package com.vmware.vapi.protocol.server.rpc.http.impl;

import com.vmware.vapi.internal.protocol.server.rpc.http.util.FileUtil;
import com.vmware.vapi.internal.protocol.server.rpc.http.util.StringUtil;
import com.vmware.vapi.protocol.server.rpc.http.Endpoint;
import com.vmware.vapi.protocol.server.rpc.http.Filter;
import com.vmware.vapi.protocol.server.rpc.http.InternalException;
import com.vmware.vapi.protocol.server.rpc.http.Service;
import com.vmware.vapi.protocol.server.rpc.http.StaticContentService;
import java.io.File;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.HttpConstraintElement;
import javax.servlet.ServletException;
import javax.servlet.ServletSecurityElement;
import javax.servlet.annotation.ServletSecurity;
import org.apache.catalina.Context;
import org.apache.catalina.Executor;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.LifecycleState;
import org.apache.catalina.Wrapper;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.core.AprLifecycleListener;
import org.apache.catalina.core.StandardServer;
import org.apache.catalina.deploy.FilterDef;
import org.apache.catalina.deploy.FilterMap;
import org.apache.catalina.deploy.SecurityConstraint;
import org.apache.catalina.servlets.DefaultServlet;
import org.apache.catalina.startup.Tomcat;
import org.apache.coyote.AbstractProtocol;
import org.apache.coyote.http11.Http11NioProtocol;
import org.apache.coyote.http11.Http11Protocol;
import org.apache.tomcat.util.net.jsse.JSSEImplementation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/vmware/vapi/protocol/server/rpc/http/impl/TcServer.class */
public class TcServer extends AbstractServer {
    private static final Logger _logger = LoggerFactory.getLogger(TcServer.class);
    public static final String CONN_HOST = "address";
    public static final String CONN_NUM_ACCEPTORS = "acceptorThreadCount";
    public static final String CONN_ACCEPT_QUEUE_SIZE = "acceptCount";
    public static final String CONN_MAX_IDLE_TIME = "connectionTimeout";
    public static final String CONN_SSL_ENABLED = "SSLEnabled";
    public static final String CONN_KEYSTORE_TYPE = "keystoreType";
    public static final String CONN_KEYSTORE_FILE = "keystoreFile";
    public static final String CONN_KEYSTORE_PASS = "keystorePass";
    public static final String CONN_KEYSTORE_PROVIDER = "keystoreProvider";
    public static final String CONN_KEY_PASS = "keyPass";
    public static final String CONN_TRUSTSTORE_TYPE = "truststoreType";
    public static final String CONN_TRUSTSTORE_FILE = "truststoreFile";
    public static final String CONN_TRUSTSTORE_PASS = "truststorePass";
    public static final String CONN_TRUSTSTORE_PROVIDER = "truststoreProvider";
    public static final String CONN_CLIENT_AUTH = "clientAuth";
    public static final String CONN_ALGORITHM = "algorithm";
    public static final String CONN_CIPHERS = "ciphers";
    public static final String CONN_SSL_IMPLEMENTATION = "sslImplementationName";
    public static final String CONN_ENABLED_PROTOCOLS = "sslEnabledProtocols";
    public static final String SERVER = "server";
    public static final String ASYNC_TIMEOUT_KEY = "asyncTimeout";
    private static final long ASYNC_TIMEOUT_NOT_SET = -1000;
    private Tomcat _server;
    private Context _context;
    private String _staticContentBasePath;
    private Executor _threadPool;
    private long _asyncTimeout = ASYNC_TIMEOUT_NOT_SET;

    public void setThreadPool(Executor executor) {
        this._threadPool = executor;
    }

    public void setAsyncTimeout(long j) {
        this._asyncTimeout = j;
    }

    void prepareToStart() throws Exception {
        this._server = new Tomcat();
        if (this._threadPool != null) {
            this._server.getService().addExecutor(this._threadPool);
        }
        createHandler();
        createConnectors();
        StandardServer server = this._server.getServer();
        AprLifecycleListener aprLifecycleListener = new AprLifecycleListener();
        aprLifecycleListener.setSSLEngine("on");
        server.addLifecycleListener(aprLifecycleListener);
        applyServerConfigurator();
        if (_logger.isInfoEnabled()) {
            _logger.info("Starting server on " + Arrays.toString(this._endpoints));
        }
    }

    @Override // com.vmware.vapi.protocol.server.rpc.http.Server
    public void start() throws Exception {
        prepareToStart();
        this._server.start();
    }

    private void createConnectors() {
        Connector createHttpsConnector;
        for (int i = 0; i < this._endpoints.length; i++) {
            if (this._endpoints[i].getProtocol() == Endpoint.Protocol.HTTP) {
                createHttpsConnector = createHttpConnector((HttpEndpoint) this._endpoints[i]);
                createHttpsConnector.setScheme("http");
            } else {
                createHttpsConnector = createHttpsConnector((HttpsEndpoint) this._endpoints[i]);
                createHttpsConnector.setScheme("https");
            }
            createHttpsConnector.setProperty(CONN_HOST, this._endpoints[i].getHost());
            createHttpsConnector.setPort(this._endpoints[i].getPort());
            createHttpsConnector.setAttribute(CONN_NUM_ACCEPTORS, Integer.valueOf(this._endpoints[i].getNumAcceptors()));
            createHttpsConnector.setAttribute(CONN_ACCEPT_QUEUE_SIZE, Integer.valueOf(this._endpoints[i].getAcceptQueueSize()));
            createHttpsConnector.setAttribute(CONN_MAX_IDLE_TIME, Integer.valueOf(this._endpoints[i].getMaxIdleTime()));
            createHttpsConnector.setAttribute(SERVER, "Apache");
            if (this._threadPool != null) {
                AbstractProtocol protocolHandler = createHttpsConnector.getProtocolHandler();
                if (protocolHandler instanceof AbstractProtocol) {
                    protocolHandler.setExecutor(this._threadPool);
                } else {
                    _logger.warn("Cannot inject custom Executor to the connector. A default Executor will be used");
                }
            }
            this._server.getService().addConnector(createHttpsConnector);
            if (i == 0) {
                this._server.setConnector(createHttpsConnector);
            }
        }
    }

    private Connector createHttpConnector(HttpEndpoint httpEndpoint) {
        switch (httpEndpoint.getEndpointType()) {
            case NON_BLOCKING_NIO:
                return new Connector(Http11NioProtocol.class.getName());
            case BLOCKING:
                return new Connector();
            default:
                throw new IllegalArgumentException("Unknown Endpoint type: " + httpEndpoint.getEndpointType());
        }
    }

    private Connector createHttpsConnector(HttpsEndpoint httpsEndpoint) {
        switch (httpsEndpoint.getEndpointType()) {
            case NON_BLOCKING_NIO:
                Connector connector = new Connector(Http11NioProtocol.class.getName());
                configureSslConnector(connector, httpsEndpoint);
                return connector;
            case BLOCKING:
                Connector connector2 = new Connector(Http11Protocol.class.getName());
                configureSslConnector(connector2, httpsEndpoint);
                return connector2;
            default:
                throw new IllegalArgumentException("Unknown Endpoint type: " + httpsEndpoint.getEndpointType());
        }
    }

    private void configureSslConnector(Connector connector, HttpsEndpoint httpsEndpoint) {
        connector.setSecure(true);
        connector.setProperty(CONN_SSL_ENABLED, "true");
        connector.setProperty(CONN_SSL_IMPLEMENTATION, JSSEImplementation.class.getName());
        if (httpsEndpoint.getKeyStoreType() != null) {
            connector.setProperty(CONN_KEYSTORE_TYPE, httpsEndpoint.getKeyStoreType());
        }
        if (httpsEndpoint.getKeyStorePath() != null) {
            connector.setAttribute(CONN_KEYSTORE_FILE, FileUtil.getAbsoluteFilename(httpsEndpoint.getKeyStorePath()));
        }
        if (httpsEndpoint.getKeyStorePassword() != null) {
            connector.setAttribute(CONN_KEYSTORE_PASS, httpsEndpoint.getKeyStorePassword());
        }
        if (httpsEndpoint.getKeyPassword() != null) {
            connector.setAttribute(CONN_KEY_PASS, httpsEndpoint.getKeyPassword());
        }
        if (httpsEndpoint.getTrustStorePath() != null) {
            connector.setAttribute(CONN_TRUSTSTORE_FILE, FileUtil.getAbsoluteFilename(httpsEndpoint.getTrustStorePath()));
        }
        if (httpsEndpoint.getTrustStorePassword() != null) {
            connector.setAttribute(CONN_TRUSTSTORE_PASS, httpsEndpoint.getTrustStorePassword());
        }
        if (httpsEndpoint.getTrustStorePath() == null && httpsEndpoint.getTrustStorePassword() == null) {
            connector.setProperty(CONN_TRUSTSTORE_FILE, (String) connector.getProperty(CONN_KEYSTORE_FILE));
            connector.setProperty(CONN_TRUSTSTORE_PASS, (String) connector.getProperty(CONN_KEYSTORE_PASS));
            connector.setProperty(CONN_TRUSTSTORE_TYPE, (String) connector.getProperty(CONN_KEYSTORE_TYPE));
        }
        if (httpsEndpoint.getNeedClientAuth()) {
            connector.setAttribute(CONN_CLIENT_AUTH, "true");
        } else if (httpsEndpoint.getWantClientAuth()) {
            connector.setAttribute(CONN_CLIENT_AUTH, "want");
        } else {
            connector.setAttribute(CONN_CLIENT_AUTH, "false");
        }
        connector.setProperty(CONN_CIPHERS, StringUtil.join(getEnabledSSLCiphers(), ","));
        connector.setProperty(CONN_ENABLED_PROTOCOLS, httpsEndpoint.getEnabledProtocols());
    }

    private void createHandler() throws ServletException {
        this._context = this._server.addContext("/", this._staticContentBasePath != null ? this._staticContentBasePath : new File(".").getAbsolutePath());
        registerMimeMappings();
        this._context.setParentClassLoader(getClass().getClassLoader());
        if (this._services.length == 0) {
            throw new IllegalStateException("There are no services configured");
        }
        addServices();
        addFilters();
    }

    private void registerMimeMappings() {
        try {
            Context addContext = this._server.addContext("/dummyContext", ".");
            Tomcat.initWebappDefaults(addContext);
            for (String str : addContext.findMimeMappings()) {
                this._context.addMimeMapping(str, addContext.findMimeMapping(str));
            }
            addContext.stop();
            addContext.destroy();
        } catch (LifecycleException e) {
            _logger.error(e.getMessage(), e);
        }
    }

    private void addServices() {
        int i = 0;
        for (Service service : this._services) {
            int i2 = i;
            i++;
            String str = "servlet " + i2;
            Wrapper addServlet = Tomcat.addServlet(this._context, str, service.getServlet());
            if (this._asyncTimeout != ASYNC_TIMEOUT_NOT_SET) {
                addServlet.addInitParameter(ASYNC_TIMEOUT_KEY, String.valueOf(this._asyncTimeout));
            }
            if (service.getInitParameters() != null) {
                for (Map.Entry<String, String> entry : service.getInitParameters().entrySet()) {
                    addServlet.addInitParameter(entry.getKey(), entry.getValue());
                }
            }
            String path = service.getPath();
            this._context.addServletMapping(path, str);
            if (path.indexOf(42) < 0 && !path.endsWith("/")) {
                this._context.addServletMapping(path + "/", str);
            }
            addServlet.setAsyncSupported(true);
            for (SecurityConstraint securityConstraint : SecurityConstraint.createConstraints(new ServletSecurityElement(new HttpConstraintElement(resolveDataConstraint(service.getTransportGuarantee()), new String[0])), path)) {
                this._context.addConstraint(securityConstraint);
            }
            addServlet.setLoadOnStartup(0);
        }
    }

    private void addFilters() {
        int i = 0;
        for (Filter filter : this._filters) {
            FilterDef filterDef = new FilterDef();
            int i2 = i;
            i++;
            String str = "filter " + i2;
            filterDef.setFilterName(str);
            filterDef.setFilter(filter.getFilter());
            if (filter.getInitParameters() != null) {
                for (Map.Entry<String, String> entry : filter.getInitParameters().entrySet()) {
                    filterDef.addInitParameter(entry.getKey(), entry.getValue());
                }
            }
            this._context.addFilterDef(filterDef);
            FilterMap filterMap = new FilterMap();
            filterMap.setFilterName(str);
            filterMap.addURLPattern(filter.getPath());
            for (Filter.Dispatcher dispatcher : filter.getDispatchers()) {
                filterMap.setDispatcher(dispatcher.name());
            }
            this._context.addFilterMap(filterMap);
        }
    }

    private static ServletSecurity.TransportGuarantee resolveDataConstraint(Service.TransportGuarantee transportGuarantee) {
        switch (transportGuarantee) {
            case NONE:
                return ServletSecurity.TransportGuarantee.NONE;
            case INTEGRAL:
                return ServletSecurity.TransportGuarantee.CONFIDENTIAL;
            case CONFIDENTIAL:
                return ServletSecurity.TransportGuarantee.CONFIDENTIAL;
            default:
                throw new InternalException("Unknown transport guarantee " + transportGuarantee);
        }
    }

    @Override // com.vmware.vapi.protocol.server.rpc.http.Server
    public void stop() throws Exception {
        shutdown();
        if (_logger.isInfoEnabled()) {
            _logger.info("Stopping server.");
        }
        if (this._server.getServer() == null || this._server.getServer().getState() == LifecycleState.DESTROYED) {
            return;
        }
        if (this._server.getServer().getState() != LifecycleState.STOPPED) {
            this._server.getServer().stop();
        }
        this._server.getServer().destroy();
    }

    @Override // com.vmware.vapi.protocol.server.rpc.http.Server
    public void join() throws Exception {
        this._server.getServer().await();
    }

    public Tomcat getServer() {
        return this._server;
    }

    public Context getContext() {
        return this._context;
    }

    @Override // com.vmware.vapi.protocol.server.rpc.http.impl.AbstractServer
    protected Service prepareDefaultServlet(StaticContentService staticContentService) {
        HashMap hashMap = new HashMap();
        this._staticContentBasePath = new File(staticContentService.getContentBasePath()).getAbsolutePath();
        hashMap.put("listings", String.valueOf(staticContentService.getDirListing()));
        ServiceImpl serviceImpl = new ServiceImpl();
        serviceImpl.setServlet(new DefaultServlet());
        serviceImpl.setInitParameters(hashMap);
        serviceImpl.setPath(staticContentService.getPath());
        serviceImpl.setTransportGuarantee(staticContentService.getTransportGuarantee());
        return serviceImpl;
    }
}
