package de.rwh.utils.jetty;

import de.rwh.utils.crypto.CertificateCheckerImpl;
import de.rwh.utils.crypto.CertificateHelper;
import de.rwh.utils.crypto.io.CertificateReader;
import java.io.File;
import java.io.IOException;
import java.io.Writer;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.EnumSet;
import java.util.Enumeration;
import java.util.List;
import java.util.Objects;
import java.util.Properties;
import java.util.concurrent.Executors;
import java.util.function.Function;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.DispatcherType;
import javax.servlet.Filter;
import javax.servlet.http.HttpServletRequest;
import org.eclipse.jetty.annotations.AnnotationConfiguration;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.ErrorHandler;
import org.eclipse.jetty.util.resource.PathResource;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.Configuration;
import org.eclipse.jetty.webapp.WebAppContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/rwh/utils/jetty/JettyServer.class */
public class JettyServer extends Server {
    private static final String PROPERTY_JETTY_HOST = "jetty.host";
    private static final String PROPERTY_JETTY_HOST_DEFAULT = "localhost";
    private static final String PROPERTY_JETTY_PORT = "jetty.port";
    private static final String PROPERTY_JETTY_PORT_HTTP_DEFAULT = "8080";
    private static final String PROPERTY_JETTY_PORT_HTTPS_DEFAULT = "8443";
    private static final String PROPERTY_JETTY_TRUSTSTORE_PEM = "jetty.truststore.pem";
    private static final String PROPERTY_JETTY_KEYSTORE_P12 = "jetty.keystore.p12";
    private static final String PROPERTY_JETTY_KEYSTORE_PASSWORD = "jetty.keystore.password";
    private static final String PROPERTY_JETTY_NEEDCLIENTAUTH = "jetty.needclientauth";
    private static final String PROPERTY_JETTY_NEEDCLIENTAUTH_DEFAULT = "false";
    private static final String PROPERTY_JETTY_CLIENT_CERT_HEADER = "jetty.clientcertheader";
    private static final String PROPERTY_JETTY_CLIENT_CERT_HEADER_DEFAULT = "X-ClientCert";
    private static final Logger logger = LoggerFactory.getLogger(JettyServer.class);
    private final ContextHandler.Context servletContext;
    private final WebAppContext webAppContext;

    public static Function<Server, ServerConnector> httpsConnector(HttpConfiguration httpConfiguration, Properties properties) {
        try {
            String property = properties.getProperty(PROPERTY_JETTY_HOST, PROPERTY_JETTY_HOST_DEFAULT);
            int parseInt = Integer.parseInt(properties.getProperty(PROPERTY_JETTY_PORT, PROPERTY_JETTY_PORT_HTTPS_DEFAULT));
            Path path = Paths.get(properties.getProperty(PROPERTY_JETTY_TRUSTSTORE_PEM), new String[0]);
            Path path2 = Paths.get(properties.getProperty(PROPERTY_JETTY_KEYSTORE_P12), new String[0]);
            char[] charArray = toCharArray(properties.getProperty(PROPERTY_JETTY_KEYSTORE_PASSWORD));
            boolean parseBoolean = Boolean.parseBoolean(properties.getProperty(PROPERTY_JETTY_NEEDCLIENTAUTH, PROPERTY_JETTY_NEEDCLIENTAUTH_DEFAULT));
            KeyStore allFromCer = CertificateReader.allFromCer(path);
            KeyStore fromPkcs12 = CertificateReader.fromPkcs12(path2, charArray);
            checkServerCert(allFromCer, fromPkcs12);
            return httpsConnector(httpConfiguration, property, parseInt, allFromCer, fromPkcs12, charArray, parseBoolean);
        } catch (IOException | NumberFormatException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new RuntimeException(e);
        }
    }

    private static char[] toCharArray(String str) {
        if (str == null) {
            return null;
        }
        return str.toCharArray();
    }

    private static void checkServerCert(KeyStore keyStore, KeyStore keyStore2) throws KeyStoreException {
        CertificateCheckerImpl certificateCheckerImpl = new CertificateCheckerImpl(Executors.newScheduledThreadPool(1, runnable -> {
            return new Thread(runnable, "LoggerScheduledExecutorServiceJetty");
        }));
        Enumeration<String> aliases = keyStore2.aliases();
        while (aliases.hasMoreElements()) {
            Certificate certificate = keyStore2.getCertificate(aliases.nextElement());
            if (certificate instanceof X509Certificate) {
                certificateCheckerImpl.checkServerCertificateAndScheduleWarning(keyStore, (X509Certificate) certificate);
            }
        }
    }

    private static void logCertificateConfig(int i, KeyStore keyStore, KeyStore keyStore2) {
        if (logger.isDebugEnabled()) {
            try {
                logger.debug("Using TrustStore for https connector {} with: {}", Integer.valueOf(i), CertificateHelper.listCertificateSubjectNames(keyStore));
                logger.debug("Using KeyStore for https connector {} with: {}", Integer.valueOf(i), CertificateHelper.listCertificateSubjectNames(keyStore2));
            } catch (KeyStoreException e) {
                logger.warn("Error while printing TrustStore/KeyStore config", e);
            }
        }
    }

    public static Function<Server, ServerConnector> httpsConnector(HttpConfiguration httpConfiguration, String str, int i, KeyStore keyStore, KeyStore keyStore2, char[] cArr, boolean z) {
        return server -> {
            logCertificateConfig(i, keyStore, keyStore2);
            SslContextFactory.Server server = new SslContextFactory.Server();
            server.setTrustStore(keyStore);
            server.setKeyStore(keyStore2);
            server.setKeyStorePassword(String.valueOf(cArr));
            server.setNeedClientAuth(z);
            ServerConnector serverConnector = new ServerConnector(server, new ConnectionFactory[]{new SslConnectionFactory(server, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration)});
            serverConnector.setHost(str);
            serverConnector.setPort(i);
            return serverConnector;
        };
    }

    public static Function<Server, ServerConnector> httpConnector(HttpConfiguration httpConfiguration, Properties properties) {
        return httpConnector(httpConfiguration, properties.getProperty(PROPERTY_JETTY_HOST, PROPERTY_JETTY_HOST_DEFAULT), Integer.parseInt(properties.getProperty(PROPERTY_JETTY_PORT, PROPERTY_JETTY_PORT_HTTP_DEFAULT)));
    }

    public static Function<Server, ServerConnector> httpConnector(HttpConfiguration httpConfiguration, String str, int i) {
        return server -> {
            ServerConnector serverConnector = new ServerConnector(server, new ConnectionFactory[]{new HttpConnectionFactory(httpConfiguration)});
            serverConnector.setHost(str);
            serverConnector.setPort(i);
            return serverConnector;
        };
    }

    public static HttpConfiguration httpConfiguration() {
        return httpConfiguration(null);
    }

    public static HttpConfiguration httpConfiguration(HttpConfiguration.Customizer customizer) {
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setSendServerVersion(false);
        httpConfiguration.setSendXPoweredBy(false);
        httpConfiguration.setSendDateHeader(false);
        if (customizer != null) {
            httpConfiguration.addCustomizer(customizer);
        }
        return httpConfiguration;
    }

    public static SecureRequestCustomizer secureRequestCustomizer(Properties properties) {
        return new SecureRequestCustomizer();
    }

    public static ForwardedSecureRequestCustomizer forwardedSecureRequestCustomizer(Properties properties) {
        return new ForwardedSecureRequestCustomizer(properties.getProperty(PROPERTY_JETTY_CLIENT_CERT_HEADER, PROPERTY_JETTY_CLIENT_CERT_HEADER_DEFAULT));
    }

    public static Stream<String> webInfJars(Predicate<String> predicate) {
        return classPathEntries().filter(str -> {
            return str.endsWith(".jar");
        }).filter(predicate);
    }

    public static Stream<String> webInfClassesDirs(Predicate<String> predicate) {
        return classPathEntries().filter(str -> {
            return str.contains("classes") || str.contains("test-classes");
        }).filter(predicate);
    }

    public static Stream<String> classPathEntries() {
        return Arrays.stream(System.getProperty("java.class.path").split(File.pathSeparator));
    }

    public static String pathStringFromURI(String str) {
        try {
            URI uri = new URI(str);
            return uri.getScheme() == null ? Paths.get(str, new String[0]).toString() : Paths.get(uri).toString();
        } catch (URISyntaxException e) {
            throw new RuntimeException(e);
        }
    }

    public static ErrorHandler defaultErrorHandler() {
        return new ErrorHandler();
    }

    public static ErrorHandler statusCodeOnlyErrorHandler() {
        return new ErrorHandler() { // from class: de.rwh.utils.jetty.JettyServer.1
            protected void writeErrorPage(HttpServletRequest httpServletRequest, Writer writer, int i, String str, boolean z) throws IOException {
            }
        };
    }

    @SafeVarargs
    public JettyServer(Function<Server, ServerConnector> function, ErrorHandler errorHandler, String str, List<Class<?>> list, Properties properties, Stream<String> stream, Stream<String> stream2, Class<? extends Filter>... clsArr) {
        this((List<Function<Server, ServerConnector>>) Collections.singletonList(function), errorHandler, str, list, properties, stream, stream2, clsArr);
    }

    @SafeVarargs
    public JettyServer(List<Function<Server, ServerConnector>> list, ErrorHandler errorHandler, String str, List<Class<?>> list2, Properties properties, Stream<String> stream, Stream<String> stream2, Class<? extends Filter>... clsArr) {
        WebAppContext webAppContext = new WebAppContext();
        webAppContext.setLogUrlOnStart(true);
        webAppContext.setThrowUnavailableOnStartupException(true);
        if (properties != null) {
            properties.forEach((obj, obj2) -> {
                webAppContext.setInitParameter(Objects.toString(obj), Objects.toString(obj2));
            });
            logger.debug("InitParams: {}", webAppContext.getInitParams());
        }
        webAppContext.setContextPath(str);
        webAppContext.setAttribute("org.eclipse.jetty.containerInitializerOrder", ((String) list2.stream().map(cls -> {
            return cls.getName();
        }).collect(Collectors.joining(", "))) + ", *");
        webAppContext.setConfigurations(new Configuration[]{new AnnotationConfiguration()});
        webAppContext.setAttribute("org.eclipse.jetty.server.webapp.WebInfIncludeJarPattern", "");
        stream2.map(str2 -> {
            return Paths.get(str2, new String[0]);
        }).filter(path -> {
            boolean isReadable = Files.isReadable(path);
            if (!isReadable) {
                logger.warn("Classpath entry '{}' not readable", path);
            }
            return isReadable;
        }).map(PathResource::new).forEach(pathResource -> {
            webAppContext.getMetaData().addWebInfJar(pathResource);
        });
        webAppContext.getMetaData().setWebInfClassesDirs((List) stream.map(str3 -> {
            return Paths.get(str3, new String[0]);
        }).filter(Files::isReadable).map(PathResource::new).collect(Collectors.toList()));
        logger.info("Web inf classes: dirs {}", webAppContext.getMetaData().getWebInfClassesDirs());
        logger.info("Web inf classes: jars {}", webAppContext.getMetaData().getWebInfJars());
        for (Class<? extends Filter> cls2 : clsArr) {
            logger.info("Adding filter: {}", cls2.getName());
            webAppContext.addFilter(cls2, "/*", EnumSet.allOf(DispatcherType.class));
        }
        list.forEach(function -> {
            addConnector((Connector) function.apply(this));
        });
        setHandler(webAppContext);
        setStopAtShutdown(true);
        addBean(errorHandler);
        webAppContext.setErrorHandler(errorHandler);
        this.servletContext = webAppContext.getServletContext();
        this.webAppContext = webAppContext;
    }

    public ContextHandler.Context getServletContext() {
        return this.servletContext;
    }

    public WebAppContext getWebAppContext() {
        return this.webAppContext;
    }

    public static void start(JettyServer jettyServer) {
        try {
            jettyServer.start();
            jettyServer.join();
        } catch (Throwable th) {
            th.printStackTrace();
            try {
                jettyServer.stop();
                System.exit(1);
            } catch (Exception e) {
                e.printStackTrace();
                System.exit(2);
            }
        }
    }
}
