package com.mapr.fs.cldb.http;

import com.mapr.fs.cldb.CLDBServerHolder;
import com.mapr.fs.cldb.conf.CLDBConfiguration;
import com.mapr.fs.cldb.conf.CLDBConfigurationHolder;
import com.mapr.security.FipsLoader;
import com.mapr.web.security.SslConfig;
import com.mapr.web.security.WebSecurityConfig;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.InvalidParameterException;
import java.util.ArrayList;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ErrorHandler;
import org.eclipse.jetty.util.resource.Resource;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;
import org.xml.sax.SAXException;

/* loaded from: input_file:com/mapr/fs/cldb/http/HttpServer.class */
public class HttpServer {
    private final Logger logger = LogManager.getLogger(HttpServer.class);
    private static final String DEFAULT_KEYSTORE_TYPE = "jks";
    private static final String BCFKS_FIPS_KEYSTORE_TYPE = "bcfks";
    private static final CLDBConfiguration conf = CLDBConfigurationHolder.getInstance();
    private final Server webServer;
    protected final WebAppContext webAppContext;
    private SslContextFactory.Server sslContextFactory;

    public HttpServer() throws IOException, ParserConfigurationException, SAXException, URISyntaxException {
        ArrayList arrayList = new ArrayList();
        this.webServer = new Server();
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setSendServerVersion(false);
        arrayList.add(createHttpConnector(this.webServer, httpConfiguration));
        if (CLDBServerHolder.getInstance().isSecurityEnabled()) {
            FipsLoader.loadFipsProviders();
            HttpConfiguration httpConfiguration2 = new HttpConfiguration(httpConfiguration);
            this.sslContextFactory = newSslContextFactory();
            httpConfiguration2.addCustomizer(new SecureRequestCustomizer());
            ServerConnector serverConnector = new ServerConnector(this.webServer, new ConnectionFactory[]{new SslConnectionFactory(this.sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration2)});
            serverConnector.setPort(conf.getCLDBWebHttpsPort());
            arrayList.add(serverConnector);
        }
        this.webServer.setConnectors((Connector[]) arrayList.toArray(new Connector[arrayList.size()]));
        this.webServer.setErrorHandler(new ErrorHandler() { // from class: com.mapr.fs.cldb.http.HttpServer.1
            public void handle(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                new Exception().printStackTrace();
                doError(str, request, httpServletRequest, httpServletResponse);
            }
        });
        this.webAppContext = new WebAppContext();
        this.webAppContext.setContextPath("/");
        this.webAppContext.setWar(getWebAppsPath() + "/cldb");
        this.webServer.setHandler(this.webAppContext);
    }

    public void reloadSSLCertificate() {
        try {
            this.sslContextFactory.reload(sslContextFactory -> {
            });
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, null, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        } catch (Exception e) {
            this.logger.debug("Exception Occured while trying to reload SslContextFactory");
        }
    }

    private Connector createHttpConnector(Server server, HttpConfiguration httpConfiguration) {
        ServerConnector serverConnector = new ServerConnector(server, new ConnectionFactory[]{new HttpConnectionFactory(httpConfiguration)});
        serverConnector.setPort(conf.getCLDBWebPort());
        return serverConnector;
    }

    private static SslContextFactory.Server newSslContextFactory() throws IOException, ParserConfigurationException, SAXException, URISyntaxException {
        SslConfig sslConfig = WebSecurityConfig.CONFIG.getSslConfig(SslConfig.SslConfigScope.SCOPE_ALL);
        String serverKeystoreLocation = sslConfig.getServerKeystoreLocation();
        if (serverKeystoreLocation == null) {
            throw new FileNotFoundException("Missing value for server key store location");
        }
        String serverKeystoreType = sslConfig.getServerKeystoreType();
        if (serverKeystoreType == null) {
            serverKeystoreType = DEFAULT_KEYSTORE_TYPE;
        }
        char[] serverKeystorePassword = sslConfig.getServerKeystorePassword();
        if (serverKeystorePassword == null) {
            throw new FileNotFoundException("Missing value for server key store password");
        }
        try {
            String valueOf = String.valueOf(serverKeystorePassword);
            char[] serverKeyPassword = sslConfig.getServerKeyPassword();
            if (serverKeyPassword == null) {
                throw new FileNotFoundException("Missing value for server key store key password");
            }
            try {
                String valueOf2 = String.valueOf(serverKeyPassword);
                SslContextFactory.Server server = new SslContextFactory.Server();
                if (serverKeystoreType.equalsIgnoreCase(BCFKS_FIPS_KEYSTORE_TYPE)) {
                    server.setKeyManagerFactoryAlgorithm("PKIX");
                    server.setProvider("BCJSSE");
                    server.setKeyStoreType("BCFKS");
                }
                server.setKeyStoreResource(Resource.newResource(serverKeystoreLocation));
                server.setKeyStoreType(serverKeystoreType);
                server.setKeyStorePassword(valueOf);
                server.setKeyManagerPassword(valueOf2);
                return server;
            } catch (Exception e) {
                throw new InvalidParameterException("Cannot convert server key store key password to string");
            }
        } catch (Exception e2) {
            throw new InvalidParameterException("Cannot convert server key store password to string");
        }
    }

    public void setAttribute(String str, Object obj) {
        this.webAppContext.setAttribute(str, obj);
    }

    public Object getAttribute(String str) {
        return this.webAppContext.getAttribute(str);
    }

    protected String getWebAppsPath() throws IOException {
        URL resource = getClass().getClassLoader().getResource("webapps");
        if (resource == null) {
            throw new IOException("webapps not found in CLASSPATH");
        }
        return resource.toString();
    }

    public void start() throws Exception {
        this.webServer.start();
    }

    public void stop() throws Exception {
        this.webServer.stop();
    }

    public long getKeyStoreModifiedTime() {
        try {
            String serverKeystoreLocation = WebSecurityConfig.CONFIG.getSslConfig(SslConfig.SslConfigScope.SCOPE_ALL).getServerKeystoreLocation();
            if (serverKeystoreLocation == null) {
                return 0L;
            }
            return new File(serverKeystoreLocation).lastModified();
        } catch (Exception e) {
            return 0L;
        }
    }

    public long getTrustStoreModifiedTime() {
        try {
            String serverTruststoreLocation = WebSecurityConfig.CONFIG.getSslConfig(SslConfig.SslConfigScope.SCOPE_ALL).getServerTruststoreLocation();
            if (serverTruststoreLocation == null) {
                return 0L;
            }
            return new File(serverTruststoreLocation).lastModified();
        } catch (Exception e) {
            return 0L;
        }
    }
}
