package io.bdeploy.jersey;

import io.bdeploy.common.audit.Auditor;
import io.bdeploy.common.audit.Slf4jAuditor;
import io.bdeploy.common.util.NamedDaemonThreadFactory;
import io.bdeploy.common.util.Threads;
import io.bdeploy.common.util.VersionHelper;
import io.bdeploy.jersey.JerseyAuthenticationProvider;
import io.bdeploy.jersey.JerseyCspFilter;
import io.bdeploy.jersey.actions.ActionFactory;
import io.bdeploy.jersey.errorpages.JerseyGrizzlyErrorPageGenerator;
import io.bdeploy.jersey.fs.FileSystemSpaceService;
import io.bdeploy.jersey.monitoring.JerseyServerMonitor;
import io.bdeploy.jersey.monitoring.JerseyServerMonitoringResourceImpl;
import io.bdeploy.jersey.monitoring.JerseyServerMonitoringSamplerService;
import io.bdeploy.jersey.resources.ActionResourceImpl;
import io.bdeploy.jersey.resources.JerseyMetricsResourceImpl;
import jakarta.annotation.Priority;
import jakarta.inject.Singleton;
import jakarta.ws.rs.core.UriBuilder;
import java.io.IOException;
import java.net.URI;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.TreeMap;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.atomic.AtomicLong;
import java.util.function.Predicate;
import java.util.function.Supplier;
import java.util.logging.Level;
import java.util.stream.Collectors;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import org.glassfish.grizzly.http.CompressionConfig;
import org.glassfish.grizzly.http.server.HttpHandler;
import org.glassfish.grizzly.http.server.HttpHandlerRegistration;
import org.glassfish.grizzly.http.server.HttpServer;
import org.glassfish.grizzly.http.server.NetworkListener;
import org.glassfish.grizzly.ssl.SSLEngineConfigurator;
import org.glassfish.grizzly.threadpool.ThreadPoolConfig;
import org.glassfish.grizzly.websockets.WebSocketAddOn;
import org.glassfish.grizzly.websockets.WebSocketApplication;
import org.glassfish.grizzly.websockets.WebSocketEngine;
import org.glassfish.hk2.api.Factory;
import org.glassfish.hk2.utilities.binding.AbstractBinder;
import org.glassfish.jersey.grizzly2.httpserver.GrizzlyHttpContainer;
import org.glassfish.jersey.grizzly2.httpserver.GrizzlyHttpServerFactory;
import org.glassfish.jersey.jackson.JacksonFeature;
import org.glassfish.jersey.media.multipart.MultiPartFeature;
import org.glassfish.jersey.server.ContainerFactory;
import org.glassfish.jersey.server.ResourceConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.bridge.SLF4JBridgeHandler;

/* loaded from: input_file:io/bdeploy/jersey/JerseyServer.class */
public class JerseyServer implements AutoCloseable, RegistrationTarget {
    private static final int CL_BUFFER_SIZE = 512;
    private static final Logger log = LoggerFactory.getLogger((Class<?>) JerseyServer.class);
    private static final String[] cipherSuites = {"TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"};
    public static final String START_TIME = "StartTime";
    public static final String BROADCAST_EXECUTOR = "BcExecutor";
    public static final String FILE_SYSTEM_MIN_SPACE = "FileSystemMinSpace";
    private final int port;
    private final KeyStore store;
    private final KeyStore httpsStore;
    private final char[] passphrase;
    private HttpServer server;
    private final JerseySessionManager sessionManager;
    private Predicate<String> userValidator;
    private GrizzlyHttpContainer container;
    private final ResourceConfig rc = new ResourceConfig();
    private final Instant startTime = Instant.now();
    private final Collection<AutoCloseable> closeableResources = new ArrayList();
    private final CompletableFuture<RegistrationTarget> startup = new CompletableFuture<>();
    private final AtomicLong broadcasterId = new AtomicLong(0);
    private final ScheduledExecutorService broadcastScheduler = Executors.newScheduledThreadPool(1, new NamedDaemonThreadFactory((Supplier<String>) () -> {
        return "Scheduled Broadcast " + this.broadcasterId.incrementAndGet();
    }));
    private final Map<HttpHandlerRegistration, HttpHandler> preRegistrations = new HashMap();
    private Auditor auditor = new Slf4jAuditor();
    private final JerseyServerMonitor monitor = new JerseyServerMonitor();
    private final JerseyServerMonitoringSamplerService serverMonitoring = new JerseyServerMonitoringSamplerService(this.monitor);
    private final Map<String, WebSocketApplication> wsApplications = new TreeMap();

    /* loaded from: input_file:io/bdeploy/jersey/JerseyServer$JerseyAuditorBridgeFactory.class */
    private class JerseyAuditorBridgeFactory implements Factory<Auditor> {
        private JerseyAuditorBridgeFactory() {
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.glassfish.hk2.api.Factory
        public Auditor provide() {
            return JerseyServer.this.auditor;
        }

        @Override // org.glassfish.hk2.api.Factory
        public void dispose(Auditor auditor) {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/bdeploy/jersey/JerseyServer$ServerObjectBinder.class */
    public class ServerObjectBinder extends AbstractBinder {
        private ServerObjectBinder() {
        }

        @Override // org.glassfish.hk2.utilities.binding.AbstractBinder
        protected void configure() {
            bind(JerseyWriteLockService.class).in(Singleton.class).to(JerseyWriteLockService.class);
            bind(JerseyScopeService.class).in(Singleton.class).to(JerseyScopeService.class);
            bind(FileSystemSpaceService.class).in(Singleton.class).to(FileSystemSpaceService.class);
            bind(ActionFactory.class).to(ActionFactory.class);
            bind((ServerObjectBinder) JerseyServer.this.startTime).named(JerseyServer.START_TIME).to(Instant.class);
            bind((ServerObjectBinder) JerseyServer.this.broadcastScheduler).named(JerseyServer.BROADCAST_EXECUTOR).to(ScheduledExecutorService.class);
            bind((ServerObjectBinder) JerseyServer.this.serverMonitoring).to(JerseyServerMonitoringSamplerService.class);
            bind((ServerObjectBinder) JerseyServer.this.sessionManager).to(SessionManager.class);
            bindFactory(new JerseyAuditorBridgeFactory()).to(Auditor.class);
        }
    }

    public JerseyServer(int i, KeyStore keyStore, KeyStore keyStore2, char[] cArr, JerseySessionConfiguration jerseySessionConfiguration) {
        this.port = i;
        this.store = keyStore;
        this.httpsStore = keyStore2;
        this.passphrase = (char[]) cArr.clone();
        this.sessionManager = new JerseySessionManager(jerseySessionConfiguration);
    }

    @Override // io.bdeploy.jersey.RegistrationTarget
    public KeyStore getKeyStore() {
        return this.store;
    }

    @Override // io.bdeploy.jersey.RegistrationTarget
    public CompletableFuture<RegistrationTarget> afterStartup() {
        return this.startup;
    }

    public void setAuditor(Auditor auditor) {
        this.auditor = auditor;
    }

    public void setUserValidator(Predicate<String> predicate) {
        this.userValidator = predicate;
    }

    @Override // io.bdeploy.jersey.RegistrationTarget
    public void registerResource(AutoCloseable autoCloseable) {
        this.closeableResources.add(autoCloseable);
    }

    @Override // io.bdeploy.jersey.RegistrationTarget
    public void register(Object obj) {
        if (!(obj instanceof Class)) {
            this.rc.register2(obj);
            return;
        }
        Priority priority = (Priority) ((Class) obj).getAnnotation(Priority.class);
        if (priority != null) {
            this.rc.register((Class<?>) obj, priority.value());
        } else {
            this.rc.register((Class<?>) obj);
        }
    }

    @Override // io.bdeploy.jersey.RegistrationTarget
    public void addHandler(HttpHandler httpHandler, HttpHandlerRegistration httpHandlerRegistration) {
        if (this.server == null) {
            this.preRegistrations.put(httpHandlerRegistration, httpHandler);
        } else {
            this.server.getServerConfiguration().addHttpHandler(httpHandler, httpHandlerRegistration);
        }
    }

    @Override // io.bdeploy.jersey.RegistrationTarget
    public void removeHandler(HttpHandler httpHandler) {
        if (this.server != null) {
            this.server.getServerConfiguration().removeHttpHandler(httpHandler);
            return;
        }
        Set set = (Set) this.preRegistrations.entrySet().stream().filter(entry -> {
            return ((HttpHandler) entry.getValue()).equals(httpHandler);
        }).map((v0) -> {
            return v0.getKey();
        }).collect(Collectors.toSet());
        Map<HttpHandlerRegistration, HttpHandler> map = this.preRegistrations;
        Objects.requireNonNull(map);
        set.forEach((v1) -> {
            r1.remove(v1);
        });
    }

    @Override // io.bdeploy.jersey.RegistrationTarget
    public void registerWebsocketApplication(String str, WebSocketApplication webSocketApplication) {
        this.wsApplications.put(str, webSocketApplication);
    }

    public static void updateLogging() {
        if (SLF4JBridgeHandler.isInstalled()) {
            SLF4JBridgeHandler.uninstall();
        }
        Level level = Level.WARNING;
        if (log.isInfoEnabled()) {
            level = Level.INFO;
        }
        if (log.isDebugEnabled()) {
            level = Level.FINE;
        }
        if (log.isTraceEnabled()) {
            level = Level.FINER;
        }
        java.util.logging.Logger.getLogger("").setLevel(level);
        SLF4JBridgeHandler.removeHandlersForRootLogger();
        SLF4JBridgeHandler.install();
    }

    public void start() {
        try {
            URI build = UriBuilder.fromUri("https://0.0.0.0/api").port(this.port).build(new Object[0]);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            if (this.httpsStore != null) {
                keyManagerFactory.init(this.httpsStore, this.passphrase);
            } else {
                keyManagerFactory.init(this.store, this.passphrase);
            }
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
            SSLEngineConfigurator sSLEngineConfigurator = new SSLEngineConfigurator(sSLContext, false, false, false);
            sSLEngineConfigurator.setEnabledProtocols(new String[]{"TLSv1.2", "TLSv1.3"});
            sSLEngineConfigurator.setEnabledCipherSuites(getSupportedCiphers(sSLContext, cipherSuites));
            registerDefaultResources(this.rc);
            this.server = GrizzlyHttpServerFactory.createHttpServer(build, this.rc, true, sSLEngineConfigurator, false);
            this.container = (GrizzlyHttpContainer) ContainerFactory.createContainer(GrizzlyHttpContainer.class, this.rc);
            this.server = GrizzlyHttpServerFactory.createHttpServer(build, this.container, true, sSLEngineConfigurator, false);
            for (Map.Entry<HttpHandlerRegistration, HttpHandler> entry : this.preRegistrations.entrySet()) {
                this.server.getServerConfiguration().addHttpHandler(entry.getValue(), entry.getKey());
            }
            this.monitor.setServer(this.server);
            this.monitor.setSessionManager(this.sessionManager);
            this.server.getServerConfiguration().setDefaultErrorPageGenerator(new JerseyGrizzlyErrorPageGenerator());
            this.server.getServerConfiguration().setHttpServerName("BDeploy");
            this.server.getServerConfiguration().setHttpServerVersion(VersionHelper.getVersionAsString());
            WebSocketAddOn webSocketAddOn = new WebSocketAddOn();
            for (NetworkListener networkListener : this.server.getListeners()) {
                networkListener.getTransport().setWorkerThreadPoolConfig(ThreadPoolConfig.defaultConfig().setPoolName("BDeploy-Transport-Worker").setCorePoolSize(8).setMaxPoolSize(Integer.MAX_VALUE).setMemoryManager(networkListener.getTransport().getMemoryManager()));
                CompressionConfig compressionConfig = networkListener.getCompressionConfig();
                compressionConfig.setCompressionMode(CompressionConfig.CompressionMode.ON);
                compressionConfig.setCompressionMinSize(512);
                compressionConfig.setDecompressionEnabled(true);
                networkListener.registerAddOn(webSocketAddOn);
                networkListener.registerAddOn(new JerseyCspFilter.JerseyCspAddOn());
            }
            this.wsApplications.forEach((str, webSocketApplication) -> {
                WebSocketEngine.getEngine().register("/ws", str, webSocketApplication);
            });
            this.server.getHttpHandler().setAllowEncodedSlash(true);
            this.server.start();
            log.info("Started Version {}", VersionHelper.getVersion());
            this.startup.complete(this);
        } catch (IOException | GeneralSecurityException e) {
            throw new IllegalStateException("Cannot start server on " + this.port, e);
        }
    }

    private static String[] getSupportedCiphers(SSLContext sSLContext, String[] strArr) {
        ArrayList arrayList = new ArrayList();
        List asList = Arrays.asList(sSLContext.getServerSocketFactory().getSupportedCipherSuites());
        for (String str : strArr) {
            if (asList.contains(str)) {
                arrayList.add(str);
            } else if (log.isDebugEnabled()) {
                log.debug("Ignoring unsupported cipher suite {}", str);
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public void registerDefaultResources(ResourceConfig resourceConfig) {
        resourceConfig.register2((Object) new ServerObjectBinder());
        resourceConfig.register(JerseyObjectMapper.class);
        resourceConfig.register2((Object) JacksonFeature.withoutExceptionMappers());
        resourceConfig.register(MultiPartFeature.class);
        resourceConfig.register2((Object) new JerseyAuthenticationProvider(this.store, this.userValidator, this.sessionManager), 1000);
        resourceConfig.register(JerseyAuthenticationProvider.JerseyAuthenticationUnprovider.class, 999);
        resourceConfig.register(JerseyAuthenticationProvider.JerseyAuthenticationWeakenerProvider.class, 998);
        resourceConfig.register(JerseyPathReader.class);
        resourceConfig.register(JerseyPathWriter.class);
        resourceConfig.register(JerseyMetricsFilter.class);
        resourceConfig.register(JerseyMetricsResourceImpl.class);
        resourceConfig.register(JerseyAuditingFilter.class);
        resourceConfig.register(JerseyExceptionMapper.class);
        resourceConfig.register(ActionResourceImpl.class);
        resourceConfig.register(JerseyServerMonitoringResourceImpl.class);
        resourceConfig.register2((Object) new JerseyWriteLockFilter());
        resourceConfig.register(JerseyScopeFilter.class);
        resourceConfig.property2("jersey.config.server.contentLength.buffer", (Object) 512);
    }

    public boolean isRunning() {
        return this.server != null && this.server.isStarted();
    }

    @Override // java.lang.AutoCloseable
    public void close() {
        for (AutoCloseable autoCloseable : this.closeableResources) {
            try {
                log.info("Closing resource '{}'", autoCloseable);
                autoCloseable.close();
                if (log.isDebugEnabled()) {
                    log.debug("Resource '{}' closed", autoCloseable);
                }
            } catch (Exception e) {
                log.error("Failed to close resource '{}'", autoCloseable, e);
            }
        }
        this.closeableResources.clear();
        this.sessionManager.close();
        if (this.server != null) {
            this.server.shutdownNow();
            this.server = null;
        }
    }

    public boolean join() {
        while (isRunning() && Threads.sleep(1000L)) {
        }
        return isRunning();
    }
}
