package com.yammer.dropwizard.config;

import ch.qos.logback.classic.ClassicConstants;
import com.google.common.base.Optional;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import com.sun.jersey.spi.container.servlet.ServletContainer;
import com.yammer.dropwizard.jersey.JacksonMessageBodyProvider;
import com.yammer.dropwizard.jetty.BiDiGzipHandler;
import com.yammer.dropwizard.jetty.UnbrandedErrorHandler;
import com.yammer.dropwizard.servlets.ThreadNameFilter;
import com.yammer.dropwizard.tasks.TaskServlet;
import com.yammer.dropwizard.util.Duration;
import com.yammer.metrics.HealthChecks;
import com.yammer.metrics.core.HealthCheck;
import com.yammer.metrics.jetty.InstrumentedBlockingChannelConnector;
import com.yammer.metrics.jetty.InstrumentedHandler;
import com.yammer.metrics.jetty.InstrumentedQueuedThreadPool;
import com.yammer.metrics.jetty.InstrumentedSelectChannelConnector;
import com.yammer.metrics.jetty.InstrumentedSocketConnector;
import com.yammer.metrics.jetty.InstrumentedSslSelectChannelConnector;
import com.yammer.metrics.jetty.InstrumentedSslSocketConnector;
import com.yammer.metrics.reporting.AdminServlet;
import com.yammer.metrics.util.DeadlockHealthCheck;
import java.io.File;
import java.net.URI;
import java.security.KeyStore;
import java.util.EnumSet;
import java.util.EventListener;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.DispatcherType;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.security.SecurityHandler;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.server.AbstractConnector;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.bio.SocketConnector;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.nio.AbstractNIOConnector;
import org.eclipse.jetty.server.nio.SelectChannelConnector;
import org.eclipse.jetty.server.ssl.SslConnector;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.security.Credential;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.util.thread.ThreadPool;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/yammer/dropwizard/config/ServerFactory.class */
public class ServerFactory {
    private static final Logger LOGGER = LoggerFactory.getLogger(ServerFactory.class);
    private final HttpConfiguration config;
    private final RequestLogHandlerFactory requestLogHandlerFactory;

    public ServerFactory(HttpConfiguration httpConfiguration, String str) {
        this.config = httpConfiguration;
        this.requestLogHandlerFactory = new RequestLogHandlerFactory(httpConfiguration.getRequestLogConfiguration(), str);
    }

    public Server buildServer(Environment environment) throws ConfigurationException {
        HealthChecks.defaultRegistry().register(new DeadlockHealthCheck());
        Iterator it = environment.getHealthChecks().iterator();
        while (it.hasNext()) {
            HealthChecks.defaultRegistry().register((HealthCheck) it.next());
        }
        if (environment.getHealthChecks().isEmpty()) {
            LOGGER.warn("\n!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n!    THIS SERVICE HAS NO HEALTHCHECKS. THIS MEANS YOU WILL NEVER KNOW IF IT    !\n!    DIES IN PRODUCTION, WHICH MEANS YOU WILL NEVER KNOW IF YOU'RE LETTING     !\n!     YOUR USERS DOWN. YOU SHOULD ADD A HEALTHCHECK FOR EACH DEPENDENCY OF     !\n!     YOUR SERVICE WHICH FULLY (BUT LIGHTLY) TESTS YOUR SERVICE'S ABILITY TO   !\n!      USE THAT SERVICE. THINK OF IT AS A CONTINUOUS INTEGRATION TEST.         !\n!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
        }
        Server createServer = createServer();
        createServer.setHandler(createHandler(environment));
        createServer.addBean(environment);
        return createServer;
    }

    private Server createServer() {
        Server server = new Server();
        server.addConnector(createExternalConnector());
        if (this.config.getAdminPort() == 0 || this.config.getAdminPort() != this.config.getPort()) {
            server.addConnector(createInternalConnector());
        }
        server.addBean(new UnbrandedErrorHandler());
        server.setSendDateHeader(this.config.isDateHeaderEnabled());
        server.setSendServerVersion(this.config.isServerHeaderEnabled());
        server.setThreadPool(createThreadPool());
        server.setStopAtShutdown(true);
        server.setGracefulShutdown((int) this.config.getShutdownGracePeriod().toMilliseconds());
        return server;
    }

    private Connector createExternalConnector() {
        AbstractConnector createConnector = createConnector(this.config.getPort());
        createConnector.setHost(this.config.getBindHost().orNull());
        createConnector.setAcceptors(this.config.getAcceptorThreads());
        createConnector.setForwarded(this.config.useForwardedHeaders());
        createConnector.setMaxIdleTime((int) this.config.getMaxIdleTime().toMilliseconds());
        createConnector.setLowResourcesMaxIdleTime((int) this.config.getLowResourcesMaxIdleTime().toMilliseconds());
        createConnector.setAcceptorPriorityOffset(this.config.getAcceptorThreadPriorityOffset());
        createConnector.setAcceptQueueSize(this.config.getAcceptQueueSize());
        createConnector.setMaxBuffers(this.config.getMaxBufferCount());
        createConnector.setRequestBufferSize((int) this.config.getRequestBufferSize().toBytes());
        createConnector.setRequestHeaderSize((int) this.config.getRequestHeaderBufferSize().toBytes());
        createConnector.setResponseBufferSize((int) this.config.getResponseBufferSize().toBytes());
        createConnector.setResponseHeaderSize((int) this.config.getResponseHeaderBufferSize().toBytes());
        createConnector.setReuseAddress(this.config.isReuseAddressEnabled());
        Optional<Duration> soLingerTime = this.config.getSoLingerTime();
        if (soLingerTime.isPresent()) {
            createConnector.setSoLingerTime((int) soLingerTime.get().toMilliseconds());
        }
        createConnector.setPort(this.config.getPort());
        createConnector.setName("main");
        return createConnector;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v19, types: [com.yammer.metrics.jetty.InstrumentedBlockingChannelConnector] */
    /* JADX WARN: Type inference failed for: r0v4, types: [com.yammer.metrics.jetty.InstrumentedSelectChannelConnector] */
    /* JADX WARN: Type inference failed for: r0v5, types: [com.yammer.metrics.jetty.InstrumentedSslSocketConnector] */
    /* JADX WARN: Type inference failed for: r0v6, types: [com.yammer.metrics.jetty.InstrumentedSocketConnector] */
    private AbstractConnector createConnector(int i) {
        InstrumentedSslSelectChannelConnector instrumentedSslSelectChannelConnector;
        switch (this.config.getConnectorType()) {
            case BLOCKING:
                instrumentedSslSelectChannelConnector = new InstrumentedBlockingChannelConnector(i);
                break;
            case LEGACY:
                instrumentedSslSelectChannelConnector = new InstrumentedSocketConnector(i);
                break;
            case LEGACY_SSL:
                instrumentedSslSelectChannelConnector = new InstrumentedSslSocketConnector(i);
                break;
            case NONBLOCKING:
                instrumentedSslSelectChannelConnector = new InstrumentedSelectChannelConnector(i);
                break;
            case NONBLOCKING_SSL:
                instrumentedSslSelectChannelConnector = new InstrumentedSslSelectChannelConnector(i);
                break;
            default:
                throw new IllegalStateException("Invalid connector type: " + this.config.getConnectorType());
        }
        if (instrumentedSslSelectChannelConnector instanceof SslConnector) {
            configureSslContext(instrumentedSslSelectChannelConnector.getSslContextFactory());
        }
        if (instrumentedSslSelectChannelConnector instanceof SelectChannelConnector) {
            instrumentedSslSelectChannelConnector.setLowResourcesConnections(this.config.getLowResourcesConnectionThreshold());
        }
        if (instrumentedSslSelectChannelConnector instanceof AbstractNIOConnector) {
            instrumentedSslSelectChannelConnector.setUseDirectBuffers(this.config.useDirectBuffers());
        }
        return instrumentedSslSelectChannelConnector;
    }

    private void configureSslContext(SslContextFactory sslContextFactory) {
        SslConfiguration sslConfiguration = this.config.getSslConfiguration();
        Iterator<File> it = sslConfiguration.getKeyStore().asSet().iterator();
        while (it.hasNext()) {
            sslContextFactory.setKeyStorePath(it.next().getAbsolutePath());
        }
        Iterator<String> it2 = sslConfiguration.getKeyStorePassword().asSet().iterator();
        while (it2.hasNext()) {
            sslContextFactory.setKeyStorePassword(it2.next());
        }
        Iterator<String> it3 = sslConfiguration.getKeyManagerPassword().asSet().iterator();
        while (it3.hasNext()) {
            sslContextFactory.setKeyManagerPassword(it3.next());
        }
        Iterator<String> it4 = sslConfiguration.getCertAlias().asSet().iterator();
        while (it4.hasNext()) {
            sslContextFactory.setCertAlias(it4.next());
        }
        String keyStoreType = sslConfiguration.getKeyStoreType();
        if (keyStoreType.startsWith("Windows-")) {
            try {
                KeyStore keyStore = KeyStore.getInstance(keyStoreType);
                keyStore.load(null, null);
                sslContextFactory.setKeyStore(keyStore);
            } catch (Exception e) {
                throw new IllegalStateException("Windows key store not supported", e);
            }
        } else {
            sslContextFactory.setKeyStoreType(keyStoreType);
        }
        Iterator<File> it5 = sslConfiguration.getTrustStore().asSet().iterator();
        while (it5.hasNext()) {
            sslContextFactory.setTrustStore(it5.next().getAbsolutePath());
        }
        Iterator<String> it6 = sslConfiguration.getTrustStorePassword().asSet().iterator();
        while (it6.hasNext()) {
            sslContextFactory.setTrustStorePassword(it6.next());
        }
        String trustStoreType = sslConfiguration.getTrustStoreType();
        if (trustStoreType.startsWith("Windows-")) {
            try {
                KeyStore keyStore2 = KeyStore.getInstance(trustStoreType);
                keyStore2.load(null, null);
                sslContextFactory.setTrustStore(keyStore2);
            } catch (Exception e2) {
                throw new IllegalStateException("Windows key store not supported", e2);
            }
        } else {
            sslContextFactory.setTrustStoreType(trustStoreType);
        }
        Iterator<Boolean> it7 = sslConfiguration.getNeedClientAuth().asSet().iterator();
        while (it7.hasNext()) {
            sslContextFactory.setNeedClientAuth(it7.next().booleanValue());
        }
        Iterator<Boolean> it8 = sslConfiguration.getWantClientAuth().asSet().iterator();
        while (it8.hasNext()) {
            sslContextFactory.setWantClientAuth(it8.next().booleanValue());
        }
        Iterator<Boolean> it9 = sslConfiguration.getAllowRenegotiate().asSet().iterator();
        while (it9.hasNext()) {
            sslContextFactory.setAllowRenegotiate(it9.next().booleanValue());
        }
        Iterator<File> it10 = sslConfiguration.getCrlPath().asSet().iterator();
        while (it10.hasNext()) {
            sslContextFactory.setCrlPath(it10.next().getAbsolutePath());
        }
        Iterator<Boolean> it11 = sslConfiguration.getCrldpEnabled().asSet().iterator();
        while (it11.hasNext()) {
            sslContextFactory.setEnableCRLDP(it11.next().booleanValue());
        }
        Iterator<Boolean> it12 = sslConfiguration.getOcspEnabled().asSet().iterator();
        while (it12.hasNext()) {
            sslContextFactory.setEnableOCSP(it12.next().booleanValue());
        }
        Iterator<Integer> it13 = sslConfiguration.getMaxCertPathLength().asSet().iterator();
        while (it13.hasNext()) {
            sslContextFactory.setMaxCertPathLength(it13.next().intValue());
        }
        Iterator<URI> it14 = sslConfiguration.getOcspResponderUrl().asSet().iterator();
        while (it14.hasNext()) {
            sslContextFactory.setOcspResponderURL(it14.next().toASCIIString());
        }
        Iterator<String> it15 = sslConfiguration.getJceProvider().asSet().iterator();
        while (it15.hasNext()) {
            sslContextFactory.setProvider(it15.next());
        }
        Iterator<Boolean> it16 = sslConfiguration.getValidatePeers().asSet().iterator();
        while (it16.hasNext()) {
            sslContextFactory.setValidatePeerCerts(it16.next().booleanValue());
        }
        sslContextFactory.setIncludeProtocols((String[]) Iterables.toArray(sslConfiguration.getSupportedProtocols(), String.class));
    }

    private Handler createHandler(Environment environment) {
        HandlerCollection handlerCollection = new HandlerCollection();
        handlerCollection.addHandler(createInternalServlet(environment));
        handlerCollection.addHandler(createExternalServlet(environment));
        if (this.requestLogHandlerFactory.isEnabled()) {
            handlerCollection.addHandler(this.requestLogHandlerFactory.build());
        }
        return handlerCollection;
    }

    private Handler createInternalServlet(Environment environment) {
        ServletContextHandler servletContextHandler = new ServletContextHandler();
        servletContextHandler.addServlet(new ServletHolder(new TaskServlet(environment.getTasks())), "/tasks/*");
        servletContextHandler.addServlet(new ServletHolder(new AdminServlet()), "/*");
        if (this.config.getAdminPort() == 0 || this.config.getAdminPort() != this.config.getPort()) {
            servletContextHandler.setConnectorNames(new String[]{"internal"});
        } else {
            servletContextHandler.setContextPath("/admin");
            servletContextHandler.setConnectorNames(new String[]{"main"});
        }
        if (this.config.getAdminUsername().isPresent() || this.config.getAdminPassword().isPresent()) {
            servletContextHandler.setSecurityHandler(basicAuthHandler(this.config.getAdminUsername().or((Optional<String>) ""), this.config.getAdminPassword().or((Optional<String>) "")));
        }
        return servletContextHandler;
    }

    private SecurityHandler basicAuthHandler(String str, String str2) {
        HashLoginService hashLoginService = new HashLoginService();
        hashLoginService.putUser(str, Credential.getCredential(str2), new String[]{ClassicConstants.USER_MDC_KEY});
        hashLoginService.setName("admin");
        Constraint constraint = new Constraint();
        constraint.setName("BASIC");
        constraint.setRoles(new String[]{ClassicConstants.USER_MDC_KEY});
        constraint.setAuthenticate(true);
        ConstraintMapping constraintMapping = new ConstraintMapping();
        constraintMapping.setConstraint(constraint);
        constraintMapping.setPathSpec("/*");
        ConstraintSecurityHandler constraintSecurityHandler = new ConstraintSecurityHandler();
        constraintSecurityHandler.setAuthenticator(new BasicAuthenticator());
        constraintSecurityHandler.setRealmName("admin");
        constraintSecurityHandler.addConstraintMapping(constraintMapping);
        constraintSecurityHandler.setLoginService(hashLoginService);
        return constraintSecurityHandler;
    }

    private Handler createExternalServlet(Environment environment) {
        ServletContextHandler servletContextHandler = new ServletContextHandler();
        servletContextHandler.addFilter(ThreadNameFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
        servletContextHandler.setBaseResource(environment.getBaseResource());
        if (!environment.getProtectedTargets().isEmpty()) {
            servletContextHandler.setProtectedTargets((String[]) environment.getProtectedTargets().toArray(new String[environment.getProtectedTargets().size()]));
        }
        Iterator it = environment.getServlets().entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry entry = (Map.Entry) it.next();
            servletContextHandler.addServlet((ServletHolder) entry.getValue(), (String) entry.getKey());
        }
        ServletContainer jerseyServletContainer = environment.getJerseyServletContainer();
        if (jerseyServletContainer != null) {
            environment.addProvider(new JacksonMessageBodyProvider(environment.getObjectMapperFactory().build(), environment.getValidator()));
            ServletHolder servletHolder = new ServletHolder(jerseyServletContainer);
            servletHolder.setInitOrder(Integer.MAX_VALUE);
            servletContextHandler.addServlet(servletHolder, this.config.getRootPath());
        }
        Iterator it2 = environment.getFilters().entries().iterator();
        while (it2.hasNext()) {
            Map.Entry entry2 = (Map.Entry) it2.next();
            servletContextHandler.addFilter((FilterHolder) entry2.getValue(), (String) entry2.getKey(), EnumSet.of(DispatcherType.REQUEST));
        }
        Iterator it3 = environment.getServletListeners().iterator();
        while (it3.hasNext()) {
            servletContextHandler.addEventListener((EventListener) it3.next());
        }
        Iterator it4 = this.config.getContextParameters().entrySet().iterator();
        while (it4.hasNext()) {
            Map.Entry entry3 = (Map.Entry) it4.next();
            servletContextHandler.setInitParameter((String) entry3.getKey(), (String) entry3.getValue());
        }
        servletContextHandler.setSessionHandler(environment.getSessionHandler());
        servletContextHandler.setConnectorNames(new String[]{"main"});
        return wrapHandler(servletContextHandler);
    }

    private Handler wrapHandler(ServletContextHandler servletContextHandler) {
        InstrumentedHandler instrumentedHandler = new InstrumentedHandler(servletContextHandler);
        GzipConfiguration gzipConfiguration = this.config.getGzipConfiguration();
        if (!gzipConfiguration.isEnabled()) {
            return instrumentedHandler;
        }
        BiDiGzipHandler biDiGzipHandler = new BiDiGzipHandler(instrumentedHandler);
        biDiGzipHandler.setMinGzipSize((int) gzipConfiguration.getMinimumEntitySize().toBytes());
        biDiGzipHandler.setBufferSize((int) gzipConfiguration.getBufferSize().toBytes());
        ImmutableSet<String> excludedUserAgents = gzipConfiguration.getExcludedUserAgents();
        if (!excludedUserAgents.isEmpty()) {
            biDiGzipHandler.setExcluded(excludedUserAgents);
        }
        ImmutableSet<String> compressedMimeTypes = gzipConfiguration.getCompressedMimeTypes();
        if (!compressedMimeTypes.isEmpty()) {
            biDiGzipHandler.setMimeTypes(compressedMimeTypes);
        }
        return biDiGzipHandler;
    }

    private ThreadPool createThreadPool() {
        InstrumentedQueuedThreadPool instrumentedQueuedThreadPool = new InstrumentedQueuedThreadPool();
        instrumentedQueuedThreadPool.setMinThreads(this.config.getMinThreads());
        instrumentedQueuedThreadPool.setMaxThreads(this.config.getMaxThreads());
        return instrumentedQueuedThreadPool;
    }

    private Connector createInternalConnector() {
        SocketConnector socketConnector = new SocketConnector();
        socketConnector.setHost(this.config.getBindHost().orNull());
        socketConnector.setPort(this.config.getAdminPort());
        socketConnector.setName("internal");
        socketConnector.setThreadPool(new QueuedThreadPool(8));
        return socketConnector;
    }
}
