package org.sensorhub.impl.service;

import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.EnumSet;
import java.util.Map;
import javax.servlet.DispatcherType;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.security.authentication.ClientCertAuthenticator;
import org.eclipse.jetty.security.authentication.DigestAuthenticator;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.AllowSymLinkAliasChecker;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.HandlerList;
import org.eclipse.jetty.server.handler.ResourceHandler;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.servlet.ServletMapping;
import org.eclipse.jetty.servlets.CrossOriginFilter;
import org.eclipse.jetty.servlets.DoSFilter;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.sensorhub.api.common.SensorHubException;
import org.sensorhub.api.module.ModuleEvent;
import org.sensorhub.impl.SensorHub;
import org.sensorhub.impl.module.AbstractModule;
import org.sensorhub.impl.service.HttpServerConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/sensorhub/impl/service/HttpServer.class */
public class HttpServer extends AbstractModule<HttpServerConfig> {
    private static final Logger log = LoggerFactory.getLogger(HttpServer.class);
    private static final String DEFAULT_KEYSTORE_PWD = "osh2016";
    private static final String CERT_ALIAS = "jetty";
    public static final String TEST_MSG = "SensorHub web server is up";
    private static HttpServer instance;
    Server server;
    ServletContextHandler servletHandler;
    ConstraintSecurityHandler securityHandler;

    public HttpServer() {
        if (instance != null) {
            throw new RuntimeException("Cannot start several HTTP server instances");
        }
        instance = this;
    }

    public static HttpServer getInstance() {
        return instance;
    }

    @Override // org.sensorhub.impl.module.AbstractModule, org.sensorhub.api.module.IModule
    public synchronized void updateConfig(HttpServerConfig httpServerConfig) throws SensorHubException {
        if (SensorHub.getInstance().getSecurityManager().isAccessControlEnabled() || httpServerConfig.authMethod == null || httpServerConfig.authMethod == HttpServerConfig.AuthMethod.NONE) {
            super.updateConfig((HttpServer) httpServerConfig);
        } else {
            reportError("Cannot enable authentication if no user registry is setup", null);
        }
    }

    @Override // org.sensorhub.api.module.IModule
    public synchronized void start() throws SensorHubException {
        try {
            this.server = new Server();
            HandlerList handlerList = new HandlerList();
            HttpConfiguration httpConfiguration = new HttpConfiguration();
            httpConfiguration.setSecureScheme("https");
            httpConfiguration.setSecurePort(((HttpServerConfig) this.config).httpsPort);
            if (((HttpServerConfig) this.config).httpPort > 0) {
                ServerConnector serverConnector = new ServerConnector(this.server, new ConnectionFactory[]{new HttpConnectionFactory(httpConfiguration)});
                serverConnector.setPort(((HttpServerConfig) this.config).httpPort);
                serverConnector.setIdleTimeout(30000L);
                this.server.addConnector(serverConnector);
            }
            if (((HttpServerConfig) this.config).httpsPort > 0) {
                SslContextFactory sslContextFactory = new SslContextFactory();
                sslContextFactory.setKeyStorePath(new File(((HttpServerConfig) this.config).keyStorePath).getAbsolutePath());
                sslContextFactory.setKeyStorePassword(DEFAULT_KEYSTORE_PWD);
                sslContextFactory.setKeyManagerPassword(DEFAULT_KEYSTORE_PWD);
                sslContextFactory.setCertAlias(CERT_ALIAS);
                sslContextFactory.setTrustStorePath(new File(((HttpServerConfig) this.config).trustStorePath).getAbsolutePath());
                sslContextFactory.setTrustStorePassword(DEFAULT_KEYSTORE_PWD);
                sslContextFactory.setWantClientAuth(true);
                HttpConfiguration httpConfiguration2 = new HttpConfiguration(httpConfiguration);
                httpConfiguration2.addCustomizer(new SecureRequestCustomizer());
                ServerConnector serverConnector2 = new ServerConnector(this.server, new ConnectionFactory[]{new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration2)});
                serverConnector2.setPort(((HttpServerConfig) this.config).httpsPort);
                serverConnector2.setIdleTimeout(30000L);
                this.server.addConnector(serverConnector2);
            }
            if (((HttpServerConfig) this.config).staticDocRootUrl != null) {
                ResourceHandler resourceHandler = new ResourceHandler();
                resourceHandler.setEtags(true);
                ContextHandler contextHandler = new ContextHandler();
                contextHandler.setContextPath("/");
                contextHandler.setHandler(resourceHandler);
                contextHandler.setResourceBase(((HttpServerConfig) this.config).staticDocRootUrl);
                contextHandler.addAliasCheck(new AllowSymLinkAliasChecker());
                handlerList.addHandler(contextHandler);
                log.info("Static resources root is " + ((HttpServerConfig) this.config).staticDocRootUrl);
            }
            if (((HttpServerConfig) this.config).servletsRootUrl != null) {
                this.servletHandler = new ServletContextHandler(1);
                this.servletHandler.setContextPath(((HttpServerConfig) this.config).servletsRootUrl);
                handlerList.addHandler(this.servletHandler);
                log.info("Servlets root is " + ((HttpServerConfig) this.config).servletsRootUrl);
                FilterHolder addFilter = this.servletHandler.addFilter(DoSFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
                addFilter.setInitParameter("maxRequestsPerSec", Integer.toString(((HttpServerConfig) this.config).maxRequestsPerSecond));
                addFilter.setInitParameter("remotePort", "true");
                addFilter.setInitParameter("insertHeaders", "false");
                addFilter.setInitParameter("maxRequestMs", Long.toString(86400000L));
                if (((HttpServerConfig) this.config).authMethod != null && ((HttpServerConfig) this.config).authMethod != HttpServerConfig.AuthMethod.NONE) {
                    this.securityHandler = new ConstraintSecurityHandler();
                    OshLoginService oshLoginService = new OshLoginService(SensorHub.getInstance().getSecurityManager());
                    if (((HttpServerConfig) this.config).authMethod == HttpServerConfig.AuthMethod.BASIC) {
                        this.securityHandler.setAuthenticator(new BasicAuthenticator());
                    } else if (((HttpServerConfig) this.config).authMethod == HttpServerConfig.AuthMethod.DIGEST) {
                        this.securityHandler.setAuthenticator(new DigestAuthenticator());
                    } else if (((HttpServerConfig) this.config).authMethod == HttpServerConfig.AuthMethod.CERT) {
                        this.securityHandler.setAuthenticator(new ClientCertAuthenticator());
                    } else if (((HttpServerConfig) this.config).authMethod == HttpServerConfig.AuthMethod.OAUTH) {
                        this.securityHandler.setAuthenticator((Authenticator) Class.forName("org.sensorhub.impl.security.oauth.OAuthAuthenticator").newInstance());
                    }
                    this.securityHandler.setLoginService(oshLoginService);
                    this.servletHandler.setSecurityHandler(this.securityHandler);
                }
                this.servletHandler.addFilter(CrossOriginFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
                this.servletHandler.addServlet(new ServletHolder(new HttpServlet() { // from class: org.sensorhub.impl.service.HttpServer.1
                    private static final long serialVersionUID = 1;

                    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
                        try {
                            httpServletResponse.getOutputStream().print(HttpServer.TEST_MSG);
                        } catch (IOException e) {
                            throw new ServletException(e);
                        }
                    }
                }), "/test");
                addServletSecurity("/test", true);
            }
            this.server.setHandler(handlerList);
            this.server.start();
            log.info("HTTP server started on port " + ((HttpServerConfig) this.config).httpPort);
            setState(ModuleEvent.ModuleState.STARTED);
        } catch (Exception e) {
            throw new SensorHubException("Error while starting SensorHub embedded HTTP server", e);
        }
    }

    @Override // org.sensorhub.api.module.IModule
    public synchronized void stop() throws SensorHubException {
        try {
            if (this.server != null) {
                this.server.stop();
                this.servletHandler = null;
                this.securityHandler = null;
            }
        } catch (Exception e) {
            throw new SensorHubException("Error while stopping SensorHub embedded HTTP server", e);
        }
    }

    protected void checkStarted() {
        if (!isStarted()) {
            throw new RuntimeException("HTTP service must be started before servlets can be deployed");
        }
    }

    public void deployServlet(HttpServlet httpServlet, String str) {
        deployServlet(httpServlet, null, str);
    }

    public synchronized void deployServlet(HttpServlet httpServlet, Map<String, String> map, String... strArr) {
        checkStarted();
        ServletHolder servletHolder = new ServletHolder(httpServlet);
        if (map != null) {
            servletHolder.setInitParameters(map);
        }
        ServletMapping servletMapping = new ServletMapping();
        servletMapping.setServletName(servletHolder.getName());
        servletMapping.setPathSpecs(strArr);
        this.servletHandler.getServletHandler().addServlet(servletHolder);
        this.servletHandler.getServletHandler().addServletMapping(servletMapping);
        log.debug("Servlet deployed " + servletMapping.toString());
    }

    public synchronized void undeployServlet(HttpServlet httpServlet) {
        if (this.servletHandler == null) {
            return;
        }
        try {
            ServletHandler servletHandler = this.servletHandler.getServletHandler();
            ArrayList arrayList = new ArrayList();
            String str = null;
            for (ServletHolder servletHolder : servletHandler.getServlets()) {
                if (servletHolder.getServlet() != httpServlet) {
                    arrayList.add(servletHolder);
                } else {
                    str = servletHolder.getName();
                }
            }
            if (str == null) {
                return;
            }
            ArrayList arrayList2 = new ArrayList();
            for (ServletMapping servletMapping : servletHandler.getServletMappings()) {
                if (!str.contains(servletMapping.getServletName())) {
                    arrayList2.add(servletMapping);
                }
            }
            servletHandler.setServletMappings((ServletMapping[]) arrayList2.toArray(new ServletMapping[0]));
            servletHandler.setServlets((ServletHolder[]) arrayList.toArray(new ServletHolder[0]));
        } catch (ServletException e) {
            log.error("Error while undeploying servlet", e);
        }
    }

    public void addServletSecurity(String str, boolean z) {
        addServletSecurity(str, z, "**");
    }

    public synchronized void addServletSecurity(String str, boolean z, String... strArr) {
        if (this.securityHandler != null) {
            Constraint constraint = new Constraint();
            constraint.setRoles(strArr);
            constraint.setAuthenticate(true);
            ConstraintMapping constraintMapping = new ConstraintMapping();
            constraintMapping.setConstraint(constraint);
            constraintMapping.setPathSpec(str);
            this.securityHandler.addConstraintMapping(constraintMapping);
        }
    }

    @Override // org.sensorhub.api.module.IModule
    public synchronized void cleanup() throws SensorHubException {
        this.server = null;
        instance = null;
    }

    public Server getJettyServer() {
        return this.server;
    }
}
