package de.perdian.apps.devlauncher.impl;

import de.perdian.apps.devlauncher.DevLauncher;
import de.perdian.apps.devlauncher.DevLauncherListener;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.util.Date;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.startup.Tomcat;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/perdian/apps/devlauncher/impl/ConnectorListener.class */
public class ConnectorListener implements DevLauncherListener {
    private static final Logger log = LoggerFactory.getLogger(ConnectorListener.class);
    private static final String KEYSTORE_PASSWORD = "tlsKeystorePassword";
    private static final String TLS_KEY_NAME = "tlsKeyName";
    private static final String TLS_KEY_PASSWORD = "tlsKeyPassword";
    public static final String PROTOCOL_AJP = "AJP/1.3";
    private int myPort = -1;
    private int myRedirectPort = -1;
    private String myProtocol = null;
    private String myUriEncoding = "UTF-8";
    private boolean stateSecure = false;

    public ConnectorListener(int i) {
        if (i < 0) {
            throw new IllegalArgumentException("Parameter 'port' must not be negative! [Was: " + i + "]");
        }
        setPort(i);
    }

    @Override // de.perdian.apps.devlauncher.DevLauncherListener
    public void customizeServer(Tomcat tomcat, DevLauncher devLauncher) throws Exception {
        Connector createConnector = createConnector(devLauncher);
        StringBuilder sb = new StringBuilder();
        sb.append("Adding").append(isSecure() ? " secure" : "").append(" connector");
        if (getProtocol() != null) {
            sb.append(" for protocol '").append(getProtocol());
        }
        sb.append(" listening on port ").append(getPort());
        if (getRedirectPort() > 0) {
            sb.append(" and redirectPort ").append(getRedirectPort());
        }
        sb.append(" [").append(createConnector).append("]");
        log.debug(sb.toString());
        if (isSecure()) {
            File file = new File(devLauncher.getWorkingDirectory(), "config/keystore");
            ensureKeyInStore(file, ensureKeyStore(file));
            createConnector.setSecure(true);
            createConnector.setScheme("https");
            createConnector.setAttribute("keyAlias", TLS_KEY_NAME);
            createConnector.setAttribute("keyPass", TLS_KEY_PASSWORD);
            createConnector.setAttribute("keystoreFile", file.getCanonicalPath());
            createConnector.setAttribute("keystorePass", KEYSTORE_PASSWORD);
            createConnector.setAttribute("clientAuth", "false");
            createConnector.setAttribute("sslProtocol", "TLS");
            createConnector.setAttribute("SSLEnabled", true);
            tomcat.getConnector().setRedirectPort(createConnector.getPort());
        }
        tomcat.getService().addConnector(createConnector);
    }

    protected Connector createConnector(DevLauncher devLauncher) {
        Connector connector = new Connector(getProtocol());
        connector.setPort(getPort());
        if (getRedirectPort() > 0) {
            connector.setRedirectPort(getRedirectPort());
        }
        if (getUriEncoding() != null) {
            connector.setURIEncoding(getUriEncoding());
        }
        connector.setXpoweredBy(false);
        return connector;
    }

    private Key ensureKeyInStore(File file, KeyStore keyStore) throws GeneralSecurityException, IOException {
        Key lookupKeyFromStore = lookupKeyFromStore(keyStore);
        if (lookupKeyFromStore == null) {
            log.info("Creating new TLS key to enable HTTPS access");
            Security.addProvider(new BouncyCastleProvider());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
            x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
            x509V3CertificateGenerator.setIssuerDN(new X509Principal("CN=localhost, OU=None, O=None L=None, C=None"));
            x509V3CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis() - 2592000000L));
            x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 315360000000L));
            x509V3CertificateGenerator.setSubjectDN(new X509Principal("CN=localhost, OU=None, O=None L=None, C=None"));
            x509V3CertificateGenerator.setPublicKey(generateKeyPair.getPublic());
            x509V3CertificateGenerator.setSignatureAlgorithm("MD5WithRSAEncryption");
            keyStore.setKeyEntry(TLS_KEY_NAME, generateKeyPair.getPrivate(), TLS_KEY_PASSWORD.toCharArray(), new Certificate[]{x509V3CertificateGenerator.generateX509Certificate(generateKeyPair.getPrivate())});
            log.debug("Updating KeyStore at: " + file.getAbsolutePath());
            if (!file.getParentFile().exists()) {
                file.getParentFile().mkdirs();
            }
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file));
            try {
                keyStore.store(bufferedOutputStream, KEYSTORE_PASSWORD.toCharArray());
                bufferedOutputStream.flush();
                bufferedOutputStream.close();
            } catch (Throwable th) {
                bufferedOutputStream.close();
                throw th;
            }
        }
        return lookupKeyFromStore;
    }

    private Key lookupKeyFromStore(KeyStore keyStore) {
        try {
            Key key = keyStore.getKey(TLS_KEY_NAME, TLS_KEY_PASSWORD.toCharArray());
            if (key != null) {
                log.trace("Found key 'tlsKeyName' in KeyStore with format: " + key.getFormat());
            }
            return key;
        } catch (GeneralSecurityException e) {
            log.debug("Cannot retrieve key from KeyStore", e);
            return null;
        }
    }

    private KeyStore ensureKeyStore(File file) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        if (file.exists()) {
            try {
                BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
                try {
                    keyStore.load(bufferedInputStream, KEYSTORE_PASSWORD.toCharArray());
                    bufferedInputStream.close();
                } catch (Throwable th) {
                    bufferedInputStream.close();
                    throw th;
                }
            } catch (Exception e) {
                log.warn("Cannot load KeyStore from file at: " + file.getAbsolutePath());
            }
        }
        return keyStore;
    }

    public int getPort() {
        return this.myPort;
    }

    private void setPort(int i) {
        this.myPort = i;
    }

    public ConnectorListener redirectPort(int i) {
        setRedirectPort(i);
        return this;
    }

    public int getRedirectPort() {
        return this.myRedirectPort;
    }

    private void setRedirectPort(int i) {
        this.myRedirectPort = i;
    }

    public ConnectorListener protocol(String str) {
        setProtocol(str);
        return this;
    }

    public String getProtocol() {
        return this.myProtocol;
    }

    private void setProtocol(String str) {
        this.myProtocol = str;
    }

    public ConnectorListener secure(boolean z) {
        setSecure(z);
        return this;
    }

    public boolean isSecure() {
        return this.stateSecure;
    }

    private void setSecure(boolean z) {
        this.stateSecure = z;
    }

    public ConnectorListener uriEncoding(String str) {
        setUriEncoding(str);
        return this;
    }

    public String getUriEncoding() {
        return this.myUriEncoding;
    }

    private void setUriEncoding(String str) {
        this.myUriEncoding = str;
    }
}
