package org.jivesoftware.openfire.container;

import java.io.File;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.net.ssl.SSLContext;
import org.apache.commons.logging.LogFactory;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.net.SSLConfig;
import org.jivesoftware.util.CertificateEventListener;
import org.jivesoftware.util.CertificateManager;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.LocaleUtils;
import org.jivesoftware.util.Log;
import org.jivesoftware.util.StringUtils;
import org.logicalcobwebs.proxool.ProxoolConstants;
import org.mortbay.jetty.Connector;
import org.mortbay.jetty.Handler;
import org.mortbay.jetty.Server;
import org.mortbay.jetty.handler.ContextHandlerCollection;
import org.mortbay.jetty.handler.DefaultHandler;
import org.mortbay.jetty.nio.SelectChannelConnector;
import org.mortbay.jetty.security.SslSelectChannelConnector;
import org.mortbay.jetty.webapp.WebAppContext;

/* loaded from: input_file:org/jivesoftware/openfire/container/AdminConsolePlugin.class */
public class AdminConsolePlugin implements Plugin {
    public static final String secret = StringUtils.randomString(64);
    private int adminPort;
    private int adminSecurePort;
    private Server adminServer;
    private CertificateEventListener certificateListener;
    private File pluginDir;
    private boolean restartNeeded = false;
    private boolean sslEnabled = false;
    private ContextHandlerCollection contexts = new ContextHandlerCollection();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jivesoftware/openfire/container/AdminConsolePlugin$CertificateListener.class */
    public class CertificateListener implements CertificateEventListener {
        private CertificateListener() {
        }

        @Override // org.jivesoftware.util.CertificateEventListener
        public void certificateCreated(KeyStore keyStore, String str, X509Certificate x509Certificate) {
            if ("RSA".equals(x509Certificate.getPublicKey().getAlgorithm())) {
                AdminConsolePlugin.this.restartNeeded = true;
            }
        }

        @Override // org.jivesoftware.util.CertificateEventListener
        public void certificateDeleted(KeyStore keyStore, String str) {
            AdminConsolePlugin.this.restartNeeded = true;
        }

        @Override // org.jivesoftware.util.CertificateEventListener
        public void certificateSigned(KeyStore keyStore, String str, List<X509Certificate> list) {
            if ("RSA".equals(list.get(0).getPublicKey().getAlgorithm())) {
                AdminConsolePlugin.this.restartNeeded = true;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jivesoftware/openfire/container/AdminConsolePlugin$JiveSslConnector.class */
    public class JiveSslConnector extends SslSelectChannelConnector {
        private JiveSslConnector() {
        }

        @Override // org.mortbay.jetty.security.SslSelectChannelConnector
        protected SSLContext createSSLContext() throws Exception {
            return SSLConfig.getSSLContext();
        }
    }

    public AdminConsolePlugin() {
        System.setProperty("org.mortbay.log.class", "org.jivesoftware.util.log.util.JettyLog");
        System.setProperty(LogFactory.FACTORY_PROPERTY, "org.jivesoftware.util.log.util.CommonsLogFactory");
    }

    public void startup() {
        this.restartNeeded = false;
        this.certificateListener = new CertificateListener();
        CertificateManager.addListener(this.certificateListener);
        this.adminPort = JiveGlobals.getXMLProperty("adminConsole.port", 9090);
        this.adminSecurePort = JiveGlobals.getXMLProperty("adminConsole.securePort", 9091);
        this.adminServer = new Server();
        this.adminServer.setSendServerVersion(false);
        if (this.adminPort > 0) {
            SelectChannelConnector selectChannelConnector = new SelectChannelConnector();
            selectChannelConnector.setHost(getBindInterface());
            selectChannelConnector.setPort(this.adminPort);
            this.adminServer.addConnector(selectChannelConnector);
        }
        this.sslEnabled = false;
        try {
            if (this.adminSecurePort > 0 && CertificateManager.isRSACertificate(SSLConfig.getKeyStore(), "*")) {
                if (!CertificateManager.isRSACertificate(SSLConfig.getKeyStore(), XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
                    Log.warn("Admin console: Using RSA certificates but they are not valid for the hosted domain");
                }
                JiveSslConnector jiveSslConnector = new JiveSslConnector();
                jiveSslConnector.setHost(getBindInterface());
                jiveSslConnector.setPort(this.adminSecurePort);
                jiveSslConnector.setTrustPassword(SSLConfig.gets2sTrustPassword());
                jiveSslConnector.setTruststoreType(SSLConfig.getStoreType());
                jiveSslConnector.setTruststore(SSLConfig.gets2sTruststoreLocation());
                jiveSslConnector.setNeedClientAuth(false);
                jiveSslConnector.setWantClientAuth(false);
                jiveSslConnector.setKeyPassword(SSLConfig.getKeyPassword());
                jiveSslConnector.setKeystoreType(SSLConfig.getStoreType());
                jiveSslConnector.setKeystore(SSLConfig.getKeystoreLocation());
                this.adminServer.addConnector(jiveSslConnector);
                this.sslEnabled = true;
            }
        } catch (Exception e) {
            Log.error(e);
        }
        if (this.adminServer.getConnectors() == null || this.adminServer.getConnectors().length == 0) {
            this.adminServer = null;
            log(LocaleUtils.getLocalizedString("admin.console.warning"));
            return;
        }
        this.adminServer.setHandlers(new Handler[]{this.contexts, new DefaultHandler()});
        try {
            this.adminServer.start();
        } catch (Exception e2) {
            Log.error("Could not start admin conosle server", e2);
        }
        logAdminConsolePorts();
    }

    public void shutdown() {
        if (this.certificateListener != null) {
            CertificateManager.removeListener(this.certificateListener);
        }
        try {
            if (this.adminServer != null && this.adminServer.isRunning()) {
                this.adminServer.stop();
            }
        } catch (Exception e) {
            Log.error("Error stopping admin console server", e);
        }
        this.adminServer = null;
    }

    @Override // org.jivesoftware.openfire.container.Plugin
    public void initializePlugin(PluginManager pluginManager, File file) {
        this.pluginDir = file;
        createWebAppContext();
        startup();
    }

    @Override // org.jivesoftware.openfire.container.Plugin
    public void destroyPlugin() {
        shutdown();
    }

    public boolean isRestartNeeded() {
        return this.restartNeeded;
    }

    public String getBindInterface() {
        String xMLProperty = JiveGlobals.getXMLProperty("network.interface");
        String str = null;
        if (xMLProperty != null && xMLProperty.trim().length() > 0) {
            str = xMLProperty;
        }
        return str;
    }

    public int getAdminUnsecurePort() {
        return this.adminPort;
    }

    public int getAdminSecurePort() {
        if (this.sslEnabled) {
            return this.adminSecurePort;
        }
        return 0;
    }

    public ContextHandlerCollection getContexts() {
        return this.contexts;
    }

    public void restart() {
        try {
            this.adminServer.stop();
            this.adminServer.start();
        } catch (Exception e) {
            Log.error(e);
        }
    }

    private void createWebAppContext() {
        WebAppContext webAppContext;
        if (Boolean.getBoolean("developmentMode")) {
            System.out.println(LocaleUtils.getLocalizedString("admin.console.devmode"));
            webAppContext = new WebAppContext(this.contexts, this.pluginDir.getParentFile().getParentFile().getParentFile().getParent() + File.separator + "src" + File.separator + "web", "/");
        } else {
            webAppContext = new WebAppContext(this.contexts, this.pluginDir.getAbsoluteFile() + File.separator + "webapp", "/");
        }
        webAppContext.setWelcomeFiles(new String[]{"index.jsp"});
    }

    private void log(String str) {
        Log.info(str);
        System.out.println(str);
    }

    private void logAdminConsolePorts() {
        String localizedString = LocaleUtils.getLocalizedString("admin.console.listening");
        boolean z = false;
        boolean z2 = false;
        for (Connector connector : this.adminServer.getConnectors()) {
            if (connector.getPort() == this.adminPort) {
                z = true;
            } else if (connector.getPort() == this.adminSecurePort) {
                z2 = true;
            }
        }
        if (z && z2) {
            log(localizedString + ProxoolConstants.URL_DELIMITER + System.getProperty("line.separator") + "  http://" + XMPPServer.getInstance().getServerInfo().getXMPPDomain() + ProxoolConstants.URL_DELIMITER + this.adminPort + System.getProperty("line.separator") + "  https://" + XMPPServer.getInstance().getServerInfo().getXMPPDomain() + ProxoolConstants.URL_DELIMITER + this.adminSecurePort);
        } else if (z2) {
            log(localizedString + " https://" + XMPPServer.getInstance().getServerInfo().getXMPPDomain() + ProxoolConstants.URL_DELIMITER + this.adminSecurePort);
        } else if (z) {
            log(localizedString + " http://" + XMPPServer.getInstance().getServerInfo().getXMPPDomain() + ProxoolConstants.URL_DELIMITER + this.adminPort);
        }
    }
}
