package org.apache.activemq.artemis.component;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.net.URI;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.util.ArrayList;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.servlet.DispatcherType;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import javax.servlet.ServletRequestEvent;
import javax.servlet.ServletRequestListener;
import org.apache.activemq.artemis.ActiveMQWebLogger;
import org.apache.activemq.artemis.api.core.Pair;
import org.apache.activemq.artemis.components.ExternalComponent;
import org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport;
import org.apache.activemq.artemis.dto.AppDTO;
import org.apache.activemq.artemis.dto.BindingDTO;
import org.apache.activemq.artemis.dto.ComponentDTO;
import org.apache.activemq.artemis.dto.WebServerDTO;
import org.apache.activemq.artemis.logs.AuditLogger;
import org.apache.activemq.artemis.marker.WebServerComponentMarker;
import org.apache.activemq.artemis.utils.ClassloadingUtil;
import org.apache.activemq.artemis.utils.PemConfigUtil;
import org.eclipse.jetty.security.DefaultAuthenticatorFactory;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.CustomRequestLog;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.RequestLog;
import org.eclipse.jetty.server.RequestLogWriter;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.HandlerList;
import org.eclipse.jetty.server.handler.ResourceHandler;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.util.Scanner;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.util.thread.ScheduledExecutorScheduler;
import org.eclipse.jetty.webapp.WebAppContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/activemq/artemis/component/WebServerComponent.class */
public class WebServerComponent implements ExternalComponent, WebServerComponentMarker {
    public static final String DIR_ALLOWED = "org.eclipse.jetty.servlet.Default.dirAllowed";
    public static final boolean DEFAULT_SNI_HOST_CHECK_VALUE = true;
    public static final boolean DEFAULT_SNI_REQUIRED_VALUE = false;
    public static final boolean DEFAULT_SSL_AUTO_RELOAD_VALUE = false;
    public static final int DEFAULT_SCAN_PERIOD_VALUE = 5;
    private Server server;
    private HandlerList handlers;
    private WebServerDTO webServerConfig;
    private ServerConnector[] connectors;
    private Path artemisHomePath;
    private Path temporaryWarDir;
    private String artemisInstance;
    private String artemisHome;
    private int scanPeriod;
    private Scanner scanner;
    private ScheduledExecutorScheduler scannerScheduler;
    private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
    public static final String WEB_CONSOLE_DISPLAY_NAME = System.getProperty("org.apache.activemq.artemis.webConsoleDisplayName", "hawtio");
    private final List<String> consoleUrls = new ArrayList();
    private final List<String> jolokiaUrls = new ArrayList();
    private final List<Pair<WebAppContext, String>> webContextData = new ArrayList();
    private Map<String, List<Runnable>> scannerTasks = new HashMap();

    public void configure(ComponentDTO componentDTO, String str, String str2) throws Exception {
        this.webServerConfig = (WebServerDTO) componentDTO;
        this.artemisInstance = str;
        this.artemisHome = str2;
        if (this.webServerConfig.getScanPeriod() != null) {
            this.scanPeriod = this.webServerConfig.getScanPeriod().intValue();
        } else {
            this.scanPeriod = 5;
        }
        this.temporaryWarDir = Paths.get(str != null ? str : ".", new String[0]).resolve("tmp").resolve("webapps").toAbsolutePath();
        if (Files.exists(this.temporaryWarDir, new LinkOption[0])) {
            return;
        }
        Files.createDirectories(this.temporaryWarDir, new FileAttribute[0]);
    }

    public synchronized void start() throws Exception {
        if (isStarted()) {
            return;
        }
        ActiveMQWebLogger.LOGGER.startingEmbeddedWebServer();
        this.server = new Server(new QueuedThreadPool(this.webServerConfig.maxThreads.intValue(), this.webServerConfig.minThreads.intValue(), this.webServerConfig.idleThreadTimeout.intValue()));
        this.handlers = new HandlerList();
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        if (this.webServerConfig.customizer != null) {
            try {
                httpConfiguration.addCustomizer((HttpConfiguration.Customizer) ClassloadingUtil.getInstanceWithTypeCheck(this.webServerConfig.customizer, HttpConfiguration.Customizer.class, getClass().getClassLoader()));
            } catch (Throwable th) {
                ActiveMQWebLogger.LOGGER.customizerNotLoaded(this.webServerConfig.customizer, th);
            }
        }
        List<BindingDTO> allBindings = this.webServerConfig.getAllBindings();
        this.connectors = new ServerConnector[allBindings.size()];
        String[] strArr = new String[allBindings.size()];
        this.artemisHomePath = Paths.get(this.artemisHome != null ? this.artemisHome : ".", new String[0]);
        Path absolutePath = this.artemisHomePath.resolve(this.webServerConfig.path).toAbsolutePath();
        Path absolutePath2 = Paths.get(this.artemisInstance != null ? this.artemisInstance : ".", new String[0]).resolve(this.webServerConfig.path).toAbsolutePath();
        for (int i = 0; i < allBindings.size(); i++) {
            BindingDTO bindingDTO = allBindings.get(i);
            URI uri = new URI(bindingDTO.uri);
            this.connectors[i] = createServerConnector(httpConfiguration, i, bindingDTO, uri, uri.getScheme());
            strArr[i] = "@Connector-" + i;
            if (bindingDTO.apps != null && bindingDTO.apps.size() > 0) {
                for (AppDTO appDTO : bindingDTO.apps) {
                    Path path = absolutePath;
                    if (new File(absolutePath2.toFile() + File.separator + appDTO.war).exists()) {
                        path = absolutePath2;
                    }
                    WebAppContext createWebAppContext = createWebAppContext(appDTO.url, appDTO.war, path, strArr[i]);
                    this.handlers.addHandler(createWebAppContext);
                    createWebAppContext.setInitParameter(DIR_ALLOWED, "false");
                    createWebAppContext.getSessionHandler().getSessionCookieConfig().setComment("__SAME_SITE_STRICT__");
                    createWebAppContext.addEventListener(new ServletContextListener() { // from class: org.apache.activemq.artemis.component.WebServerComponent.1
                        public void contextInitialized(ServletContextEvent servletContextEvent) {
                            servletContextEvent.getServletContext().addListener(new ServletRequestListener() { // from class: org.apache.activemq.artemis.component.WebServerComponent.1.1
                                public void requestDestroyed(ServletRequestEvent servletRequestEvent) {
                                    super.requestDestroyed(servletRequestEvent);
                                    AuditLogger.currentCaller.remove();
                                    AuditLogger.remoteAddress.remove();
                                }
                            });
                        }
                    });
                    this.webContextData.add(new Pair<>(createWebAppContext, bindingDTO.uri));
                }
            }
        }
        this.server.setConnectors(this.connectors);
        ResourceHandler resourceHandler = new ResourceHandler();
        resourceHandler.setResourceBase(absolutePath.toString());
        resourceHandler.setDirectoriesListed(false);
        resourceHandler.setWelcomeFiles(new String[]{"index.html"});
        ContextHandler contextHandler = new ContextHandler();
        contextHandler.setContextPath("/");
        contextHandler.setResourceBase(absolutePath.toString());
        contextHandler.setHandler(resourceHandler);
        contextHandler.setVirtualHosts(strArr);
        contextHandler.setInitParameter(DIR_ALLOWED, "false");
        ResourceHandler resourceHandler2 = new ResourceHandler();
        resourceHandler2.setResourceBase(absolutePath2.toString());
        resourceHandler2.setDirectoriesListed(false);
        resourceHandler2.setWelcomeFiles(new String[]{"index.html"});
        ContextHandler contextHandler2 = new ContextHandler();
        contextHandler2.setContextPath("/");
        contextHandler2.setResourceBase(absolutePath2.toString());
        contextHandler2.setHandler(resourceHandler2);
        contextHandler2.setVirtualHosts(strArr);
        contextHandler.setInitParameter(DIR_ALLOWED, "false");
        DefaultHandler defaultHandler = new DefaultHandler();
        defaultHandler.setServeIcon(false);
        defaultHandler.setRootRedirectLocation(this.webServerConfig.rootRedirectLocation);
        if (this.webServerConfig.requestLog != null && this.webServerConfig.requestLog.filename != null) {
            this.server.setRequestLog(getRequestLog());
        }
        if (this.webServerConfig.webContentEnabled != null && this.webServerConfig.webContentEnabled.booleanValue()) {
            this.handlers.addHandler(contextHandler);
            this.handlers.addHandler(contextHandler2);
        }
        this.handlers.addHandler(defaultHandler);
        this.server.setHandler(this.handlers);
        cleanupTmp();
        this.server.start();
        printStatus(allBindings);
    }

    private void printStatus(List<BindingDTO> list) {
        ActiveMQWebLogger.LOGGER.webserverStarted((String) list.stream().map(bindingDTO -> {
            return bindingDTO.uri;
        }).collect(Collectors.joining(", ")));
        for (Pair<WebAppContext, String> pair : this.webContextData) {
            if (WEB_CONSOLE_DISPLAY_NAME.equals(((WebAppContext) pair.getA()).getDisplayName())) {
                this.consoleUrls.add(((String) pair.getB()) + ((WebAppContext) pair.getA()).getContextPath());
                this.jolokiaUrls.add(((String) pair.getB()) + ((WebAppContext) pair.getA()).getContextPath() + "/jolokia");
            }
        }
        if (!this.jolokiaUrls.isEmpty()) {
            ActiveMQWebLogger.LOGGER.jolokiaAvailable(String.join(", ", this.jolokiaUrls));
        }
        if (this.consoleUrls.isEmpty()) {
            return;
        }
        ActiveMQWebLogger.LOGGER.consoleAvailable(String.join(", ", this.consoleUrls));
    }

    private ServerConnector createServerConnector(HttpConfiguration httpConfiguration, int i, BindingDTO bindingDTO, URI uri, String str) throws Exception {
        ServerConnector serverConnector;
        if ("https".equals(str)) {
            SslContextFactory.Server server = new SslContextFactory.Server();
            server.setKeyStorePath(bindingDTO.keyStorePath == null ? this.artemisInstance + "/etc/keystore.jks" : bindingDTO.keyStorePath);
            if (bindingDTO.keyStoreType != null) {
                server.setKeyStoreType(bindingDTO.keyStoreType);
                SSLSupport.checkPemProviderLoaded(bindingDTO.keyStoreType);
            }
            server.setKeyStorePassword(bindingDTO.getKeyStorePassword() == null ? "password" : bindingDTO.getKeyStorePassword());
            if (bindingDTO.getIncludedTLSProtocols() != null) {
                server.setIncludeProtocols(bindingDTO.getIncludedTLSProtocols());
            }
            if (bindingDTO.getExcludedTLSProtocols() != null) {
                server.setExcludeProtocols(bindingDTO.getExcludedTLSProtocols());
            }
            if (bindingDTO.getIncludedCipherSuites() != null) {
                server.setIncludeCipherSuites(bindingDTO.getIncludedCipherSuites());
            }
            if (bindingDTO.getExcludedCipherSuites() != null) {
                server.setExcludeCipherSuites(bindingDTO.getExcludedCipherSuites());
            }
            if (bindingDTO.clientAuth != null) {
                server.setNeedClientAuth(bindingDTO.clientAuth.booleanValue());
                if (bindingDTO.clientAuth.booleanValue()) {
                    server.setTrustStorePath(bindingDTO.trustStorePath);
                    server.setTrustStorePassword(bindingDTO.getTrustStorePassword());
                    if (bindingDTO.trustStoreType != null) {
                        server.setTrustStoreType(bindingDTO.trustStoreType);
                        SSLSupport.checkPemProviderLoaded(bindingDTO.trustStoreType);
                    }
                }
            }
            if (Boolean.TRUE.equals(bindingDTO.getSslAutoReload())) {
                addStoreResourceScannerTask(bindingDTO.getKeyStorePath(), bindingDTO.getKeyStoreType(), server);
                addStoreResourceScannerTask(bindingDTO.getTrustStorePath(), bindingDTO.getTrustStoreType(), server);
            }
            ConnectionFactory sslConnectionFactory = new SslConnectionFactory(server, "HTTP/1.1");
            SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
            secureRequestCustomizer.setSniHostCheck(bindingDTO.getSniHostCheck() != null ? bindingDTO.getSniHostCheck().booleanValue() : true);
            secureRequestCustomizer.setSniRequired(bindingDTO.getSniRequired() != null ? bindingDTO.getSniRequired().booleanValue() : false);
            httpConfiguration.addCustomizer(secureRequestCustomizer);
            httpConfiguration.setSendServerVersion(false);
            serverConnector = new ServerConnector(this.server, new ConnectionFactory[]{sslConnectionFactory, new HttpConnectionFactory(httpConfiguration)});
        } else {
            httpConfiguration.setSendServerVersion(false);
            serverConnector = new ServerConnector(this.server, new ConnectionFactory[]{new HttpConnectionFactory(httpConfiguration)});
        }
        serverConnector.setPort(uri.getPort());
        serverConnector.setHost(uri.getHost());
        serverConnector.setName("Connector-" + i);
        return serverConnector;
    }

    private File getStoreFile(String str) {
        File file = new File(str);
        if (!file.exists()) {
            throw new IllegalArgumentException("Store file does not exist: " + str);
        }
        if (file.isDirectory()) {
            throw new IllegalArgumentException("Expected store file not directory: " + str);
        }
        return file;
    }

    private File getParentStoreFile(File file) {
        File parentFile = file.getParentFile();
        if (parentFile.exists() && parentFile.isDirectory()) {
            return parentFile;
        }
        throw new IllegalArgumentException("Error obtaining store dir for " + file);
    }

    private Scanner getScanner() {
        if (this.scannerScheduler == null) {
            this.scannerScheduler = new ScheduledExecutorScheduler("WebScannerScheduler", true, 1);
            this.server.addBean(this.scannerScheduler);
        }
        if (this.scanner == null) {
            this.scanner = new Scanner(this.scannerScheduler);
            this.scanner.setScanInterval(this.scanPeriod);
            this.scanner.setReportDirs(false);
            this.scanner.setReportExistingFilesOnStartup(false);
            this.scanner.setScanDepth(1);
            this.scanner.addListener(set -> {
                Iterator it = set.iterator();
                while (it.hasNext()) {
                    List<Runnable> list = this.scannerTasks.get((String) it.next());
                    if (list != null) {
                        list.forEach(runnable -> {
                            runnable.run();
                        });
                    }
                }
            });
            this.server.addBean(this.scanner);
        }
        return this.scanner;
    }

    private void addScannerTask(File file, Runnable runnable) {
        File parentStoreFile = getParentStoreFile(file);
        String path = file.toPath().toString();
        List<Runnable> list = this.scannerTasks.get(path);
        if (list == null) {
            list = new ArrayList();
            this.scannerTasks.put(path, list);
        }
        list.add(runnable);
        getScanner().addDirectory(parentStoreFile.toPath());
    }

    private void addStoreResourceScannerTask(String str, String str2, SslContextFactory.Server server) {
        if (str != null) {
            File storeFile = getStoreFile(str);
            addScannerTask(storeFile, () -> {
                try {
                    server.reload(sslContextFactory -> {
                    });
                } catch (Exception e) {
                    logger.warn("Failed to reload the ssl factory related to {}", storeFile, e);
                }
            });
            if (PemConfigUtil.isPemConfigStoreType(str2)) {
                try {
                    FileInputStream fileInputStream = new FileInputStream(storeFile);
                    try {
                        String[] parseSources = PemConfigUtil.parseSources(fileInputStream);
                        fileInputStream.close();
                        if (parseSources != null) {
                            for (String str3 : parseSources) {
                                addStoreResourceScannerTask(str3, null, server);
                            }
                        }
                    } finally {
                    }
                } catch (IOException e) {
                    throw new IllegalArgumentException("Invalid PEM Config file: " + e);
                }
            }
        }
    }

    private RequestLog getRequestLog() {
        RequestLogWriter requestLogWriter = new RequestLogWriter();
        requestLogWriter.setFilename(this.webServerConfig.requestLog.filename);
        if (this.webServerConfig.requestLog.append != null) {
            requestLogWriter.setAppend(this.webServerConfig.requestLog.append.booleanValue());
        }
        if (this.webServerConfig.requestLog.filenameDateFormat != null) {
            requestLogWriter.setFilenameDateFormat(this.webServerConfig.requestLog.filenameDateFormat);
        }
        if (this.webServerConfig.requestLog.retainDays != null) {
            requestLogWriter.setRetainDays(this.webServerConfig.requestLog.retainDays.intValue());
        }
        CustomRequestLog customRequestLog = this.webServerConfig.requestLog.format != null ? new CustomRequestLog(requestLogWriter, this.webServerConfig.requestLog.format) : (this.webServerConfig.requestLog.extended == null || !this.webServerConfig.requestLog.extended.booleanValue()) ? new CustomRequestLog(requestLogWriter, "%{client}a - %u %t \"%r\" %s %O") : new CustomRequestLog(requestLogWriter, "%{client}a - %u %t \"%r\" %s %O \"%{Referer}i\" \"%{User-Agent}i\"");
        if (this.webServerConfig.requestLog.ignorePaths != null && this.webServerConfig.requestLog.ignorePaths.length() > 0) {
            String[] split = this.webServerConfig.requestLog.ignorePaths.split(",");
            String[] strArr = new String[split.length];
            for (int i = 0; i < strArr.length; i++) {
                strArr[i] = split[i].trim();
            }
            customRequestLog.setIgnorePaths(strArr);
        }
        return customRequestLog;
    }

    private File getLibFolder() {
        return new File(this.artemisHomePath.resolve("lib").toUri());
    }

    private void cleanupTmp() {
        if (this.webContextData.size() == 0) {
            return;
        }
        try {
            ArrayList arrayList = new ArrayList();
            Files.newDirectoryStream(this.temporaryWarDir).forEach(path -> {
                arrayList.add(path.toFile());
            });
            if (arrayList.size() > 0) {
                WebTmpCleaner.cleanupTmpFiles(getLibFolder(), arrayList, true);
            }
        } catch (Exception e) {
            logger.warn("Failed to get base dir for tmp web files", e);
        }
    }

    public void cleanupWebTemporaryFiles(List<Pair<WebAppContext, String>> list) throws Exception {
        ArrayList arrayList = new ArrayList();
        Iterator<Pair<WebAppContext, String>> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(((WebAppContext) it.next().getA()).getTempDirectory());
        }
        if (arrayList.isEmpty()) {
            return;
        }
        WebTmpCleaner.cleanupTmpFiles(getLibFolder(), arrayList);
    }

    public boolean isStarted() {
        return this.server != null && this.server.isStarted();
    }

    @Deprecated
    public int getPort() {
        return getPort(0);
    }

    public int getPort(int i) {
        if (i < this.connectors.length) {
            return this.connectors[i].getLocalPort();
        }
        return -1;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public WebAppContext createWebAppContext(String str, String str2, Path path, String str3) {
        WebAppContext webAppContext = new WebAppContext();
        if (str.startsWith("/")) {
            webAppContext.setContextPath(str);
        } else {
            webAppContext.setContextPath("/" + str);
        }
        webAppContext.addFilter(new FilterHolder(JolokiaFilter.class), "/*", EnumSet.of(DispatcherType.INCLUDE, DispatcherType.REQUEST));
        webAppContext.addFilter(new FilterHolder(AuthenticationFilter.class), "/auth/login/*", EnumSet.of(DispatcherType.REQUEST));
        webAppContext.setWar(path.resolve(str2).toString());
        String absolutePath = this.temporaryWarDir.toFile().getAbsolutePath();
        webAppContext.setAttribute("org.eclipse.jetty.webapp.basetempdir", absolutePath);
        webAppContext.setTempDirectory(new File(absolutePath + File.separator + str2));
        webAppContext.getSecurityHandler().setAuthenticatorFactory(new DefaultAuthenticatorFactory());
        webAppContext.setVirtualHosts(new String[]{str3});
        return webAppContext;
    }

    public void stop() throws Exception {
        stop(false);
    }

    public synchronized void stop(boolean z) throws Exception {
        if (z && isStarted()) {
            ActiveMQWebLogger.LOGGER.stoppingEmbeddedWebServer();
            this.server.stop();
            this.server = null;
            this.scanner = null;
            this.scannerScheduler = null;
            this.scannerTasks.clear();
            cleanupWebTemporaryFiles(this.webContextData);
            this.webContextData.clear();
            this.jolokiaUrls.clear();
            this.consoleUrls.clear();
            this.handlers = null;
            ActiveMQWebLogger.LOGGER.stoppedEmbeddedWebServer();
        }
    }

    public List<Pair<WebAppContext, String>> getWebContextData() {
        return this.webContextData;
    }

    public Server getWebServer() {
        return this.server;
    }
}
