package de.gsi.acc.remote;

import de.gsi.acc.remote.admin.RestServerAdmin;
import de.gsi.acc.remote.login.LoginController;
import de.gsi.acc.remote.user.RestUserHandler;
import de.gsi.acc.remote.user.RestUserHandlerImpl;
import de.gsi.acc.remote.util.MessageBundle;
import de.gsi.dataset.remote.MimeType;
import io.javalin.Javalin;
import io.javalin.apibuilder.ApiBuilder;
import io.javalin.core.JavalinServer;
import io.javalin.core.compression.Brotli;
import io.javalin.core.compression.Gzip;
import io.javalin.core.event.HandlerMetaInfo;
import io.javalin.core.security.Role;
import io.javalin.core.util.RouteOverviewPlugin;
import io.javalin.http.Context;
import io.javalin.http.sse.SseClient;
import io.javalin.http.util.RateLimit;
import io.javalin.http.util.RedirectToLowercasePathPlugin;
import io.javalin.plugin.metrics.MicrometerPlugin;
import io.javalin.plugin.openapi.OpenApiOptions;
import io.javalin.plugin.openapi.OpenApiPlugin;
import io.javalin.plugin.openapi.annotations.HttpMethod;
import io.javalin.plugin.openapi.ui.ReDocOptions;
import io.javalin.plugin.openapi.ui.SwaggerOptions;
import io.swagger.v3.oas.models.info.Info;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.DatagramSocket;
import java.net.InetAddress;
import java.net.SocketException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.UnknownHostException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Collections;
import java.util.Objects;
import java.util.Queue;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.TimeUnit;
import java.util.function.Consumer;
import java.util.function.Supplier;
import javafx.collections.FXCollections;
import javafx.collections.ObservableList;
import javax.servlet.ServletOutputStream;
import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory;
import org.eclipse.jetty.http2.HTTP2Cipher;
import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.session.SessionHandler;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/gsi/acc/remote/RestServer.class */
public final class RestServer {
    public static final String TAG_REST_SERVER_HOST_NAME = "restServerHostName";
    public static final String TAG_REST_SERVER_PORT = "restServerPort";
    public static final String TAG_REST_SERVER_PORT2 = "restServerPort2";
    private static final String REST_KEY_STORE = "restKeyStore";
    private static final String REST_KEY_STORE_PASSWORD = "restKeyStorePassword";
    private static final String DEFAULT_HOST_NAME = "0";
    private static final int DEFAULT_PORT = 8080;
    private static final int DEFAULT_PORT2 = 8443;
    private static final String REST_PROTOCOL = "protocol";
    private static final String TEMPLATE_UNAUTHORISED = "/velocity/errors/unauthorised.vm";
    private static final String TEMPLATE_ACCESS_DENIED = "/velocity/errors/accessDenied.vm";
    private static final String TEMPLATE_NOT_FOUND = "/velocity/errors/notFound.vm";
    private static Javalin instance;
    private static final Consumer<HandlerMetaInfo> ENDPOINT_ADDED_HANDLER;
    private static final Logger LOGGER = LoggerFactory.getLogger(RestServer.class);
    private static MimeType defaultProtocol = MimeType.HTML;
    private static RestUserHandler userHandler = new RestUserHandlerImpl();
    private static final ConcurrentMap<String, Queue<SseClient>> EVENT_LISTENER_SSE = new ConcurrentHashMap();
    private static final ObservableList<HandlerMetaInfo> ENDPOINTS = FXCollections.observableArrayList();

    private RestServer() {
    }

    public static void addLongPollingCookie(Context context, String str, long j) {
        context.res.addHeader("Set-Cookie", str + "=" + j + "; Comment=\"stores the servcer-side time stamp of the last valid update (required for long-polling)\"; Expires=-1; SameSite=Strict;");
    }

    public static void applyRateLimit(Context context, int i, TimeUnit timeUnit) {
        new RateLimit(context).requestPerTimeUnit(i, timeUnit);
    }

    public static Set<Role> getDefaultRole() {
        return Collections.singleton(BasicRestRoles.ANYONE);
    }

    public static ObservableList<HandlerMetaInfo> getEndpoints() {
        return ENDPOINTS;
    }

    public static Queue<SseClient> getEventClients(@NotNull String str) {
        if (str.isEmpty()) {
            throw new IllegalArgumentException("endpointNmae must not be empty");
        }
        return EVENT_LISTENER_SSE.computeIfAbsent(prefixPath(str), str2 -> {
            return new ConcurrentLinkedQueue();
        });
    }

    public static String getHostName() {
        return System.getProperty(TAG_REST_SERVER_HOST_NAME, DEFAULT_HOST_NAME);
    }

    public static int getHostPort() {
        String property = System.getProperty(TAG_REST_SERVER_PORT, Integer.toString(DEFAULT_PORT));
        try {
            return Integer.parseInt(property);
        } catch (NumberFormatException e) {
            LOGGER.atError().addArgument(TAG_REST_SERVER_PORT).addArgument(property).addArgument(Integer.valueOf(DEFAULT_PORT)).log("could not parse {}='{}' return default port {}");
            return DEFAULT_PORT;
        }
    }

    public static int getHostPort2() {
        String property = System.getProperty(TAG_REST_SERVER_PORT2, Integer.toString(DEFAULT_PORT2));
        try {
            return Integer.parseInt(property);
        } catch (NumberFormatException e) {
            LOGGER.atError().addArgument(TAG_REST_SERVER_PORT2).addArgument(property).addArgument(Integer.valueOf(DEFAULT_PORT2)).log("could not parse {}='{}' return default port {}");
            return DEFAULT_PORT2;
        }
    }

    public static Javalin getInstance() {
        if (instance == null) {
            startRestServer();
        }
        return instance;
    }

    public static String getRequestedProtocol(Context context, String... strArr) {
        String mimeType = strArr.length == 0 ? getDefaultProtocol().toString() : strArr[0];
        String header = context.header("Accept");
        String queryParam = context.queryParam(REST_PROTOCOL);
        if (header != null && !header.isBlank()) {
            mimeType = header;
        }
        if (queryParam != null && !queryParam.isBlank()) {
            mimeType = queryParam;
        }
        return mimeType;
    }

    public static MimeType getRequestedMimeProtocol(Context context, MimeType... mimeTypeArr) {
        String[] strArr = new String[1];
        strArr[0] = mimeTypeArr.length == 0 ? getDefaultProtocol().toString() : mimeTypeArr[0].toString();
        return MimeType.getEnum(getRequestedProtocol(context, strArr));
    }

    public static URI getLocalURI() {
        try {
            return new URI("http://localhost:" + getHostPort());
        } catch (URISyntaxException e) {
            LOGGER.atError().setCause(e).log("getLocalURL()");
            return null;
        }
    }

    public static URI getPublicURI() {
        String localHostName = getLocalHostName();
        try {
            DatagramSocket datagramSocket = new DatagramSocket();
            try {
                URI uri = new URI("https://" + localHostName + ":" + getHostPort2());
                datagramSocket.close();
                return uri;
            } finally {
            }
        } catch (SocketException | URISyntaxException e) {
            LOGGER.atError().setCause(e).log("getPublicURL()");
            return null;
        }
    }

    public static Set<Role> getSessionCurrentRoles(Context context) {
        return LoginController.getSessionCurrentRoles(context);
    }

    public static String getSessionCurrentUser(Context context) {
        return LoginController.getSessionCurrentUser(context);
    }

    public static String getSessionLocale(Context context) {
        return LoginController.getSessionLocale(context);
    }

    public static RestUserHandler getUserHandler() {
        return userHandler;
    }

    public static String prefixPath(@NotNull String str) {
        return ApiBuilder.prefixPath(str);
    }

    public static void setUserHandler(RestUserHandler restUserHandler) {
        LOGGER.atWarn().addArgument(restUserHandler.getClass().getCanonicalName()).log("replacing default user handler with '{}'");
        userHandler = restUserHandler;
    }

    public static void startRestServer() {
        instance = Javalin.create(javalinConfig -> {
            javalinConfig.enableCorsForAllOrigins();
            javalinConfig.addStaticFiles("/public");
            javalinConfig.showJavalinBanner = false;
            javalinConfig.defaultContentType = getDefaultProtocol().toString();
            javalinConfig.compressionStrategy((Brotli) null, new Gzip(2));
            javalinConfig.server(RestServer::createHttp2Server);
            javalinConfig.registerPlugin(new RedirectToLowercasePathPlugin());
            javalinConfig.registerPlugin(new RouteOverviewPlugin("/admin/endpoints", Collections.singleton(BasicRestRoles.ADMIN)));
            javalinConfig.registerPlugin(new MicrometerPlugin());
            javalinConfig.sessionHandler(getCustomSessionHandlerSupplier());
            javalinConfig.registerPlugin(new OpenApiPlugin(getOpenApiOptions()));
        }).events(eventListener -> {
            eventListener.handlerAdded(ENDPOINT_ADDED_HANDLER);
        });
        instance.start();
        LoginController.register();
        RestServerAdmin.register();
        instance.error(401, context -> {
            context.render(TEMPLATE_UNAUTHORISED, MessageBundle.baseModel(context));
        });
        instance.error(403, context2 -> {
            context2.render(TEMPLATE_ACCESS_DENIED, MessageBundle.baseModel(context2));
        });
        instance.error(404, context3 -> {
            context3.render(TEMPLATE_NOT_FOUND, MessageBundle.baseModel(context3));
        });
    }

    private static OpenApiOptions getOpenApiOptions() {
        return new OpenApiOptions(new Info().version("1.0").description("My Application")).path("/swagger-docs").ignorePath("/admin/endpoints", new HttpMethod[]{HttpMethod.GET}).swagger(new SwaggerOptions("/swagger").title("My Swagger Documentation")).reDoc(new ReDocOptions("/redoc").title("My ReDoc Documentation"));
    }

    public static void startRestServer(int i, int i2) {
        System.setProperty(TAG_REST_SERVER_PORT, Integer.toString(i));
        System.setProperty(TAG_REST_SERVER_PORT2, Integer.toString(i2));
        startRestServer();
    }

    public static void startRestServer(String str, int i, int i2) {
        System.setProperty(TAG_REST_SERVER_HOST_NAME, str);
        System.setProperty(TAG_REST_SERVER_PORT, Integer.toString(i));
        System.setProperty(TAG_REST_SERVER_PORT2, Integer.toString(i2));
        startRestServer();
    }

    public static void stopRestServer() {
        if (((JavalinServer) Objects.requireNonNull(getInstance().server())).server().isRunning()) {
            getInstance().stop();
        }
    }

    public static void suppressCaching(Context context) {
        context.res.addHeader("Cache-Control", "no-store");
        context.res.addHeader("Pragma", "no-cache");
        context.res.addHeader("Expires", DEFAULT_HOST_NAME);
    }

    public static void writeBytesToContext(@NotNull Context context, byte[] bArr, int i) {
        try {
            ServletOutputStream outputStream = context.res.getOutputStream();
            try {
                outputStream.write(bArr, 0, i);
                outputStream.flush();
                if (outputStream != null) {
                    outputStream.close();
                }
            } finally {
            }
        } catch (IOException e) {
            LOGGER.atError().setCause(e);
        }
    }

    private static Server createHttp2Server() {
        Server server = new Server();
        ServerConnector serverConnector = new ServerConnector(server);
        try {
            String hostName = getHostName();
            int hostPort = getHostPort();
            LOGGER.atInfo().addArgument(getLocalHostName()).log("local hostname = '{}'");
            LOGGER.atInfo().addArgument(hostName).addArgument(Integer.valueOf(hostPort)).log("create HTTP 1.x connector at 'http://{}:{}'");
            serverConnector.setHost(hostName);
            serverConnector.setPort(hostPort);
            server.addConnector(serverConnector);
            serverConnector.close();
            HttpConfiguration httpConfiguration = new HttpConfiguration();
            httpConfiguration.setSendServerVersion(false);
            httpConfiguration.setSecureScheme("https");
            httpConfiguration.setSecurePort(getHostPort2());
            HttpConfiguration httpConfiguration2 = new HttpConfiguration(httpConfiguration);
            httpConfiguration2.addCustomizer(new SecureRequestCustomizer());
            ConnectionFactory hTTP2ServerConnectionFactory = new HTTP2ServerConnectionFactory(httpConfiguration2);
            ConnectionFactory aLPNServerConnectionFactory = new ALPNServerConnectionFactory(new String[0]);
            aLPNServerConnectionFactory.setDefaultProtocol("h2");
            ServerConnector serverConnector2 = new ServerConnector(server, new ConnectionFactory[]{new SslConnectionFactory(createSslContextFactory(), aLPNServerConnectionFactory.getProtocol()), aLPNServerConnectionFactory, hTTP2ServerConnectionFactory, new HttpConnectionFactory(httpConfiguration2)});
            try {
                String hostName2 = getHostName();
                int hostPort2 = getHostPort2();
                LOGGER.atInfo().addArgument(hostName2).addArgument(Integer.valueOf(hostPort2)).log("create HTTP/2 connector at 'http://{}:{}'");
                serverConnector2.setHost(hostName2);
                serverConnector2.setPort(hostPort2);
                server.addConnector(serverConnector2);
                serverConnector2.close();
                return server;
            } catch (Throwable th) {
                try {
                    serverConnector2.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (Throwable th3) {
            try {
                serverConnector.close();
            } catch (Throwable th4) {
                th3.addSuppressed(th4);
            }
            throw th3;
        }
    }

    public static MimeType getDefaultProtocol() {
        return defaultProtocol;
    }

    public static void setDefaultProtocol(MimeType mimeType) {
        defaultProtocol = mimeType;
    }

    private static SslContextFactory createSslContextFactory() {
        String property = System.getProperty(REST_KEY_STORE, null);
        String property2 = System.getProperty(REST_KEY_STORE_PASSWORD, null);
        if (property == null || property2 == null) {
            LOGGER.atInfo().addArgument(property).addArgument(property2).log("using internal keyStore {} and/or keyStorePasswordFile {} -- PLEASE CHANGE FOR PRODUCTION -- THIS IS UNSAFE PRACTICE");
        }
        LOGGER.atInfo().addArgument(property).log("using keyStore at '{}'");
        LOGGER.atInfo().addArgument(property2).log("using keyStorePasswordFile at '{}'");
        boolean z = true;
        String str = null;
        KeyStore keyStore = null;
        try {
            BufferedReader bufferedReader = property2 == null ? new BufferedReader(new InputStreamReader(RestServer.class.getResourceAsStream("/keystore.pwd"), StandardCharsets.UTF_8)) : Files.newBufferedReader(Paths.get(property2, new String[0]), StandardCharsets.UTF_8);
            try {
                str = bufferedReader.readLine();
                if (bufferedReader != null) {
                    bufferedReader.close();
                }
            } finally {
            }
        } catch (IOException e) {
            z = false;
            LOGGER.atError().setCause(e).addArgument(property2).log("error while reading key store password from '{}'");
        }
        if (z && str != null) {
            try {
                InputStream resourceAsStream = property == null ? RestServer.class.getResourceAsStream("/keystore.jks") : Files.newInputStream(Paths.get(property, new String[0]), new OpenOption[0]);
                try {
                    keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(resourceAsStream, str.toCharArray());
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                } finally {
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                z = false;
                LOGGER.atError().setCause(e2).addArgument(property == null ? "internal" : property).log("error while reading key store from '{}'");
            }
        }
        SslContextFactory sslContextFactory = new SslContextFactory(true) { // from class: de.gsi.acc.remote.RestServer.1
        };
        if (z) {
            sslContextFactory.setKeyStore(keyStore);
            sslContextFactory.setKeyStorePassword(str);
        }
        sslContextFactory.setCipherComparator(HTTP2Cipher.COMPARATOR);
        sslContextFactory.setProvider("Conscrypt");
        return sslContextFactory;
    }

    private static Supplier<SessionHandler> getCustomSessionHandlerSupplier() {
        SessionHandler sessionHandler = new SessionHandler();
        sessionHandler.getSessionCookieConfig().setHttpOnly(true);
        sessionHandler.getSessionCookieConfig().setSecure(true);
        sessionHandler.getSessionCookieConfig().setComment("__SAME_SITE_STRICT__");
        return () -> {
            return sessionHandler;
        };
    }

    private static String getLocalHostName() {
        try {
            DatagramSocket datagramSocket = new DatagramSocket();
            try {
                datagramSocket.connect(InetAddress.getByName("8.8.8.8"), 10002);
                if (datagramSocket.getLocalAddress() == null) {
                    throw new UnknownHostException("bogus exception can be ignored");
                }
                String hostAddress = datagramSocket.getLocalAddress().getHostAddress();
                if (hostAddress != null) {
                    datagramSocket.close();
                    return hostAddress;
                }
                datagramSocket.close();
                return "localhost";
            } finally {
            }
        } catch (SocketException | UnknownHostException e) {
            LOGGER.atError().setCause(e).log("getLocalHostName()");
            return "localhost";
        }
    }

    static {
        ObservableList<HandlerMetaInfo> observableList = ENDPOINTS;
        Objects.requireNonNull(observableList);
        ENDPOINT_ADDED_HANDLER = (v1) -> {
            r0.add(v1);
        };
    }
}
