package org.apache.geode.internal.cache;

import java.io.File;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.apache.commons.lang3.StringUtils;
import org.apache.geode.annotations.VisibleForTesting;
import org.apache.geode.cache.Cache;
import org.apache.geode.cache.internal.HttpService;
import org.apache.geode.distributed.internal.DistributionConfig;
import org.apache.geode.internal.admin.SSLConfig;
import org.apache.geode.internal.net.SSLConfigurationFactory;
import org.apache.geode.internal.security.SecurableCommunicationChannel;
import org.apache.geode.logging.internal.log4j.api.LogService;
import org.apache.geode.management.internal.SSLUtil;
import org.apache.geode.management.internal.beans.CacheServiceMBeanBase;
import org.apache.logging.log4j.Logger;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.AllowSymLinkAliasChecker;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;

/* loaded from: input_file:org/apache/geode/internal/cache/InternalHttpService.class */
public class InternalHttpService implements HttpService {
    private Server httpServer;
    private int port;
    private static final String HTTPS = "https";
    private static final Logger logger = LogService.getLogger();
    private static final String FILE_PATH_SEPARATOR = System.getProperty("file.separator");
    private static final String USER_DIR = System.getProperty("user.dir");
    private static final String USER_NAME = System.getProperty("user.name");
    private String bindAddress = "0.0.0.0";
    private List<WebAppContext> webApps = new ArrayList();

    public boolean init(Cache cache) {
        DistributionConfig config = cache.getDistributedSystem().getConfig();
        if (((InternalCache) cache).isClient()) {
            return false;
        }
        if (config.getHttpServicePort() == 0) {
            logger.info("HttpService is disabled with http-service-port = 0");
            return false;
        }
        try {
            createJettyServer(config.getHttpServiceBindAddress(), config.getHttpServicePort(), SSLConfigurationFactory.getSSLConfigForComponent(config, SecurableCommunicationChannel.WEB));
            return true;
        } catch (Throwable th) {
            logger.warn("Could not enable HttpService: {}", th.getMessage());
            return false;
        }
    }

    @VisibleForTesting
    public void createJettyServer(String str, int i, SSLConfig sSLConfig) {
        ServerConnector serverConnector;
        this.httpServer = new Server();
        this.httpServer.setHandler(new HandlerCollection(true, new Handler[0]));
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setSecureScheme(HTTPS);
        httpConfiguration.setSecurePort(i);
        if (sSLConfig.isEnabled()) {
            SslContextFactory.Server server = new SslContextFactory.Server();
            if (StringUtils.isNotBlank(sSLConfig.getAlias())) {
                server.setCertAlias(sSLConfig.getAlias());
            }
            server.setNeedClientAuth(sSLConfig.isRequireAuth());
            if (StringUtils.isNotBlank(sSLConfig.getCiphers()) && !"any".equalsIgnoreCase(sSLConfig.getCiphers())) {
                server.setExcludeCipherSuites(new String[0]);
                server.setIncludeCipherSuites(SSLUtil.readArray(sSLConfig.getCiphers()));
            }
            server.setSslContext(SSLUtil.createAndConfigureSSLContext(sSLConfig, false));
            if (logger.isDebugEnabled()) {
                logger.debug(server.dump());
            }
            httpConfiguration.addCustomizer(new SecureRequestCustomizer());
            serverConnector = new ServerConnector(this.httpServer, new ConnectionFactory[]{new SslConnectionFactory(server, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration)});
            serverConnector.setPort(i);
        } else {
            serverConnector = new ServerConnector(this.httpServer, new ConnectionFactory[]{new HttpConnectionFactory(httpConfiguration)});
            serverConnector.setPort(i);
        }
        this.httpServer.setConnectors(new Connector[]{serverConnector});
        if (StringUtils.isNotBlank(str)) {
            serverConnector.setHost(str);
        }
        if (str != null && !str.isEmpty()) {
            this.bindAddress = str;
        }
        this.port = i;
        logger.info("Enabled InternalHttpService on port {}", Integer.valueOf(i));
    }

    public Class<? extends CacheService> getInterface() {
        return HttpService.class;
    }

    public CacheServiceMBeanBase getMBean() {
        return null;
    }

    public Server getHttpServer() {
        return this.httpServer;
    }

    public synchronized void addWebApplication(String str, Path path, Map<String, Object> map) throws Exception {
        if (this.httpServer == null) {
            logger.info(String.format("unable to add %s webapp. Http service is not started on this member.", str));
            return;
        }
        WebAppContext webAppContext = new WebAppContext();
        webAppContext.setContextPath(str);
        webAppContext.setWar(path.toString());
        webAppContext.setParentLoaderPriority(false);
        webAppContext.getSystemClasspathPattern().add("com.fasterxml.jackson.annotation.");
        webAppContext.getServerClasspathPattern().add(new String[]{"com.fasterxml.jackson.", "-com.fasterxml.jackson.annotation."});
        webAppContext.setExtraClasspath(new File(".").getAbsolutePath());
        webAppContext.setInitParameter("org.eclipse.jetty.servlet.Default.dirAllowed", "false");
        webAppContext.addAliasCheck(new AllowSymLinkAliasChecker());
        if (map != null) {
            webAppContext.getClass();
            map.forEach(webAppContext::setAttribute);
        }
        File file = new File(getWebAppBaseDirectory(str));
        file.mkdirs();
        webAppContext.setTempDirectory(file);
        logger.info("Adding webapp " + str);
        this.httpServer.getHandler().addHandler(webAppContext);
        if (this.httpServer.isStarted()) {
            webAppContext.start();
        } else {
            logger.info("Attempting to start HTTP service on port ({}) at bind-address ({})...", Integer.valueOf(this.port), this.bindAddress);
            this.httpServer.start();
        }
        this.webApps.add(webAppContext);
    }

    private String getWebAppBaseDirectory(String str) {
        return USER_DIR.concat(FILE_PATH_SEPARATOR).concat("GemFire_" + USER_NAME).concat(FILE_PATH_SEPARATOR).concat("services").concat(FILE_PATH_SEPARATOR).concat("http").concat(FILE_PATH_SEPARATOR).concat(StringUtils.isBlank(this.bindAddress) ? "0.0.0.0" : this.bindAddress).concat("_").concat(String.valueOf(this.port).concat(str.replace("/", "_"))).concat("_").concat(UUID.randomUUID().toString().substring(0, 8));
    }

    public void close() {
        if (this.httpServer == null) {
            return;
        }
        logger.debug("Stopping the HTTP service...");
        try {
            try {
                Iterator<WebAppContext> it = this.webApps.iterator();
                while (it.hasNext()) {
                    it.next().stop();
                }
                try {
                    this.httpServer.stop();
                    this.httpServer.destroy();
                } catch (Exception e) {
                    logger.info("Failed to properly release resources held by the HTTP service: {}", e.getMessage(), e);
                } finally {
                    this.httpServer = null;
                }
            } catch (Exception e2) {
                logger.warn("Failed to stop the HTTP service because: {}", e2.getMessage(), e2);
                try {
                    try {
                        this.httpServer.destroy();
                    } catch (Exception e3) {
                        logger.info("Failed to properly release resources held by the HTTP service: {}", e3.getMessage(), e3);
                    }
                } finally {
                }
            }
        } catch (Throwable th) {
            try {
                try {
                    this.httpServer.destroy();
                } catch (Exception e4) {
                    logger.info("Failed to properly release resources held by the HTTP service: {}", e4.getMessage(), e4);
                    this.httpServer = null;
                    throw th;
                }
                throw th;
            } finally {
            }
        }
    }
}
