package edu.csus.ecs.pc2.services.eventFeed;

import edu.csus.ecs.pc2.core.IInternalController;
import edu.csus.ecs.pc2.core.log.Log;
import edu.csus.ecs.pc2.core.model.IInternalContest;
import edu.csus.ecs.pc2.exports.ccs.EventFeedXML;
import edu.csus.ecs.pc2.services.web.LanguageService;
import edu.csus.ecs.pc2.services.web.ProblemService;
import edu.csus.ecs.pc2.services.web.ScoreboardService;
import edu.csus.ecs.pc2.services.web.StarttimeService;
import edu.csus.ecs.pc2.services.web.TeamService;
import edu.csus.ecs.pc2.ui.UIPlugin;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.lang.reflect.Constructor;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Properties;
import java.util.logging.Logger;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.security.SecurityHandler;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.glassfish.jersey.server.ResourceConfig;
import org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature;
import org.glassfish.jersey.servlet.ServletContainer;
import sun.security.x509.CertificateExtensions;
import sun.security.x509.KeyIdentifier;
import sun.security.x509.SubjectKeyIdentifierExtension;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* loaded from: input_file:edu/csus/ecs/pc2/services/eventFeed/WebServer.class */
public class WebServer implements UIPlugin {
    private static final long serialVersionUID = -731087652687843222L;
    public static final int DEFAULT_WEB_SERVER_PORT_NUMBER = 50443;
    public static final String PC2_KEYSTORE_FILE = "cacerts.pc2";
    public static final String PORT_NUMBER_KEY = "port";
    public static final String SCOREBOARD_SERVICE_ENABLED_KEY = "enableScoreboard";
    public static final String PROBLEMS_SERVICE_ENABLED_KEY = "enableProblems";
    public static final String LANGUAGES_SERVICE_ENABLED_KEY = "enableLanguages";
    public static final String STARTTIME_SERVICE_ENABLED_KEY = "enableStartTime";
    public static final String TEAMS_SERVICE_ENABLED_KEY = "enableTeams";
    private IInternalContest contest;
    private IInternalController controller;
    private Properties wsProperties = new Properties();
    private Server jettyServer = null;
    private String keystorePassword = "i don't care";
    private Log log = null;

    private void createKeyStoreAndKey(File file) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        char[] charArray = this.keystorePassword.toCharArray();
        keyStore.load(null, charArray);
        try {
            Class<?> cls = Class.forName(System.getProperty("java.version").matches("^1\\.[67]\\..*") ? "sun.security.x509.CertAndKeyGen" : "sun.security.tools.keytool.CertAndKeyGen");
            Class<?> cls2 = Class.forName("sun.security.x509.X500Name");
            Constructor<?> constructor = cls.getConstructor(String.class, String.class);
            Constructor<?> constructor2 = cls2.getConstructor(String.class);
            Object newInstance = constructor.newInstance("RSA", "SHA256WithRSA");
            Object newInstance2 = constructor2.newInstance("CN=pc2 jetty, OU=PC^2, O=PC^2, L=Unknown, ST=Unknown, C=Unknown");
            cls.getMethod("generate", Integer.TYPE).invoke(newInstance, 2048);
            PrivateKey privateKey = (PrivateKey) cls.getMethod("getPrivateKey", new Class[0]).invoke(newInstance, new Object[0]);
            X509Certificate[] x509CertificateArr = {(X509Certificate) cls.getMethod("getSelfCertificate", cls2, Long.TYPE).invoke(newInstance, newInstance2, 31536000L)};
            X500Name subjectDN = x509CertificateArr[0].getSubjectDN();
            String sigAlgName = x509CertificateArr[0].getSigAlgName();
            X509CertInfo x509CertInfo = new X509CertInfo(x509CertificateArr[0].getTBSCertificate());
            x509CertInfo.set("issuer", subjectDN);
            CertificateExtensions certificateExtensions = new CertificateExtensions();
            certificateExtensions.set("SubjectKeyIdentifier", new SubjectKeyIdentifierExtension(new KeyIdentifier(x509CertificateArr[0].getPublicKey()).getIdentifier()));
            x509CertInfo.set("extensions", certificateExtensions);
            Certificate x509CertImpl = new X509CertImpl(x509CertInfo);
            x509CertImpl.sign(privateKey, sigAlgName);
            keyStore.setCertificateEntry("jetty", x509CertImpl);
            keyStore.setKeyEntry("jetty", privateKey, this.keystorePassword.toCharArray(), x509CertificateArr);
        } catch (Exception e) {
            e.printStackTrace();
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        keyStore.store(fileOutputStream, charArray);
        fileOutputStream.close();
    }

    public void startWebServer(IInternalContest iInternalContest, IInternalController iInternalController, Properties properties) {
        setContestAndController(iInternalContest, iInternalController);
        this.wsProperties = properties;
        try {
            int integerProperty = getIntegerProperty(PORT_NUMBER_KEY, 50443);
            File file = new File(PC2_KEYSTORE_FILE);
            if (!file.exists()) {
                createKeyStoreAndKey(file);
            }
            ServletContextHandler servletContextHandler = new ServletContextHandler(1);
            servletContextHandler.setContextPath("/");
            servletContextHandler.addServlet(new ServletHolder(new ServletContainer(getResourceConfig())), "/*");
            this.jettyServer = new Server();
            HttpConfiguration httpConfiguration = new HttpConfiguration();
            httpConfiguration.setSecureScheme("https");
            httpConfiguration.setSecurePort(integerProperty);
            httpConfiguration.setOutputBufferSize(32768);
            SslContextFactory sslContextFactory = new SslContextFactory(true);
            sslContextFactory.setKeyStorePath(file.getAbsolutePath());
            sslContextFactory.setKeyStorePassword(this.keystorePassword);
            sslContextFactory.setKeyManagerPassword(this.keystorePassword);
            sslContextFactory.setIncludeCipherSuites(new String[]{"TLS_DHE_RSA.*", "TLS_ECDHE.*"});
            sslContextFactory.setExcludeProtocols(new String[]{"SSL", "SSLv2", "SSLv2Hello", "SSLv3"});
            sslContextFactory.setRenegotiationAllowed(false);
            HttpConfiguration httpConfiguration2 = new HttpConfiguration(httpConfiguration);
            httpConfiguration2.addCustomizer(new SecureRequestCustomizer());
            Connector serverConnector = new ServerConnector(this.jettyServer, new ConnectionFactory[]{new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration2)});
            serverConnector.setPort(integerProperty);
            serverConnector.setIdleTimeout(0L);
            this.jettyServer.setConnectors(new Connector[]{serverConnector});
            servletContextHandler.setSecurityHandler(basicAuth());
            this.jettyServer.setHandler(servletContextHandler);
            this.jettyServer.start();
            showMessage("Started web server on port " + integerProperty);
        } catch (IOException e) {
            showMessage("Unable to start web services: " + e.getMessage(), e);
        } catch (NumberFormatException e2) {
            showMessage("Unable to start web services: invalid port number: " + e2.getMessage(), e2);
        } catch (Exception e3) {
            showMessage("Unable to start web services: " + e3.getMessage(), e3);
        }
    }

    private void showMessage(String str, Exception exc) {
        getLog().log(Log.INFO, str, (Throwable) exc);
        System.out.println(new Date() + " " + str);
        exc.printStackTrace();
    }

    private void showMessage(String str) {
        System.out.println(new Date() + " " + str);
        getLog().info(str);
    }

    private Logger getLog() {
        return this.log;
    }

    private SecurityHandler basicAuth() {
        HashLoginService hashLoginService = new HashLoginService();
        File file = new File("realm.properties");
        if (file.exists() && file.isFile() && file.canRead()) {
            showMessage("Loading " + file.getAbsolutePath());
            hashLoginService.setRefreshInterval(60);
            hashLoginService.setConfig(file.getAbsolutePath());
            try {
                hashLoginService.start();
            } catch (Exception e) {
                showMessage(e.getMessage(), e);
            }
        } else if (!file.exists()) {
            showMessage("WARNING: " + file.getAbsolutePath() + " does not exist");
        } else if (file.isFile()) {
            showMessage("WARNING: Cannot read " + file.getAbsolutePath());
        } else {
            showMessage("WARNING: " + file.getAbsolutePath() + " is not a file");
        }
        Constraint constraint = new Constraint();
        constraint.setName("BASIC");
        constraint.setRoles(new String[]{"public", EventFeedXML.BALLOON_TAG, "blue", "admin"});
        constraint.setAuthenticate(true);
        ConstraintMapping constraintMapping = new ConstraintMapping();
        constraintMapping.setConstraint(constraint);
        constraintMapping.setPathSpec("/");
        Constraint constraint2 = new Constraint();
        constraint2.setName("BASIC");
        constraint2.setRoles(new String[]{"admin"});
        constraint2.setAuthenticate(true);
        ConstraintMapping constraintMapping2 = new ConstraintMapping();
        constraintMapping2.setConstraint(constraint2);
        constraintMapping2.setPathSpec("/starttime");
        ConstraintSecurityHandler constraintSecurityHandler = new ConstraintSecurityHandler();
        constraintSecurityHandler.setAuthenticator(new BasicAuthenticator());
        constraintSecurityHandler.setRealmName("myrealm");
        constraintSecurityHandler.addConstraintMapping(constraintMapping);
        constraintSecurityHandler.addConstraintMapping(constraintMapping2);
        constraintSecurityHandler.setLoginService(hashLoginService);
        return constraintSecurityHandler;
    }

    private ResourceConfig getResourceConfig() {
        ResourceConfig resourceConfig = new ResourceConfig();
        resourceConfig.register(RolesAllowedDynamicFeature.class);
        if (getBooleanProperty(SCOREBOARD_SERVICE_ENABLED_KEY, false)) {
            resourceConfig.register(new ScoreboardService(getContest(), getController()));
            showMessage("Starting /scoreboard web service");
        }
        if (getBooleanProperty(PROBLEMS_SERVICE_ENABLED_KEY, false)) {
            resourceConfig.register(new ProblemService(getContest(), getController()));
            showMessage("Starting /problems web service");
        }
        if (getBooleanProperty(LANGUAGES_SERVICE_ENABLED_KEY, false)) {
            resourceConfig.register(new LanguageService(getContest(), getController()));
            showMessage("Starting /languages web service");
        }
        if (getBooleanProperty(STARTTIME_SERVICE_ENABLED_KEY, false)) {
            resourceConfig.register(new StarttimeService(getContest(), getController()));
            showMessage("Starting /starttime web service");
        }
        if (getBooleanProperty(TEAMS_SERVICE_ENABLED_KEY, false)) {
            resourceConfig.register(new TeamService(getContest(), getController()));
            showMessage("Starting /teams web service");
        }
        return resourceConfig;
    }

    protected boolean getBooleanProperty(String str, boolean z) {
        String property = this.wsProperties.getProperty(str);
        return property == null ? z : "true".equalsIgnoreCase(property.trim()) || "yes".equalsIgnoreCase(property.trim()) || "on".equalsIgnoreCase(property.trim()) || "enabled".equalsIgnoreCase(property.trim());
    }

    protected int getIntegerProperty(String str, int i) {
        String property = this.wsProperties.getProperty(str);
        if (property == null) {
            return i;
        }
        try {
            return Integer.parseInt(property);
        } catch (Exception unused) {
            return i;
        }
    }

    public IInternalContest getContest() {
        return this.contest;
    }

    public IInternalController getController() {
        return this.controller;
    }

    public static Properties createSampleProperties() {
        Properties properties = new Properties();
        properties.put(PORT_NUMBER_KEY, "50443");
        properties.put(SCOREBOARD_SERVICE_ENABLED_KEY, "yes");
        properties.put(PROBLEMS_SERVICE_ENABLED_KEY, "yes");
        properties.put(LANGUAGES_SERVICE_ENABLED_KEY, "yes");
        properties.put(STARTTIME_SERVICE_ENABLED_KEY, "yes");
        properties.put(TEAMS_SERVICE_ENABLED_KEY, "yes");
        return properties;
    }

    @Override // edu.csus.ecs.pc2.ui.UIPlugin
    public void setContestAndController(IInternalContest iInternalContest, IInternalController iInternalController) {
        this.contest = iInternalContest;
        this.controller = iInternalController;
        this.log = this.controller.getLog();
    }

    @Override // edu.csus.ecs.pc2.ui.UIPlugin
    public String getPluginTitle() {
        return "Web Server (non-GUI)";
    }

    public void stop() {
        try {
            this.jettyServer.stop();
        } catch (Exception e) {
            showMessage("Unable to stop Jetty webserver: " + e.getMessage());
            e.printStackTrace();
            getLog().log(Log.INFO, e.getMessage(), (Throwable) e);
        }
        this.jettyServer.destroy();
    }

    public boolean isServerRunning() {
        return this.jettyServer == null ? false : this.jettyServer.isRunning();
    }
}
