package org.apache.nifi.minifi.bootstrap.configuration.ingestors;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.UncheckedIOException;
import java.net.URI;
import java.nio.ByteBuffer;
import java.security.KeyStore;
import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import java.util.Optional;
import java.util.function.Predicate;
import java.util.function.Supplier;
import javax.net.ssl.SSLContext;
import org.apache.commons.io.IOUtils;
import org.apache.nifi.jetty.configuration.connector.StandardServerConnectorFactory;
import org.apache.nifi.minifi.bootstrap.ConfigurationFileHolder;
import org.apache.nifi.minifi.bootstrap.configuration.ConfigurationChangeNotifier;
import org.apache.nifi.minifi.bootstrap.configuration.ListenerHandleResult;
import org.apache.nifi.minifi.bootstrap.configuration.differentiators.Differentiator;
import org.apache.nifi.minifi.bootstrap.configuration.differentiators.WholeConfigDifferentiator;
import org.apache.nifi.minifi.bootstrap.configuration.ingestors.interfaces.ChangeIngestor;
import org.apache.nifi.minifi.properties.BootstrapProperties;
import org.apache.nifi.security.ssl.StandardKeyStoreBuilder;
import org.apache.nifi.security.ssl.StandardSslContextBuilder;
import org.apache.nifi.security.util.KeystoreType;
import org.apache.nifi.security.util.TlsPlatform;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.util.Callback;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/nifi/minifi/bootstrap/configuration/ingestors/RestChangeIngestor.class */
public class RestChangeIngestor implements ChangeIngestor {
    public static final String GET_TEXT = "This is a config change listener for an Apache NiFi - MiNiFi instance.\nUse this rest server to upload a flow.json to configure the MiNiFi instance.\nSend a POST http request to '/' to upload the file.";
    public static final String OTHER_TEXT = "This is not a supported HTTP operation. Please use GET to get more information or POST to upload a new flow.json file.\n";
    public static final String POST = "POST";
    public static final String GET = "GET";
    public static final String RECEIVE_HTTP_BASE_KEY = "nifi.minifi.notifier.ingestors.receive.http";
    public static final String PORT_KEY = "nifi.minifi.notifier.ingestors.receive.http.port";
    public static final String HOST_KEY = "nifi.minifi.notifier.ingestors.receive.http.host";
    public static final String TRUSTSTORE_LOCATION_KEY = "nifi.minifi.notifier.ingestors.receive.http.truststore.location";
    public static final String TRUSTSTORE_PASSWORD_KEY = "nifi.minifi.notifier.ingestors.receive.http.truststore.password";
    public static final String TRUSTSTORE_TYPE_KEY = "nifi.minifi.notifier.ingestors.receive.http.truststore.type";
    public static final String KEYSTORE_LOCATION_KEY = "nifi.minifi.notifier.ingestors.receive.http.keystore.location";
    public static final String KEYSTORE_PASSWORD_KEY = "nifi.minifi.notifier.ingestors.receive.http.keystore.password";
    public static final String KEYSTORE_TYPE_KEY = "nifi.minifi.notifier.ingestors.receive.http.keystore.type";
    public static final String NEED_CLIENT_AUTH_KEY = "nifi.minifi.notifier.ingestors.receive.http.need.client.auth";
    public static final String DIFFERENTIATOR_KEY = "nifi.minifi.notifier.ingestors.receive.http.differentiator";
    private static final Logger logger = LoggerFactory.getLogger(RestChangeIngestor.class);
    private static final BouncyCastleProvider BOUNCY_CASTLE_PROVIDER = new BouncyCastleProvider();
    private static final Map<String, Supplier<Differentiator<ByteBuffer>>> DIFFERENTIATOR_CONSTRUCTOR_MAP = Map.of(WholeConfigDifferentiator.WHOLE_CONFIG_KEY, WholeConfigDifferentiator::getByteBufferDifferentiator);
    private final Server jetty;
    private volatile Differentiator<ByteBuffer> differentiator;
    private volatile ConfigurationChangeNotifier configurationChangeNotifier;

    /* loaded from: input_file:org/apache/nifi/minifi/bootstrap/configuration/ingestors/RestChangeIngestor$JettyHandler.class */
    private class JettyHandler extends Handler.Abstract {
        private JettyHandler() {
        }

        public boolean handle(Request request, Response response, Callback callback) {
            int i;
            String str;
            logRequest(request);
            if (!RestChangeIngestor.POST.equals(request.getMethod())) {
                if (RestChangeIngestor.GET.equals(request.getMethod())) {
                    writeOutput(request, response, RestChangeIngestor.GET_TEXT, 200);
                    return false;
                }
                writeOutput(request, response, RestChangeIngestor.OTHER_TEXT, 404);
                return false;
            }
            try {
                ByteBuffer duplicate = ByteBuffer.wrap(IOUtils.toByteArray(Request.asInputStream(request))).duplicate();
                if (RestChangeIngestor.this.differentiator.isNew(duplicate)) {
                    Collection<ListenerHandleResult> notifyListeners = RestChangeIngestor.this.configurationChangeNotifier.notifyListeners(duplicate);
                    i = 200;
                    Iterator<ListenerHandleResult> it = notifyListeners.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (!it.next().succeeded()) {
                            i = 500;
                            break;
                        }
                    }
                    str = getPostText(notifyListeners);
                } else {
                    i = 409;
                    str = "Request received but instance is already running this config.";
                }
            } catch (Exception e) {
                RestChangeIngestor.logger.error("Failed to override config file", e);
                i = 500;
                str = "Failed to override config file";
            }
            writeOutput(request, response, str, i);
            return false;
        }

        private String getPostText(Collection<ListenerHandleResult> collection) {
            StringBuilder sb = new StringBuilder("The result of notifying listeners:\n");
            Iterator<ListenerHandleResult> it = collection.iterator();
            while (it.hasNext()) {
                sb.append(it.next().toString());
                sb.append("\n");
            }
            return sb.toString();
        }

        private void writeOutput(Request request, Response response, String str, int i) {
            response.setStatus(i);
            response.getHeaders().put(HttpHeader.CONTENT_TYPE, "text/plain");
            response.getHeaders().put(HttpHeader.CONTENT_LENGTH, str.length());
            PrintWriter printWriter = new PrintWriter(Response.asBufferedOutputStream(request, response));
            try {
                printWriter.print(str);
                printWriter.flush();
                printWriter.close();
            } catch (Throwable th) {
                try {
                    printWriter.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }

        private void logRequest(Request request) {
            RestChangeIngestor.logger.info(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>");
            RestChangeIngestor.logger.info("request method = " + request.getMethod());
            RestChangeIngestor.logger.info("request url = " + String.valueOf(request.getHttpURI()));
            RestChangeIngestor.logger.info("context path = " + request.getContext().getContextPath());
            RestChangeIngestor.logger.info("request content type = " + request.getHeaders().get(HttpHeader.CONTENT_TYPE));
            RestChangeIngestor.logger.info("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<");
        }
    }

    public RestChangeIngestor() {
        QueuedThreadPool queuedThreadPool = new QueuedThreadPool();
        queuedThreadPool.setDaemon(true);
        this.jetty = new Server(queuedThreadPool);
    }

    @Override // org.apache.nifi.minifi.bootstrap.configuration.ingestors.interfaces.ChangeIngestor
    public void initialize(BootstrapProperties bootstrapProperties, ConfigurationFileHolder configurationFileHolder, ConfigurationChangeNotifier configurationChangeNotifier) {
        logger.info("Initializing RestChangeIngestor");
        this.differentiator = (Differentiator) Optional.ofNullable(bootstrapProperties.getProperty(DIFFERENTIATOR_KEY)).filter(Predicate.not((v0) -> {
            return v0.isBlank();
        })).map(str -> {
            return (Differentiator) Optional.ofNullable(DIFFERENTIATOR_CONSTRUCTOR_MAP.get(str)).map((v0) -> {
                return v0.get();
            }).orElseThrow(unableToFindDifferentiatorExceptionSupplier(str));
        }).orElseGet(WholeConfigDifferentiator::getByteBufferDifferentiator);
        this.differentiator.initialize(configurationFileHolder);
        Optional.ofNullable(bootstrapProperties.getProperty(KEYSTORE_LOCATION_KEY)).ifPresentOrElse(str2 -> {
            createSecureConnector(bootstrapProperties);
        }, () -> {
            createConnector(bootstrapProperties);
        });
        this.configurationChangeNotifier = configurationChangeNotifier;
        ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection(new ContextHandler[0]);
        contextHandlerCollection.addHandler(new JettyHandler());
        this.jetty.setHandler(contextHandlerCollection);
    }

    @Override // org.apache.nifi.minifi.bootstrap.configuration.ingestors.interfaces.ChangeIngestor
    public void start() {
        try {
            this.jetty.start();
            logger.info("RestChangeIngester has started and is listening on port {}.", Integer.valueOf(getPort()));
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    @Override // org.apache.nifi.minifi.bootstrap.configuration.ingestors.interfaces.ChangeIngestor
    public void close() throws IOException {
        logger.warn("Shutting down the jetty server");
        try {
            this.jetty.stop();
            this.jetty.destroy();
            logger.warn("Done shutting down the jetty server");
        } catch (Exception e) {
            throw new IOException(e);
        }
    }

    public URI getURI() {
        return this.jetty.getURI();
    }

    public int getPort() {
        if (this.jetty.isStarted()) {
            return this.jetty.getConnectors()[0].getLocalPort();
        }
        throw new IllegalStateException("Jetty server not started");
    }

    private void createConnector(BootstrapProperties bootstrapProperties) {
        ServerConnector serverConnector = new ServerConnector(this.jetty);
        serverConnector.setPort(Integer.parseInt(bootstrapProperties.getProperty(PORT_KEY, "0")));
        serverConnector.setHost(bootstrapProperties.getProperty(HOST_KEY, "localhost"));
        serverConnector.setIdleTimeout(30000L);
        this.jetty.addConnector(serverConnector);
        logger.info("Added an http connector on the host '{}' and port '{}'", serverConnector.getHost(), Integer.valueOf(serverConnector.getPort()));
    }

    private void createSecureConnector(BootstrapProperties bootstrapProperties) {
        KeyStore keyStore = null;
        try {
            FileInputStream fileInputStream = new FileInputStream(bootstrapProperties.getProperty(KEYSTORE_LOCATION_KEY));
            try {
                String property = bootstrapProperties.getProperty(KEYSTORE_TYPE_KEY);
                StandardKeyStoreBuilder password = new StandardKeyStoreBuilder().type(property).inputStream(fileInputStream).password(bootstrapProperties.getProperty(KEYSTORE_PASSWORD_KEY).toCharArray());
                if (KeystoreType.BCFKS.getType().equals(property)) {
                    password.provider(BOUNCY_CASTLE_PROVIDER);
                }
                KeyStore build = password.build();
                fileInputStream.close();
                if (bootstrapProperties.getProperty(TRUSTSTORE_LOCATION_KEY) != null) {
                    String property2 = bootstrapProperties.getProperty(TRUSTSTORE_TYPE_KEY);
                    try {
                        fileInputStream = new FileInputStream(bootstrapProperties.getProperty(TRUSTSTORE_LOCATION_KEY));
                        try {
                            StandardKeyStoreBuilder password2 = new StandardKeyStoreBuilder().type(property2).inputStream(fileInputStream).password(bootstrapProperties.getProperty(TRUSTSTORE_PASSWORD_KEY).toCharArray());
                            if (KeystoreType.BCFKS.getType().equals(property2)) {
                                password2.provider(BOUNCY_CASTLE_PROVIDER);
                            }
                            keyStore = password2.build();
                            fileInputStream.close();
                        } finally {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th) {
                                th.addSuppressed(th);
                            }
                        }
                    } catch (IOException e) {
                        throw new UncheckedIOException("Trust Store loading failed", e);
                    }
                }
                SSLContext build2 = new StandardSslContextBuilder().keyStore(build).keyPassword(bootstrapProperties.getProperty(KEYSTORE_PASSWORD_KEY).toCharArray()).trustStore(keyStore).build();
                StandardServerConnectorFactory standardServerConnectorFactory = new StandardServerConnectorFactory(this.jetty, Integer.parseInt(bootstrapProperties.getProperty(PORT_KEY, "0")));
                standardServerConnectorFactory.setNeedClientAuth(Boolean.parseBoolean(bootstrapProperties.getProperty(NEED_CLIENT_AUTH_KEY, "true")));
                standardServerConnectorFactory.setSslContext(build2);
                standardServerConnectorFactory.setIncludeSecurityProtocols((String[]) TlsPlatform.getPreferredProtocols().toArray(new String[0]));
                ServerConnector serverConnector = standardServerConnectorFactory.getServerConnector();
                serverConnector.setHost(bootstrapProperties.getProperty(HOST_KEY, "localhost"));
                this.jetty.addConnector(serverConnector);
                logger.info("HTTPS Connector added for Host [{}] and Port [{}]", serverConnector.getHost(), Integer.valueOf(serverConnector.getPort()));
            } finally {
            }
        } catch (IOException e2) {
            throw new UncheckedIOException("Key Store loading failed", e2);
        }
    }

    private Supplier<IllegalArgumentException> unableToFindDifferentiatorExceptionSupplier(String str) {
        return () -> {
            return new IllegalArgumentException("Property, nifi.minifi.notifier.ingestors.receive.http.differentiator, has value " + str + " which does not correspond to any in the FileChangeIngestor Map:" + String.valueOf(DIFFERENTIATOR_CONSTRUCTOR_MAP.keySet()));
        };
    }

    void setDifferentiator(Differentiator<ByteBuffer> differentiator) {
        this.differentiator = differentiator;
    }
}
