package org.jolokia.jvmagent;

import com.sun.net.httpserver.BasicAuthenticator;
import com.sun.net.httpserver.HttpContext;
import com.sun.net.httpserver.HttpServer;
import com.sun.net.httpserver.HttpsConfigurator;
import com.sun.net.httpserver.HttpsParameters;
import com.sun.net.httpserver.HttpsServer;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.util.concurrent.Executors;
import java.util.concurrent.ThreadFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:jolokia-jvm-1.1.1-agent.jar:org/jolokia/jvmagent/JolokiaServer.class */
public class JolokiaServer {
    private JolokiaServerConfig config;
    private boolean lazy;
    private HttpServer httpServer;
    private String url;
    private JolokiaHttpHandler jolokiaHttpHandler;
    private CleanupThread cleaner = null;
    private ThreadFactory daemonThreadFactory = new DaemonThreadFactory();

    /* loaded from: input_file:jolokia-jvm-1.1.1-agent.jar:org/jolokia/jvmagent/JolokiaServer$DaemonThreadFactory.class */
    private static class DaemonThreadFactory implements ThreadFactory {
        private DaemonThreadFactory() {
        }

        @Override // java.util.concurrent.ThreadFactory
        public Thread newThread(Runnable runnable) {
            Thread thread = new Thread(runnable);
            thread.setDaemon(true);
            return thread;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jolokia-jvm-1.1.1-agent.jar:org/jolokia/jvmagent/JolokiaServer$JolokiaAuthenticator.class */
    public static class JolokiaAuthenticator extends BasicAuthenticator {
        private String user;
        private String password;

        JolokiaAuthenticator(String str, String str2) {
            super("jolokia");
            this.user = str;
            this.password = str2;
        }

        public boolean checkCredentials(String str, String str2) {
            return this.user.equals(str) && this.password.equals(str2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jolokia-jvm-1.1.1-agent.jar:org/jolokia/jvmagent/JolokiaServer$JolokiaHttpsConfigurator.class */
    public static final class JolokiaHttpsConfigurator extends HttpsConfigurator {
        private boolean useClientAuthentication;

        private JolokiaHttpsConfigurator(SSLContext sSLContext, boolean z) {
            super(sSLContext);
            this.useClientAuthentication = z;
        }

        public void configure(HttpsParameters httpsParameters) {
            try {
                SSLContext sSLContext = SSLContext.getDefault();
                SSLEngine createSSLEngine = sSLContext.createSSLEngine();
                httpsParameters.setNeedClientAuth(this.useClientAuthentication);
                httpsParameters.setCipherSuites(createSSLEngine.getEnabledCipherSuites());
                httpsParameters.setProtocols(createSSLEngine.getEnabledProtocols());
                httpsParameters.setSSLParameters(sSLContext.getDefaultSSLParameters());
            } catch (NoSuchAlgorithmException e) {
                throw new IllegalArgumentException("jolokia: Exception while configuring SSL context: " + e, e);
            }
        }
    }

    public JolokiaServer(JolokiaServerConfig jolokiaServerConfig, boolean z) throws IOException {
        init(jolokiaServerConfig, z);
    }

    protected JolokiaServer() {
    }

    public void start() {
        this.jolokiaHttpHandler.start(this.lazy);
        ThreadGroup threadGroup = new ThreadGroup("jolokia");
        threadGroup.setDaemon(false);
        new Thread(threadGroup, new Runnable() { // from class: org.jolokia.jvmagent.JolokiaServer.1
            @Override // java.lang.Runnable
            public void run() {
                JolokiaServer.this.httpServer.start();
            }
        }).start();
        this.cleaner = new CleanupThread(this.httpServer, threadGroup);
        this.cleaner.start();
    }

    public void stop() {
        this.jolokiaHttpHandler.stop();
        if (this.cleaner != null) {
            this.cleaner.stopServer();
        }
    }

    public String getUrl() {
        return this.url;
    }

    public JolokiaServerConfig getServerConfig() {
        return this.config;
    }

    protected final void init(JolokiaServerConfig jolokiaServerConfig, boolean z) throws IOException {
        this.config = jolokiaServerConfig;
        this.lazy = z;
        int port = this.config.getPort();
        InetAddress address = this.config.getAddress();
        String protocol = this.config.getProtocol();
        InetSocketAddress inetSocketAddress = new InetSocketAddress(address, port);
        if (protocol.equalsIgnoreCase("https")) {
            this.httpServer = createHttpsServer(inetSocketAddress);
        } else {
            this.httpServer = HttpServer.create(inetSocketAddress, this.config.getBacklog());
        }
        String contextPath = this.config.getContextPath();
        this.jolokiaHttpHandler = new JolokiaHttpHandler(this.config.getJolokiaConfig());
        addAuthenticatorIfNeeded(this.config.getUser(), this.config.getPassword(), this.httpServer.createContext(contextPath, this.jolokiaHttpHandler));
        initializeExecutor();
        InetSocketAddress address2 = this.httpServer.getAddress();
        this.url = String.format("%s://%s:%d%s", protocol, (address2.getAddress() != null ? address2.getAddress() : address).getCanonicalHostName(), Integer.valueOf(address2.getPort()), contextPath);
    }

    private void addAuthenticatorIfNeeded(String str, String str2, HttpContext httpContext) {
        if (str != null) {
            if (str2 == null) {
                throw new SecurityException("No password given for user " + str);
            }
            httpContext.setAuthenticator(new JolokiaAuthenticator(str, str2));
        }
    }

    private void initializeExecutor() {
        String executor = this.config.getExecutor();
        this.httpServer.setExecutor("fixed".equalsIgnoreCase(executor) ? Executors.newFixedThreadPool(this.config.getThreadNr(), this.daemonThreadFactory) : "cached".equalsIgnoreCase(executor) ? Executors.newCachedThreadPool(this.daemonThreadFactory) : Executors.newSingleThreadExecutor(this.daemonThreadFactory));
    }

    private HttpServer createHttpsServer(InetSocketAddress inetSocketAddress) {
        try {
            HttpsServer create = HttpsServer.create(inetSocketAddress, this.config.getBacklog());
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            char[] keystorePassword = this.config.getKeystorePassword();
            KeyStore keyStore = KeyStore.getInstance("JKS");
            FileInputStream fileInputStream = null;
            try {
                fileInputStream = new FileInputStream(this.config.getKeystore());
                keyStore.load(fileInputStream, keystorePassword);
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, keystorePassword);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                trustManagerFactory.init(keyStore);
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
                create.setHttpsConfigurator(new JolokiaHttpsConfigurator(sSLContext, this.config.useClientAuthentication()));
                return create;
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th;
            }
        } catch (IOException e) {
            throw new IllegalStateException("Cannot open keystore for https communication: " + e, e);
        } catch (GeneralSecurityException e2) {
            throw new IllegalStateException("Cannot use keystore for https communication: " + e2, e2);
        }
    }

    public InetSocketAddress getAddress() {
        return this.httpServer.getAddress();
    }
}
