package io.continual.http.service.framework;

import io.continual.builder.Builder;
import io.continual.http.service.framework.CHttpServlet;
import io.continual.http.service.framework.inspection.CHttpObserverMgr;
import io.continual.iam.IamService;
import io.continual.metrics.MetricsCatalog;
import io.continual.metrics.MetricsService;
import io.continual.metrics.impl.noop.NoopMetricsCatalog;
import io.continual.services.Service;
import io.continual.services.ServiceContainer;
import io.continual.util.data.StreamTools;
import io.continual.util.data.json.JsonUtil;
import io.continual.util.data.json.JsonVisitor;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.FileSystems;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import java.util.Iterator;
import org.apache.catalina.Context;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.startup.Tomcat;
import org.apache.coyote.http11.Http11NioProtocol;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/continual/http/service/framework/TomcatHttpService.class */
public class TomcatHttpService extends CHttpService {
    private final String kSetting_ServletWorkDir = "workDir";
    private final String kDefault_ServletWorkDir;
    private final String kSetting_TomcatBaseDir = "baseDir";
    private final String kDefault_TomcatBaseDir = "${CONTINUAL_TOMCAT_BASEDIR}";
    private final String kSetting_Keystore = "keystore";
    private final String kSetting_KeystoreFile = "file";
    private final String kSetting_KeystoreType = "type";
    private final String kDefault_KeystoreType = "JKS";
    private final String kSetting_KeystoreAlias = "alias";
    private final String kDefault_KeystoreAlias = "tomcat";
    private final String kSetting_KeystoreAliasScan = "scanForAlias";
    private final String kSetting_KeystorePassword = "password";
    private final String kDefault_KeystorePassword = "changeme";
    private final String kSetting_KeystorePasswordFile = "passwordFile";
    private static final String kSetting_Port = "port";
    private static final int kDefault_HttpPort = 8080;
    private static final int kDefault_HttpsPort = 8443;
    private final String fName;
    private final Tomcat fTomcat;
    private boolean fRunning;
    private final File fWorkDir;
    private final CHttpServlet.SessionLifeCycle fLifeCycle;

    @Deprecated
    private final JSONObject fSettings;
    private final IamService<?, ?> fAccounts;
    private final MetricsCatalog fMetrics;
    private final CHttpObserverMgr fInspector;
    private static final Logger log = LoggerFactory.getLogger(TomcatHttpService.class);

    public TomcatHttpService(ServiceContainer serviceContainer, JSONObject jSONObject) throws Builder.BuildFailure {
        super(serviceContainer, jSONObject);
        this.kSetting_ServletWorkDir = "workDir";
        this.kDefault_ServletWorkDir = new File(System.getProperty("java.io.tmpdir")).getAbsolutePath();
        this.kSetting_TomcatBaseDir = "baseDir";
        this.kDefault_TomcatBaseDir = "${CONTINUAL_TOMCAT_BASEDIR}";
        this.kSetting_Keystore = "keystore";
        this.kSetting_KeystoreFile = "file";
        this.kSetting_KeystoreType = "type";
        this.kDefault_KeystoreType = "JKS";
        this.kSetting_KeystoreAlias = "alias";
        this.kDefault_KeystoreAlias = "tomcat";
        this.kSetting_KeystoreAliasScan = "scanForAlias";
        this.kSetting_KeystorePassword = "password";
        this.kDefault_KeystorePassword = "changeme";
        this.kSetting_KeystorePasswordFile = "passwordFile";
        try {
            JSONObject evaluateJsonObject = serviceContainer.getExprEval().evaluateJsonObject(jSONObject);
            this.fSettings = JsonUtil.clone(evaluateJsonObject);
            this.fName = evaluateJsonObject.optString("name", "<anonymous>");
            this.fRunning = false;
            this.fLifeCycle = CHttpServlet.SessionLifeCycle.valueOf(evaluateJsonObject.optString("lifeCycle", CHttpServlet.SessionLifeCycle.NO_SESSION.toString()));
            this.fAccounts = (IamService) serviceContainer.getReqdIfNotNull(evaluateJsonObject.optString("accountService", null), IamService.class);
            MetricsService metricsService = (MetricsService) serviceContainer.getReqdIfNotNull(evaluateJsonObject.optString("metricsService", null), MetricsService.class);
            this.fMetrics = metricsService == null ? new NoopMetricsCatalog() : metricsService.getCatalog("http");
            this.fInspector = (CHttpObserverMgr) serviceContainer.getReqdIfNotNull(evaluateJsonObject.optString("inspector", null), CHttpObserverMgr.class);
            System.setProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "true");
            this.fTomcat = new Tomcat();
            String evaluateText = serviceContainer.getExprEval().evaluateText(evaluateJsonObject.optString("baseDir", "${CONTINUAL_TOMCAT_BASEDIR}"));
            if (evaluateText != null && evaluateText.length() > 0) {
                this.fTomcat.setBaseDir(evaluateText);
            }
            this.fWorkDir = new File(evaluateJsonObject.optString("workDir", this.kDefault_ServletWorkDir));
            if (!this.fWorkDir.exists()) {
                this.fWorkDir.mkdirs();
            }
            JSONObject optJSONObject = evaluateJsonObject.optJSONObject("http");
            JSONObject optJSONObject2 = evaluateJsonObject.optJSONObject("https");
            if (optJSONObject == null && optJSONObject2 == null) {
                optJSONObject = new JSONObject().put("port", evaluateJsonObject.optInt("port", 8080));
            }
            if (optJSONObject != null) {
                int optInt = optJSONObject.optInt("port", 8080);
                if (optInt > 0) {
                    Connector connector = new Connector(Http11NioProtocol.class.getName());
                    connector.setPort(optInt);
                    transferConnectorAttributes(connector, optJSONObject.optJSONObject("tomcat"));
                    this.fTomcat.getService().addConnector(connector);
                    log.info("Service [{}] listens for HTTP on {}.", this.fName, Integer.valueOf(optInt));
                } else {
                    log.info("Service [{}] will not listen for HTTP.", this.fName);
                }
            }
            if (optJSONObject2 != null) {
                int optInt2 = optJSONObject2.optInt("port", kDefault_HttpsPort);
                if (optInt2 > 0) {
                    Connector connector2 = new Connector(Http11NioProtocol.class.getName());
                    JSONObject jSONObject2 = optJSONObject2.getJSONObject("keystore");
                    String string = jSONObject2.getString("file");
                    if (!new File(string).isAbsolute()) {
                        string = new File(FileSystems.getDefault().getPath(".", new String[0]).toAbsolutePath().toFile(), string).getAbsolutePath();
                        log.info("Using absolute path [" + string + "] for keystore.");
                    }
                    String str = "changeme";
                    if (jSONObject2.has("password")) {
                        str = jSONObject2.getString("password");
                    } else if (jSONObject2.has("passwordFile")) {
                        String optString = jSONObject2.optString("passwordFile", null);
                        try {
                            FileInputStream fileInputStream = new FileInputStream(new File(optString));
                            try {
                                str = new String(StreamTools.readBytes(fileInputStream)).trim();
                                fileInputStream.close();
                            } catch (Throwable th) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                                throw th;
                            }
                        } catch (IOException e) {
                            log.warn("There was a problem trying to read {}: {}", optString, e.getMessage());
                        }
                    }
                    String optString2 = jSONObject2.optString("type", "JKS");
                    String str2 = "tomcat";
                    if (jSONObject2.has("alias")) {
                        str2 = jSONObject2.getString("alias");
                    } else if (jSONObject2.optBoolean("scanForAlias", false)) {
                        str2 = scanKeystoreForPrivateKey(string, str, optString2);
                    }
                    connector2.setScheme("https");
                    connector2.setSecure(true);
                    connector2.setProperty("keystoreFile", string);
                    connector2.setProperty("keystorePass", str);
                    connector2.setProperty("keystoreType", optString2);
                    connector2.setProperty("keyAlias", str2);
                    connector2.setProperty("clientAuth", "false");
                    connector2.setProperty("sslProtocol", "TLS");
                    connector2.setProperty("SSLEnabled", "true");
                    connector2.setPort(optInt2);
                    transferConnectorAttributes(connector2, optJSONObject2.optJSONObject("tomcat"));
                    this.fTomcat.getService().addConnector(connector2);
                    log.info("Service [{}] listens for HTTPS on {}.", this.fName, Integer.valueOf(optInt2));
                } else {
                    log.info("Service [{}] will not listen for HTTPS.", this.fName);
                }
            }
        } catch (JSONException e2) {
            throw new Builder.BuildFailure(e2);
        }
    }

    public synchronized void start() throws Service.FailedToStart {
        try {
            CHttpServlet cHttpServlet = new CHttpServlet(this.fSettings, this.fLifeCycle, this.fMetrics, this.fInspector, this.fAccounts);
            Iterator it = getRouteInstallers().iterator();
            while (it.hasNext()) {
                cHttpServlet.addRouter((CHttpRouteInstaller) it.next());
            }
            Iterator it2 = getFilters().iterator();
            while (it2.hasNext()) {
                cHttpServlet.addFilter((CHttpFilter) it2.next());
            }
            Context addContext = this.fTomcat.addContext("", this.fWorkDir.getAbsolutePath());
            Tomcat.addServlet(addContext, "httpService", cHttpServlet);
            addContext.addServletMappingDecoded("/*", "httpService");
            try {
                this.fTomcat.start();
                this.fRunning = true;
                log.info("Service [{}] is listening.", this.fName);
            } catch (LifecycleException e) {
                log.warn("Couldn't start tomcat.", e);
                throw new Service.FailedToStart(e);
            }
        } catch (Builder.BuildFailure e2) {
            throw new Service.FailedToStart(e2);
        }
    }

    public synchronized void requestFinish() {
        try {
            this.fTomcat.stop();
            this.fRunning = false;
        } catch (LifecycleException e) {
            log.warn("Couldn't stop tomcat.", e);
        }
    }

    public boolean isRunning() {
        return this.fRunning;
    }

    private void transferConnectorAttributes(final Connector connector, JSONObject jSONObject) {
        if (jSONObject == null) {
            return;
        }
        JsonVisitor.forEachElement(jSONObject, new JsonVisitor.ObjectVisitor<Object, JSONException>(this) { // from class: io.continual.http.service.framework.TomcatHttpService.1
            final /* synthetic */ TomcatHttpService this$0;

            {
                this.this$0 = this;
            }

            public boolean visit(String str, Object obj) throws JSONException {
                connector.setProperty(str, String.valueOf(obj));
                return true;
            }
        });
    }

    private static String scanKeystoreForPrivateKey(String str, String str2, String str3) {
        try {
            log.info("Scanning {} for its first private key...", str);
            KeyStore keyStore = KeyStore.getInstance(str3);
            keyStore.load(new FileInputStream(str), str2.toCharArray());
            log.info("Keystore {} loaded...", str);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.entryInstanceOf(nextElement, KeyStore.PrivateKeyEntry.class)) {
                    log.info("Found private key {}.", nextElement);
                    return nextElement;
                }
            }
            return "";
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            log.warn("Exception inspecting keystore {} for alias: {}", str, e.getMessage());
            return "";
        }
    }
}
