package io.continual.http.service.framework;

import io.continual.builder.Builder;
import io.continual.http.service.framework.CHttpServlet;
import io.continual.http.service.framework.TomcatTlsConfig;
import io.continual.http.service.framework.inspection.CHttpObserverMgr;
import io.continual.iam.IamService;
import io.continual.metrics.MetricsCatalog;
import io.continual.metrics.MetricsService;
import io.continual.metrics.impl.noop.NoopMetricsCatalog;
import io.continual.services.Service;
import io.continual.services.ServiceContainer;
import io.continual.util.data.json.JsonUtil;
import io.continual.util.data.json.JsonVisitor;
import java.io.File;
import java.util.Iterator;
import java.util.TreeSet;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import org.apache.catalina.Context;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.startup.Tomcat;
import org.apache.coyote.http11.Http11NioProtocol;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/continual/http/service/framework/TomcatHttpService.class */
public class TomcatHttpService extends CHttpService {
    private final String fName;
    private final Tomcat fTomcat;
    private boolean fRunning;
    private final File fWorkDir;
    private final CHttpServlet.SessionLifeCycle fLifeCycle;
    private final JSONObject fSettings;
    private final IamService<?, ?> fAccounts;
    private final MetricsCatalog fMetrics;
    private final CHttpObserverMgr fInspector;
    private final ScheduledExecutorService fKeystoreMonitors;
    private static final String kSetting_ServletWorkDir = "workDir";
    private static final String kSetting_TomcatBaseDir = "baseDir";
    private static final String kDefault_TomcatBaseDir = "${CONTINUAL_TOMCAT_BASEDIR}";
    private static final String kSetting_Keystore = "keystore";
    private static final String kSetting_Port = "port";
    private static final int kDefault_HttpPort = 8080;
    private static final int kDefault_HttpsPort = 8443;
    private static final Logger log = LoggerFactory.getLogger(TomcatHttpService.class);
    private static final String kDefault_ServletWorkDir = new File(System.getProperty("java.io.tmpdir")).getAbsolutePath();

    public TomcatHttpService(ServiceContainer serviceContainer, JSONObject jSONObject) throws Builder.BuildFailure {
        super(serviceContainer, jSONObject);
        try {
            JSONObject evaluateJsonObject = serviceContainer.getExprEval().evaluateJsonObject(jSONObject);
            this.fSettings = JsonUtil.clone(evaluateJsonObject);
            this.fName = evaluateJsonObject.optString("name", "<anonymous>");
            this.fRunning = false;
            this.fLifeCycle = CHttpServlet.SessionLifeCycle.valueOf(evaluateJsonObject.optString("lifeCycle", CHttpServlet.SessionLifeCycle.NO_SESSION.toString()));
            this.fAccounts = (IamService) serviceContainer.getReqdIfNotNull(evaluateJsonObject.optString("accountService", null), IamService.class);
            MetricsService metricsService = (MetricsService) serviceContainer.getReqdIfNotNull(evaluateJsonObject.optString("metricsService", null), MetricsService.class);
            this.fMetrics = metricsService == null ? new NoopMetricsCatalog() : metricsService.getCatalog("http");
            this.fInspector = (CHttpObserverMgr) serviceContainer.getReqdIfNotNull(evaluateJsonObject.optString("inspector", null), CHttpObserverMgr.class);
            System.setProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "true");
            this.fTomcat = new Tomcat();
            String evaluateText = serviceContainer.getExprEval().evaluateText(evaluateJsonObject.optString(kSetting_TomcatBaseDir, kDefault_TomcatBaseDir));
            if (evaluateText != null && !evaluateText.isEmpty()) {
                this.fTomcat.setBaseDir(evaluateText);
            }
            this.fWorkDir = new File(evaluateJsonObject.optString(kSetting_ServletWorkDir, kDefault_ServletWorkDir));
            if (!this.fWorkDir.exists() && !this.fWorkDir.mkdirs()) {
                throw new Builder.BuildFailure("Couldn't create working directory " + this.fWorkDir.getAbsolutePath());
            }
            this.fKeystoreMonitors = Executors.newScheduledThreadPool(1);
            setupEndpoints(this.fTomcat, evaluateJsonObject);
        } catch (JSONException e) {
            throw new Builder.BuildFailure(e);
        }
    }

    public synchronized void start() throws Service.FailedToStart {
        try {
            CHttpServlet cHttpServlet = new CHttpServlet(this.fSettings, this.fLifeCycle, this.fMetrics, this.fInspector, this.fAccounts);
            Iterator it = getRouteInstallers().iterator();
            while (it.hasNext()) {
                cHttpServlet.addRouter((CHttpRouteInstaller) it.next());
            }
            Iterator it2 = getFilters().iterator();
            while (it2.hasNext()) {
                cHttpServlet.addFilter((CHttpFilter) it2.next());
            }
            Context addContext = this.fTomcat.addContext("", this.fWorkDir.getAbsolutePath());
            Tomcat.addServlet(addContext, "httpService", cHttpServlet);
            addContext.addServletMappingDecoded("/*", "httpService");
            try {
                this.fTomcat.start();
                this.fRunning = true;
                log.info("Service [{}] is listening.", this.fName);
            } catch (LifecycleException e) {
                log.warn("Couldn't start tomcat.", e);
                throw new Service.FailedToStart(e);
            }
        } catch (Builder.BuildFailure e2) {
            throw new Service.FailedToStart(e2);
        }
    }

    public synchronized void requestFinish() {
        try {
            this.fTomcat.stop();
            try {
                if (!this.fKeystoreMonitors.awaitTermination(30L, TimeUnit.SECONDS)) {
                    this.fKeystoreMonitors.shutdownNow();
                }
            } catch (InterruptedException e) {
                this.fKeystoreMonitors.shutdownNow();
            }
            this.fRunning = false;
        } catch (LifecycleException e2) {
            log.warn("Couldn't stop tomcat.", e2);
        }
    }

    public boolean isRunning() {
        return this.fRunning;
    }

    private void setupConnectorEndpoints(Tomcat tomcat, JSONArray jSONArray) throws Builder.BuildFailure {
        TreeSet treeSet = new TreeSet();
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONObject optJSONObject = jSONArray.optJSONObject(i);
            String optString = optJSONObject.optString("name", "connector-" + i);
            if (optJSONObject.optBoolean("enabled", true)) {
                boolean optBoolean = optJSONObject.optBoolean("secure", false);
                int optInt = optJSONObject.optInt("port", optBoolean ? kDefault_HttpsPort : 8080);
                if (optInt <= 0) {
                    throw new Builder.BuildFailure("Connector " + optString + " cannot listen on port " + optInt + ". (To disable this entry, set enable=false in this connector config.)");
                }
                if (treeSet.contains(Integer.valueOf(optInt))) {
                    throw new Builder.BuildFailure("Port " + optInt + " is already in use. Choose a different port for connector " + optString + ".");
                }
                Connector connector = new Connector(Http11NioProtocol.class.getName());
                connector.setPort(optInt);
                treeSet.add(Integer.valueOf(optInt));
                if (optBoolean) {
                    JSONObject optJSONObject2 = optJSONObject.optJSONObject(kSetting_Keystore);
                    if (optJSONObject2 == null) {
                        throw new Builder.BuildFailure("Connector " + optString + " is set to https but is missing the required keystore configuration block.");
                    }
                    TomcatTlsConfig build = new TomcatTlsConfig.Builder().fromJsonConfig(optJSONObject2).build();
                    build.writeToConnector(connector);
                    this.fKeystoreMonitors.scheduleAtFixedRate(() -> {
                        if (!build.hasUpdate()) {
                            log.info("Checked for keystore update on {}; none found.", optString);
                            return;
                        }
                        log.info("Connector {} has a keystore update...", optString);
                        build.writeToConnector(connector);
                        if (!isRunning()) {
                            log.info("Connector {} config updated, but the service is not running now.", optString);
                            return;
                        }
                        log.info("Connector {} config updated; reloading...", optString);
                        Http11NioProtocol protocolHandler = connector.getProtocolHandler();
                        if (protocolHandler instanceof Http11NioProtocol) {
                            protocolHandler.reloadSslHostConfigs();
                            log.info("Connector {} reloaded.", optString);
                        }
                    }, 5L, 5L, TimeUnit.MINUTES);
                }
                transferConnectorAttributes(connector, optJSONObject.optJSONObject("tomcat"));
                tomcat.getService().addConnector(connector);
                Logger logger = log;
                Object[] objArr = new Object[3];
                objArr[0] = this.fName;
                objArr[1] = optBoolean ? "https" : "http";
                objArr[2] = Integer.valueOf(optInt);
                logger.info("Service [{}] terminates {} on port {}.", objArr);
            } else {
                log.info("Skipping disabled connector {}.", optString);
            }
        }
    }

    private void setupEndpoints(Tomcat tomcat, JSONObject jSONObject) throws Builder.BuildFailure {
        JSONArray optJSONArray = jSONObject.optJSONArray("connectors");
        if (optJSONArray == null) {
            optJSONArray = new JSONArray();
            JSONObject optJSONObject = jSONObject.optJSONObject("http");
            JSONObject optJSONObject2 = jSONObject.optJSONObject("https");
            if (optJSONObject == null && optJSONObject2 == null) {
                optJSONObject = new JSONObject().put("port", jSONObject.optInt("port", 8080));
            }
            if (optJSONObject != null) {
                optJSONArray.put(optJSONObject);
            }
            if (optJSONObject2 != null) {
                optJSONArray.put(optJSONObject2);
            }
        }
        setupConnectorEndpoints(tomcat, optJSONArray);
    }

    private void transferConnectorAttributes(Connector connector, JSONObject jSONObject) {
        if (jSONObject == null) {
            return;
        }
        JsonVisitor.forEachElement(jSONObject, (str, obj) -> {
            connector.setProperty(str, String.valueOf(obj));
            return true;
        });
    }
}
