");
        this.tokenValidator = tokenValidator;
        this.accessTokenTransformer = accessTokenTransformer;
        this.discoveryServiceClient = discoveryServiceClient;
        this.configuration = cConfiguration;
        this.sslEnabled = cConfiguration.getBoolean("ssl.external.enabled");
        if (isSSLEnabled()) {
            this.serviceToPortMap.put("gateway", Integer.valueOf(cConfiguration.getInt("router.ssl.bind.port")));
            try {
                this.sslHandlerFactory = new SSLHandlerFactory(new File(sConfiguration.get("router.ssl.keystore.path")), sConfiguration.get("router.ssl.keystore.type", "JKS"), sConfiguration.get("router.ssl.keystore.password"), sConfiguration.get("router.ssl.keystore.keypassword"));
            } catch (Throwable th) {
                throw new RuntimeException("SSL is enabled but the keystore file could not be read. Please verify that the keystore file exists and the path is set correctly : " + sConfiguration.get("router.ssl.keystore.path"));
            }
        } else {
            this.serviceToPortMap.put("gateway", Integer.valueOf(cConfiguration.getInt("router.bind.port")));
            this.sslHandlerFactory = null;
        }
        this.connectionTimeout = cConfiguration.getInt("router.connection.idle.timeout.secs");
        LOG.info("Using connection timeout: {}", Integer.valueOf(this.connectionTimeout));
        LOG.info("Service to Port Mapping - {}", this.serviceToPortMap);
    }

    protected void startUp() throws ServiceBindException {
        SimpleChannelUpstreamHandler simpleChannelUpstreamHandler = new SimpleChannelUpstreamHandler() { // from class: co.cask.cdap.gateway.router.NettyRouter.1
            public void channelOpen(ChannelHandlerContext channelHandlerContext, ChannelStateEvent channelStateEvent) throws Exception {
                NettyRouter.this.channelGroup.add(channelStateEvent.getChannel());
                super.channelOpen(channelHandlerContext, channelStateEvent);
            }
        };
        this.tokenValidator.startAndWait();
        this.timer = new HashedWheelTimer(new ThreadFactoryBuilder().setDaemon(true).setNameFormat("router-idle-event-generator-timer").build());
        bootstrapClient(simpleChannelUpstreamHandler);
        bootstrapServer(simpleChannelUpstreamHandler);
    }

    protected void shutDown() throws Exception {
        LOG.info("Stopping Netty Router...");
        try {
            if (!this.channelGroup.close().await(10L, TimeUnit.SECONDS)) {
                LOG.warn("Timeout when closing all channels.");
            }
            LOG.info("Stopped Netty Router.");
        } finally {
            this.serverBootstrap.shutdown();
            this.clientBootstrap.shutdown();
            this.clientBootstrap.releaseExternalResources();
            this.serverBootstrap.releaseExternalResources();
            this.tokenValidator.stopAndWait();
            this.timer.stop();
        }
    }

    protected Executor executor(Service.State state) {
        final AtomicInteger atomicInteger = new AtomicInteger();
        final Thread.UncaughtExceptionHandler uncaughtExceptionHandler = new Thread.UncaughtExceptionHandler() { // from class: co.cask.cdap.gateway.router.NettyRouter.2
            @Override // java.lang.Thread.UncaughtExceptionHandler
            public void uncaughtException(Thread thread, Throwable th) {
            }
        };
        return new Executor() { // from class: co.cask.cdap.gateway.router.NettyRouter.3
            @Override // java.util.concurrent.Executor
            public void execute(Runnable runnable) {
                Thread thread = new Thread(runnable, String.format("NettyRouter-%d", Integer.valueOf(atomicInteger.incrementAndGet())));
                thread.setUncaughtExceptionHandler(uncaughtExceptionHandler);
                thread.start();
            }
        };
    }

    public RouterServiceLookup getServiceLookup() {
        return this.serviceLookup;
    }

    private ExecutorService createExecutorService(int i, String str) {
        return Executors.newFixedThreadPool(i, new ThreadFactoryBuilder().setDaemon(true).setNameFormat(str).build());
    }

    private void bootstrapServer(final ChannelUpstreamHandler channelUpstreamHandler) throws ServiceBindException {
        this.serverBootstrap = new ServerBootstrap(new NioServerSocketChannelFactory(createExecutorService(this.serverBossThreadPoolSize, "router-server-boss-thread-%d"), createExecutorService(this.serverWorkerThreadPoolSize, "router-server-worker-thread-%d")));
        this.serverBootstrap.setOption("backlog", Integer.valueOf(this.serverConnectionBacklog));
        this.serverBootstrap.setOption("child.bufferFactory", new DirectChannelBufferFactory());
        this.serverBootstrap.setPipelineFactory(new ChannelPipelineFactory() { // from class: co.cask.cdap.gateway.router.NettyRouter.4
            public ChannelPipeline getPipeline() throws Exception {
                ChannelPipeline pipeline = Channels.pipeline();
                if (NettyRouter.this.isSSLEnabled()) {
                    pipeline.addLast("ssl", NettyRouter.this.sslHandlerFactory.create());
                }
                pipeline.addLast("tracker", channelUpstreamHandler);
                pipeline.addLast("http-response-encoder", new HttpResponseEncoder());
                pipeline.addLast("http-decoder", new HttpRequestDecoder());
                pipeline.addLast("http-status-request-handler", new HttpStatusRequestHandler());
                if (NettyRouter.this.securityEnabled) {
                    pipeline.addLast("access-token-authenticator", new SecurityAuthenticationHttpHandler(NettyRouter.this.realm, NettyRouter.this.tokenValidator, NettyRouter.this.configuration, NettyRouter.this.accessTokenTransformer, NettyRouter.this.discoveryServiceClient));
                }
                pipeline.addLast("http-request-handler", new HttpRequestHandler(NettyRouter.this.clientBootstrap, NettyRouter.this.serviceLookup, ImmutableList.of()));
                return pipeline;
            }
        });
        ImmutableMap.Builder builder = ImmutableMap.builder();
        for (Map.Entry<String, Integer> entry : this.serviceToPortMap.entrySet()) {
            int intValue = entry.getValue().intValue();
            String key = entry.getKey();
            String service = this.serviceLookup.getService(intValue);
            if (service != null) {
                LOG.warn("Port {} is already configured to service {}, ignoring forward for service {}", new Object[]{Integer.valueOf(intValue), service, key});
            } else {
                InetSocketAddress inetSocketAddress = new InetSocketAddress(this.hostname, intValue);
                LOG.info("Starting Netty Router for service {} on address {}...", key, inetSocketAddress);
                try {
                    Channel bind = this.serverBootstrap.bind(inetSocketAddress);
                    InetSocketAddress inetSocketAddress2 = (InetSocketAddress) bind.getLocalAddress();
                    builder.put(Integer.valueOf(inetSocketAddress2.getPort()), key);
                    this.channelGroup.add(bind);
                    this.serviceLookup.updateServiceMap(builder.build());
                    LOG.info("Started Netty Router for service {} on address {}.", key, inetSocketAddress2);
                } catch (ChannelException e) {
                    if (!(Throwables.getRootCause(e) instanceof BindException)) {
                        throw e;
                    }
                    throw new ServiceBindException("Router", this.hostname.getCanonicalHostName(), intValue, e);
                }
            }
        }
    }

    private void bootstrapClient(ChannelUpstreamHandler channelUpstreamHandler) {
        this.clientBootstrap = new ClientBootstrap(new NioClientSocketChannelFactory(new NioClientBossPool(createExecutorService(this.clientBossThreadPoolSize, "router-client-boss-thread-%d"), this.clientBossThreadPoolSize), new NioWorkerPool(createExecutorService(this.clientWorkerThreadPoolSize, "router-client-worker-thread-%d"), this.clientWorkerThreadPoolSize)));
        this.clientBootstrap.setPipelineFactory(new ClientChannelPipelineFactory(channelUpstreamHandler, this.connectionTimeout, this.timer));
        this.clientBootstrap.setOption("bufferFactory", new DirectChannelBufferFactory());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isSSLEnabled() {
        return this.sslEnabled;
    }
}
