package org.kie.server.router;

import io.undertow.Handlers;
import io.undertow.Undertow;
import io.undertow.security.api.AuthenticationMode;
import io.undertow.security.handlers.AuthenticationCallHandler;
import io.undertow.security.handlers.AuthenticationConstraintHandler;
import io.undertow.security.handlers.AuthenticationMechanismsHandler;
import io.undertow.security.handlers.SecurityInitialHandler;
import io.undertow.security.impl.BasicAuthenticationMechanism;
import io.undertow.server.handlers.BlockingHandler;
import io.undertow.server.handlers.PathHandler;
import io.undertow.server.handlers.ResponseCodeHandler;
import io.undertow.server.handlers.builder.PredicatedHandlersParser;
import io.undertow.server.handlers.proxy.ProxyHandler;
import io.undertow.servlet.handlers.ServletPathMatches;
import java.net.URI;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.ServiceLoader;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.DefaultParser;
import org.apache.commons.cli.HelpFormatter;
import org.apache.commons.cli.Option;
import org.apache.commons.cli.Options;
import org.jboss.logging.Logger;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.kie.server.router.handlers.AdminHttpHandler;
import org.kie.server.router.handlers.ContainersHttpHandler;
import org.kie.server.router.handlers.DocumentsHttpHandler;
import org.kie.server.router.handlers.JobsHttpHandler;
import org.kie.server.router.handlers.KieServerInfoHandler;
import org.kie.server.router.handlers.OptionsHttpHandler;
import org.kie.server.router.handlers.QueriesDataHttpHandler;
import org.kie.server.router.handlers.QueriesHttpHandler;
import org.kie.server.router.identity.IdentityService;
import org.kie.server.router.proxy.KieServerProxyClient;
import org.kie.server.router.repository.FileRepository;
import org.kie.server.router.spi.ConfigRepository;
import org.kie.server.router.utils.HttpUtils;
import org.kie.server.router.utils.SSLContextBuilder;

/* loaded from: input_file:org/kie/server/router/KieServerRouter.class */
public class KieServerRouter {
    private static final String HOST = System.getProperty(KieServerRouterConstants.ROUTER_HOST, "localhost");
    private static final int PORT = Integer.parseInt(System.getProperty(KieServerRouterConstants.ROUTER_PORT, String.valueOf(KieServerRouterConstants.DEFAULT_PORT_NUM)));
    private static final int PORT_TLS = Integer.parseInt(System.getProperty(KieServerRouterConstants.ROUTER_PORT_TLS, String.valueOf(KieServerRouterConstants.DEFAULT_PORT_TLS_NUM)));
    private static final String KEYSTORE_PATH = System.getProperty(KieServerRouterConstants.ROUTER_KEYSTORE);
    private static final String KEYSTORE_PASSWORD = System.getProperty(KieServerRouterConstants.ROUTER_KEYSTORE_PASSWORD);
    private static final String KEYSTORE_KEYALIAS = System.getProperty(KieServerRouterConstants.ROUTER_KEYSTORE_KEYALIAS);
    private static final boolean TLS_ENABLED;
    private int failedAttemptsInterval;
    private static boolean MANAGEMENT_SECURED;
    private static String IDENTITY_PROVIDER;
    public static final String CMD_ADD_USER = "addUser";
    public static final String CMD_REMOVE_USER = "removeUser";
    private String CONTROLLER;
    private static final Logger log;
    private static final String SERVER_INFO_JSON;
    private ServiceLoader<ConfigRepository> configRepositoryServiceLoader;
    private Undertow server;
    private ConfigRepository repository;
    private ScheduledExecutorService executorService;
    private ScheduledFuture<?> controllerConnectionAttempts;
    private boolean isSecured;
    private String identityServiceName;
    private boolean isHttpEnabled;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/kie/server/router/KieServerRouter$IdentityServiceNotFound.class */
    public static class IdentityServiceNotFound extends RuntimeException {
        private static final long serialVersionUID = 7156962325493936307L;

        public IdentityServiceNotFound(String str) {
            super(str);
        }
    }

    public KieServerRouter() {
        this(reloadManagementSecured(), reloadIdentityProvider());
    }

    public KieServerRouter(boolean z, String str) {
        this.failedAttemptsInterval = Integer.parseInt(System.getProperty(KieServerRouterConstants.KIE_SERVER_CONTROLLER_ATTEMPT_INTERVAL, "10"));
        this.CONTROLLER = System.getProperty(KieServerRouterConstants.KIE_CONTROLLER);
        this.configRepositoryServiceLoader = ServiceLoader.load(ConfigRepository.class);
        this.repository = new FileRepository();
        this.executorService = Executors.newSingleThreadScheduledExecutor();
        this.configRepositoryServiceLoader.forEach(configRepository -> {
            this.repository = configRepository;
        });
        log.info("KIE Server router repository implementation is " + this.repository);
        this.isSecured = z;
        this.identityServiceName = str;
    }

    public static void main(String[] strArr) throws Exception {
        Options options = new Options();
        options.addOption(Option.builder(CMD_ADD_USER).desc("addUser <user> <password>").hasArg(true).numberOfArgs(2).build());
        options.addOption(Option.builder(CMD_REMOVE_USER).desc("removeUser <user>").hasArg(true).build());
        CommandLine parse = new DefaultParser().parse(options, strArr);
        KieServerRouter kieServerRouter = new KieServerRouter();
        if (parse.hasOption(CMD_ADD_USER)) {
            String[] optionValues = parse.getOptionValues(CMD_ADD_USER);
            kieServerRouter.getIdentityService().addKieServerInstance(optionValues[0], optionValues[1]);
            log.infof("User <%1$s> added", optionValues[0]);
        } else if (!parse.hasOption(CMD_REMOVE_USER)) {
            kieServerRouter.start(HOST, Integer.valueOf(PORT), Integer.valueOf(PORT_TLS), new ConfigurationListener[0]);
            Runtime.getRuntime().addShutdownHook(new Thread() { // from class: org.kie.server.router.KieServerRouter.1
                @Override // java.lang.Thread, java.lang.Runnable
                public void run() {
                    KieServerRouter.this.stop();
                }
            });
        } else {
            String optionValue = parse.getOptionValue(CMD_REMOVE_USER);
            kieServerRouter.getIdentityService().removeKieServerInstance(optionValue);
            log.infof("User <%1$s> removed", optionValue);
        }
    }

    public void start(String str, Integer num, ConfigurationListener... configurationListenerArr) {
        start(str, num, Integer.valueOf(KieServerRouterConstants.DEFAULT_PORT_TLS_NUM), configurationListenerArr);
    }

    public void start(String str, Integer num, Integer num2, ConfigurationListener... configurationListenerArr) {
        System.setProperty(KieServerRouterConstants.ROUTER_HOST, str);
        System.setProperty(KieServerRouterConstants.ROUTER_PORT, num.toString());
        System.setProperty(KieServerRouterConstants.ROUTER_PORT_TLS, num2.toString());
        this.isHttpEnabled = isValidPort(num.intValue());
        Configuration load = this.repository.load();
        for (ConfigurationListener configurationListener : configurationListenerArr) {
            load.addListener(configurationListener);
        }
        AdminHttpHandler adminHttpHandler = new AdminHttpHandler(load, this.repository, this.executorService);
        KieServerProxyClient kieServerProxyClient = new KieServerProxyClient(load, adminHttpHandler);
        for (Map.Entry<String, List<String>> entry : load.getHostsPerContainer().entrySet()) {
            new LinkedHashSet(entry.getValue()).forEach(str2 -> {
                kieServerProxyClient.addContainer((String) entry.getKey(), URI.create(str2));
            });
        }
        ResponseCodeHandler responseCodeHandler = ResponseCodeHandler.HANDLE_404;
        ProxyHandler build = ProxyHandler.builder().setProxyClient(kieServerProxyClient).setMaxRequestTime(-1).setRewriteHostHeader(true).setReuseXForwarded(false).setNext(new OptionsHttpHandler(responseCodeHandler, adminHttpHandler)).build();
        PathHandler path = Handlers.path(build);
        path.addPrefixPath("/queries/definitions", new QueriesDataHttpHandler(responseCodeHandler, adminHttpHandler));
        path.addPrefixPath("/queries", new QueriesHttpHandler(responseCodeHandler, adminHttpHandler));
        path.addPrefixPath("/jobs", new JobsHttpHandler(build, adminHttpHandler));
        path.addPrefixPath("/documents", new DocumentsHttpHandler(responseCodeHandler, adminHttpHandler));
        path.addExactPath("/containers", new ContainersHttpHandler(responseCodeHandler, adminHttpHandler));
        if (this.isSecured) {
            path.addPrefixPath("/mgmt", new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, getIdentityService(), new AuthenticationMechanismsHandler(new AuthenticationConstraintHandler(new AuthenticationCallHandler(adminHttpHandler)), Collections.singletonList(new BasicAuthenticationMechanism("KieServerRouterRealm")))));
        } else {
            path.addPrefixPath("/mgmt", adminHttpHandler);
        }
        path.addExactPath("/", new KieServerInfoHandler());
        BlockingHandler blockingHandler = new BlockingHandler(path);
        Undertow.Builder builder = Undertow.builder();
        if (this.isHttpEnabled) {
            builder.addHttpListener(num.intValue(), str);
        }
        if (TLS_ENABLED) {
            builder = builder.addHttpsListener(num2.intValue(), str, SSLContextBuilder.builder().setKeyStorePath(KEYSTORE_PATH).setKeyStorePassword(KEYSTORE_PASSWORD).setKeyAlias(KEYSTORE_KEYALIAS).build());
        }
        if (!this.isHttpEnabled && !TLS_ENABLED) {
            throw new IllegalStateException("HTTP listener was disabled (by setting HTTP port to 0 or lower ) and TLS wasn't configured, no listener is available to handle requests");
        }
        this.server = builder.setHandler(blockingHandler).build();
        this.server.start();
        if (log.isInfoEnabled()) {
            logServerInfo("KieServerRouter started on: ", str, num.intValue(), num2.intValue());
        }
        connectToController(adminHttpHandler);
    }

    public static boolean isValidPort(int i) {
        return i > 0;
    }

    public void stop() {
        stop(false);
    }

    public void stop(boolean z) {
        this.executorService.shutdownNow();
        disconnectToController();
        if (this.server == null) {
            log.error("KieServerRouter was not started");
            return;
        }
        this.server.stop();
        this.repository.close();
        if (z) {
            this.repository.clean();
        }
        if (log.isInfoEnabled()) {
            logServerInfo("KieServerRouter stopped on: ", System.getProperty(KieServerRouterConstants.ROUTER_HOST), Integer.getInteger(KieServerRouterConstants.ROUTER_PORT).intValue(), Integer.getInteger(KieServerRouterConstants.ROUTER_PORT_TLS).intValue());
        }
    }

    private void logServerInfo(String str, String str2, int i, int i2) {
        StringBuilder sb = new StringBuilder(str);
        if (this.isHttpEnabled) {
            sb.append(str2).append(':').append(i);
        }
        if (TLS_ENABLED) {
            sb.append(" (TLS) ").append(str2).append(':').append(i2);
        }
        log.info(sb);
    }

    protected void connectToController(AdminHttpHandler adminHttpHandler) {
        if (this.CONTROLLER == null) {
            return;
        }
        try {
            String putHttpCall = HttpUtils.putHttpCall(this.CONTROLLER + "/server/" + KieServerInfoHandler.getRouterId(), SERVER_INFO_JSON);
            log.debugf("Controller response :: ", putHttpCall);
            boostrapFromControllerResponse(putHttpCall, adminHttpHandler);
            log.infof("KieServerRouter connected to controller at " + this.CONTROLLER, new Object[0]);
        } catch (Exception e) {
            log.error("Error when connecting to controller at " + this.CONTROLLER + " due to " + e.getMessage());
            log.debug(e);
            this.controllerConnectionAttempts = this.executorService.scheduleAtFixedRate(() -> {
                try {
                    String putHttpCall2 = HttpUtils.putHttpCall(this.CONTROLLER + "/server/" + KieServerInfoHandler.getRouterId(), SERVER_INFO_JSON);
                    log.debugf("Controller response :: ", putHttpCall2);
                    boostrapFromControllerResponse(putHttpCall2, adminHttpHandler);
                    this.controllerConnectionAttempts.cancel(false);
                    log.infof("KieServerRouter connected to controller at " + this.CONTROLLER, new Object[0]);
                } catch (Exception e2) {
                    log.error("Error when connecting to controller at " + this.CONTROLLER + " next attempt in " + this.failedAttemptsInterval + HelpFormatter.DEFAULT_LONG_OPT_SEPARATOR + TimeUnit.SECONDS.toString());
                    log.debug(e2);
                }
            }, this.failedAttemptsInterval, this.failedAttemptsInterval, TimeUnit.SECONDS);
        }
    }

    protected void disconnectToController() {
        if (this.CONTROLLER == null) {
            return;
        }
        try {
            HttpUtils.deleteHttpCall(this.CONTROLLER + "/server/" + KieServerInfoHandler.getRouterId() + "/?location=" + URLEncoder.encode(KieServerInfoHandler.getLocationUrl(), "UTF-8"));
            log.infof("KieServerRouter disconnected from controller at " + this.CONTROLLER, new Object[0]);
        } catch (Exception e) {
            log.error("Error when disconnecting from controller at " + this.CONTROLLER, e);
        }
    }

    protected void boostrapFromControllerResponse(String str, AdminHttpHandler adminHttpHandler) throws JSONException {
        ArrayList arrayList = new ArrayList();
        try {
            JSONArray jSONArray = new JSONObject(str).getJSONArray("containers");
            for (int i = 0; i < jSONArray.length(); i++) {
                arrayList.add(jSONArray.getJSONObject(i).getString("container-id"));
            }
        } catch (JSONException e) {
            log.debug("Error when getting list of containers:: " + e.getMessage(), e);
        }
        adminHttpHandler.addControllerContainers(arrayList);
    }

    public IdentityService getIdentityService() {
        Iterator it = ServiceLoader.load(IdentityService.class, Thread.currentThread().getContextClassLoader()).iterator();
        while (it.hasNext()) {
            IdentityService identityService = (IdentityService) it.next();
            if (this.identityServiceName.contentEquals(identityService.id())) {
                return identityService;
            }
        }
        throw new IdentityServiceNotFound("Identity Provider " + this.identityServiceName + " not found !");
    }

    private static boolean isManagementSecured() {
        return Boolean.parseBoolean(System.getProperty(KieServerRouterConstants.KIE_ROUTER_MANAGEMENT_SECURED, PredicatedHandlersParser.FALSE));
    }

    private static boolean reloadManagementSecured() {
        MANAGEMENT_SECURED = isManagementSecured();
        return MANAGEMENT_SECURED;
    }

    private static String getIdentityProvider() {
        return System.getProperty(KieServerRouterConstants.KIE_ROUTER_IDENTITY_PROVIDER, ServletPathMatches.DEFAULT_SERVLET_NAME);
    }

    private static String reloadIdentityProvider() {
        IDENTITY_PROVIDER = getIdentityProvider();
        return IDENTITY_PROVIDER;
    }

    static {
        TLS_ENABLED = (KEYSTORE_PATH == null || KEYSTORE_PATH.isEmpty()) ? false : true;
        MANAGEMENT_SECURED = isManagementSecured();
        IDENTITY_PROVIDER = getIdentityProvider();
        log = Logger.getLogger((Class<?>) KieServerRouter.class);
        SERVER_INFO_JSON = "{\n      \"version\" : \"LATEST\",\n      \"name\" : \"" + KieServerInfoHandler.getRouterName() + "\",\n      \"location\" : \"" + KieServerInfoHandler.getLocationUrl() + "\",\n      \"capabilities\" : [ \"KieServer\", \"BRM\", \"BPM\", \"CaseMgmt\", \"BPM-UI\", \"BRP\" ],\n      \"id\" : \"" + KieServerInfoHandler.getRouterId() + "\"\n}";
    }
}
