package org.apache.geode.management.internal;

import java.io.File;
import java.util.concurrent.CountDownLatch;
import org.apache.commons.lang.StringUtils;
import org.apache.geode.GemFireConfigException;
import org.apache.geode.cache.server.ClientSubscriptionConfig;
import org.apache.geode.distributed.internal.DistributionConfig;
import org.apache.geode.internal.admin.SSLConfig;
import org.apache.geode.internal.cache.PartitionedRegion;
import org.apache.geode.internal.logging.LogService;
import org.apache.geode.internal.security.SecurityService;
import org.apache.geode.management.internal.beans.stats.StatsKey;
import org.apache.logging.log4j.Logger;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;

/* loaded from: input_file:org/apache/geode/management/internal/JettyHelper.class */
public class JettyHelper {
    private static final String HTTPS = "https";
    public static final String SECURITY_SERVICE_SERVLET_CONTEXT_PARAM = "org.apache.geode.securityService";
    private static final Logger logger = LogService.getLogger();
    private static final String FILE_PATH_SEPARATOR = System.getProperty("file.separator");
    private static final String USER_DIR = System.getProperty("user.dir");
    private static final String USER_NAME = System.getProperty("user.name");
    private static String bindAddress = "0.0.0.0";
    private static int port = 0;
    private static final CountDownLatch latch = new CountDownLatch(1);

    public static Server initJetty(String str, int i, SSLConfig sSLConfig) {
        ServerConnector serverConnector;
        Server server = new Server();
        server.setHandler(new HandlerCollection());
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setSecureScheme(HTTPS);
        httpConfiguration.setSecurePort(i);
        if (sSLConfig.isEnabled()) {
            SslContextFactory sslContextFactory = new SslContextFactory();
            if (StringUtils.isNotBlank(sSLConfig.getAlias())) {
                sslContextFactory.setCertAlias(sSLConfig.getAlias());
            }
            sslContextFactory.setNeedClientAuth(sSLConfig.isRequireAuth());
            if (StringUtils.isNotBlank(sSLConfig.getCiphers()) && !"any".equalsIgnoreCase(sSLConfig.getCiphers())) {
                sslContextFactory.setExcludeCipherSuites(new String[0]);
                sslContextFactory.setIncludeCipherSuites(SSLUtil.readArray(sSLConfig.getCiphers()));
            }
            String sSLAlgo = SSLUtil.getSSLAlgo(SSLUtil.readArray(sSLConfig.getProtocols()));
            if (sSLAlgo != null) {
                sslContextFactory.setProtocol(sSLAlgo);
            } else {
                logger.warn(ManagementStrings.SSL_PROTOCOAL_COULD_NOT_BE_DETERMINED);
            }
            if (StringUtils.isBlank(sSLConfig.getKeystore())) {
                throw new GemFireConfigException("Key store can't be empty if SSL is enabled for HttpService");
            }
            sslContextFactory.setKeyStorePath(sSLConfig.getKeystore());
            if (StringUtils.isNotBlank(sSLConfig.getKeystoreType())) {
                sslContextFactory.setKeyStoreType(sSLConfig.getKeystoreType());
            }
            if (StringUtils.isNotBlank(sSLConfig.getKeystorePassword())) {
                sslContextFactory.setKeyStorePassword(sSLConfig.getKeystorePassword());
            }
            if (StringUtils.isNotBlank(sSLConfig.getTruststore())) {
                sslContextFactory.setTrustStorePath(sSLConfig.getTruststore());
            }
            if (StringUtils.isNotBlank(sSLConfig.getTruststorePassword())) {
                sslContextFactory.setTrustStorePassword(sSLConfig.getTruststorePassword());
            }
            if (logger.isDebugEnabled()) {
                logger.debug(sslContextFactory.dump());
            }
            httpConfiguration.addCustomizer(new SecureRequestCustomizer());
            serverConnector = new ServerConnector(server, new ConnectionFactory[]{new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration)});
            serverConnector.setPort(i);
        } else {
            serverConnector = new ServerConnector(server, new ConnectionFactory[]{new HttpConnectionFactory(httpConfiguration)});
            serverConnector.setPort(i);
        }
        server.setConnectors(new Connector[]{serverConnector});
        if (StringUtils.isNotBlank(str)) {
            serverConnector.setHost(str);
        }
        if (str != null && !str.isEmpty()) {
            bindAddress = str;
        }
        port = i;
        return server;
    }

    public static Server startJetty(Server server) throws Exception {
        server.start();
        return server;
    }

    public static Server addWebApplication(Server server, String str, String str2, SecurityService securityService) {
        WebAppContext webAppContext = new WebAppContext();
        webAppContext.setContextPath(str);
        webAppContext.setWar(str2);
        webAppContext.setParentLoaderPriority(false);
        webAppContext.setInitParameter("org.eclipse.jetty.servlet.Default.dirAllowed", DistributionConfig.CLIENT_CONFLATION_PROP_VALUE_OFF);
        webAppContext.setAttribute(SECURITY_SERVICE_SERVLET_CONTEXT_PARAM, securityService);
        File file = new File(getWebAppBaseDirectory(str));
        file.mkdirs();
        webAppContext.setTempDirectory(file);
        server.getHandler().addHandler(webAppContext);
        return server;
    }

    private static String getWebAppBaseDirectory(String str) {
        return USER_DIR.concat(FILE_PATH_SEPARATOR).concat("GemFire_" + USER_NAME).concat(FILE_PATH_SEPARATOR).concat(StatsKey.LOCK_SERVICES).concat(FILE_PATH_SEPARATOR).concat("http").concat(FILE_PATH_SEPARATOR).concat(StringUtils.isBlank(bindAddress) ? "0.0.0.0" : bindAddress).concat(PartitionedRegion.BUCKET_NAME_SEPARATOR).concat(String.valueOf(port).concat(str.replace("/", PartitionedRegion.BUCKET_NAME_SEPARATOR)));
    }

    private static String normalizeWebAppArchivePath(String str) {
        return (str.startsWith(File.separator) ? new File(str) : new File(ClientSubscriptionConfig.DEFAULT_OVERFLOW_DIRECTORY, str)).getAbsolutePath();
    }

    private static String normalizeWebAppContext(String str) {
        return str.startsWith("/") ? str : "/" + str;
    }
}
