package org.apereo.cas.tomcat;

import java.util.Locale;
import lombok.Generated;
import org.apache.catalina.Context;
import org.apache.catalina.ha.session.BackupManager;
import org.apache.catalina.ha.session.ClusterManagerBase;
import org.apache.catalina.ha.session.ClusterSessionListener;
import org.apache.catalina.ha.session.DeltaManager;
import org.apache.catalina.ha.session.JvmRouteBinderValve;
import org.apache.catalina.ha.tcp.ReplicationValve;
import org.apache.catalina.ha.tcp.SimpleTcpCluster;
import org.apache.catalina.startup.Tomcat;
import org.apache.catalina.tribes.group.GroupChannel;
import org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor;
import org.apache.catalina.tribes.group.interceptors.StaticMembershipInterceptor;
import org.apache.catalina.tribes.group.interceptors.TcpFailureDetector;
import org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor;
import org.apache.catalina.tribes.membership.McastService;
import org.apache.catalina.tribes.membership.StaticMember;
import org.apache.catalina.tribes.membership.cloud.CloudMembershipService;
import org.apache.catalina.tribes.transport.ReplicationTransmitter;
import org.apache.catalina.tribes.transport.nio.NioReceiver;
import org.apache.catalina.tribes.transport.nio.PooledParallelSender;
import org.apache.catalina.webresources.ExtractingRoot;
import org.apache.commons.lang3.StringUtils;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.web.tomcat.CasEmbeddedApacheTomcatClusteringProperties;
import org.apereo.cas.monitor.NotMonitorable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.web.ServerProperties;
import org.springframework.boot.web.embedded.tomcat.TomcatContextCustomizer;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.embedded.tomcat.TomcatWebServer;

@NotMonitorable
/* loaded from: input_file:org/apereo/cas/tomcat/CasTomcatServletWebServerFactory.class */
public class CasTomcatServletWebServerFactory extends TomcatServletWebServerFactory {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(CasTomcatServletWebServerFactory.class);
    private final CasConfigurationProperties casProperties;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apereo/cas/tomcat/CasTomcatServletWebServerFactory$ClusterMemberDesc.class */
    public static final class ClusterMemberDesc {
        private static final int UNIQUE_ID_LIMIT = 255;
        private static final int UNIQUE_ID_ITERATIONS = 16;
        private final String address;
        private final int port;
        private String uniqueId;

        ClusterMemberDesc(String str) {
            String[] split = str.split(":", -1);
            this.address = split[0];
            this.port = Integer.parseInt(split[1]);
            int parseInt = Integer.parseInt(split[2]);
            if (parseInt < 0 || parseInt > UNIQUE_ID_LIMIT) {
                throw new IllegalArgumentException("Invalid unique index: must be >= 0 and < 256");
            }
            this.uniqueId = "{";
            int i = 0;
            while (i < UNIQUE_ID_ITERATIONS) {
                if (i != 0) {
                    this.uniqueId += ",";
                }
                this.uniqueId += (parseInt % 256);
                i++;
                parseInt++;
            }
            this.uniqueId += "}";
        }

        @Generated
        public String getAddress() {
            return this.address;
        }

        @Generated
        public int getPort() {
            return this.port;
        }

        @Generated
        public String getUniqueId() {
            return this.uniqueId;
        }

        @Generated
        public String toString() {
            return "CasTomcatServletWebServerFactory.ClusterMemberDesc(address=" + this.address + ", port=" + this.port + ", uniqueId=" + this.uniqueId + ")";
        }
    }

    public CasTomcatServletWebServerFactory(CasConfigurationProperties casConfigurationProperties, ServerProperties serverProperties) {
        super(serverProperties.getPort().intValue());
        if (StringUtils.isNotBlank(serverProperties.getServlet().getContextPath())) {
            setContextPath(serverProperties.getServlet().getContextPath());
        }
        this.casProperties = casConfigurationProperties;
        configureContextForSessionClustering();
    }

    protected void postProcessContext(Context context) {
        this.casProperties.getServer().getTomcat().getHttp().stream().filter(casEmbeddedApacheTomcatHttpProperties -> {
            return casEmbeddedApacheTomcatHttpProperties.getRedirectPort() > 0;
        }).forEach(casEmbeddedApacheTomcatHttpProperties2 -> {
            SecurityConstraint securityConstraint = new SecurityConstraint();
            securityConstraint.setUserConstraint("CONFIDENTIAL");
            SecurityCollection securityCollection = new SecurityCollection();
            securityCollection.addPattern("/*");
            securityConstraint.addCollection(securityCollection);
            context.addConstraint(securityConstraint);
        });
        context.setReloadable(false);
        context.setResources(new ExtractingRoot());
    }

    protected TomcatWebServer getTomcatWebServer(Tomcat tomcat) {
        configureSessionClustering(tomcat);
        return super.getTomcatWebServer(tomcat);
    }

    private void configureSessionClustering(Tomcat tomcat) {
        CasEmbeddedApacheTomcatClusteringProperties clustering = this.casProperties.getServer().getTomcat().getClustering();
        if (!clustering.isEnabled()) {
            LOGGER.trace("Tomcat session clustering/replication is turned off");
            return;
        }
        SimpleTcpCluster simpleTcpCluster = new SimpleTcpCluster();
        GroupChannel groupChannel = new GroupChannel();
        NioReceiver nioReceiver = new NioReceiver();
        nioReceiver.setPort(clustering.getReceiverPort());
        nioReceiver.setTimeout(clustering.getReceiverTimeout());
        nioReceiver.setMaxThreads(clustering.getReceiverMaxThreads());
        nioReceiver.setAddress(clustering.getReceiverAddress());
        nioReceiver.setAutoBind(clustering.getReceiverAutoBind());
        groupChannel.setChannelReceiver(nioReceiver);
        ReplicationTransmitter replicationTransmitter = new ReplicationTransmitter();
        replicationTransmitter.setTransport(new PooledParallelSender());
        groupChannel.setChannelSender(replicationTransmitter);
        groupChannel.addInterceptor(new TcpPingInterceptor());
        groupChannel.addInterceptor(new TcpFailureDetector());
        groupChannel.addInterceptor(new MessageDispatchInterceptor());
        simpleTcpCluster.setChannelSendOptions(clustering.getChannelSendOptions());
        simpleTcpCluster.setManagerTemplate(getClusteringManagerInstance());
        simpleTcpCluster.addValve(new ReplicationValve());
        simpleTcpCluster.addValve(new JvmRouteBinderValve());
        simpleTcpCluster.addClusterListener(new ClusterSessionListener());
        if ("CLOUD".equalsIgnoreCase(clustering.getClusteringType())) {
            CloudMembershipService cloudMembershipService = new CloudMembershipService();
            cloudMembershipService.setMembershipProviderClassName(clustering.getCloudMembershipProvider());
            groupChannel.setMembershipService(cloudMembershipService);
            LOGGER.trace("Tomcat session clustering/replication configured using cloud membership provider [{}]", clustering.getCloudMembershipProvider());
        } else {
            McastService mcastService = new McastService();
            mcastService.setPort(clustering.getMembershipPort());
            mcastService.setAddress(clustering.getMembershipAddress());
            mcastService.setFrequency(clustering.getMembershipFrequency());
            mcastService.setDropTime(clustering.getMembershipDropTime());
            mcastService.setRecoveryEnabled(clustering.isMembershipRecoveryEnabled());
            mcastService.setRecoveryCounter(clustering.getMembershipRecoveryCounter());
            mcastService.setLocalLoopbackDisabled(clustering.isMembershipLocalLoopbackDisabled());
            groupChannel.setMembershipService(mcastService);
            String clusterMembers = clustering.getClusterMembers();
            if (StringUtils.isNotBlank(clusterMembers)) {
                StaticMembershipInterceptor staticMembershipInterceptor = new StaticMembershipInterceptor();
                for (String str : clusterMembers.split(",", -1)) {
                    ClusterMemberDesc clusterMemberDesc = new ClusterMemberDesc(str);
                    StaticMember staticMember = new StaticMember();
                    staticMember.setHost(clusterMemberDesc.getAddress());
                    staticMember.setPort(clusterMemberDesc.getPort());
                    staticMember.setDomain("CAS");
                    staticMember.setUniqueId(clusterMemberDesc.getUniqueId());
                    staticMembershipInterceptor.addStaticMember(staticMember);
                    groupChannel.addInterceptor(staticMembershipInterceptor);
                }
            }
        }
        simpleTcpCluster.setChannel(groupChannel);
        tomcat.getEngine().setCluster(simpleTcpCluster);
    }

    private void configureContextForSessionClustering() {
        if (this.casProperties.getServer().getTomcat().getClustering().isEnabled()) {
            addContextCustomizers(new TomcatContextCustomizer[]{context -> {
                context.setManager(getClusteringManagerInstance());
                context.setDistributable(true);
            }});
        } else {
            LOGGER.trace("Tomcat session clustering/replication is turned off");
        }
    }

    private ClusterManagerBase getClusteringManagerInstance() {
        CasEmbeddedApacheTomcatClusteringProperties clustering = this.casProperties.getServer().getTomcat().getClustering();
        if (!"DELTA".equalsIgnoreCase(clustering.getManagerType().toUpperCase(Locale.ENGLISH))) {
            BackupManager backupManager = new BackupManager();
            backupManager.setNotifyListenersOnReplication(true);
            return backupManager;
        }
        DeltaManager deltaManager = new DeltaManager();
        deltaManager.setExpireSessionsOnShutdown(clustering.isExpireSessionsOnShutdown());
        deltaManager.setNotifyListenersOnReplication(true);
        return deltaManager;
    }
}
