package org.apache.ranger.server.tomcat;

import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.security.PrivilegedAction;
import java.util.Date;
import java.util.Iterator;
import java.util.Properties;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.servlet.ServletException;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.startup.Tomcat;
import org.apache.catalina.valves.AccessLogValve;
import org.apache.hadoop.security.SecureClientLogin;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/apache/ranger/server/tomcat/EmbeddedServer.class */
public class EmbeddedServer {
    private static final String CORE_SITE_CONFIG_FILENAME = "core-site.xml";
    private static final String DEFAULT_WEBAPPS_ROOT_FOLDER = "webapps";
    private static final String AUTH_TYPE_KERBEROS = "kerberos";
    private static final String AUTHENTICATION_TYPE = "hadoop.security.authentication";
    private static final String ADMIN_USER_PRINCIPAL = "ranger.admin.kerberos.principal";
    private static final String ADMIN_USER_KEYTAB = "ranger.admin.kerberos.keytab";
    private static final String ADMIN_NAME_RULES = "hadoop.security.auth_to_local";
    private Properties serverConfigProperties = new Properties();
    private static final Logger LOG = Logger.getLogger(EmbeddedServer.class.getName());
    private static final String DEFAULT_CONFIG_FILENAME = "ranger-admin-site.xml";
    private static String configFile = DEFAULT_CONFIG_FILENAME;
    public static int DEFAULT_SHUTDOWN_PORT = 6185;
    public static String DEFAULT_SHUTDOWN_COMMAND = "SHUTDOWN";

    public static void main(String[] strArr) {
        new EmbeddedServer(strArr).start();
    }

    public EmbeddedServer(String[] strArr) {
        if (strArr.length > 0) {
            configFile = strArr[0];
        }
        loadConfig(CORE_SITE_CONFIG_FILENAME);
        loadConfig(configFile);
    }

    public void start() {
        final Tomcat tomcat = new Tomcat();
        String config = getConfig("logdir");
        if (config == null) {
            config = getConfig("kms.log.dir");
        }
        String config2 = getConfig("ranger.service.host");
        int intConfig = getIntConfig("ranger.service.http.port", 6181);
        int intConfig2 = getIntConfig("ranger.service.https.port", -1);
        int intConfig3 = getIntConfig("ranger.service.shutdown.port", DEFAULT_SHUTDOWN_PORT);
        String config3 = getConfig("ranger.service.shutdown.command", DEFAULT_SHUTDOWN_COMMAND);
        tomcat.setHostname(config2);
        tomcat.setPort(intConfig);
        tomcat.getServer().setPort(intConfig3);
        tomcat.getServer().setShutdown(config3);
        boolean booleanValue = Boolean.valueOf(getConfig("ranger.service.https.attrib.ssl.enabled", "false")).booleanValue();
        if (Boolean.valueOf(getConfig("ajp.enabled", "false")).booleanValue()) {
            Connector connector = new Connector("org.apache.coyote.ajp.AjpNioProtocol");
            connector.setPort(intConfig);
            connector.setProperty("protocol", "AJP/1.3");
            tomcat.getService().addConnector(connector);
            tomcat.setConnector(connector);
            LOG.info("Created AJP Connector");
        } else if (intConfig2 > 0 && booleanValue) {
            Connector connector2 = new Connector();
            connector2.setPort(intConfig2);
            connector2.setSecure(true);
            connector2.setScheme("https");
            connector2.setAttribute("SSLEnabled", "true");
            connector2.setAttribute("sslProtocol", getConfig("ranger.service.https.attrib.ssl.protocol", "TLS"));
            connector2.setAttribute("clientAuth", getConfig("ranger.service.https.attrib.clientAuth", "false"));
            connector2.setAttribute("keyAlias", getConfig("ranger.service.https.attrib.keystore.keyalias"));
            connector2.setAttribute("keystorePass", getConfig("ranger.service.https.attrib.keystore.pass"));
            connector2.setAttribute("keystoreFile", getKeystoreFile());
            connector2.setAttribute("sslEnabledProtocols", "SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2");
            tomcat.getService().addConnector(connector2);
            tomcat.setConnector(connector2);
        }
        updateHttpConnectorAttribConfig(tomcat);
        File file = new File(config);
        if (!file.exists()) {
            file.mkdirs();
        }
        AccessLogValve accessLogValve = new AccessLogValve();
        accessLogValve.setRotatable(true);
        accessLogValve.setAsyncSupported(true);
        accessLogValve.setBuffered(false);
        accessLogValve.setEnabled(true);
        accessLogValve.setFileDateFormat(getConfig("ranger.accesslog.dateformat", "yyyy-MM-dd.HH"));
        accessLogValve.setDirectory(file.getAbsolutePath());
        accessLogValve.setRotatable(true);
        accessLogValve.setSuffix(".log");
        accessLogValve.setPattern(getConfig("ranger.accesslog.pattern", "%h %l %u %t \"%r\" %s %b"));
        tomcat.getHost().getPipeline().addValve(accessLogValve);
        try {
            String config4 = getConfig("xa.webapp.dir");
            if (config4 == null || config4.trim().isEmpty()) {
                String config5 = getConfig("catalina.base");
                if (config5 == null || config5.trim().isEmpty()) {
                    LOG.severe("Tomcat Server failed to start: catalina.base and/or xa.webapp.dir is not set");
                    System.exit(1);
                }
                config4 = config5 + File.separator + "webapp";
                LOG.info("Deriving webapp folder from catalina.base property. folder=" + config4);
            }
            String config6 = getConfig("ranger.contextName", "/");
            if (config6 == null) {
                config6 = "/";
            } else if (!config6.startsWith("/")) {
                LOG.info("Context Name [" + config6 + "] is being loaded as [ /" + config6 + "]");
                config6 = "/" + config6;
            }
            File file2 = new File(config4);
            if (file2.isDirectory()) {
                LOG.info("Webapp file =" + config4 + ", webAppName = " + config6);
            } else if (file2.isFile()) {
                File file3 = new File(DEFAULT_WEBAPPS_ROOT_FOLDER);
                if (!file3.exists()) {
                    file3.mkdirs();
                }
                LOG.info("Webapp file =" + config4 + ", webAppName = " + config6);
            }
            LOG.info("Adding webapp [" + config6 + "] = path [" + config4 + "] .....");
            tomcat.addWebapp(config6, new File(config4).getAbsolutePath()).init();
            LOG.info("Finished init of webapp [" + config6 + "] = path [" + config4 + "].");
        } catch (ServletException e) {
            LOG.severe("Tomcat Server failed to add webapp:" + e.toString());
            e.printStackTrace();
        } catch (LifecycleException e2) {
            LOG.severe("Tomcat Server failed to start webapp:" + e2.toString());
            e2.printStackTrace();
        }
        if (getConfig("logdir") == null) {
            try {
                tomcat.start();
                tomcat.getServer().await();
                shutdownServer();
                return;
            } catch (Exception e3) {
                LOG.severe("Tomcat Server failed to start:" + e3.toString());
                e3.printStackTrace();
                return;
            } catch (LifecycleException e4) {
                LOG.severe("Tomcat Server failed to start:" + e4.toString());
                e4.printStackTrace();
                return;
            }
        }
        String config7 = getConfig(ADMIN_USER_KEYTAB);
        String str = null;
        try {
            str = SecureClientLogin.getPrincipal(getConfig(ADMIN_USER_PRINCIPAL), config2);
        } catch (IOException e5) {
        }
        String config8 = getConfig(ADMIN_NAME_RULES);
        if (getConfig(AUTHENTICATION_TYPE) != null && getConfig(AUTHENTICATION_TYPE).trim().equalsIgnoreCase(AUTH_TYPE_KERBEROS) && SecureClientLogin.isKerberosCredentialExists(str, config7)) {
            try {
                LOG.info("Provided Kerberos Credential : Principal = " + str + " and Keytab = " + config7);
                Subject.doAs(SecureClientLogin.loginUserFromKeytab(str, config7, config8), new PrivilegedAction<Void>() { // from class: org.apache.ranger.server.tomcat.EmbeddedServer.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public Void run() {
                        try {
                            EmbeddedServer.LOG.info("Starting Server using kerberos crendential");
                            tomcat.start();
                            tomcat.getServer().await();
                            EmbeddedServer.this.shutdownServer();
                            return null;
                        } catch (Exception e6) {
                            EmbeddedServer.LOG.severe("Tomcat Server failed to start:" + e6.toString());
                            e6.printStackTrace();
                            return null;
                        } catch (LifecycleException e7) {
                            EmbeddedServer.LOG.severe("Tomcat Server failed to start:" + e7.toString());
                            e7.printStackTrace();
                            return null;
                        }
                    }
                });
                return;
            } catch (Exception e6) {
                LOG.severe("Tomcat Server failed to start:" + e6.toString());
                e6.printStackTrace();
                return;
            }
        }
        try {
            tomcat.start();
            tomcat.getServer().await();
            shutdownServer();
        } catch (Exception e7) {
            LOG.severe("Tomcat Server failed to start:" + e7.toString());
            e7.printStackTrace();
        } catch (LifecycleException e8) {
            LOG.severe("Tomcat Server failed to start:" + e8.toString());
            e8.printStackTrace();
        }
    }

    private String getKeystoreFile() {
        String config = getConfig("ranger.service.https.attrib.keystore.file");
        if (config == null || config.trim().isEmpty()) {
            config = getConfig("ranger.https.attrib.keystore.file");
        }
        return config;
    }

    protected String getConfig(String str) {
        String property = this.serverConfigProperties.getProperty(str);
        if (property == null || property.trim().isEmpty()) {
            property = System.getProperty(str);
        }
        return property;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getConfig(String str, String str2) {
        String config = getConfig(str);
        if (config == null) {
            config = str2;
        }
        return config;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int getIntConfig(String str, int i) {
        String config = getConfig(str);
        return config == null ? i : Integer.parseInt(config);
    }

    private String getResourceFileName(String str) {
        String str2 = str;
        ClassLoader classLoader = getClass().getClassLoader();
        for (String str3 : new String[]{str, "/" + str}) {
            try {
                URL resource = classLoader.getResource(str3);
                if (resource != null) {
                    str2 = resource.getFile();
                }
            } catch (Throwable th) {
                str2 = null;
            }
            if (str2 != null) {
                break;
            }
        }
        if (str2 == null) {
            str2 = str;
        }
        return str2;
    }

    public void shutdownServer() {
        int intConfig = getIntConfig("service.waitTimeForForceShutdownInSeconds", 0);
        if (intConfig > 0) {
            long currentTimeMillis = System.currentTimeMillis() + (intConfig * 1000);
            LOG.info("Will wait for all threads to shutdown gracefully. Final shutdown Time: " + new Date(currentTimeMillis));
            while (true) {
                if (System.currentTimeMillis() >= currentTimeMillis) {
                    break;
                }
                int activeCount = Thread.activeCount();
                if (activeCount == 0) {
                    LOG.info("Number of active threads = " + activeCount + ".");
                    break;
                }
                LOG.info("Number of active threads = " + activeCount + ". Waiting for all threads to shutdown ...");
                try {
                    Thread.sleep(5000L);
                } catch (InterruptedException e) {
                    LOG.warning("shutdownServer process is interrupted with exception: " + e);
                }
            }
        }
        LOG.info("Shuting down the Server.");
        System.exit(0);
    }

    public void loadConfig(String str) {
        String resourceFileName = getResourceFileName(str);
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setIgnoringComments(true);
            newInstance.setNamespaceAware(true);
            Document parse = newInstance.newDocumentBuilder().parse(new File(resourceFileName));
            parse.getDocumentElement().normalize();
            NodeList elementsByTagName = parse.getElementsByTagName("property");
            for (int i = 0; i < elementsByTagName.getLength(); i++) {
                Node item = elementsByTagName.item(i);
                if (item.getNodeType() == 1) {
                    Element element = (Element) item;
                    this.serverConfigProperties.put(element.getElementsByTagName("name").item(0) != null ? element.getElementsByTagName("name").item(0).getTextContent().trim() : "", element.getElementsByTagName("value").item(0) != null ? element.getElementsByTagName("value").item(0).getTextContent().trim() : "");
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    protected long getLongConfig(String str, long j) {
        String config = getConfig(str);
        return config == null ? j : Long.parseLong(config);
    }

    public void updateHttpConnectorAttribConfig(Tomcat tomcat) {
        tomcat.getConnector().setAllowTrace(Boolean.valueOf(getConfig("ranger.service.http.connector.attrib.allowTrace", "false")).booleanValue());
        tomcat.getConnector().setAsyncTimeout(getLongConfig("ranger.service.http.connector.attrib.asyncTimeout", 10000L));
        tomcat.getConnector().setEnableLookups(Boolean.valueOf(getConfig("ranger.service.http.connector.attrib.enableLookups", "false")).booleanValue());
        tomcat.getConnector().setMaxHeaderCount(getIntConfig("ranger.service.http.connector.attrib.maxHeaderCount", 100));
        tomcat.getConnector().setMaxParameterCount(getIntConfig("ranger.service.http.connector.attrib.maxParameterCount", 10000));
        tomcat.getConnector().setMaxPostSize(getIntConfig("ranger.service.http.connector.attrib.maxPostSize", 2097152));
        tomcat.getConnector().setMaxSavePostSize(getIntConfig("ranger.service.http.connector.attrib.maxSavePostSize", 4096));
        tomcat.getConnector().setParseBodyMethods(getConfig("ranger.service.http.connector.attrib.methods", "POST"));
        Iterator it = this.serverConfigProperties.keySet().iterator();
        while (it.hasNext()) {
            String obj = it.next().toString();
            if (obj != null && obj.startsWith("ranger.service.http.connector.property.")) {
                String replace = obj.replace("ranger.service.http.connector.property.", "");
                tomcat.getConnector().setProperty(replace, getConfig(obj));
                LOG.info(replace + ":" + tomcat.getConnector().getProperty(replace));
            }
        }
    }
}
