package com.mulesoft.mmc.agent.web;

import com.mulesoft.discovery.DiscoveryEngine;
import com.mulesoft.discovery.ServerIdentifier;
import com.mulesoft.mmc.agent.CoreAgent;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.io.Writer;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.net.ssl.SSLServerSocket;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.mule.api.MuleContext;
import org.mule.config.MuleManifest;
import org.mule.util.NetworkUtils;
import org.mule.util.SystemUtils;

/* loaded from: input_file:mule/lib/mule/mmc-agent-impl-3.7.1.jar:com/mulesoft/mmc/agent/web/AgentServlet.class */
public class AgentServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    public static final String INSTANCE_ID = "instanceId";
    public static final String INSTANCE_NAME = "instanceName";
    public static final String PAIRED = "paired";
    public static final String PAIRABLE = "pairable";
    public static final String TYPE = "type";
    public static final String ATTRIBUTE_AGENT_PROPERTIES_PATH = "agent.properties";
    public static final String ATTRIBUTE_AGENT_TRUSTSTORE_PATH = "agent.truststore.path";
    public static final String ATTRIBUTE_AGENT_TRUSTSTORE_PASSWORD = "agent.truststore.password";
    public static final String ATTRIBUTE_AGENT_TRUSTSTORE_ALIAS = "agent.truststore.alias";
    protected static final String ALREADY_PAIRED = "ALREADY_PAIRED";
    protected static final String PAIRING_NOT_ENABLED = "PAIRING_NOT_ENABLED";
    protected static final String PAIRING_ERROR = "PAIRING_ERROR";
    protected static final String CONNECTOR_ADDRESS = "com.sun.management.jmxremote.localConnectorAddress";
    private static final String DISCOVERY_ENGINE_ATTRIBUTE = "discoveryEngine";
    protected volatile String instanceId;
    private String instanceName;
    protected ServerIdentifier identifier;
    private DiscoveryEngine<ServerIdentifier> discoveryEngine;
    public static final String DISCOVERY_SERVICE_TYPE = "_mule._tcp.local.";
    protected static final String PRODUCT_NAME = "MMC";
    public static final String AGENT_VERSION = "agent-version";
    protected static final String INSTANCE_ID_FILE_NAME = ".instanceId";
    private Server server;
    private ServerConnector secureConnector;
    private MuleContext muleContext;
    private CoreAgent agent;
    private static final String EXCLUDED_CIPHER_SUITES_ATTRIBUTE_NAME = "excludedCipherSuites";
    protected final Log log = LogFactory.getLog(getClass());
    private final AgentManager manager = new AgentManager();
    private final AtomicBoolean isBroadcasting = new AtomicBoolean();
    private final List<String> excludedCipherSuites = new ArrayList();

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String str = (String) httpServletRequest.getAttribute("javax.servlet.include.servlet_path");
        if (str == null) {
            str = httpServletRequest.getServletPath();
        }
        if ("/status".equals(str)) {
            AgentManager agentManager = getAgentManager();
            boolean isPaired = agentManager.isPaired();
            boolean isPairingEnabled = agentManager.isPairingEnabled();
            PrintWriter writer = httpServletResponse.getWriter();
            writer.print("Paired: " + isPaired);
            writer.print("<br/>");
            writer.print("Pairing Enabled: " + isPairingEnabled);
            writer.flush();
            return;
        }
        if (!"/metadata".equals(str)) {
            httpServletResponse.setStatus(400);
            return;
        }
        AgentManager agentManager2 = getAgentManager();
        httpServletResponse.setContentType("application/json");
        PrintWriter writer2 = httpServletResponse.getWriter();
        writer2.print("{\"version\": \"" + agentManager2.getAgentVersion() + "\"}\n");
        writer2.flush();
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String servletPath = httpServletRequest.getServletPath();
        try {
            if ("/pair".equals(servletPath)) {
                pair(httpServletRequest, httpServletResponse);
            } else if ("/unpair".equals(servletPath)) {
                unpair(httpServletResponse);
            } else {
                httpServletResponse.setStatus(404);
            }
        } catch (GeneralSecurityException e) {
            log(e.getMessage(), e);
            throw new ServletException(e);
        } catch (Exception e2) {
            log(e2.getMessage(), e2);
            throw new ServletException(e2);
        }
    }

    protected void pair(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        PrintWriter writer = httpServletResponse.getWriter();
        boolean z = false;
        if (getAgentManager().isPaired()) {
            httpServletResponse.setStatus(401);
            writer.write(ALREADY_PAIRED);
        } else if (!getAgentManager().isPairingEnabled()) {
            httpServletResponse.setStatus(500);
            writer.write(PAIRING_NOT_ENABLED);
        } else if (getAgentManager().pair(httpServletRequest.getInputStream())) {
            httpServletResponse.setStatus(200);
            log("Paired with " + getProductName() + " server!");
            try {
                writer.write("OK " + createSecureConnector(httpServletRequest, httpServletResponse));
                stopAgentBroadcasting();
                startAgentBroadcasting();
                z = true;
            } catch (Exception e) {
                try {
                    getAgentManager().unpair();
                } catch (Exception e2) {
                    log("Caught an exception while rolling back pairing process.", e2);
                }
                throw e;
            }
        } else {
            httpServletResponse.setStatus(500);
            writer.write(PAIRING_ERROR);
        }
        writer.close();
        if (z) {
            shutdownUnsecureConnector();
        }
    }

    protected void unpair(HttpServletResponse httpServletResponse) throws Exception {
        if (getAgentManager().isPairingEnabled()) {
            log("Unpaired from " + getProductName() + " server!");
            httpServletResponse.setStatus(200);
            try {
                httpServletResponse.getOutputStream().close();
            } catch (IOException e) {
                if (this.log.isDebugEnabled()) {
                    this.log.debug(e);
                }
            }
            doShutdownSecureConnector();
            getAgentManager().unpair();
            stopAgentBroadcasting();
            saveInstanceId(null);
            this.identifier = createServerIdentifier();
            startAgentBroadcasting();
        }
    }

    public void enableSecureConnectorIfPaired() throws Exception {
        createSecureConnector(null, null);
        if (getAgentManager().isPaired()) {
            shutdownUnsecureConnector();
        }
    }

    protected void shutdownUnsecureConnector() throws Exception {
        this.agent.shutdownUnsecureConnector();
        this.secureConnector.start();
    }

    protected AgentManager getAgentManager() {
        return this.manager;
    }

    @Override // javax.servlet.GenericServlet
    public void init() throws ServletException {
        try {
            log("Starting " + getProductName() + " Agent.");
            this.server = (Server) getServletContext().getAttribute(CoreAgent.JETTY_SERVER_KEY);
            this.muleContext = (MuleContext) getServletContext().getAttribute("muleContext");
            this.agent = (CoreAgent) getServletContext().getAttribute(CoreAgent.CONSOLE_AGENT_KEY);
            String initParameter = getServletContext().getInitParameter(EXCLUDED_CIPHER_SUITES_ATTRIBUTE_NAME);
            if (initParameter != null) {
                this.log.debug("Excluded cipher suites <" + initParameter + ">");
                for (String str : initParameter.split(",")) {
                    this.excludedCipherSuites.add(str.trim());
                }
            }
            this.discoveryEngine = (DiscoveryEngine) getServletContext().getAttribute(DISCOVERY_ENGINE_ATTRIBUTE);
            if (this.discoveryEngine == null) {
                throw new IllegalArgumentException("Could not access attribute <discoveryEngine>");
            }
            this.manager.setSystemPropertyPrefix(getSystemPropertyPrefix());
            configureManager(this.manager);
            if (!this.manager.isAlreadyInitialised()) {
                this.manager.initialize(getServletContext());
                this.manager.setAlreadyInitialised(true);
            }
            this.instanceId = createInstanceId();
            this.instanceName = createInstanceName();
            log("Initialized " + this + " with ID " + this.instanceId);
            if (isSecureConnectorCreatedOnStartup()) {
                createSecureConnector(null, null);
            }
            this.identifier = createServerIdentifier();
            if (shouldBroadcastOnStartup()) {
                startAgentBroadcasting();
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    protected boolean shouldBroadcastOnStartup() {
        return getAgentManager().isBroadcastingEnabled();
    }

    protected String createInstanceId() {
        try {
            String iOUtils = IOUtils.toString(new FileReader(new File(this.muleContext.getConfiguration().getWorkingDirectory(), INSTANCE_ID_FILE_NAME)));
            getServletContext().setAttribute("instanceId", iOUtils);
            return iOUtils;
        } catch (IOException unused) {
            try {
                String uuid = UUID.randomUUID().toString();
                saveInstanceId(uuid);
                return uuid;
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
    }

    protected void saveInstanceId(String str) throws IOException {
        File file = new File(this.muleContext.getConfiguration().getWorkingDirectory(), INSTANCE_ID_FILE_NAME);
        if (str == null) {
            str = UUID.randomUUID().toString();
        }
        FileWriter fileWriter = null;
        try {
            fileWriter = new FileWriter(file);
            IOUtils.write(str, (Writer) fileWriter);
            IOUtils.closeQuietly((Writer) fileWriter);
            getServletContext().setAttribute("instanceId", str);
            this.instanceId = str;
        } catch (Throwable th) {
            IOUtils.closeQuietly((Writer) fileWriter);
            throw th;
        }
    }

    protected String createInstanceName() {
        return System.getProperty("mule.serverId");
    }

    protected boolean isSecureConnectorCreatedOnStartup() {
        return false;
    }

    protected String getSystemPropertyPrefix() {
        return "mule.mmc.";
    }

    protected String getAgentPropertiesPath() {
        String property = System.getProperty("mmc.agent.properties");
        if (property == null || !new File(property).exists()) {
            property = getServletContext().getRealPath("WEB-INF/agent.properties");
        }
        return property;
    }

    protected void configureManager(AgentManager agentManager) throws ServletException {
        try {
            File canonicalFile = new File(this.muleContext.getConfiguration().getWorkingDirectory()).getCanonicalFile();
            File file = new File(canonicalFile, "keystore.jks");
            InputStream resourceAsStream = getClass().getResourceAsStream("/mmc-support-app/keystore.jks");
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                IOUtils.copy(resourceAsStream, fileOutputStream);
                IOUtils.closeQuietly(resourceAsStream);
                IOUtils.closeQuietly((OutputStream) fileOutputStream);
                String agentPropertiesPath = getAgentPropertiesPath();
                ServletContext servletContext = getServletContext();
                agentManager.setPropertiesFile(agentPropertiesPath);
                try {
                    agentManager.setPropertiesFile(agentPropertiesPath);
                    agentManager.setKeyStoreLocation(file.getAbsolutePath());
                    agentManager.setTrustStoreLocation(new File(canonicalFile, "truststore.jks").getAbsolutePath());
                    getServletContext().setAttribute("agent.truststore.path", agentManager.getTrustStoreLocation());
                    agentManager.setPropertiesStream(getClass().getResourceAsStream("/agent.properties"));
                    if (!agentManager.isAlreadyInitialised()) {
                        agentManager.initialize(servletContext);
                        agentManager.setAlreadyInitialised(true);
                    }
                    servletContext.setAttribute("agent.truststore.path", agentManager.getTrustStoreLocation());
                    servletContext.setAttribute("agent.truststore.password", agentManager.getTrustStorePassword());
                    servletContext.setAttribute("agent.truststore.alias", agentManager.getCertificateAlias());
                } catch (IOException e) {
                    throw new RuntimeException(e);
                }
            } catch (Throwable th) {
                IOUtils.closeQuietly(resourceAsStream);
                IOUtils.closeQuietly((OutputStream) fileOutputStream);
                throw th;
            }
        } catch (IOException e2) {
            throw new ServletException(e2);
        }
    }

    protected void doShutdownSecureConnector() throws Exception {
        this.server.removeConnector(this.secureConnector);
        this.secureConnector.stop();
        this.agent.startUnsecureConnector();
    }

    protected String createSecureConnector(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        return (getAgentManager().isPairingEnabled() && getAgentManager().isPaired()) ? doCreateSecureConnector(httpServletRequest, httpServletResponse) : "";
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String toString(String[] strArr) {
        StringBuilder sb = new StringBuilder();
        sb.append("[\n");
        for (String str : strArr) {
            sb.append(str).append("\n");
        }
        sb.append("[\n");
        return sb.toString();
    }

    protected String getHost() throws UnknownHostException {
        String host = this.secureConnector.getHost();
        return host != null ? host : NetworkUtils.getLocalHost().getHostAddress();
    }

    protected String doCreateSecureConnector(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        SslContextFactory sslContextFactory = new SslContextFactory() { // from class: com.mulesoft.mmc.agent.web.AgentServlet.1
            @Override // org.eclipse.jetty.util.ssl.SslContextFactory
            public SSLServerSocket newSslServerSocket(String str, int i, int i2) throws IOException {
                SSLServerSocket newSslServerSocket = super.newSslServerSocket(str, i, i2);
                if (newSslServerSocket instanceof SSLServerSocket) {
                    newSslServerSocket.setNeedClientAuth(true);
                    if (AgentServlet.this.log.isInfoEnabled()) {
                        AgentServlet.this.log.info("Using cipher suites <" + AgentServlet.toString(newSslServerSocket.getEnabledCipherSuites()) + ">");
                        AgentServlet.this.log.debug("Among available cipher suites <" + AgentServlet.toString(newSslServerSocket.getSupportedCipherSuites()) + ">");
                    }
                }
                return newSslServerSocket;
            }
        };
        if (!this.excludedCipherSuites.isEmpty()) {
            sslContextFactory.setExcludeCipherSuites((String[]) this.excludedCipherSuites.toArray(new String[this.excludedCipherSuites.size()]));
        }
        if (SystemUtils.isIbmJDK()) {
            sslContextFactory.setSslKeyManagerFactoryAlgorithm("IbmX509");
            sslContextFactory.setTrustManagerFactoryAlgorithm("IbmX509");
            sslContextFactory.setProtocol("SSL_TLS");
        }
        File createTempFile = File.createTempFile("truststore", "jks");
        FileInputStream fileInputStream = new FileInputStream(getAgentManager().getTrustStoreLocation());
        FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
        try {
            IOUtils.copy(fileInputStream, fileOutputStream);
            IOUtils.closeQuietly((InputStream) fileInputStream);
            IOUtils.closeQuietly((OutputStream) fileOutputStream);
            createTempFile.deleteOnExit();
            sslContextFactory.setKeyStorePath(getAgentManager().getKeystoreLocation());
            sslContextFactory.setKeyStorePassword(getAgentManager().getTrustStorePassword());
            sslContextFactory.setTrustStorePassword(getAgentManager().getTrustStorePassword());
            sslContextFactory.setTrustStorePath(createTempFile.getAbsolutePath());
            sslContextFactory.setNeedClientAuth(true);
            this.secureConnector = new ServerConnector(this.server, sslContextFactory);
            this.secureConnector.setPort(this.agent.getPort());
            this.secureConnector.setReuseAddress(true);
            this.server.addConnector(this.secureConnector);
            return "https://" + getHost() + ":" + getPort() + "/mmc-support";
        } catch (Throwable th) {
            IOUtils.closeQuietly((InputStream) fileInputStream);
            IOUtils.closeQuietly((OutputStream) fileOutputStream);
            createTempFile.deleteOnExit();
            throw th;
        }
    }

    protected Map<String, String> getServiceMetadata() {
        HashMap hashMap = new HashMap();
        hashMap.put("type", MuleManifest.getProductVersion());
        hashMap.put(AGENT_VERSION, getAgentManager().getAgentVersion());
        return hashMap;
    }

    protected int getPort() {
        return this.agent.getPort();
    }

    protected String getServiceType() {
        return DISCOVERY_SERVICE_TYPE;
    }

    protected String getProductName() {
        return PRODUCT_NAME;
    }

    protected ServerIdentifier createServerIdentifier() {
        ServerIdentifier serverIdentifier = new ServerIdentifier();
        Map<String, String> serviceMetadata = getServiceMetadata();
        serviceMetadata.put("paired", Boolean.toString(getAgentManager().isPaired()));
        serviceMetadata.put("pairable", String.valueOf(getAgentManager().isPairingEnabled()));
        serverIdentifier.setConfiguration(serviceMetadata);
        if (this.instanceName != null) {
            serverIdentifier.setName(this.instanceName);
        }
        serverIdentifier.setPort(getPort());
        serverIdentifier.setId(this.instanceId);
        return serverIdentifier;
    }

    protected synchronized void startAgentBroadcasting() throws IOException {
        if (isTestMode() || !getAgentManager().isBroadcastingEnabled()) {
            return;
        }
        if (this.isBroadcasting.get()) {
            throw new IllegalStateException("Agent broadcasting already started.");
        }
        this.discoveryEngine.announce(this.identifier);
    }

    protected synchronized void stopAgentBroadcasting() throws IOException {
        if (isTestMode() || !getAgentManager().isBroadcastingEnabled()) {
            return;
        }
        if (this.isBroadcasting.get()) {
            throw new IllegalStateException("Agent broadcasting not started.");
        }
        this.discoveryEngine.unannounce(this.identifier);
    }

    private boolean isTestMode() {
        return Boolean.parseBoolean(System.getProperty("test.mode", "false"));
    }
}
