package com.ibm.ws.collective.member.internal.publisher;

import com.ibm.websphere.collective.controller.CollectiveRegistrationMBean;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.Trivial;
import com.ibm.ws.collective.member.MemberJMXEndpoint;
import com.ibm.ws.collective.member.internal.HostAuthConfig;
import com.ibm.ws.collective.member.internal.ssh.SSHKeyUtility;
import com.ibm.ws.collective.member.internal.ssh.SSHKeyUtilityImpl;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.wsspi.collective.repository.publisher.RepositoryPublisher;
import com.ibm.wsspi.kernel.service.location.WsLocationAdmin;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.kernel.service.utils.FrameworkState;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.util.Dictionary;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import org.osgi.framework.ServiceReference;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.event.Event;
import org.osgi.service.event.EventAdmin;
import org.osgi.service.event.EventHandler;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {EventHandler.class}, immediate = true, configurationPolicy = ConfigurationPolicy.IGNORE, property = {"service.vendor=IBM", "event.topics=com/ibm/wsspi/collective/repository/publishStatus/data", "event.filter=(|(dataName=sys.host.auth.info) (dataName=sys.jmx.auth.info))"})
/* loaded from: input_file:wlp/lib/com.ibm.ws.collective.member_1.1.18.jar:com/ibm/ws/collective/member/internal/publisher/ServerManagementPublisher.class */
public final class ServerManagementPublisher implements EventHandler {
    private static final TraceComponent tc = Tr.register(ServerManagementPublisher.class);
    static final String KEY_EVENT_ADMIN_REF = "eventAdmin";
    static final String KEY_LOCATION_ADMIN_REF = "locationAdmin";
    static final String KEY_HOST_AUTH_CONFIG_REF = "hostAuthConfig";
    static final String KEY_MEMBER_JMX_ENDPOINT_REF = "memberJMXEndpoint";
    private final AtomicServiceReference<EventAdmin> eventAdminRef;
    private final AtomicServiceReference<WsLocationAdmin> locationAdminRef;
    private final AtomicServiceReference<HostAuthConfig> hostAuthConfigRef;
    private final AtomicServiceReference<MemberJMXEndpoint> memberJMXEndpointRef;
    static final String PATH_HOST_AUTH_INFO = "sys.host.auth.info";
    static final String PATH_JMX_AUTH_INFO = "sys.jmx.auth.info";
    private boolean publishedHostAuthInfo;
    private boolean publishedJMXAuthInfo;
    private ExecutorService executorService;
    private ServiceRegistration<EventHandler> jmxEndpointChangeListnerReg;
    private final SSHKeyUtility sshKeyUtil;
    static final long serialVersionUID = 5483810504767530832L;

    /* JADX INFO: Access modifiers changed from: package-private */
    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.collective.member_1.1.18.jar:com/ibm/ws/collective/member/internal/publisher/ServerManagementPublisher$JMXEndpointUpdatedEventHandler.class */
    public final class JMXEndpointUpdatedEventHandler implements EventHandler {
        static final long serialVersionUID = 1958508215858034653L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(JMXEndpointUpdatedEventHandler.class);

        JMXEndpointUpdatedEventHandler() {
        }

        @Override // org.osgi.service.event.EventHandler
        public void handleEvent(Event event) {
            if (event == null) {
                if (ServerManagementPublisher.tc.isDebugEnabled()) {
                    Tr.debug(ServerManagementPublisher.tc, "JMXEndpointUpdatedEventHandler received a null event, ignoring...", new Object[0]);
                }
            } else if (!MemberJMXEndpoint.MEMBER_JMX_ENDPOINT_CHANGED_TOPIC.equals(event.getTopic())) {
                if (ServerManagementPublisher.tc.isDebugEnabled()) {
                    Tr.debug(ServerManagementPublisher.tc, "JMXEndpointUpdatedEventHandler received an unexpected topic, ignoring...", new Object[0]);
                }
            } else if (ServerManagementPublisher.this.executorService == null) {
                if (ServerManagementPublisher.tc.isEventEnabled()) {
                    Tr.event(ServerManagementPublisher.tc, "The executorService is null, we've been deactivated so nothing to do...", new Object[0]);
                }
            } else {
                ServerManagementPublisher.this.executorService.submit(new PublishAuthInfo());
                if (ServerManagementPublisher.tc.isEventEnabled()) {
                    Tr.event(ServerManagementPublisher.tc, "The JMX endpoint has changed. The management configuration has been scheduled for publishing", new Object[0]);
                }
            }
        }
    }

    @InjectedFFDC
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.collective.member_1.1.18.jar:com/ibm/ws/collective/member/internal/publisher/ServerManagementPublisher$PublishAuthInfo.class */
    final class PublishAuthInfo implements Callable<Object> {
        static final long serialVersionUID = -6301327350485550098L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(PublishAuthInfo.class);

        PublishAuthInfo() {
        }

        @Override // java.util.concurrent.Callable
        public Object call() throws Exception {
            ServerManagementPublisher.this.publishAuthInfo();
            return null;
        }
    }

    public ServerManagementPublisher() {
        this.eventAdminRef = new AtomicServiceReference<>("eventAdmin");
        this.locationAdminRef = new AtomicServiceReference<>(KEY_LOCATION_ADMIN_REF);
        this.hostAuthConfigRef = new AtomicServiceReference<>(KEY_HOST_AUTH_CONFIG_REF);
        this.memberJMXEndpointRef = new AtomicServiceReference<>(KEY_MEMBER_JMX_ENDPOINT_REF);
        this.publishedHostAuthInfo = false;
        this.publishedJMXAuthInfo = false;
        this.executorService = null;
        this.jmxEndpointChangeListnerReg = null;
        this.sshKeyUtil = new SSHKeyUtilityImpl();
    }

    public ServerManagementPublisher(SSHKeyUtility sSHKeyUtility) {
        this.eventAdminRef = new AtomicServiceReference<>("eventAdmin");
        this.locationAdminRef = new AtomicServiceReference<>(KEY_LOCATION_ADMIN_REF);
        this.hostAuthConfigRef = new AtomicServiceReference<>(KEY_HOST_AUTH_CONFIG_REF);
        this.memberJMXEndpointRef = new AtomicServiceReference<>(KEY_MEMBER_JMX_ENDPOINT_REF);
        this.publishedHostAuthInfo = false;
        this.publishedJMXAuthInfo = false;
        this.executorService = null;
        this.jmxEndpointChangeListnerReg = null;
        this.sshKeyUtil = sSHKeyUtility;
    }

    @Reference(name = "eventAdmin", service = EventAdmin.class)
    protected void setEventAdminService(ServiceReference<EventAdmin> serviceReference) {
        this.eventAdminRef.setReference(serviceReference);
    }

    protected void unsetEventAdminService(ServiceReference<EventAdmin> serviceReference) {
        this.eventAdminRef.unsetReference(serviceReference);
    }

    @Reference(service = ExecutorService.class)
    protected void setExecutorService(ExecutorService executorService) {
        this.executorService = executorService;
    }

    protected void unsetExecutorService(ExecutorService executorService) {
        this.executorService = null;
    }

    @Reference(name = KEY_LOCATION_ADMIN_REF, service = WsLocationAdmin.class, policy = ReferencePolicy.DYNAMIC)
    protected void setLocationAdmin(ServiceReference<WsLocationAdmin> serviceReference) {
        this.locationAdminRef.setReference(serviceReference);
    }

    protected void unsetLocationAdmin(ServiceReference<WsLocationAdmin> serviceReference) {
        this.locationAdminRef.unsetReference(serviceReference);
    }

    @Reference(name = KEY_HOST_AUTH_CONFIG_REF, service = HostAuthConfig.class, policy = ReferencePolicy.DYNAMIC)
    protected void setHostAuthConfig(ServiceReference<HostAuthConfig> serviceReference) {
        this.hostAuthConfigRef.setReference(serviceReference);
    }

    protected void updatedHostAuthConfig(ServiceReference<HostAuthConfig> serviceReference) {
        this.executorService.submit(new PublishAuthInfo());
        if (tc.isEventEnabled()) {
            Tr.event(tc, "The hostAuthInfo config has changed. The management configuration has been scheduled for publishing", new Object[0]);
        }
    }

    protected void unsetHostAuthConfig(ServiceReference<HostAuthConfig> serviceReference) {
        this.hostAuthConfigRef.unsetReference(serviceReference);
    }

    @Reference(name = KEY_MEMBER_JMX_ENDPOINT_REF, service = MemberJMXEndpoint.class)
    protected void setMemberJMXEndpoint(ServiceReference<MemberJMXEndpoint> serviceReference) {
        this.memberJMXEndpointRef.setReference(serviceReference);
    }

    protected void unsetMemberJMXEndpoint(ServiceReference<MemberJMXEndpoint> serviceReference) {
        this.memberJMXEndpointRef.unsetReference(serviceReference);
    }

    @Reference(service = RepositoryPublisher.class)
    protected void setRepositoryPublisher(ServiceReference<RepositoryPublisher> serviceReference) {
    }

    protected void unsetRepositoryPublisher(ServiceReference<RepositoryPublisher> serviceReference) {
    }

    private ServiceRegistration<EventHandler> registerJMXEndpointChangeListener(ComponentContext componentContext) {
        Hashtable hashtable = new Hashtable();
        hashtable.put("event.topics", MemberJMXEndpoint.MEMBER_JMX_ENDPOINT_CHANGED_TOPIC);
        return componentContext.getBundleContext().registerService((Class<Class>) EventHandler.class, (Class) new JMXEndpointUpdatedEventHandler(), (Dictionary<String, ?>) hashtable);
    }

    @Activate
    protected void activate(ComponentContext componentContext) throws Exception {
        this.eventAdminRef.activate(componentContext);
        this.locationAdminRef.activate(componentContext);
        this.hostAuthConfigRef.activate(componentContext);
        this.memberJMXEndpointRef.activate(componentContext);
        this.jmxEndpointChangeListnerReg = registerJMXEndpointChangeListener(componentContext);
        this.executorService.submit(new PublishAuthInfo());
        if (tc.isEventEnabled()) {
            Tr.event(tc, "Server management configuration has been scheduled for publishing", new Object[0]);
        }
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext) throws Exception {
        if (this.jmxEndpointChangeListnerReg != null) {
            this.jmxEndpointChangeListnerReg.unregister();
            this.jmxEndpointChangeListnerReg = null;
        }
        this.eventAdminRef.deactivate(componentContext);
        this.locationAdminRef.deactivate(componentContext);
        this.hostAuthConfigRef.deactivate(componentContext);
        this.memberJMXEndpointRef.deactivate(componentContext);
    }

    @Trivial
    private void putIfDefined(Map<String, Object> map, Map<String, Object> map2, String str) {
        if (map.containsKey(str)) {
            map2.put(str, map.get(str));
        }
    }

    @Sensitive
    private Map<String, Object> buildHostAuthInfo(@Sensitive Map<String, Object> map) {
        HashMap hashMap = new HashMap();
        hashMap.put(HostAuthConfig.KEY_OS_NAME, map.get(HostAuthConfig.KEY_OS_NAME));
        hashMap.put("rpcHost", map.get("rpcHost"));
        hashMap.put("rpcPort", map.get("rpcPort"));
        hashMap.put("rpcUser", map.get("rpcUser"));
        putIfDefined(map, hashMap, "rpcUserPassword");
        putIfDefined(map, hashMap, CollectiveRegistrationMBean.SSH_PRIVATE_KEY);
        putIfDefined(map, hashMap, "sshPrivateKeyPassword");
        putIfDefined(map, hashMap, "useSudo");
        putIfDefined(map, hashMap, "sudoUser");
        putIfDefined(map, hashMap, "sudoUserPassword");
        return hashMap;
    }

    private void publishHostAuthInfo(EventAdmin eventAdmin, @Sensitive Map<String, Object> map) {
        HashMap hashMap = new HashMap();
        if (map.isEmpty()) {
            hashMap.put("operation", "DELETE");
        } else {
            Map<String, Object> buildHostAuthInfo = buildHostAuthInfo(map);
            hashMap.put("operation", "UPDATE");
            hashMap.put(RepositoryPublisher.DATA_VALUE, buildHostAuthInfo);
        }
        hashMap.put(RepositoryPublisher.KEY_SEND_STATUS_EVENT, "true");
        hashMap.put(RepositoryPublisher.DATA_NAME, PATH_HOST_AUTH_INFO);
        eventAdmin.postEvent(new Event(RepositoryPublisher.PUBLISH_DATA_TOPIC, hashMap));
    }

    private Map<String, Object> buildJMXAuthInfo(MemberJMXEndpoint memberJMXEndpoint) {
        String hostName = memberJMXEndpoint.getHostName();
        String hTTPSPort = memberJMXEndpoint.getHTTPSPort();
        if (tc.isDebugEnabled()) {
            Tr.debug(this, tc, " Retrieved jmx endpoint info: hostName = " + hostName + ", httpsPort = " + hTTPSPort, new Object[0]);
        }
        HashMap hashMap = null;
        if (hostName == null || hTTPSPort == null) {
            Tr.warning(tc, "SERVER_MANAGEMENT_INCOMPLETE_ENDPOINT_DATA", new Object[0]);
        } else {
            hashMap = new HashMap();
            hashMap.put(MemberJMXEndpoint.JMX_HOST, hostName);
            hashMap.put(MemberJMXEndpoint.JMX_PORT, hTTPSPort);
        }
        return hashMap;
    }

    private void publishJMXAuthInfo(EventAdmin eventAdmin, MemberJMXEndpoint memberJMXEndpoint) {
        Map<String, Object> buildJMXAuthInfo = buildJMXAuthInfo(memberJMXEndpoint);
        if (buildJMXAuthInfo == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "We could not build the JMX auth info, nothing to publish. A warning will have been printed earlier to describe what went wrong.", new Object[0]);
            }
        } else {
            HashMap hashMap = new HashMap();
            hashMap.put("operation", "UPDATE");
            hashMap.put(RepositoryPublisher.KEY_SEND_STATUS_EVENT, "true");
            hashMap.put(RepositoryPublisher.DATA_NAME, PATH_JMX_AUTH_INFO);
            hashMap.put(RepositoryPublisher.DATA_VALUE, buildJMXAuthInfo);
            eventAdmin.postEvent(new Event(RepositoryPublisher.PUBLISH_DATA_TOPIC, hashMap));
        }
    }

    private void validateMapInput(@Sensitive Map<String, Object> map) {
        if (map.containsKey("rpcUserPassword") && map.containsKey(HostAuthConfig.CFG_KEY_SSH_PRIVATE_KEY_PATH)) {
            throw new IllegalStateException("This should never happen. We have a HostAuthConfig with both a user password and an SSH private key. This is not valid input for " + getClass().getCanonicalName());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void publishAuthInfo() {
        this.publishedHostAuthInfo = false;
        this.publishedJMXAuthInfo = false;
        HashMap hashMap = new HashMap(getHostAuthConfigService().getHostAuthConfig());
        validateMapInput(hashMap);
        if (hashMap.containsKey(HostAuthConfig.CFG_KEY_SSH_PRIVATE_KEY_PATH)) {
            try {
                hashMap.put(CollectiveRegistrationMBean.SSH_PRIVATE_KEY, this.sshKeyUtil.useSSHKeyPair("Generated SSH key for Liberty server " + getEventAdminService().getServerName() + " for Liberty management.", (String) hashMap.get(HostAuthConfig.CFG_KEY_USER_HOME), (String) hashMap.get(HostAuthConfig.CFG_KEY_SSH_PUBLIC_KEY_PATH), (String) hashMap.get(HostAuthConfig.CFG_KEY_SSH_PRIVATE_KEY_PATH)));
            } catch (IOException e) {
                FFDCFilter.processException(e, "com.ibm.ws.collective.member.internal.publisher.ServerManagementPublisher", "422", this, new Object[0]);
                Tr.error(tc, "SSH_KEYGEN_IOEXCEPTION", e.getLocalizedMessage());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unable to compute SSH keys. Caught IOException: " + e.getMessage(), e);
                }
            } catch (NoSuchAlgorithmException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.collective.member.internal.publisher.ServerManagementPublisher", "417", this, new Object[0]);
                Tr.error(tc, "SSH_KEYGEN_NOSUCHALGORITHMEXCEPTION", "RSA");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unable to compute SSH keys. Caught NoSuchAlgorithmException: " + e2.getMessage(), e2);
                }
            }
        }
        EventAdmin service = this.eventAdminRef.getService();
        publishHostAuthInfo(service, hashMap);
        publishJMXAuthInfo(service, this.memberJMXEndpointRef.getService());
    }

    private void handleOurStatusEvent(@Sensitive Event event, String str) {
        if (event.containsProperty(RepositoryPublisher.KEY_STATUS_ERROR_MESSAGE)) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "Error during publishing " + str, event.getProperty(RepositoryPublisher.KEY_STATUS_ERROR_MESSAGE));
            }
            Tr.error(tc, "PUBLISHED_SERVER_MANAGEMENT_INFO_ERROR", event.getProperty(RepositoryPublisher.KEY_STATUS_ERROR_MESSAGE));
            return;
        }
        if (PATH_HOST_AUTH_INFO.equals(str)) {
            this.publishedHostAuthInfo = true;
        }
        if (PATH_JMX_AUTH_INFO.equals(str)) {
            this.publishedJMXAuthInfo = true;
        }
        if (this.publishedHostAuthInfo && this.publishedJMXAuthInfo) {
            Tr.info(tc, "PUBLISHED_SERVER_MANAGEMENT_INFO", new Object[0]);
        }
    }

    @Override // org.osgi.service.event.EventHandler
    public void handleEvent(@Sensitive Event event) {
        if (event == null) {
            return;
        }
        Object property = event.getProperty(RepositoryPublisher.DATA_NAME);
        if (property instanceof String) {
            String str = (String) property;
            if (PATH_HOST_AUTH_INFO.equals(str) || PATH_JMX_AUTH_INFO.equals(str)) {
                handleOurStatusEvent(event, str);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Received unexpected event.", event);
            }
        }
    }

    @Trivial
    private HostAuthConfig getHostAuthConfigService() {
        HostAuthConfig service = this.hostAuthConfigRef.getService();
        if (service == null) {
            if (!FrameworkState.isStopping()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "HostAuthConfigService is null and Framework is not in the process of stopping or already stopped", new Object[0]);
                }
                IllegalStateException illegalStateException = new IllegalStateException("The HostAuthConfig service is not available - it was likely accessed after it was deactivated.");
                illegalStateException.fillInStackTrace();
                throw illegalStateException;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Ignore that HostAuthConfigService is null because Framework is in the process of stopping or already stopped", new Object[0]);
            }
        }
        return service;
    }

    @Trivial
    private WsLocationAdmin getEventAdminService() {
        WsLocationAdmin service = this.locationAdminRef.getService();
        if (service == null) {
            if (!FrameworkState.isStopping()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "EventAdminService is null and Framework is not in the process of stopping or already stopped", new Object[0]);
                }
                IllegalStateException illegalStateException = new IllegalStateException("The EventAdmin service is not available - it was likely accessed after it was deactivated.");
                illegalStateException.fillInStackTrace();
                throw illegalStateException;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Ignore that EventAdminService is null because Framework is in the process of stopping or already stopped", new Object[0]);
            }
        }
        return service;
    }
}
