package prompto.server;

import java.io.IOException;
import java.net.URL;
import java.util.Collections;
import java.util.EnumSet;
import java.util.List;
import java.util.function.BiConsumer;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.DispatcherType;
import org.eclipse.jetty.jaas.JAASLoginService;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.DefaultHandler;
import org.eclipse.jetty.server.handler.HandlerList;
import org.eclipse.jetty.server.handler.SecuredRedirectHandler;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;
import prompto.config.IDebugConfiguration;
import prompto.config.IDebugEventAdapterConfiguration;
import prompto.config.IDebugRequestListenerConfiguration;
import prompto.config.IKeyStoreConfiguration;
import prompto.config.IKeyStoreFactoryConfiguration;
import prompto.config.IServerConfiguration;
import prompto.config.auth.IAuthenticationConfiguration;
import prompto.debug.DebugEventServlet;
import prompto.debug.DebugRequestServlet;
import prompto.debug.HttpServletDebugRequestListenerFactory;
import prompto.debug.WebSocketDebugEventAdapterFactory;
import prompto.runtime.Mode;
import prompto.security.ISecretKeyFactory;
import prompto.utils.Logger;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:prompto/server/JettyServer.class */
public class JettyServer extends Server {
    static final Logger logger = new Logger();
    IServerConfiguration config;
    ServerConnector mainConnector;
    ServerConnector redirectConnector;
    ConstraintSecurityHandler securityHandler;
    HandlerList contentHandler;
    WebAppContext servicesHandler;
    DebugRequestServlet debugRequestServlet;
    DebugEventServlet debugEventServlet;
    Supplier<IAuthenticationConfiguration> auth = null;
    boolean startComplete = false;
    Thread serverThread = null;
    Throwable serverThrowable = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:prompto/server/JettyServer$CleverWebAppContext.class */
    public static class CleverWebAppContext extends WebAppContext {
        CleverWebAppContext() {
        }

        public ServletHolder addServlet(CleverServlet cleverServlet, String str) {
            ServletHolder servletHolder = new ServletHolder(cleverServlet);
            addServlet(servletHolder, str);
            cleverServlet.setHolder(servletHolder);
            return servletHolder;
        }
    }

    public JettyServer(IServerConfiguration iServerConfiguration) {
        this.config = iServerConfiguration;
        setStopAtShutdown(true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void jettyStart(final Runnable runnable) throws Throwable {
        this.serverThrowable = null;
        this.startComplete = false;
        final Object obj = new Object();
        this.serverThread = new Thread(new Runnable() { // from class: prompto.server.JettyServer.1
            @Override // java.lang.Runnable
            public void run() {
                JettyServer.logger.info(() -> {
                    return "Web server about to start...";
                });
                try {
                    try {
                        try {
                            JettyServer.this.start();
                            JettyServer.logger.info(() -> {
                                return "Web server started...";
                            });
                            JettyServer.logger.info(() -> {
                                return "Signaling start completion...";
                            });
                            synchronized (obj) {
                                JettyServer.this.startComplete = true;
                                obj.notify();
                            }
                            JettyServer.logger.info(() -> {
                                return "Web server waiting ready...";
                            });
                            JettyServer.this.join();
                            JettyServer.logger.info(() -> {
                                return "Web server stop complete.";
                            });
                            if (runnable != null) {
                                runnable.run();
                            }
                            JettyServer.this.serverThread = null;
                        } catch (Throwable th) {
                            JettyServer.logger.info(() -> {
                                return "Signaling start completion...";
                            });
                            synchronized (obj) {
                                JettyServer.this.startComplete = true;
                                obj.notify();
                                throw th;
                            }
                        }
                    } catch (Throwable th2) {
                        th2.printStackTrace();
                        JettyServer.this.serverThrowable = th2;
                        JettyServer.this.serverThread = null;
                    }
                } catch (Throwable th3) {
                    JettyServer.this.serverThread = null;
                    throw th3;
                }
            }
        }, "HTTP Server");
        this.serverThread.start();
        logger.info(() -> {
            return "Waiting for start completion signal...";
        });
        synchronized (obj) {
            while (!this.startComplete) {
                obj.wait();
            }
        }
        logger.info(() -> {
            return "Start completion signalled...";
        });
        if (this.serverThrowable != null) {
            Throwable th = this.serverThrowable;
            this.serverThrowable = null;
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void jettyStop() throws Exception {
        logger.info(() -> {
            return "Stopping web server...";
        });
        stop();
    }

    public void prepare(BiConsumer<JettyServer, HandlerList> biConsumer) throws Exception {
        prepareConnectors();
        prepareHandlers(biConsumer);
    }

    private void prepareHandlers(BiConsumer<JettyServer, HandlerList> biConsumer) {
        prepareSecurityHandler();
        prepareContentHandler(biConsumer);
        setHandler(this.contentHandler);
    }

    private void prepareConnectors() throws Exception {
        this.mainConnector = prepareMainConnector();
        this.redirectConnector = prepareRedirectConnector();
        if (this.redirectConnector == null) {
            setConnectors(new Connector[]{this.mainConnector});
        } else {
            setConnectors(new Connector[]{this.mainConnector, this.redirectConnector});
        }
    }

    private ServerConnector prepareMainConnector() throws Exception {
        ServerConnector prepareHttpConnector = "http".equalsIgnoreCase(this.config.getHttpConfiguration().getProtocol()) ? prepareHttpConnector() : prepareHttpsConnector();
        if (this.config.getHttpConfiguration().getPort() != -1) {
            prepareHttpConnector.setPort(this.config.getHttpConfiguration().getPort());
        }
        return prepareHttpConnector;
    }

    private ServerConnector prepareRedirectConnector() {
        if (this.config.getHttpConfiguration().getRedirectFrom() == null) {
            return null;
        }
        logger.info(() -> {
            return "Preparing redirection from port " + this.config.getHttpConfiguration().getRedirectFrom() + " to port " + this.config.getHttpConfiguration().getPort();
        });
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setSecurePort(this.config.getHttpConfiguration().getPort());
        httpConfiguration.setSecureScheme("https");
        httpConfiguration.addCustomizer(new SecureRequestCustomizer());
        ServerConnector serverConnector = new ServerConnector(this, new ConnectionFactory[]{new HttpConnectionFactory(httpConfiguration)});
        serverConnector.setPort(this.config.getHttpConfiguration().getRedirectFrom().intValue());
        return serverConnector;
    }

    private ServerConnector prepareHttpConnector() {
        return new ServerConnector(this);
    }

    private ServerConnector prepareHttpsConnector() throws Exception {
        return new ServerConnector(this, new ConnectionFactory[]{createSSLFactory(), createHttpsFactory()});
    }

    private SslConnectionFactory createSSLFactory() throws Exception {
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setSslSessionTimeout(180000);
        IKeyStoreConfiguration keyStoreConfiguration = this.config.getHttpConfiguration().getKeyStoreConfiguration();
        IKeyStoreFactoryConfiguration keyStoreFactoryConfiguration = keyStoreConfiguration.getKeyStoreFactoryConfiguration();
        sslContextFactory.setKeyStore(keyStoreFactoryConfiguration.getKeyStoreFactory().newInstance(keyStoreFactoryConfiguration));
        sslContextFactory.setKeyStorePassword(ISecretKeyFactory.plainPasswordFromConfig(keyStoreConfiguration.getSecretKeyConfiguration()));
        IKeyStoreConfiguration trustStoreConfiguration = this.config.getHttpConfiguration().getTrustStoreConfiguration();
        IKeyStoreFactoryConfiguration keyStoreFactoryConfiguration2 = trustStoreConfiguration.getKeyStoreFactoryConfiguration();
        sslContextFactory.setTrustStore(keyStoreFactoryConfiguration2.getKeyStoreFactory().newInstance(keyStoreFactoryConfiguration2));
        sslContextFactory.setTrustStorePassword(ISecretKeyFactory.plainPasswordFromConfig(trustStoreConfiguration.getSecretKeyConfiguration()));
        return new SslConnectionFactory(sslContextFactory, "http/1.1");
    }

    private HttpConnectionFactory createHttpsFactory() {
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.addCustomizer(new SecureRequestCustomizer());
        return new HttpConnectionFactory(httpConfiguration);
    }

    public int getHttpPort() {
        return this.mainConnector.getLocalPort();
    }

    private void prepareSecurityHandler() {
        logger.info(() -> {
            return "Preparing security handler...";
        });
        this.securityHandler = (!this.config.getHttpConfiguration().getAllowsXAuthorization() || this.config.getHttpConfiguration().getAllowedOrigins() == null) ? new ConstraintSecurityHandler() : new ConstraintSecurityHandlerWithXAuthorization();
        if (getAuthenticationConfiguration() != null) {
            configureSecurityHandler();
        } else {
            logger.info(() -> {
                return "Not using authentication!";
            });
        }
        logger.info(() -> {
            return "Security handler successfully prepared.";
        });
    }

    private IAuthenticationConfiguration getAuthenticationConfiguration() {
        if (this.auth == null) {
            IAuthenticationConfiguration authenticationConfiguration = this.config.getHttpConfiguration().getAuthenticationConfiguration();
            this.auth = () -> {
                return authenticationConfiguration;
            };
        }
        return this.auth.get();
    }

    private void configureSecurityHandler() {
        try {
            this.securityHandler.setLoginService(prepareJettyLoginService());
            this.securityHandler.setAuthenticator(prepareAuthenticator());
            this.securityHandler.setConstraintMappings(prepareAuthConstraintMappings());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private void prepareContentHandler(BiConsumer<JettyServer, HandlerList> biConsumer) {
        logger.info(() -> {
            return "Preparing web handlers...";
        });
        HandlerList handlerList = new HandlerList();
        if (this.config.getHttpConfiguration().getRedirectFrom() != null) {
            handlerList.addHandler(new SecuredRedirectHandler());
        }
        biConsumer.accept(this, handlerList);
        this.contentHandler = handlerList;
        logger.info(() -> {
            return "Web handlers successfully prepared.";
        });
    }

    private Authenticator prepareAuthenticator() {
        return getAuthenticationConfiguration().getAuthenticationMethodConfiguration().getAuthenticationMethodFactory().newAuthenticator(this.config.getHttpConfiguration().getAllowsXAuthorization());
    }

    private LoginService prepareJettyLoginService() throws Exception {
        String installJettyLoginModule = getAuthenticationConfiguration().getAuthenticationSourceConfiguration().getAuthenticationSourceFactory().installJettyLoginModule();
        JAASLoginService jAASLoginService = new JAASLoginService("prompto.login.service");
        jAASLoginService.setIdentityService(prepareIdentityService());
        jAASLoginService.setLoginModuleName(installJettyLoginModule);
        addBean(jAASLoginService);
        return jAASLoginService;
    }

    private IdentityService prepareIdentityService() {
        return new DefaultIdentityService();
    }

    private List<ConstraintMapping> prepareAuthConstraintMappings() {
        Stream<ConstraintMapping> prepareAllowedConstraintMappings = prepareAllowedConstraintMappings();
        ConstraintMapping constraintMapping = new ConstraintMapping();
        constraintMapping.setPathSpec("/");
        constraintMapping.setConstraint(prepareAuthenticationConstraint());
        return (List) Stream.concat(prepareAllowedConstraintMappings, Stream.of(constraintMapping)).collect(Collectors.toList());
    }

    private Stream<ConstraintMapping> prepareAllowedConstraintMappings() {
        Constraint prepareNoAuthenticationConstraint = prepareNoAuthenticationConstraint();
        Stream<String> stream = getAuthenticationConfiguration().getWhiteList().stream();
        if (this.config.getRuntimeMode() == Mode.DEVELOPMENT) {
            stream = Stream.concat(stream, Collections.singletonList("/ws/control/*").stream());
        }
        return stream.map(str -> {
            logger.info(() -> {
                return "Allowing free access to '" + str + "'";
            });
            ConstraintMapping constraintMapping = new ConstraintMapping();
            constraintMapping.setPathSpec(str);
            constraintMapping.setConstraint(prepareNoAuthenticationConstraint);
            return constraintMapping;
        });
    }

    private Constraint prepareNoAuthenticationConstraint() {
        Constraint constraint = new Constraint();
        constraint.setName("no-authentication");
        constraint.setAuthenticate(false);
        constraint.setRoles(new String[]{"*"});
        return constraint;
    }

    private Constraint prepareAuthenticationConstraint() {
        Constraint constraint = new Constraint();
        constraint.setName("authentication");
        constraint.setAuthenticate(true);
        constraint.setRoles(new String[]{"**"});
        return constraint;
    }

    public WebAppContext newWebAppHandler() throws Exception {
        CleverWebAppContext cleverWebAppContext = new CleverWebAppContext();
        cleverWebAppContext.setContextPath("/");
        cleverWebAppContext.setResourceBase(getResourceBase());
        cleverWebAppContext.setSecurityHandler(this.securityHandler);
        if (this.config.getWebSiteRoot() != null) {
            cleverWebAppContext.addServlet(new WebSiteServlet(this.config.getWebSiteRoot()), "/");
        } else {
            cleverWebAppContext.addServlet(new CodeStoreServlet(), "/");
        }
        cleverWebAppContext.addServlet(new TranspilerServlet(), "*.page");
        cleverWebAppContext.addServlet(new ControlServlet(), "/ws/control/*");
        cleverWebAppContext.addServlet(new BinaryServlet(), "/ws/bin/*");
        cleverWebAppContext.addServlet(new DataServlet(), "/ws/data/*");
        cleverWebAppContext.addServlet(new StoreServlet(), "/ws/store/*");
        newDebuggerServlets(cleverWebAppContext);
        cleverWebAppContext.addServlet(new PromptoServlet(this.config.getHttpConfiguration().getSendsXAuthorization()), "/ws/run/*");
        FilterHolder newCrossOriginHandler = newCrossOriginHandler();
        if (newCrossOriginHandler != null) {
            cleverWebAppContext.addFilter(newCrossOriginHandler, "/*", EnumSet.of(DispatcherType.REQUEST));
        }
        cleverWebAppContext.getSessionHandler().getSessionManager().setMaxInactiveInterval(300);
        return cleverWebAppContext;
    }

    private void newDebuggerServlets(CleverWebAppContext cleverWebAppContext) throws Exception {
        IDebugConfiguration debugConfiguration = this.config.getDebugConfiguration();
        if (debugConfiguration == null) {
            return;
        }
        IDebugRequestListenerConfiguration requestListenerConfiguration = debugConfiguration.getRequestListenerConfiguration();
        if (requestListenerConfiguration != null) {
            if (HttpServletDebugRequestListenerFactory.class.getName().equals(requestListenerConfiguration.getFactory())) {
                this.debugRequestServlet = new DebugRequestServlet();
                cleverWebAppContext.addServlet(this.debugRequestServlet, "/ws/debug-request/*");
            }
        }
        IDebugEventAdapterConfiguration eventAdapterConfiguration = debugConfiguration.getEventAdapterConfiguration();
        if (eventAdapterConfiguration != null) {
            if (WebSocketDebugEventAdapterFactory.class.getName().equals(eventAdapterConfiguration.getFactory())) {
                this.debugEventServlet = new DebugEventServlet();
                cleverWebAppContext.addServlet(new ServletHolder(this.debugEventServlet), "/ws/debug-event/*");
            }
        }
    }

    private FilterHolder newCrossOriginHandler() {
        String allowedOrigins = this.config.getHttpConfiguration().getAllowedOrigins();
        if (allowedOrigins == null) {
            return null;
        }
        logger.info(() -> {
            return "Setting allowed origins to: " + allowedOrigins;
        });
        FilterHolder filterHolder = new FilterHolder();
        filterHolder.setInitParameter("allowCredentials", "true");
        filterHolder.setInitParameter("allowedOrigins", allowedOrigins);
        filterHolder.setInitParameter("allowedMethods", "GET,POST,HEAD,OPTIONS");
        filterHolder.setInitParameter("allowedHeaders", "X-Requested-With,X-Authorization,Content-Type,Accept,Origin,Access-Control-Allow-Origin");
        filterHolder.setFilter(new LoggingCrossOriginFilter());
        return filterHolder;
    }

    private String getResourceBase() throws IOException {
        return getRootURL().toExternalForm();
    }

    private URL getRootURL() throws IOException {
        URL url = new URL(AppServer.class.getResource("/js/lib/require.js").toExternalForm().replace("/js/lib/require.js", "/"));
        if (url.toExternalForm().contains("/test-classes/")) {
            url = new URL(url.toExternalForm().replace("/test-classes/", "/classes/"));
        }
        return url;
    }

    public DefaultHandler newDefaultHandler() {
        return new DefaultHandler();
    }
}
