package eu.unicore.util.jetty;

import eu.unicore.security.canl.IAuthnAndTrustConfiguration;
import eu.unicore.util.Log;
import eu.unicore.util.configuration.ConfigurationException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.EnumSet;
import java.util.Random;
import javax.servlet.DispatcherType;
import org.apache.log4j.Logger;
import org.eclipse.jetty.server.AbstractConnector;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.HandlerContainer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.bio.SocketConnector;
import org.eclipse.jetty.server.nio.SelectChannelConnector;
import org.eclipse.jetty.server.session.HashSessionIdManager;
import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
import org.eclipse.jetty.server.ssl.SslSocketConnector;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;

/* loaded from: input_file:eu/unicore/util/jetty/JettyServerBase.class */
public abstract class JettyServerBase {
    private static final Logger logger = Log.getLogger(Log.HTTP_SERVER, JettyServerBase.class);
    protected final Class<? extends JettyLogger> jettyLogger;
    protected final URL[] listenUrls;
    protected final IAuthnAndTrustConfiguration securityConfiguration;
    protected final HttpServerProperties extraSettings;
    private Server theServer;

    public JettyServerBase(URL url, IAuthnAndTrustConfiguration iAuthnAndTrustConfiguration, HttpServerProperties httpServerProperties) throws ConfigurationException {
        this(new URL[]{url}, iAuthnAndTrustConfiguration, httpServerProperties, JettyLogger.class);
    }

    public JettyServerBase(URL[] urlArr, IAuthnAndTrustConfiguration iAuthnAndTrustConfiguration, HttpServerProperties httpServerProperties, Class<? extends JettyLogger> cls) throws ConfigurationException {
        this.securityConfiguration = iAuthnAndTrustConfiguration;
        this.jettyLogger = cls;
        this.listenUrls = urlArr;
        this.extraSettings = httpServerProperties;
    }

    public void start() throws Exception {
        logger.debug("Starting Jetty HTTP server");
        this.theServer.start();
        updatePortsIfNeeded();
        logger.info("Jetty HTTP server was started");
    }

    public void stop() throws Exception {
        logger.debug("Stopping Jetty HTTP server");
        this.theServer.stop();
        logger.info("Jetty HTTP server was stopped");
    }

    protected void initServer() throws ConfigurationException {
        if (this.jettyLogger != null) {
            logger.debug("Setting a custom class for handling Jetty logging: " + this.jettyLogger.getName());
            System.setProperty("org.eclipse.jetty.util.log.class", this.jettyLogger.getName());
        }
        if (this.listenUrls.length == 1 && "0.0.0.0".equals(this.listenUrls[0].getHost())) {
            logger.info("Creating Jetty HTTP server, will listen on all network interfaces");
        } else {
            StringBuilder sb = new StringBuilder();
            for (URL url : this.listenUrls) {
                sb.append(url).append(" ");
            }
            logger.info("Creating Jetty HTTP server, will listen on: " + ((Object) sb));
        }
        this.theServer = new Server();
        configureSessionIdManager(this.extraSettings.getBooleanValue(HttpServerProperties.FAST_RANDOM).booleanValue());
        for (Connector connector : createConnectors()) {
            this.theServer.addConnector(connector);
        }
        configureServer();
        this.theServer.setHandler(createRootHandler());
        configureGzip();
    }

    protected void configureSessionIdManager(boolean z) {
        if (z) {
            logger.info("Using fast (but less secure) session ID generator");
            this.theServer.setSessionIdManager(new HashSessionIdManager(new Random()));
        }
    }

    protected Connector[] createConnectors() throws ConfigurationException {
        AbstractConnector[] abstractConnectorArr = new AbstractConnector[this.listenUrls.length];
        for (int i = 0; i < this.listenUrls.length; i++) {
            abstractConnectorArr[i] = createConnector(this.listenUrls[i]);
            configureConnector(abstractConnectorArr[i], this.listenUrls[i]);
        }
        return abstractConnectorArr;
    }

    protected AbstractConnector createConnector(URL url) throws ConfigurationException {
        return url.getProtocol().startsWith("https") ? createSecureConnector(url) : createPlainConnector(url);
    }

    protected SslSelectChannelConnector getNioSecuredConnectorInstance() {
        try {
            NIOSSLSocketConnector nIOSSLSocketConnector = new NIOSSLSocketConnector(this.securityConfiguration.getValidator(), this.securityConfiguration.getCredential());
            nIOSSLSocketConnector.setLowResourcesConnections(this.extraSettings.getIntValue(HttpServerProperties.HIGH_LOAD_CONNECTIONS).intValue());
            return nIOSSLSocketConnector;
        } catch (Exception e) {
            throw new RuntimeException("Can not create Jetty NIO SSL connector, shouldn't happen.", e);
        }
    }

    protected SslSocketConnector getClassicSecuredConnectorInstance() {
        try {
            return new CustomSslSocketConnector(this.securityConfiguration.getValidator(), this.securityConfiguration.getCredential());
        } catch (Exception e) {
            throw new RuntimeException("Can not create Jetty SSL connector, shouldn't happen.", e);
        }
    }

    protected AbstractConnector createSecureConnector(URL url) throws ConfigurationException {
        SslSelectChannelConnector classicSecuredConnectorInstance;
        if (this.extraSettings.getBooleanValue(HttpServerProperties.USE_NIO).booleanValue()) {
            logger.debug("Creating SSL NIO connector on: " + url);
            classicSecuredConnectorInstance = getNioSecuredConnectorInstance();
        } else {
            logger.debug("Creating SSL connector on: " + url);
            classicSecuredConnectorInstance = getClassicSecuredConnectorInstance();
        }
        SslContextFactory sslContextFactory = classicSecuredConnectorInstance.getSslContextFactory();
        sslContextFactory.setNeedClientAuth(this.extraSettings.getBooleanValue(HttpServerProperties.REQUIRE_CLIENT_AUTHN).booleanValue());
        sslContextFactory.setWantClientAuth(this.extraSettings.getBooleanValue(HttpServerProperties.WANT_CLIENT_AUTHN).booleanValue());
        String value = this.extraSettings.getValue(HttpServerProperties.DISABLED_CIPHER_SUITES);
        if (value != null) {
            String trim = value.trim();
            if (trim.length() > 1) {
                sslContextFactory.setExcludeCipherSuites(trim.split("[ ]+"));
            }
        }
        logger.debug("SSL protocol was set to: '" + sslContextFactory.getProtocol() + "'");
        return (AbstractConnector) classicSecuredConnectorInstance;
    }

    protected SelectChannelConnector getNioPlainConnectorInstance() {
        return new SelectChannelConnector();
    }

    protected SocketConnector getClassicPlainConnectorInstance() {
        return new SocketConnector();
    }

    protected AbstractConnector createPlainConnector(URL url) {
        if (!this.extraSettings.getBooleanValue(HttpServerProperties.USE_NIO).booleanValue()) {
            logger.debug("Creating plain HTTP connector on: " + url);
            return getClassicPlainConnectorInstance();
        }
        logger.debug("Creating plain NIO HTTP connector on: " + url);
        SelectChannelConnector nioPlainConnectorInstance = getNioPlainConnectorInstance();
        nioPlainConnectorInstance.setLowResourcesConnections(this.extraSettings.getIntValue(HttpServerProperties.HIGH_LOAD_CONNECTIONS).intValue());
        return nioPlainConnectorInstance;
    }

    protected void configureConnector(AbstractConnector abstractConnector, URL url) throws ConfigurationException {
        abstractConnector.setHost(url.getHost());
        abstractConnector.setPort(url.getPort() == -1 ? url.getDefaultPort() : url.getPort());
        abstractConnector.setSoLingerTime(this.extraSettings.getIntValue(HttpServerProperties.SO_LINGER_TIME).intValue());
        abstractConnector.setLowResourcesMaxIdleTime(this.extraSettings.getIntValue(HttpServerProperties.LOW_RESOURCE_MAX_IDLE_TIME).intValue());
        abstractConnector.setMaxIdleTime(this.extraSettings.getIntValue(HttpServerProperties.MAX_IDLE_TIME).intValue());
    }

    protected void configureServer() throws ConfigurationException {
        QueuedThreadPool queuedThreadPool = new QueuedThreadPool();
        int length = getUrls().length;
        if (this.extraSettings.getBooleanValue(HttpServerProperties.USE_NIO).booleanValue()) {
            length *= 2;
        }
        queuedThreadPool.setMaxThreads(this.extraSettings.getIntValue(HttpServerProperties.MAX_THREADS).intValue() + length);
        queuedThreadPool.setMinThreads(this.extraSettings.getIntValue(HttpServerProperties.MIN_THREADS).intValue() + length);
        this.theServer.setThreadPool(queuedThreadPool);
    }

    protected void configureGzip() throws ConfigurationException {
        if (this.extraSettings.getBooleanValue(HttpServerProperties.ENABLE_GZIP).booleanValue()) {
            FilterHolder filterHolder = new FilterHolder(new ConfigurableGzipFilter(this.extraSettings));
            logger.info("Enabling GZIP compression filter");
            tryToAddGzipFilter(filterHolder, getRootHandler());
        }
    }

    protected void tryToAddGzipFilter(FilterHolder filterHolder, Handler handler) {
        if (handler instanceof ServletContextHandler) {
            ((ServletContextHandler) handler).addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST));
            return;
        }
        if (handler instanceof HandlerContainer) {
            for (Handler handler2 : ((HandlerContainer) handler).getChildHandlers()) {
                tryToAddGzipFilter(filterHolder, handler2);
            }
        }
    }

    protected void updatePortsIfNeeded() {
        Connector[] connectors = this.theServer.getConnectors();
        for (int i = 0; i < this.listenUrls.length; i++) {
            URL url = this.listenUrls[i];
            if (url.getPort() == 0) {
                try {
                    this.listenUrls[i] = new URL(url.getProtocol(), url.getHost(), connectors[i].getLocalPort(), url.getFile());
                } catch (MalformedURLException e) {
                    throw new RuntimeException("Ups, URL can not be reconstructed, while it should", e);
                }
            }
        }
    }

    protected abstract Handler createRootHandler() throws ConfigurationException;

    public Handler getRootHandler() {
        return this.theServer.getHandler();
    }

    public Server getServer() {
        return this.theServer;
    }

    public URL[] getUrls() {
        return this.listenUrls;
    }
}
