package org.kaazing.gateway.server.context.resolve;

import java.io.File;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.ServiceLoader;
import java.util.concurrent.TimeUnit;
import javax.annotation.Resource;
import javax.management.MBeanServer;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import org.kaazing.gateway.resource.address.ResourceAddressFactory;
import org.kaazing.gateway.security.AuthenticationContext;
import org.kaazing.gateway.security.CrossSiteConstraintContext;
import org.kaazing.gateway.security.RealmContext;
import org.kaazing.gateway.security.SecurityContext;
import org.kaazing.gateway.security.auth.BasicLoginModule;
import org.kaazing.gateway.security.auth.NegotiateLoginModule;
import org.kaazing.gateway.security.auth.TimeoutLoginModule;
import org.kaazing.gateway.server.Gateway;
import org.kaazing.gateway.server.Launcher;
import org.kaazing.gateway.server.config.SchemeConfig;
import org.kaazing.gateway.server.config.parse.DefaultSchemeConfig;
import org.kaazing.gateway.server.config.sep2014.AuthenticationType;
import org.kaazing.gateway.server.config.sep2014.AuthorizationConstraintType;
import org.kaazing.gateway.server.config.sep2014.ClusterConnectOptionsType;
import org.kaazing.gateway.server.config.sep2014.ClusterType;
import org.kaazing.gateway.server.config.sep2014.CrossSiteConstraintType;
import org.kaazing.gateway.server.config.sep2014.GatewayConfigDocument;
import org.kaazing.gateway.server.config.sep2014.LoginModuleOptionsType;
import org.kaazing.gateway.server.config.sep2014.LoginModuleType;
import org.kaazing.gateway.server.config.sep2014.MimeMappingType;
import org.kaazing.gateway.server.config.sep2014.RealmType;
import org.kaazing.gateway.server.config.sep2014.SecurityType;
import org.kaazing.gateway.server.config.sep2014.ServiceAcceptOptionsType;
import org.kaazing.gateway.server.config.sep2014.ServiceConnectOptionsType;
import org.kaazing.gateway.server.config.sep2014.ServiceDefaultsType;
import org.kaazing.gateway.server.config.sep2014.ServicePropertiesType;
import org.kaazing.gateway.server.config.sep2014.ServiceType;
import org.kaazing.gateway.server.context.DependencyContext;
import org.kaazing.gateway.server.context.GatewayContext;
import org.kaazing.gateway.server.service.ServiceRegistry;
import org.kaazing.gateway.service.Service;
import org.kaazing.gateway.service.ServiceContext;
import org.kaazing.gateway.service.ServiceFactory;
import org.kaazing.gateway.service.ServiceProperties;
import org.kaazing.gateway.service.cluster.ClusterConnectOptionsContext;
import org.kaazing.gateway.service.cluster.ClusterContext;
import org.kaazing.gateway.service.cluster.MemberId;
import org.kaazing.gateway.transport.BridgeAcceptor;
import org.kaazing.gateway.transport.BridgeConnector;
import org.kaazing.gateway.transport.BridgeServiceFactory;
import org.kaazing.gateway.transport.Transport;
import org.kaazing.gateway.transport.TransportFactory;
import org.kaazing.gateway.util.GL;
import org.kaazing.gateway.util.InternalSystemProperty;
import org.kaazing.gateway.util.Utils;
import org.kaazing.gateway.util.aws.AwsUtils;
import org.kaazing.gateway.util.scheduler.SchedulerProvider;
import org.kaazing.gateway.util.ssl.SslCipherSuites;
import org.slf4j.Logger;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/kaazing/gateway/server/context/resolve/GatewayContextResolver.class */
public class GatewayContextResolver {
    public static final String AUTHORIZATION_MODE_CHALLENGE = "challenge";
    public static final String AUTH_SCHEME_BASIC = "Basic";
    public static final String AUTH_SCHEME_NEGOTIATE = "Negotiate";
    public static final String AUTH_SCHEME_APPLICATION_TOKEN = "Application Token";
    public static final String AUTH_SCHEME_APPLICATION_PREFIX = "Application ";
    private static final String SERVICE_TYPE_CLASS_PREFIX = "class:";
    private static final String LOGIN_MODULE_TYPE_CLASS_PREFIX = "class:";
    private final Map<String, String> loginModuleClassNames;
    private final Map<String, AppConfigurationEntry.LoginModuleControlFlag> loginModuleControlFlags;
    private final File webDir;
    private final File tempDir;
    private final MBeanServer jmxMBeanServer;
    private final Map<String, SchemeConfig> schemeConfigsByName;
    private final Map<String, DefaultTransportContext> transportContextsBySchemeName;
    private final Map<String, DefaultTransportContext> transportContextsByName;
    private ContextResolver<SecurityType, DefaultSecurityContext> securityResolver;
    private static final Logger LOGGER = Launcher.getGatewayStartupLogger();
    private static final Map<String, String> defaultMimeMappings = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/kaazing/gateway/server/context/resolve/GatewayContextResolver$HttpMethod.class */
    public enum HttpMethod {
        OPTIONS,
        GET,
        HEAD,
        POST,
        PUT,
        DELETE,
        TRACE,
        CONNECT
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/kaazing/gateway/server/context/resolve/GatewayContextResolver$SingletonConfiguration.class */
    public static class SingletonConfiguration extends Configuration {
        private final Map<String, AppConfigurationEntry[]> configurationEntries;

        public SingletonConfiguration(String str, Collection<AppConfigurationEntry> collection) {
            this.configurationEntries = Collections.singletonMap(str, collection.toArray(new AppConfigurationEntry[collection.size()]));
        }

        public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
            return this.configurationEntries.get(str);
        }

        public void setAppConfigurationEntry(String str, AppConfigurationEntry[] appConfigurationEntryArr) {
            this.configurationEntries.put(str, appConfigurationEntryArr);
        }
    }

    public GatewayContextResolver(File file, File file2, File file3) {
        this(file, file2, file3, (MBeanServer) null);
    }

    public GatewayContextResolver(File file, File file2, File file3, MBeanServer mBeanServer) {
        this(new SecurityContextResolver(file, LOGGER), file2, file3, mBeanServer);
    }

    public GatewayContextResolver(ContextResolver<SecurityType, DefaultSecurityContext> contextResolver, File file, File file2) {
        this(contextResolver, file, file2, (MBeanServer) null);
    }

    public GatewayContextResolver(ContextResolver<SecurityType, DefaultSecurityContext> contextResolver, File file, File file2, MBeanServer mBeanServer) {
        this.securityResolver = contextResolver;
        this.webDir = file;
        this.tempDir = file2;
        this.jmxMBeanServer = mBeanServer;
        this.loginModuleClassNames = new HashMap();
        HashMap hashMap = new HashMap();
        hashMap.put("optional", AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL);
        hashMap.put("required", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED);
        hashMap.put("requisite", AppConfigurationEntry.LoginModuleControlFlag.REQUISITE);
        hashMap.put("sufficient", AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT);
        this.loginModuleControlFlags = hashMap;
        this.schemeConfigsByName = new HashMap();
        this.transportContextsBySchemeName = new HashMap();
        this.transportContextsByName = new HashMap();
        SslCipherSuites.init();
    }

    public GatewayContext resolve(GatewayConfigDocument gatewayConfigDocument) throws Exception {
        return resolve(gatewayConfigDocument, System.getProperties());
    }

    public GatewayContext resolve(GatewayConfigDocument gatewayConfigDocument, Properties properties) throws Exception {
        GatewayConfigDocument.GatewayConfig gatewayConfig = gatewayConfigDocument.getGatewayConfig();
        Collection<? extends SchemeConfig> linkedList = new LinkedList<>();
        SecurityType[] securityArray = gatewayConfig.getSecurityArray();
        SecurityType securityType = securityArray.length > 0 ? securityArray[securityArray.length - 1] : null;
        ServiceType[] serviceArray = gatewayConfig.getServiceArray();
        ServiceDefaultsType[] serviceDefaultsArray = gatewayConfig.getServiceDefaultsArray();
        ServiceDefaultsType serviceDefaultsType = serviceDefaultsArray.length > 0 ? serviceDefaultsArray[serviceDefaultsArray.length - 1] : null;
        ClusterType[] clusterArray = gatewayConfig.getClusterArray();
        ClusterType clusterType = clusterArray.length > 0 ? clusterArray[clusterArray.length - 1] : null;
        DefaultSecurityContext resolve = this.securityResolver.resolve(securityType);
        RealmsContext resolveRealms = resolveRealms(securityType, resolve, properties);
        DefaultServiceDefaultsContext resolveServiceDefaults = resolveServiceDefaults(serviceDefaultsType);
        SchedulerProvider schedulerProvider = new SchedulerProvider(properties);
        ClusterContext resolveCluster = resolveCluster(clusterType, schedulerProvider);
        ServiceRegistry serviceRegistry = new ServiceRegistry();
        Map<String, Object> resolveDependencyContext = resolveDependencyContext();
        ResourceAddressFactory resolveResourceAddressFactories = resolveResourceAddressFactories();
        TransportFactory newTransportFactory = TransportFactory.newTransportFactory(properties);
        Collection<ServiceContext> resolveServices = resolveServices(serviceRegistry, this.webDir, this.tempDir, serviceArray, resolve, resolveRealms, resolveCluster, serviceDefaultsType, schedulerProvider, resolveDependencyContext, properties, newTransportFactory, ServiceFactory.newServiceFactory(), resolveResourceAddressFactories, serviceDefaultsType);
        resolveTransports(newTransportFactory);
        BridgeServiceFactory resolveBridgeServiceFactory = resolveBridgeServiceFactory(newTransportFactory);
        DefaultGatewayContext defaultGatewayContext = new DefaultGatewayContext(resolveSchemes(resolveServices, linkedList, properties, resolveResourceAddressFactories), this.transportContextsBySchemeName, resolveRealms, resolveServiceDefaults, resolveServices, serviceRegistry, this.webDir, this.tempDir, resolveCluster, schedulerProvider);
        Map<String, Object> hashMap = new HashMap<>();
        hashMap.putAll(resolveDependencyContext);
        hashMap.put("serviceRegistry", serviceRegistry);
        hashMap.put("realmsContext", resolveRealms);
        hashMap.put("tempDirectory", this.tempDir);
        hashMap.put("securityContext", resolve);
        hashMap.put("clusterContext", resolveCluster);
        hashMap.put("gatewayContext", defaultGatewayContext);
        hashMap.put("schedulerProvider", schedulerProvider);
        hashMap.put("configuration", properties);
        hashMap.put("mbeanServer", this.jmxMBeanServer);
        hashMap.put("bridgeServiceFactory", resolveBridgeServiceFactory);
        hashMap.put("resourceAddressFactory", resolveResourceAddressFactories);
        hashMap.put("transportFactory", newTransportFactory);
        defaultGatewayContext.getInjectables().putAll(hashMap);
        injectResources(resolveServices, resolveBridgeServiceFactory, resolveDependencyContext, hashMap);
        return defaultGatewayContext;
    }

    private BridgeServiceFactory resolveBridgeServiceFactory(TransportFactory transportFactory) {
        return new BridgeServiceFactory(transportFactory);
    }

    private ResourceAddressFactory resolveResourceAddressFactories() {
        return ResourceAddressFactory.newResourceAddressFactory();
    }

    private Map<String, DefaultSchemeContext> resolveSchemes(Collection<? extends ServiceContext> collection, Collection<? extends SchemeConfig> collection2, Properties properties, ResourceAddressFactory resourceAddressFactory) throws Exception {
        HashSet<String> hashSet = new HashSet();
        for (ServiceContext serviceContext : collection) {
            Iterator it = serviceContext.getAccepts().iterator();
            while (it.hasNext()) {
                hashSet.add(((URI) it.next()).getScheme());
            }
            Iterator it2 = serviceContext.getConnects().iterator();
            while (it2.hasNext()) {
                hashSet.add(((URI) it2.next()).getScheme());
            }
            ServiceProperties properties2 = serviceContext.getProperties();
            String str = properties2.get("accept");
            if (str != null) {
                hashSet.add(new URI(str.trim()).getScheme());
            }
            String str2 = properties2.get("connect");
            if (str2 != null) {
                hashSet.add(new URI(str2.trim()).getScheme());
            }
        }
        if (hashSet.contains("ws")) {
            hashSet.add("http");
            hashSet.add("httpx");
            hashSet.add("httpxe");
            hashSet.add("wsn");
            hashSet.add("wsx");
        }
        if (hashSet.contains("wss")) {
            hashSet.add("https");
            hashSet.add("httpx+ssl");
            hashSet.add("httpxe+ssl");
            hashSet.add("wsn+ssl");
            hashSet.add("wsx+ssl");
        }
        if (hashSet.contains("sse")) {
            hashSet.add("httpxe");
        }
        if (hashSet.contains("sse+ssl")) {
            hashSet.add("httpxe+ssl");
        }
        hashSet.add("tcp");
        for (SchemeConfig schemeConfig : collection2) {
            String name = schemeConfig.getName();
            this.schemeConfigsByName.put(name, schemeConfig);
            hashSet.add(name);
        }
        HashMap hashMap = new HashMap();
        for (String str3 : hashSet) {
            if (((DefaultSchemeContext) hashMap.get(str3)) == null) {
                SchemeConfig supplySchemeConfig = supplySchemeConfig(str3);
                int defaultPort = supplySchemeConfig.getDefaultPort();
                String transportName = supplySchemeConfig.getTransportName();
                DefaultTransportContext defaultTransportContext = this.transportContextsByName.get(transportName);
                if (defaultTransportContext == null) {
                    throw new IllegalArgumentException("Missing transport \"" + transportName + "\"");
                }
                hashMap.put(str3, new DefaultSchemeContext(str3, defaultPort, resourceAddressFactory));
                this.transportContextsBySchemeName.put(str3, defaultTransportContext);
            }
        }
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v3, types: [org.kaazing.gateway.server.config.SchemeConfig] */
    private SchemeConfig supplySchemeConfig(String str) {
        DefaultSchemeConfig defaultSchemeConfig = this.schemeConfigsByName.get(str);
        if (defaultSchemeConfig == null) {
            defaultSchemeConfig = findSchemeConfig(str);
            if (defaultSchemeConfig == null) {
                throw new IllegalArgumentException("Missing scheme \"" + str + "\"");
            }
            if (defaultSchemeConfig != null) {
                this.schemeConfigsByName.put(str, defaultSchemeConfig);
            }
        }
        return defaultSchemeConfig;
    }

    private DefaultServiceDefaultsContext resolveServiceDefaults(ServiceDefaultsType serviceDefaultsType) {
        if (serviceDefaultsType == null) {
            return null;
        }
        ServiceAcceptOptionsType acceptOptions = serviceDefaultsType.getAcceptOptions();
        DefaultAcceptOptionsContext defaultAcceptOptionsContext = acceptOptions != null ? new DefaultAcceptOptionsContext(null, acceptOptions) : null;
        ServiceConnectOptionsType connectOptions = serviceDefaultsType.getConnectOptions();
        DefaultConnectOptionsContext defaultConnectOptionsContext = connectOptions != null ? new DefaultConnectOptionsContext(null, connectOptions) : null;
        HashMap hashMap = null;
        MimeMappingType[] mimeMappingArray = serviceDefaultsType.getMimeMappingArray();
        if (mimeMappingArray != null) {
            hashMap = new HashMap();
            for (MimeMappingType mimeMappingType : mimeMappingArray) {
                hashMap.put(mimeMappingType.getExtension(), mimeMappingType.getMimeType());
            }
        }
        return new DefaultServiceDefaultsContext(defaultAcceptOptionsContext, defaultConnectOptionsContext, hashMap);
    }

    private Collection<ServiceContext> resolveServices(ServiceRegistry serviceRegistry, File file, File file2, ServiceType[] serviceTypeArr, SecurityContext securityContext, RealmsContext realmsContext, ClusterContext clusterContext, ServiceDefaultsType serviceDefaultsType, SchedulerProvider schedulerProvider, Map<String, Object> map, Properties properties, TransportFactory transportFactory, ServiceFactory serviceFactory, ResourceAddressFactory resourceAddressFactory, ServiceDefaultsType serviceDefaultsType2) throws Exception {
        Service newService;
        HashSet hashSet = new HashSet();
        HashMap hashMap = new HashMap();
        hashMap.putAll(defaultMimeMappings);
        if (serviceDefaultsType != null) {
            for (MimeMappingType mimeMappingType : serviceDefaultsType.getMimeMappingArray()) {
                hashMap.put(mimeMappingType.getExtension().toLowerCase(), mimeMappingType.getMimeType());
            }
        }
        ArrayList arrayList = new ArrayList();
        for (ServiceType serviceType : serviceTypeArr) {
            String name = serviceType.getName();
            String description = serviceType.getDescription();
            String[] acceptArray = serviceType.getAcceptArray();
            String[] balanceArray = serviceType.getBalanceArray();
            String[] connectArray = serviceType.getConnectArray();
            String type = serviceType.getType();
            if (type.startsWith("class:")) {
                String substring = type.substring("class:".length());
                try {
                    Class<?> cls = Class.forName(substring);
                    if (!Service.class.isAssignableFrom(cls)) {
                        throw new IllegalArgumentException("Incompatible gateway service class: " + substring);
                    }
                    newService = (Service) cls.newInstance();
                } catch (ClassNotFoundException e) {
                    throw new IllegalArgumentException("Unknown gateway service class: " + substring);
                }
            } else {
                newService = serviceFactory.newService(type);
                if (newService == null) {
                    throw new IllegalArgumentException("Unrecognized service type: " + type);
                }
            }
            DefaultServiceProperties parsePropertiesType = parsePropertiesType(serviceType.getProperties());
            Collection<URI> resolveURIs = resolveURIs(acceptArray);
            Collection<URI> resolveURIs2 = resolveURIs(balanceArray);
            Collection<URI> resolveURIs3 = resolveURIs(connectArray);
            String str = parsePropertiesType.get("accept");
            if (str != null) {
                parsePropertiesType.put("accept", resolveURI(getCanonicalURI(str.trim(), false)).toString());
            }
            String str2 = parsePropertiesType.get("connect");
            if (str2 != null) {
                String trim = str2.trim();
                parsePropertiesType.remove("connect");
                resolveURIs3.add(resolveURI(getCanonicalURI(trim, true)));
            }
            LinkedList linkedList = new LinkedList();
            for (AuthorizationConstraintType authorizationConstraintType : serviceType.getAuthorizationConstraintArray()) {
                Collections.addAll(linkedList, authorizationConstraintType.getRequireRoleArray());
            }
            String[] strArr = (String[]) linkedList.toArray(new String[linkedList.size()]);
            HashMap hashMap2 = new HashMap();
            hashMap2.putAll(hashMap);
            for (MimeMappingType mimeMappingType2 : serviceType.getMimeMappingArray()) {
                hashMap2.put(mimeMappingType2.getExtension().toLowerCase(), mimeMappingType2.getMimeType());
            }
            HashMap hashMap3 = new HashMap();
            for (URI uri : resolveURIs) {
                int i = 0;
                CrossSiteConstraintType[] crossSiteConstraintArray = serviceType.getCrossSiteConstraintArray();
                for (CrossSiteConstraintType crossSiteConstraintType : crossSiteConstraintArray) {
                    String str3 = (String) crossSiteConstraintType.getAllowOrigin();
                    String allowMethods = crossSiteConstraintType.getAllowMethods();
                    String allowHeaders = crossSiteConstraintType.getAllowHeaders();
                    BigInteger maximumAge = crossSiteConstraintType.getMaximumAge();
                    Integer valueOf = maximumAge == null ? null : Integer.valueOf(maximumAge.intValue());
                    if (str3 == null) {
                        throw new IllegalArgumentException("Cross-site allow-origin is required");
                    }
                    if ("*".equals(str3)) {
                        i++;
                    } else {
                        URI canonicalURI = getCanonicalURI(str3, false);
                        str3 = canonicalURI.toString();
                        String scheme = canonicalURI.getScheme();
                        if (!"http".equals(scheme) && !"https".equals(scheme)) {
                            throw new IllegalArgumentException("Cross-site allow-origin must have URI syntax with http or https scheme");
                        }
                        if ((canonicalURI.getPath() != null && canonicalURI.getQuery() != null) || canonicalURI.getFragment() != null) {
                            throw new IllegalArgumentException("Cross-site allow-origin must have URI syntax without path, query or fragment");
                        }
                        if (canonicalURI.getPort() == -1) {
                            if ("http".equals(scheme)) {
                                str3 = str3 + ":80";
                            } else {
                                if (!"https".equals(scheme)) {
                                    throw new IllegalArgumentException("Unable to default port for scheme: \"" + scheme + "\"");
                                }
                                str3 = str3 + ":443";
                            }
                        }
                    }
                    if (allowMethods != null) {
                        for (String str4 : allowMethods.split(",")) {
                            HttpMethod.valueOf(str4);
                        }
                    } else {
                        allowMethods = "GET,POST";
                    }
                    Map map2 = (Map) hashMap3.get(uri);
                    if (map2 == null) {
                        map2 = new HashMap();
                        hashMap3.put(uri, map2);
                    }
                    arrayList.add(hashMap3);
                    if (((CrossSiteConstraintContext) map2.put(str3, new DefaultCrossSiteConstraintContext(str3, allowMethods, allowHeaders, valueOf))) != null) {
                        throw new IllegalArgumentException("Duplicate cross-site-constraint for service " + uri + " with allow-origin " + str3);
                    }
                }
                if (i > 0 && crossSiteConstraintArray.length > 1) {
                    throw new IllegalArgumentException("Conflicting cross site constraints specified for service \"" + uri + "\". Remove the wildcard to specify more restrictive cross site constraints");
                }
                String host = uri.getHost();
                if (host == null || host.isEmpty()) {
                    throw new IllegalArgumentException("Host is required for service \"" + uri + "\".");
                }
                if (linkedList.contains("*") && linkedList.size() > 1) {
                    throw new IllegalArgumentException("Conflicting security constraints specified for service \"" + uri + "\". Remove the wildcard to specify restricted roles");
                }
            }
            RealmContext realmContext = null;
            String realmName = serviceType.getRealmName();
            if (serviceType.isSetRealmName()) {
                realmContext = realmsContext.getRealmContext(realmName);
                if (realmContext == null) {
                    throw new IllegalArgumentException("Unrecognized realm name \"" + realmName + "\".");
                }
            }
            DefaultAcceptOptionsContext defaultAcceptOptionsContext = new DefaultAcceptOptionsContext(serviceType.getAcceptOptions(), serviceDefaultsType != null ? serviceDefaultsType.getAcceptOptions() : null);
            DefaultConnectOptionsContext defaultConnectOptionsContext = new DefaultConnectOptionsContext(serviceType.getConnectOptions(), serviceDefaultsType2 == null ? ServiceConnectOptionsType.Factory.newInstance() : serviceDefaultsType2.getConnectOptions());
            if (realmContext == null && linkedList.size() > 0) {
                throw new IllegalArgumentException("Authorization constraints require a specified realm-name for service \"" + description + "\"");
            }
            DefaultServiceContext defaultServiceContext = new DefaultServiceContext(type, name, description, newService, file, file2, resolveURIs2, resolveURIs, resolveURIs3, parsePropertiesType, strArr, hashMap2, hashMap3, clusterContext, defaultAcceptOptionsContext, defaultConnectOptionsContext, realmContext, null, schedulerProvider, supportsAccepts(type), supportsConnects(type), supportsMimeMappings(type), InternalSystemProperty.TCP_PROCESSOR_COUNT.getIntProperty(properties).intValue(), transportFactory, resourceAddressFactory);
            hashSet.add(defaultServiceContext);
            for (URI uri2 : resolveURIs) {
                String authority = uri2.getAuthority();
                if (authority.indexOf(58) == -1) {
                    uri2 = URI.create(uri2.getScheme() + "://" + (authority + ":" + supplySchemeConfig(uri2.getScheme()).getDefaultPort()) + uri2.getPath());
                }
                serviceRegistry.register(uri2, defaultServiceContext);
            }
        }
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            ((ServiceContext) it.next()).setListsOfAcceptConstraintsByURI(arrayList);
        }
        return hashSet;
    }

    private DefaultServiceProperties parsePropertiesType(ServicePropertiesType servicePropertiesType) {
        DefaultServiceProperties defaultServiceProperties = new DefaultServiceProperties();
        if (servicePropertiesType != null) {
            parseProperties(servicePropertiesType.getDomNode(), defaultServiceProperties);
        }
        return defaultServiceProperties;
    }

    private void parseProperties(Node node, ServiceProperties serviceProperties) {
        String nodeValue;
        NodeList childNodes = node.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (1 == item.getNodeType()) {
                NodeList childNodes2 = item.getChildNodes();
                String str = "";
                boolean z = true;
                int i2 = 0;
                while (true) {
                    if (i2 >= childNodes2.getLength()) {
                        break;
                    }
                    Node item2 = childNodes2.item(i2);
                    if (item2 != null) {
                        if (item2.getNodeType() == 1) {
                            z = false;
                            DefaultServiceProperties defaultServiceProperties = new DefaultServiceProperties();
                            serviceProperties.getNested(item.getLocalName(), true).add(defaultServiceProperties);
                            parseProperties(item, defaultServiceProperties);
                            break;
                        }
                        if (item2.getNodeType() == 3 && (nodeValue = item2.getNodeValue()) != null) {
                            str = str + nodeValue;
                        }
                    }
                    i2++;
                }
                if (z) {
                    serviceProperties.put(item.getLocalName(), str);
                }
            }
        }
    }

    private Collection<URI> resolveURIs(String[] strArr) throws URISyntaxException {
        HashSet hashSet = new HashSet();
        for (String str : strArr) {
            hashSet.add(resolveURI(getCanonicalURI(str, true)));
        }
        return hashSet;
    }

    private URI resolveURI(URI uri) throws URISyntaxException {
        String scheme = uri.getScheme();
        int defaultPort = supplySchemeConfig(scheme).getDefaultPort();
        if (uri.getPort() == -1) {
            if (defaultPort == -1) {
                LOGGER.error("Missing port number in URI \"" + uri + "\". You must include an explicit port number in this URI in your gateway configuration file.");
                throw new IllegalArgumentException("Missing port for URI \"" + uri + "\"");
            }
            if (defaultPort != 0) {
                uri = new URI(scheme, null, uri.getHost(), defaultPort, uri.getPath(), uri.getQuery(), uri.getFragment());
            }
        } else if (defaultPort == 0) {
            LOGGER.error("Port number not allowed in URI \"" + uri + "\". You must remove the port number from this URI in your gateway configuration file.");
            throw new IllegalArgumentException("Port not allowed in URI \"" + uri + "\"");
        }
        return uri;
    }

    private ClusterContext resolveCluster(ClusterType clusterType, SchedulerProvider schedulerProvider) {
        if (clusterType == null) {
            return new StandaloneClusterContext();
        }
        String name = clusterType.getName();
        if (name == null || name.trim().isEmpty()) {
            throw new IllegalArgumentException("Invalid name in the cluster configuration");
        }
        name.trim();
        final ClusterConnectOptionsType connectOptions = clusterType.getConnectOptions();
        ClusterConnectOptionsContext clusterConnectOptionsContext = new ClusterConnectOptionsContext() { // from class: org.kaazing.gateway.server.context.resolve.GatewayContextResolver.1
            public String getAwsSecretKey() {
                if (connectOptions == null) {
                    return null;
                }
                return connectOptions.getAwsSecretKey();
            }

            public String getAwsAccessKeyId() {
                if (connectOptions == null) {
                    return null;
                }
                return connectOptions.getAwsAccessKeyId();
            }
        };
        List<MemberId> processClusterMembers = processClusterMembers(clusterType.getAcceptArray(), "<accept>", null, -1);
        return new DefaultClusterContext(clusterType.getName(), processClusterMembers, processClusterMembers(clusterType.getConnectArray(), "<connect>", connectOptions, processClusterMembers.size() > 0 ? processClusterMembers.get(0).getPort() : -1), schedulerProvider, clusterConnectOptionsContext);
    }

    private List<MemberId> processClusterMembers(String[] strArr, String str, ClusterConnectOptionsType clusterConnectOptionsType, int i) {
        ArrayList arrayList = new ArrayList();
        if (strArr != null) {
            for (String str2 : strArr) {
                try {
                    URI canonicalURI = getCanonicalURI(str2, true);
                    String scheme = canonicalURI.getScheme();
                    if (!scheme.equals("tcp") && !scheme.equals("udp") && !scheme.equals("aws")) {
                        GL.error("ha", "Unrecognized scheme {} for {} in {}", new Object[]{canonicalURI.getScheme(), str, str2});
                        throw new IllegalArgumentException("Invalid scheme " + canonicalURI.getScheme() + " in the URL for " + str + " in " + str2);
                    }
                    int port = canonicalURI.getPort();
                    if (port == -1) {
                        GL.error("ha", "Port number is missing while processing {} for {}", new Object[]{str, str2});
                        throw new IllegalArgumentException("Invalid port number specified for " + str + ": " + str2);
                    }
                    String host = canonicalURI.getHost();
                    if (scheme.equals("aws")) {
                        validateAwsClusterDiscovery(canonicalURI, clusterConnectOptionsType, str, i, strArr.length);
                    }
                    arrayList.add(new MemberId(scheme, host, port, canonicalURI.getPath()));
                } catch (IllegalArgumentException e) {
                    GL.error("ha", "Unrecognized {} url {} resulted in exception {}", new Object[]{str, str2, e});
                    throw new IllegalArgumentException("Invalid URL in the cluster configuration:" + str2, e);
                }
            }
        }
        return arrayList;
    }

    private void validateAwsClusterDiscovery(URI uri, ClusterConnectOptionsType clusterConnectOptionsType, String str, int i, int i2) {
        if (!AwsUtils.isDeployedToAWS() || !str.equals("<connect>")) {
            GL.error("ha", "Unrecognized scheme {} for {} in {}", new Object[]{uri.getScheme(), str, uri.toString()});
            throw new IllegalStateException("Invalid scheme " + uri.getScheme() + " in the URL for " + str + " in " + uri.toString());
        }
        if (clusterConnectOptionsType == null) {
            GL.error("ha", "Missing <connect-options> in the <cluster> when using auto-discovery", new Object[0]);
            throw new IllegalStateException("Missing <connect-options> in <cluster> when using auto-discovery");
        }
        if (i2 > 1) {
            GL.error("ha", "Only one {} element should  be specified in <cluster> for auto-discovery", new Object[]{str});
            throw new IllegalStateException("Only one <connect> tag should be specified in <cluster> for auto-discovery");
        }
        if (i != uri.getPort()) {
            GL.error("ha", "Mismatch in port numbers {} and {}", new Object[]{Integer.valueOf(i), Integer.valueOf(uri.getPort())});
            throw new IllegalArgumentException("Port numbers on the network interface in <accept> and the member in <connect> do not match");
        }
        String scheme = uri.getScheme();
        if (!scheme.equalsIgnoreCase("aws")) {
            throw new IllegalStateException("Invalid scheme '" + scheme + "' specified in the URI " + uri.toString() + " instead of 'aws:'");
        }
        String host = uri.getHost();
        if (!host.equalsIgnoreCase("security-group")) {
            throw new IllegalStateException("Invalid host '" + host + "' specified in the URI " + uri.toString() + " instead of 'security-group'");
        }
        String awsAccessKeyId = clusterConnectOptionsType.getAwsAccessKeyId();
        String awsSecretKey = clusterConnectOptionsType.getAwsSecretKey();
        if (awsAccessKeyId == null) {
            GL.error("ha", "Missing <aws.access-key-id> element in <connect-options>", new Object[0]);
            throw new IllegalStateException("Missing <aws.access-key-id> element in the <connect-options>");
        }
        if (awsSecretKey == null) {
            GL.error("ha", "Missing <aws.secret-key> element in <connect-options>", new Object[0]);
            throw new IllegalStateException("Missing <aws.secret-key> element in the <connect-options>");
        }
    }

    private RealmsContext resolveRealms(SecurityType securityType, SecurityContext securityContext, Properties properties) {
        HashMap hashMap = new HashMap();
        if (securityType != null) {
            for (RealmType realmType : securityType.getRealmArray()) {
                String name = realmType.getName();
                if (hashMap.get(name) != null) {
                    throw new RuntimeException(String.format("Found %s duplicate <realm> elements in <security> element", name));
                }
                String description = realmType.getDescription();
                String[] userPrincipalClassArray = realmType.getUserPrincipalClassArray();
                AuthenticationType authentication = realmType.getAuthentication();
                DefaultAuthenticationContext defaultAuthenticationContext = authentication != null ? new DefaultAuthenticationContext(authentication.getHttpChallengeScheme().toString(), authentication.getHttpHeaderArray(), authentication.getHttpQueryParameterArray(), authentication.getHttpCookieArray(), resolveAuthorizationMode(authentication.getAuthorizationMode()), authentication.getSessionTimeout()) : null;
                LoginModuleType[] loginModuleArray = authentication == null ? new LoginModuleType[0] : authentication.isSetLoginModules() ? authentication.getLoginModules().getLoginModuleArray() : new LoginModuleType[0];
                LinkedList linkedList = new LinkedList();
                for (LoginModuleType loginModuleType : loginModuleArray) {
                    String type = loginModuleType.getType();
                    String str = loginModuleType.getSuccess().toString();
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("GATEWAY_CONFIG_DIRECTORY", properties.getProperty("GATEWAY_CONFIG_DIRECTORY"));
                    LoginModuleOptionsType options = loginModuleType.getOptions();
                    if (options != null) {
                        NodeList childNodes = options.getDomNode().getChildNodes();
                        for (int i = 0; i < childNodes.getLength(); i++) {
                            Node item = childNodes.item(i);
                            if (1 == item.getNodeType()) {
                                hashMap2.put(item.getLocalName(), item.getChildNodes().item(0).getNodeValue());
                            }
                        }
                    }
                    AppConfigurationEntry.LoginModuleControlFlag loginModuleControlFlag = this.loginModuleControlFlags.get(str);
                    if (loginModuleControlFlag == null) {
                        throw new IllegalArgumentException("Unrecognized login module type: " + type);
                    }
                    if (type.startsWith("class:")) {
                        String substring = type.substring("class:".length());
                        try {
                            Thread.currentThread().getContextClassLoader().loadClass(substring);
                            linkedList.add(new AppConfigurationEntry(substring, loginModuleControlFlag, hashMap2));
                        } catch (ClassNotFoundException e) {
                            throw new IllegalArgumentException("Unable to find the login module class: " + substring, e);
                        }
                    } else {
                        String loginModuleClass = getLoginModuleClass(type);
                        if (loginModuleClass == null) {
                            throw new IllegalArgumentException("Unrecognized login module type: " + type);
                        }
                        linkedList.add(new AppConfigurationEntry(loginModuleClass, loginModuleControlFlag, hashMap2));
                    }
                }
                updateLoginModuleConfigurationEntries(securityType, authentication, defaultAuthenticationContext, linkedList, properties);
                hashMap.put(name, new DefaultRealmContext(name, description, userPrincipalClassArray, new SingletonConfiguration(name, linkedList), defaultAuthenticationContext));
            }
        }
        return new DefaultRealmsContext(Collections.unmodifiableMap(hashMap));
    }

    private void updateLoginModuleConfigurationEntries(SecurityType securityType, AuthenticationType authenticationType, AuthenticationContext authenticationContext, List<AppConfigurationEntry> list, Properties properties) {
        if (authenticationContext != null) {
            String httpChallengeScheme = authenticationContext.getHttpChallengeScheme();
            if (httpChallengeScheme.startsWith("Application ")) {
                httpChallengeScheme = httpChallengeScheme.substring("Application ".length());
            }
            if (AUTH_SCHEME_BASIC.equals(httpChallengeScheme)) {
                HashMap hashMap = new HashMap();
                hashMap.put("tryFirstToken", "true");
                list.add(0, new AppConfigurationEntry(BasicLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, hashMap));
            }
            if (AUTH_SCHEME_NEGOTIATE.equals(httpChallengeScheme)) {
                HashMap hashMap2 = new HashMap();
                hashMap2.put("tryFirstToken", "true");
                list.add(0, new AppConfigurationEntry(NegotiateLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, hashMap2));
            }
            if (authenticationType.isSetSessionTimeout()) {
                HashMap hashMap3 = new HashMap();
                if (authenticationType.isSetSessionTimeout()) {
                    hashMap3.put("session-timeout", resolveTimeIntervalValue(authenticationType.getSessionTimeout()));
                }
                list.add(0, new AppConfigurationEntry(TimeoutLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, hashMap3));
            }
        }
    }

    private String resolveTimeIntervalValue(String str) {
        long parseTimeInterval = Utils.parseTimeInterval(str, TimeUnit.SECONDS, 0L);
        if (parseTimeInterval == 0) {
            return null;
        }
        return String.valueOf(parseTimeInterval);
    }

    private String resolveAuthorizationMode(AuthenticationType.AuthorizationMode.Enum r3) {
        return r3 == null ? AUTHORIZATION_MODE_CHALLENGE : r3.toString();
    }

    private Map<String, Object> resolveDependencyContext() {
        HashMap hashMap = new HashMap();
        Iterator it = ServiceLoader.load(DependencyContext.class).iterator();
        while (it.hasNext()) {
            DependencyContext dependencyContext = (DependencyContext) it.next();
            hashMap.put(dependencyContext.getName(), dependencyContext);
        }
        return hashMap;
    }

    private String getLoginModuleClass(String str) {
        String str2 = this.loginModuleClassNames.get(str);
        if (str2 == null) {
            str2 = findLoginModuleClass(str);
            this.loginModuleClassNames.put(str, str2);
        }
        return str2;
    }

    private String findLoginModuleClass(String str) {
        URL resource = Thread.currentThread().getContextClassLoader().getResource("META-INF/services/" + Gateway.class.getPackage().getName().replace('.', '/') + "/loginModule/" + str);
        if (resource == null) {
            throw new IllegalArgumentException("Unrecognized login module type: " + str);
        }
        try {
            Properties properties = new Properties();
            properties.load(resource.openStream());
            String property = properties.getProperty("class");
            if (property != null) {
                return property;
            }
            throw new IllegalArgumentException("Unrecognized login module type: " + str);
        } catch (Exception e) {
            throw new IllegalArgumentException("Unrecognized login module type: " + str, e);
        }
    }

    private DefaultSchemeConfig findSchemeConfig(String str) {
        URL resource = Thread.currentThread().getContextClassLoader().getResource("META-INF/services/" + Gateway.class.getPackage().getName().replace('.', '/') + "/scheme/" + str);
        if (resource == null) {
            return null;
        }
        try {
            Properties properties = new Properties();
            properties.load(resource.openStream());
            String property = properties.getProperty("transport");
            String property2 = properties.getProperty("port");
            DefaultSchemeConfig defaultSchemeConfig = new DefaultSchemeConfig();
            defaultSchemeConfig.setName(str);
            defaultSchemeConfig.setTransportName(property);
            if (property2 != null) {
                defaultSchemeConfig.setDefaultPort(Integer.parseInt(property2));
            }
            return defaultSchemeConfig;
        } catch (Exception e) {
            return null;
        }
    }

    private Map<String, DefaultTransportContext> resolveTransports(TransportFactory transportFactory) throws Exception {
        for (String str : transportFactory.getTransportNames()) {
            Transport transport = transportFactory.getTransport(str);
            this.transportContextsByName.put(str, new DefaultTransportContext(str, transport.getAcceptor(), transport.getConnector()));
        }
        return this.transportContextsByName;
    }

    private boolean supportsAccepts(String str) {
        return (str.equals("management.jmx") || str.equals("$management.jmx$")) ? false : true;
    }

    private boolean supportsConnects(String str) {
        return (str.equals("jms") || str.equals("echo") || str.equals("management.jmx") || str.equals("$management.jmx$") || str.equals("management.snmp") || str.equals("$management.snmp$") || str.equals("directory")) ? false : true;
    }

    private boolean supportsMimeMappings(String str) {
        return str.equals("directory");
    }

    private void injectResources(Collection<ServiceContext> collection, BridgeServiceFactory bridgeServiceFactory, Map<String, Object> map, Map<String, Object> map2) {
        for (DefaultTransportContext defaultTransportContext : this.transportContextsByName.values()) {
            BridgeAcceptor acceptor = defaultTransportContext.getAcceptor();
            if (acceptor != null) {
                map2.put(defaultTransportContext.getName() + ".acceptor", acceptor);
            }
            BridgeConnector connector = defaultTransportContext.getConnector();
            if (connector != null) {
                map2.put(defaultTransportContext.getName() + ".connector", connector);
            }
        }
        for (DefaultTransportContext defaultTransportContext2 : this.transportContextsByName.values()) {
            injectResources(defaultTransportContext2.getAcceptor(), map2);
            injectResources(defaultTransportContext2.getConnector(), map2);
        }
        Iterator<ServiceContext> it = collection.iterator();
        while (it.hasNext()) {
            injectResources(it.next().getService(), map2);
        }
        injectResources(bridgeServiceFactory, map2);
        Iterator<Object> it2 = map.values().iterator();
        while (it2.hasNext()) {
            injectResources(it2.next(), map2);
        }
    }

    private void injectResources(Object obj, Map<String, Object> map) {
        if (obj == null) {
            return;
        }
        for (Method method : obj.getClass().getMethods()) {
            Resource annotation = method.getAnnotation(Resource.class);
            if (annotation != null) {
                String name = annotation.name();
                try {
                    method.invoke(obj, map.get(name));
                } catch (Exception e) {
                    LOGGER.warn("Error while injecting named " + name + " resource", e);
                }
            }
        }
    }

    public static URI getCanonicalURI(String str, boolean z) {
        if (str == null || "".equals(str)) {
            return null;
        }
        return getCanonicalURI(URI.create(str), z);
    }

    public static URI getCanonicalURI(URI uri, boolean z) {
        URI uri2 = uri;
        if (uri != null) {
            String host = uri.getHost();
            String path = uri.getPath();
            boolean z2 = z && (path == null || "".equals(path));
            boolean equals = "/".equals(path);
            String scheme = uri.getScheme();
            boolean z3 = "ssl".equals(scheme) || "tcp".equals(scheme) || "pipe".equals(scheme) || "udp".equals(scheme);
            String str = equals && z3 ? "" : z2 ? z3 ? null : "/" : null;
            if ((host != null && !host.equals(host.toLowerCase())) || str != null) {
                try {
                    uri2 = new URI(scheme, uri.getUserInfo(), host == null ? null : host.toLowerCase(), uri.getPort(), str == null ? path : str, uri.getQuery(), uri.getFragment());
                } catch (URISyntaxException e) {
                    throw new IllegalArgumentException("Invalid URI: " + uri + " in Gateway configuration file", e);
                }
            }
        }
        return uri2;
    }

    static {
        defaultMimeMappings.put("html", "text/html");
        defaultMimeMappings.put("htm", "text/html");
        defaultMimeMappings.put("js", "text/javascript");
        defaultMimeMappings.put("png", "image/png");
        defaultMimeMappings.put("gif", "image/gif");
        defaultMimeMappings.put("jpg", "image/jpeg");
        defaultMimeMappings.put("jpeg", "image/jpeg");
        defaultMimeMappings.put("css", "text/css");
        defaultMimeMappings.put("swf", "application/x-shockwave-flash");
        defaultMimeMappings.put("xap", "application/x-silverlight-app");
        defaultMimeMappings.put("htc", "text/x-component");
        defaultMimeMappings.put("jnlp", "application/x-java-jnlp-file");
        defaultMimeMappings.put("manifest", "text/cache-manifest");
        defaultMimeMappings.put("appcache", "text/cache-manifest");
        defaultMimeMappings.put("vtt", "text/vtt");
        defaultMimeMappings.put("aspx", "text/html");
    }
}
