package com.ibm.commoncomponents.ccaas.core.server;

import com.ibm.commoncomponents.ccaas.core.http.request.HttpClient;
import com.ibm.commoncomponents.ccaas.core.manager.LoggerUtilities;
import com.ibm.commoncomponents.ccaas.core.server.IJettyServerSecurity;
import java.io.File;
import java.io.IOException;
import java.util.EnumSet;
import java.util.Properties;
import java.util.function.BiConsumer;
import javax.servlet.DispatcherType;
import org.apache.batik.util.SVGConstants;
import org.eclipse.core.runtime.FileLocator;
import org.eclipse.core.runtime.Platform;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.servlets.DoSFilter;
import org.eclipse.jetty.servlets.HeaderFilter;
import org.eclipse.jetty.servlets.QoSFilter;
import org.eclipse.jetty.util.URIUtil;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.ThreadPool;
import org.eclipse.jetty.webapp.Configuration;
import org.eclipse.jetty.webapp.FragmentConfiguration;
import org.eclipse.jetty.webapp.JettyWebXmlConfiguration;
import org.eclipse.jetty.webapp.MetaInfConfiguration;
import org.eclipse.jetty.webapp.WebAppContext;
import org.eclipse.jetty.webapp.WebInfConfiguration;
import org.eclipse.jetty.webapp.WebXmlConfiguration;

/* loaded from: input_file:com/ibm/commoncomponents/ccaas/core/server/JettyServerFactory.class */
public class JettyServerFactory implements IJettyHeaderConstants {
    private static final JettyServerFactory fInstance = new JettyServerFactory();
    private static final LoggerUtilities.ICCSLogger fLogger = new CCSWorkspaceLogger();
    private static final String HOST = "localhost";
    private static final String LOCALHOST = "localhost";
    private HttpClient fHttpClient;
    private int fPort;
    private Server fServer = null;
    private WebAppContext ccaasContext = null;

    public static JettyServerFactory getInstance() {
        LoggerUtilities.addLogger(fLogger);
        return fInstance;
    }

    public HttpClient getHttpClient() {
        return this.fHttpClient;
    }

    public boolean isRunning() {
        if (this.fServer == null) {
            return false;
        }
        return this.fServer.isRunning();
    }

    public void startServer(int i, Properties properties) throws Exception {
        startServer(i, properties, null);
    }

    public void startServer(int i, Properties properties, IJettyServerSecurity iJettyServerSecurity) throws Exception {
        configureTracing();
        boolean z = iJettyServerSecurity != null && iJettyServerSecurity.isSSLNeeded();
        if (this.fServer == null) {
            if (z) {
                this.fServer = new Server((ThreadPool) null);
                configureSSL(this.fServer, iJettyServerSecurity.getSSLSettings());
            } else {
                this.fServer = new Server(i);
                configure(this.fServer);
                this.fPort = i;
            }
        }
        if (this.fServer.isRunning()) {
            return;
        }
        this.ccaasContext = new WebAppContext(getWar("ccaas.war"), "/ccaas");
        this.ccaasContext.setConfigurations(new Configuration[]{new WebInfConfiguration(), new WebXmlConfiguration(), new MetaInfConfiguration(), new FragmentConfiguration(), new JettyWebXmlConfiguration()});
        this.ccaasContext.setClassLoader(getClass().getClassLoader());
        this.ccaasContext.setParentLoaderPriority(false);
        String str = System.getenv("CCSworkdir");
        String property = System.getProperty("CC_WRK_DIR_EXTENDED", null);
        if (property == null) {
            property = System.getProperty("EQARMTD_WRK_DIR_EXTENDED", null);
        }
        if (property != null) {
            property = String.valueOf(property) + File.separator + "CCS";
        }
        String str2 = str != null ? str : property;
        if (str2 != null) {
            File file = new File(str2);
            if (!file.exists() && !file.mkdirs()) {
                fLogger.log("Unable to create " + str2);
            }
            this.ccaasContext.setAttribute("org.eclipse.jetty.webapp.basetempdir", str2);
            this.ccaasContext.setPersistTempDirectory(true);
        } else {
            this.ccaasContext.setPersistTempDirectory(false);
        }
        if (iJettyServerSecurity != null && iJettyServerSecurity.isAuthenticationNeeded()) {
            iJettyServerSecurity.configureBasicAuth(this.ccaasContext);
        }
        FilterHolder filterHolder = new FilterHolder(new DoSFilter());
        filterHolder.setInitParameter("maxRequestsPerSec", System.getProperty("CCSmaxRequestsPerSec", "25"));
        filterHolder.setInitParameter("delayMs", "-1");
        filterHolder.setName("DOS Limiter");
        this.ccaasContext.addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST));
        FilterHolder filterHolder2 = new FilterHolder(new QoSFilter());
        filterHolder2.setInitParameter("maxRequests", System.getProperty("CCSmaxConcurRequests", "20"));
        filterHolder2.setInitParameter("waitMs", SVGConstants.SVG_200_VALUE);
        filterHolder2.setName("QOS Limiter");
        this.ccaasContext.addFilter(filterHolder2, "/*", EnumSet.of(DispatcherType.REQUEST));
        FilterHolder filterHolder3 = new FilterHolder(new HeaderFilter());
        filterHolder3.setInitParameter("headerConfig", getCCSHeaders(z));
        filterHolder3.setName("CCS Headers");
        this.ccaasContext.addFilter(filterHolder3, "/*", EnumSet.of(DispatcherType.REQUEST));
        if (z) {
            ConstraintSecurityHandler constraintSecurityHandler = this.ccaasContext.getSecurityHandler() instanceof ConstraintSecurityHandler ? (ConstraintSecurityHandler) this.ccaasContext.getSecurityHandler() : new ConstraintSecurityHandler();
            Constraint constraint = new Constraint();
            constraint.setAuthenticate(true);
            ConstraintMapping constraintMapping = new ConstraintMapping();
            constraintMapping.setPathSpec("/*");
            constraintMapping.setMethod("TRACE");
            constraintMapping.setConstraint(constraint);
            constraintSecurityHandler.addConstraintMapping(constraintMapping);
            Constraint constraint2 = new Constraint();
            ConstraintMapping constraintMapping2 = new ConstraintMapping();
            constraintMapping2.setPathSpec("/*");
            constraintMapping2.setMethodOmissions(new String[]{"TRACE"});
            constraintMapping2.setConstraint(constraint2);
            constraintSecurityHandler.addConstraintMapping(constraintMapping2);
            this.ccaasContext.setSecurityHandler(constraintSecurityHandler);
        }
        properties.forEach(new BiConsumer<Object, Object>() { // from class: com.ibm.commoncomponents.ccaas.core.server.JettyServerFactory.1
            @Override // java.util.function.BiConsumer
            public void accept(Object obj, Object obj2) {
                if ((obj instanceof String) && (obj2 instanceof String)) {
                    JettyServerFactory.this.ccaasContext.setInitParameter((String) obj, (String) obj2);
                }
            }
        });
        this.fServer.setHandler(new ContextHandlerCollection(new ContextHandler[]{this.ccaasContext}));
        Thread currentThread = Thread.currentThread();
        ClassLoader contextClassLoader = currentThread.getContextClassLoader();
        try {
            currentThread.setContextClassLoader(getClass().getClassLoader());
            this.fServer.start();
            if (z) {
                this.fHttpClient = new HttpClient("localhost", String.valueOf(i), true, iJettyServerSecurity.getSSLSettings().getSocketFactory(), iJettyServerSecurity.getSSLSettings().getHostNameVerifier());
            } else {
                this.fHttpClient = new HttpClient("localhost", String.valueOf(i));
            }
        } finally {
            currentThread.setContextClassLoader(contextClassLoader);
        }
    }

    public void startServerForIde(int i, Properties properties, AbstractIdeServlet abstractIdeServlet) throws Exception {
        configureTracing();
        if (this.fServer == null) {
            this.fServer = new Server(i);
        }
        if (this.fServer.isRunning()) {
            return;
        }
        String workspaceJettyTempLocation = getWorkspaceJettyTempLocation();
        final ContextHandler webAppContext = new WebAppContext(getWar("ccaas.war"), "/ccaas");
        webAppContext.setConfigurations(new Configuration[]{new WebInfConfiguration(), new WebXmlConfiguration(), new MetaInfConfiguration(), new FragmentConfiguration(), new JettyWebXmlConfiguration()});
        webAppContext.setClassLoader(getClass().getClassLoader());
        webAppContext.setParentLoaderPriority(false);
        webAppContext.setAttribute("org.eclipse.jetty.webapp.basetempdir", workspaceJettyTempLocation);
        webAppContext.setPersistTempDirectory(false);
        FilterHolder filterHolder = new FilterHolder(new HeaderFilter());
        filterHolder.setInitParameter("headerConfig", getCCSHeaders(false));
        filterHolder.setName("CCS Headers");
        webAppContext.addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST));
        properties.forEach(new BiConsumer<Object, Object>() { // from class: com.ibm.commoncomponents.ccaas.core.server.JettyServerFactory.2
            @Override // java.util.function.BiConsumer
            public void accept(Object obj, Object obj2) {
                if ((obj instanceof String) && (obj2 instanceof String)) {
                    webAppContext.setInitParameter((String) obj, (String) obj2);
                }
            }
        });
        ContextHandler webAppContext2 = new WebAppContext(getWar("ccreport.war"), "/ccreport");
        webAppContext2.setConfigurations(new Configuration[]{new WebInfConfiguration(), new WebXmlConfiguration(), new MetaInfConfiguration(), new FragmentConfiguration(), new JettyWebXmlConfiguration()});
        webAppContext2.setClassLoader(getClass().getClassLoader());
        webAppContext2.setParentLoaderPriority(false);
        webAppContext2.addServlet(new ServletHolder(abstractIdeServlet), "/redirectAction");
        webAppContext2.setAttribute("org.eclipse.jetty.webapp.basetempdir", workspaceJettyTempLocation);
        webAppContext2.setPersistTempDirectory(false);
        this.fServer.setHandler(new ContextHandlerCollection(new ContextHandler[]{webAppContext2, webAppContext}));
        ServerConnector serverConnector = this.fServer.getConnectors()[0];
        serverConnector.setHost("localhost");
        Thread currentThread = Thread.currentThread();
        ClassLoader contextClassLoader = currentThread.getContextClassLoader();
        try {
            currentThread.setContextClassLoader(getClass().getClassLoader());
            this.fServer.start();
            this.fPort = i == 0 ? serverConnector.getLocalPort() : i;
            this.fHttpClient = new HttpClient("localhost", String.valueOf(this.fPort));
        } finally {
            currentThread.setContextClassLoader(contextClassLoader);
        }
    }

    private String getWorkspaceJettyTempLocation() {
        String oSString = Platform.getStateLocation(Platform.getBundle(CCSActivator.PLUGIN)).append("jetty_cache").toOSString();
        String property = System.getProperty("CC_JETTY_CACHE", null);
        if (property != null) {
            oSString = property;
        }
        File file = new File(oSString);
        if (file.exists()) {
            clean(file);
        }
        if (!file.mkdirs()) {
            fLogger.log("Unable to create temp dir: " + file);
        }
        file.deleteOnExit();
        return file.getAbsolutePath();
    }

    private void clean(File file) {
        File[] listFiles;
        if (file.isDirectory() && (listFiles = file.listFiles()) != null) {
            for (File file2 : listFiles) {
                clean(file2);
            }
        }
        file.delete();
    }

    private void configureSSL(Server server, IJettyServerSecurity.IJettySSLSettings iJettySSLSettings) {
        SslContextFactory.Server server2 = new SslContextFactory.Server();
        server2.setKeyStorePath(iJettySSLSettings.getKeyStorePath());
        server2.setKeyStorePassword(String.valueOf(iJettySSLSettings.getKeyStorePassword()));
        server2.setExcludeCipherSuites(new String[]{"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_WITH_AES_128_CBC_SHA", "SSL_DHE_DSS_WITH_AES_128_CBC_SHA256", "SSL_DHE_DSS_WITH_AES_128_GCM_SHA256", "SSL_DHE_DSS_WITH_AES_256_CBC_SHA", "SSL_DHE_DSS_WITH_AES_256_CBC_SHA256", "SSL_DHE_DSS_WITH_AES_256_GCM_SHA384", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_WITH_AES_128_CBC_SHA", "SSL_DHE_RSA_WITH_AES_128_CBC_SHA256", "SSL_DHE_RSA_WITH_AES_128_GCM_SHA256", "SSL_DHE_RSA_WITH_AES_256_CBC_SHA", "SSL_DHE_RSA_WITH_AES_256_CBC_SHA256", "SSL_DHE_RSA_WITH_AES_256_GCM_SHA384", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "SSL_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "SSL_ECDH_RSA_WITH_AES_128_CBC_SHA", "SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256", "SSL_ECDH_RSA_WITH_AES_128_GCM_SHA256", "SSL_ECDH_RSA_WITH_AES_256_CBC_SHA", "SSL_ECDH_RSA_WITH_AES_256_CBC_SHA384", "SSL_ECDH_RSA_WITH_AES_256_GCM_SHA384", "SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA", "SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_WITH_AES_128_CBC_SHA", "SSL_RSA_WITH_AES_128_CBC_SHA256", "SSL_RSA_WITH_AES_128_GCM_SHA256", "SSL_RSA_WITH_AES_256_CBC_SHA256", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_AES_256_CBC_SHA", "SSL_RSA_WITH_AES_256_GCM_SHA384"});
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setSecureScheme("https");
        httpConfiguration.setSecurePort(iJettySSLSettings.getSecurePort());
        this.fPort = iJettySSLSettings.getSecurePort();
        httpConfiguration.setOutputBufferSize(32768);
        httpConfiguration.setRequestHeaderSize(8192);
        httpConfiguration.setResponseHeaderSize(8192);
        httpConfiguration.setSendServerVersion(false);
        httpConfiguration.setSendDateHeader(false);
        HttpConfiguration httpConfiguration2 = new HttpConfiguration(httpConfiguration);
        httpConfiguration2.setSendServerVersion(false);
        SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
        secureRequestCustomizer.setSniHostCheck(false);
        httpConfiguration2.addCustomizer(secureRequestCustomizer);
        Connector serverConnector = new ServerConnector(server, new ConnectionFactory[]{new SslConnectionFactory(server2, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration2)});
        serverConnector.setPort(this.fPort);
        server.setConnectors(new Connector[]{serverConnector});
    }

    private void configure(Server server) {
        for (Connector connector : server.getConnectors()) {
            for (HttpConnectionFactory httpConnectionFactory : connector.getConnectionFactories()) {
                if (httpConnectionFactory instanceof HttpConnectionFactory) {
                    httpConnectionFactory.getHttpConfiguration().setSendServerVersion(false);
                }
            }
        }
    }

    public String getCCSHeaders(boolean z) {
        String str;
        str = "add X-XSS-Protection: 1, add X-Content-Type-Options: nosniff, add Content-Security-Policy: default-src 'self'; script-src 'none'; object-src 'none'; style-src 'none'; img-src 'none'; media-src 'none'; frame-src 'none'; font-src 'none'; connect-src 'none'; form-action 'none'; sandbox 'none'; script-nonce 'none'";
        return z ? String.valueOf(str) + ", add Strict-Transport-Security: max-age=31536000; includeSubDomains" : "add X-XSS-Protection: 1, add X-Content-Type-Options: nosniff, add Content-Security-Policy: default-src 'self'; script-src 'none'; object-src 'none'; style-src 'none'; img-src 'none'; media-src 'none'; frame-src 'none'; font-src 'none'; connect-src 'none'; form-action 'none'; sandbox 'none'; script-nonce 'none'";
    }

    public int getPort() {
        return this.fPort;
    }

    public String getHost() {
        return "localhost";
    }

    public static String getWar(String str) throws IOException {
        return URIUtil.encodePath(FileLocator.toFileURL(Platform.getBundle(CCSActivator.PLUGIN).getEntry("lib/" + str)).toString());
    }

    public void stop() {
        if (this.ccaasContext != null) {
            try {
                this.ccaasContext.stop();
            } catch (Exception e) {
                fLogger.log(e);
            }
        }
        if (this.fServer != null) {
            try {
                this.fServer.stop();
            } catch (Exception e2) {
                fLogger.log(e2);
            }
        }
    }

    public static void configureTracing(boolean z, String str) {
        try {
            JettyTrace.configureTracing(z, str, fLogger);
        } catch (NoClassDefFoundError e) {
            fLogger.log("No slf4j binding found for jetty logging.");
            if (z) {
                System.out.println("No slf4j binding found for jetty logging.");
            }
        }
    }

    private void configureTracing() {
        configureTracing(Boolean.parseBoolean(Platform.getDebugOption("com.ibm.commoncomponents.ccaas.core/jetty")), Platform.getDebugOption("com.ibm.commoncomponents.ccaas.core/jetty_trace_file"));
    }
}
