package org.openmetadata.service;

import io.dropwizard.Application;
import io.dropwizard.configuration.EnvironmentVariableSubstitutor;
import io.dropwizard.configuration.SubstitutingSourceProvider;
import io.dropwizard.db.DataSourceFactory;
import io.dropwizard.health.conf.HealthConfiguration;
import io.dropwizard.health.core.HealthCheckBundle;
import io.dropwizard.jdbi3.JdbiFactory;
import io.dropwizard.jersey.errors.EarlyEofExceptionMapper;
import io.dropwizard.jersey.errors.LoggingExceptionMapper;
import io.dropwizard.jersey.jackson.JsonProcessingExceptionMapper;
import io.dropwizard.lifecycle.Managed;
import io.dropwizard.setup.Bootstrap;
import io.dropwizard.setup.Environment;
import io.dropwizard.web.WebBundle;
import io.dropwizard.web.conf.WebConfiguration;
import io.federecio.dropwizard.swagger.SwaggerBundle;
import io.federecio.dropwizard.swagger.SwaggerBundleConfiguration;
import io.socket.engineio.server.EngineIoServerOptions;
import io.socket.engineio.server.JettyWebSocketHandler;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.time.temporal.ChronoUnit;
import java.util.EnumSet;
import java.util.Optional;
import javax.naming.ConfigurationException;
import javax.servlet.DispatcherType;
import javax.servlet.ServletException;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jetty.http.pathmap.ServletPathSpec;
import org.eclipse.jetty.servlet.ErrorPageErrorHandler;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.websocket.server.NativeWebSocketServletContainerInitializer;
import org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter;
import org.glassfish.jersey.media.multipart.MultiPartFeature;
import org.jdbi.v3.core.Jdbi;
import org.jdbi.v3.core.statement.SqlLogger;
import org.jdbi.v3.core.statement.StatementContext;
import org.jdbi.v3.sqlobject.SqlObjects;
import org.openmetadata.schema.api.security.AuthenticationConfiguration;
import org.openmetadata.schema.api.security.AuthorizerConfiguration;
import org.openmetadata.schema.auth.SSOAuthMechanism;
import org.openmetadata.service.elasticsearch.ElasticSearchEventPublisher;
import org.openmetadata.service.events.EventFilter;
import org.openmetadata.service.events.EventPubSub;
import org.openmetadata.service.exception.CatalogGenericExceptionMapper;
import org.openmetadata.service.exception.ConstraintViolationExceptionMapper;
import org.openmetadata.service.exception.JsonMappingExceptionMapper;
import org.openmetadata.service.fernet.Fernet;
import org.openmetadata.service.jdbi3.CollectionDAO;
import org.openmetadata.service.jdbi3.locator.ConnectionAwareAnnotationSqlLocator;
import org.openmetadata.service.migration.Migration;
import org.openmetadata.service.migration.MigrationConfiguration;
import org.openmetadata.service.monitoring.EventMonitorFactory;
import org.openmetadata.service.monitoring.EventMonitorPublisher;
import org.openmetadata.service.resources.CollectionRegistry;
import org.openmetadata.service.resources.databases.DatasourceConfig;
import org.openmetadata.service.resources.settings.SettingsCache;
import org.openmetadata.service.secrets.SecretsManager;
import org.openmetadata.service.secrets.SecretsManagerFactory;
import org.openmetadata.service.secrets.SecretsManagerUpdateService;
import org.openmetadata.service.secrets.masker.EntityMaskerFactory;
import org.openmetadata.service.security.Authorizer;
import org.openmetadata.service.security.NoopAuthorizer;
import org.openmetadata.service.security.NoopFilter;
import org.openmetadata.service.security.auth.AuthenticatorHandler;
import org.openmetadata.service.security.auth.BasicAuthenticator;
import org.openmetadata.service.security.auth.LdapAuthenticator;
import org.openmetadata.service.security.auth.NoopAuthenticator;
import org.openmetadata.service.security.jwt.JWTTokenGenerator;
import org.openmetadata.service.security.saml.OMMicrometerHttpFilter;
import org.openmetadata.service.security.saml.SamlAssertionConsumerServlet;
import org.openmetadata.service.security.saml.SamlLoginServlet;
import org.openmetadata.service.security.saml.SamlMetadataServlet;
import org.openmetadata.service.security.saml.SamlSettingsHolder;
import org.openmetadata.service.socket.FeedServlet;
import org.openmetadata.service.socket.OpenMetadataAssetServlet;
import org.openmetadata.service.socket.SocketAddressFilter;
import org.openmetadata.service.socket.WebSocketManager;
import org.openmetadata.service.util.MicrometerBundleSingleton;
import org.openmetadata.service.workflows.searchIndex.SearchIndexEvent;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/openmetadata/service/OpenMetadataApplication.class */
public class OpenMetadataApplication extends Application<OpenMetadataApplicationConfig> {
    private static final Logger LOG = LoggerFactory.getLogger(OpenMetadataApplication.class);
    private Authorizer authorizer;
    private AuthenticatorHandler authenticatorHandler;

    /* loaded from: input_file:org/openmetadata/service/OpenMetadataApplication$ManagedShutdown.class */
    public static class ManagedShutdown implements Managed {
        public void start() {
            OpenMetadataApplication.LOG.info("Starting the application");
        }

        public void stop() throws InterruptedException {
            EventPubSub.shutdown();
            OpenMetadataApplication.LOG.info("Stopping the application");
        }
    }

    public void run(OpenMetadataApplicationConfig openMetadataApplicationConfig, Environment environment) throws ClassNotFoundException, IllegalAccessException, InstantiationException, NoSuchMethodException, InvocationTargetException, IOException, ConfigurationException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        validateConfiguration(openMetadataApplicationConfig);
        ChangeEventConfig.initialize(openMetadataApplicationConfig);
        Jdbi createAndSetupJDBI = createAndSetupJDBI(environment, openMetadataApplicationConfig.getDataSourceFactory());
        Fernet.getInstance().setFernetKey(openMetadataApplicationConfig);
        SettingsCache.initialize((CollectionDAO) createAndSetupJDBI.onDemand(CollectionDAO.class), openMetadataApplicationConfig);
        SecretsManager createSecretsManager = SecretsManagerFactory.createSecretsManager(openMetadataApplicationConfig.getSecretsManagerConfiguration(), openMetadataApplicationConfig.getClusterName());
        EntityMaskerFactory.createEntityMasker(openMetadataApplicationConfig.getSecurityConfiguration());
        JWTTokenGenerator.getInstance().init(openMetadataApplicationConfig.getJwtTokenConfiguration());
        createAndSetupJDBI.getConfig(SqlObjects.class).setSqlLocator(new ConnectionAwareAnnotationSqlLocator(openMetadataApplicationConfig.getDataSourceFactory().getDriverClass()));
        validateMigrations(createAndSetupJDBI, openMetadataApplicationConfig.getMigrationConfiguration());
        registerAuthorizer(openMetadataApplicationConfig, environment);
        registerAuthenticator(openMetadataApplicationConfig);
        DatasourceConfig.initialize(openMetadataApplicationConfig);
        openMetadataApplicationConfig.getServerFactory().setRegisterDefaultExceptionMappers(false);
        environment.jersey().property("jersey.config.server.response.setStatusOverSendError", true);
        environment.jersey().register(MultiPartFeature.class);
        environment.jersey().register(CatalogGenericExceptionMapper.class);
        environment.jersey().register(new ConstraintViolationExceptionMapper());
        environment.jersey().register(new LoggingExceptionMapper<Throwable>() { // from class: org.openmetadata.service.OpenMetadataApplication.1
        });
        environment.jersey().register(new JsonProcessingExceptionMapper(true));
        environment.jersey().register(new EarlyEofExceptionMapper());
        environment.jersey().register(JsonMappingExceptionMapper.class);
        environment.healthChecks().register("OpenMetadataServerHealthCheck", new OpenMetadataServerHealthCheck());
        EventPubSub.start();
        registerResources(openMetadataApplicationConfig, environment, createAndSetupJDBI);
        registerEventFilter(openMetadataApplicationConfig, environment, createAndSetupJDBI);
        environment.lifecycle().manage(new ManagedShutdown());
        registerEventPublisher(openMetadataApplicationConfig, createAndSetupJDBI);
        new SecretsManagerUpdateService(createSecretsManager, openMetadataApplicationConfig.getClusterName()).updateEntities();
        this.authorizer.init(openMetadataApplicationConfig, createAndSetupJDBI);
        this.authenticatorHandler.init(openMetadataApplicationConfig, createAndSetupJDBI);
        MicrometerBundleSingleton.webAnalyticEvents = MicrometerBundleSingleton.latencyTimer(openMetadataApplicationConfig.getEventMonitorConfiguration());
        environment.servlets().addFilter("OMMicrometerHttpFilter", new OMMicrometerHttpFilter()).addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, openMetadataApplicationConfig.getEventMonitorConfiguration().getPathPattern());
        initializeWebsockets(openMetadataApplicationConfig, environment);
        registerSamlHandlers(openMetadataApplicationConfig, environment);
        environment.servlets().addServlet("static", new OpenMetadataAssetServlet("/assets", "/", "index.html")).addMapping(new String[]{"/*"});
    }

    private void registerSamlHandlers(OpenMetadataApplicationConfig openMetadataApplicationConfig, Environment environment) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        if (openMetadataApplicationConfig.getAuthenticationConfiguration() == null || !openMetadataApplicationConfig.getAuthenticationConfiguration().getProvider().equals(SSOAuthMechanism.SsoServiceType.SAML.toString())) {
            return;
        }
        SamlSettingsHolder.getInstance().initDefaultSettings(openMetadataApplicationConfig);
        environment.servlets().addServlet("saml_login", new SamlLoginServlet()).addMapping(new String[]{"/api/v1/saml/login"});
        environment.servlets().addServlet("saml_acs", new SamlAssertionConsumerServlet()).addMapping(new String[]{"/api/v1/saml/acs"});
        environment.servlets().addServlet("saml_metadata", new SamlMetadataServlet()).addMapping(new String[]{"/api/v1/saml/metadata"});
    }

    private Jdbi createAndSetupJDBI(Environment environment, DataSourceFactory dataSourceFactory) {
        Jdbi build = new JdbiFactory().build(environment, dataSourceFactory, Entity.DATABASE);
        SqlLogger sqlLogger = new SqlLogger() { // from class: org.openmetadata.service.OpenMetadataApplication.2
            public void logBeforeExecution(StatementContext statementContext) {
                OpenMetadataApplication.LOG.debug("sql {}, parameters {}", statementContext.getRenderedSql(), statementContext.getBinding());
            }

            public void logAfterExecution(StatementContext statementContext) {
                OpenMetadataApplication.LOG.debug("sql {}, parameters {}, timeTaken {} ms", new Object[]{statementContext.getRenderedSql(), statementContext.getBinding(), Long.valueOf(statementContext.getElapsedTime(ChronoUnit.MILLIS))});
            }
        };
        if (LOG.isDebugEnabled()) {
            build.setSqlLogger(sqlLogger);
        }
        build.getConfig(SqlObjects.class).setSqlLocator(new ConnectionAwareAnnotationSqlLocator(dataSourceFactory.getDriverClass()));
        return build;
    }

    public void initialize(Bootstrap<OpenMetadataApplicationConfig> bootstrap) {
        bootstrap.setConfigurationSourceProvider(new SubstitutingSourceProvider(bootstrap.getConfigurationSourceProvider(), new EnvironmentVariableSubstitutor(false)));
        bootstrap.addBundle(new SwaggerBundle<OpenMetadataApplicationConfig>() { // from class: org.openmetadata.service.OpenMetadataApplication.3
            /* JADX INFO: Access modifiers changed from: protected */
            public SwaggerBundleConfiguration getSwaggerBundleConfiguration(OpenMetadataApplicationConfig openMetadataApplicationConfig) {
                return openMetadataApplicationConfig.getSwaggerBundleConfig();
            }
        });
        bootstrap.addBundle(new HealthCheckBundle<OpenMetadataApplicationConfig>() { // from class: org.openmetadata.service.OpenMetadataApplication.4
            /* JADX INFO: Access modifiers changed from: protected */
            public HealthConfiguration getHealthConfiguration(OpenMetadataApplicationConfig openMetadataApplicationConfig) {
                return openMetadataApplicationConfig.getHealthConfiguration();
            }
        });
        bootstrap.addBundle(MicrometerBundleSingleton.getInstance());
        bootstrap.addBundle(new WebBundle<OpenMetadataApplicationConfig>() { // from class: org.openmetadata.service.OpenMetadataApplication.5
            public WebConfiguration getWebConfiguration(OpenMetadataApplicationConfig openMetadataApplicationConfig) {
                return openMetadataApplicationConfig.getWebConfiguration();
            }
        });
        super.initialize(bootstrap);
    }

    private void validateMigrations(Jdbi jdbi, MigrationConfiguration migrationConfiguration) throws IOException {
        LOG.info("Validating Flyway migrations");
        Optional<String> lastMigrated = Migration.lastMigrated(jdbi);
        String lastMigrationFile = Migration.lastMigrationFile(migrationConfiguration);
        if (lastMigrated.isEmpty()) {
            throw new IllegalStateException("Could not validate Flyway migrations in the database. Make sure you have run `./bootstrap/bootstrap_storage.sh migrate-all` at least once.");
        }
        if (lastMigrated.get().compareTo(lastMigrationFile) < 0) {
            throw new IllegalStateException("There are pending migrations to be run on the database. Please backup your data and run `./bootstrap/bootstrap_storage.sh migrate-all`. You can find more information on upgrading OpenMetadata at https://docs.open-metadata.org/deployment/upgrade ");
        }
    }

    private void validateConfiguration(OpenMetadataApplicationConfig openMetadataApplicationConfig) throws ConfigurationException {
        if (openMetadataApplicationConfig.getAuthorizerConfiguration().getBotPrincipals() != null) {
            throw new ConfigurationException("'botPrincipals' configuration is deprecated. Please remove it from 'openmetadata.yaml and restart the server");
        }
        if (openMetadataApplicationConfig.getPipelineServiceClientConfiguration().getAuthConfig() != null) {
            LOG.warn("'authProvider' and 'authConfig' from the 'pipelineServiceClientConfiguration' option are deprecated and will be removed in future releases.");
        }
    }

    private void registerAuthorizer(OpenMetadataApplicationConfig openMetadataApplicationConfig, Environment environment) throws NoSuchMethodException, ClassNotFoundException, IllegalAccessException, InvocationTargetException, InstantiationException {
        AuthorizerConfiguration authorizerConfiguration = openMetadataApplicationConfig.getAuthorizerConfiguration();
        AuthenticationConfiguration authenticationConfiguration = openMetadataApplicationConfig.getAuthenticationConfiguration();
        if (authorizerConfiguration == null) {
            LOG.info("Authorizer config not set, setting noop authorizer");
            this.authorizer = new NoopAuthorizer();
            environment.jersey().register(new NoopFilter(authenticationConfiguration, null));
            return;
        }
        this.authorizer = (Authorizer) Class.forName(authorizerConfiguration.getClassName()).asSubclass(Authorizer.class).getConstructor(new Class[0]).newInstance(new Object[0]);
        String containerRequestFilter = authorizerConfiguration.getContainerRequestFilter();
        if (StringUtils.isEmpty(containerRequestFilter)) {
            return;
        }
        ContainerRequestFilter containerRequestFilter2 = (ContainerRequestFilter) Class.forName(containerRequestFilter).asSubclass(ContainerRequestFilter.class).getConstructor(AuthenticationConfiguration.class, AuthorizerConfiguration.class).newInstance(authenticationConfiguration, authorizerConfiguration);
        LOG.info("Registering ContainerRequestFilter: {}", containerRequestFilter2.getClass().getCanonicalName());
        environment.jersey().register(containerRequestFilter2);
    }

    private void registerAuthenticator(OpenMetadataApplicationConfig openMetadataApplicationConfig) {
        String provider = openMetadataApplicationConfig.getAuthenticationConfiguration().getProvider();
        boolean z = -1;
        switch (provider.hashCode()) {
            case 3316647:
                if (provider.equals("ldap")) {
                    z = true;
                    break;
                }
                break;
            case 93508654:
                if (provider.equals("basic")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                this.authenticatorHandler = new BasicAuthenticator();
                return;
            case true:
                this.authenticatorHandler = new LdapAuthenticator();
                return;
            default:
                this.authenticatorHandler = new NoopAuthenticator();
                return;
        }
    }

    private void registerEventFilter(OpenMetadataApplicationConfig openMetadataApplicationConfig, Environment environment, Jdbi jdbi) {
        if (openMetadataApplicationConfig.getEventHandlerConfiguration() != null) {
            environment.jersey().register(new EventFilter(openMetadataApplicationConfig, jdbi));
            environment.jersey().register(new SearchIndexEvent());
        }
    }

    private void registerEventPublisher(OpenMetadataApplicationConfig openMetadataApplicationConfig, Jdbi jdbi) {
        if (openMetadataApplicationConfig.getElasticSearchConfiguration() != null) {
            EventPubSub.addEventHandler(new ElasticSearchEventPublisher(openMetadataApplicationConfig.getElasticSearchConfiguration(), (CollectionDAO) jdbi.onDemand(CollectionDAO.class)));
        }
        if (openMetadataApplicationConfig.getEventMonitorConfiguration() != null) {
            EventPubSub.addEventHandler(new EventMonitorPublisher(openMetadataApplicationConfig.getEventMonitorConfiguration(), EventMonitorFactory.createEventMonitor(openMetadataApplicationConfig.getEventMonitorConfiguration(), openMetadataApplicationConfig.getClusterName())));
        }
    }

    private void registerResources(OpenMetadataApplicationConfig openMetadataApplicationConfig, Environment environment, Jdbi jdbi) {
        CollectionRegistry.getInstance().registerResources(jdbi, environment, openMetadataApplicationConfig, this.authorizer, this.authenticatorHandler);
        environment.jersey().register(new JsonPatchProvider());
        ErrorPageErrorHandler errorPageErrorHandler = new ErrorPageErrorHandler();
        errorPageErrorHandler.addErrorPage(Response.Status.NOT_FOUND.getStatusCode(), "/");
        environment.getApplicationContext().setErrorHandler(errorPageErrorHandler);
    }

    private void initializeWebsockets(OpenMetadataApplicationConfig openMetadataApplicationConfig, Environment environment) {
        String str = "/api/v1/push/feed/*";
        SocketAddressFilter socketAddressFilter = openMetadataApplicationConfig.getAuthorizerConfiguration() != null ? new SocketAddressFilter(openMetadataApplicationConfig.getAuthenticationConfiguration(), openMetadataApplicationConfig.getAuthorizerConfiguration()) : new SocketAddressFilter();
        EngineIoServerOptions newFromDefault = EngineIoServerOptions.newFromDefault();
        newFromDefault.setAllowedCorsOrigins((String[]) null);
        WebSocketManager.WebSocketManagerBuilder.build(newFromDefault);
        environment.getApplicationContext().setContextPath("/");
        environment.getApplicationContext().addFilter(new FilterHolder(socketAddressFilter), "/api/v1/push/feed/*", EnumSet.of(DispatcherType.REQUEST));
        environment.getApplicationContext().addServlet(new ServletHolder(new FeedServlet()), "/api/v1/push/feed/*");
        try {
            WebSocketUpgradeFilter.configure(environment.getApplicationContext());
            NativeWebSocketServletContainerInitializer.configure(environment.getApplicationContext(), (servletContext, nativeWebSocketConfiguration) -> {
                nativeWebSocketConfiguration.addMapping(new ServletPathSpec(str), (servletUpgradeRequest, servletUpgradeResponse) -> {
                    return new JettyWebSocketHandler(WebSocketManager.getInstance().getEngineIoServer());
                });
            });
        } catch (ServletException e) {
            LOG.error("Websocket Upgrade Filter error : " + e.getMessage());
        }
    }

    public static void main(String[] strArr) throws Exception {
        new OpenMetadataApplication().run(strArr);
    }
}
