package com.dtolabs.rundeck;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.Properties;
import org.eclipse.jetty.plus.jaas.JAASLoginService;
import org.eclipse.jetty.plus.jaas.spi.PropertyFileLoginModule;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.nio.SelectChannelConnector;
import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;

/* loaded from: input_file:lib/rundeck-jetty-server-2.6.11.jar:com/dtolabs/rundeck/RunServer.class */
public class RunServer {
    public static final String SERVER_HTTP_HOST = "server.http.host";
    public static final String RUNDECK_JETTY_CONNECTOR_FORWARDED = "rundeck.jetty.connector.forwarded";
    public static final String RUNDECK_JETTY_SSL_CONNECTOR_EXCLUDED_PROTOCOLS = "rundeck.jetty.connector.ssl.excludedProtocols";
    public static final String RUNDECK_JETTY_SSL_CONNECTOR_INCLUDED_PROTOCOLS = "rundeck.jetty.connector.ssl.includedProtocols";
    public static final String RUNDECK_JETTY_SSL_CONNECTOR_EXCLUDED_CIPHER_SUITES = "rundeck.jetty.connector.ssl.excludedCipherSuites";
    public static final String RUNDECK_JETTY_SSL_CONNECTOR_INCLUDED_CIPHER_SUITES = "rundeck.jetty.connector.ssl.includedCipherSuites";
    public static final String DEFAULT_SSL_CONNECTER_EXCLUDED_PROTOCOLS = "SSLv3";
    public static final String DEFAULT_SSL_CONNECTER_INCLUDED_PROTOCOLS = null;
    public static final String DEFAULT_SSL_CONNECTER_EXCLUDED_CIPHER_SUITES = null;
    public static final String DEFAULT_SSL_CONNECTER_INCLUDED_CIPHER_SUITES = null;
    int port = Integer.getInteger("server.http.port", 4440).intValue();
    int httpsPort = Integer.getInteger("server.https.port", 4443).intValue();
    File basedir;
    File serverdir;
    private static final String REALM_NAME = "rundeckrealm";
    private static final String SYS_PROP_LOGIN_MODULE = "loginmodule.name";
    private static final String SYS_PROP_ROLE_CLASS_NAMES = "loginmodule.role.classnames";
    public static final String SYS_PROP_WEB_CONTEXT = "server.web.context";
    File configdir;
    File workdir;
    String loginmodulename;
    String roleclassnames;
    private boolean useJaas;
    private static final String RUNDECK_JAASLOGIN = "rundeck.jaaslogin";
    public static final String RUNDECK_SSL_CONFIG = "rundeck.ssl.config";
    public static final String RUNDECK_KEYSTORE = "keystore";
    public static final String RUNDECK_KEYSTORE_PASSWORD = "keystore.password";
    public static final String RUNDECK_KEY_PASSWORD = "key.password";
    public static final String RUNDECK_TRUSTSTORE = "truststore";
    public static final String RUNDECK_TRUSTSTORE_PASSWORD = "truststore.password";
    private String keystore;
    private String keystorePassword;
    private String keyPassword;
    private String truststore;
    private String truststorePassword;
    private String appContext;
    private static final String RUNDECK_SERVER_SERVER_DIR = "rundeck.server.serverDir";
    private static final String RUNDECK_SERVER_CONFIG_DIR = "rundeck.server.configDir";
    private static final String RUNDECK_SERVER_WORK_DIR = "rundeck.server.workDir";

    public static void main(String[] strArr) throws Exception {
        new RunServer().run(strArr);
    }

    public RunServer() {
        this.useJaas = null == System.getProperty(RUNDECK_JAASLOGIN) || Boolean.getBoolean(RUNDECK_JAASLOGIN);
        this.loginmodulename = System.getProperty(SYS_PROP_LOGIN_MODULE, "rundecklogin");
        this.roleclassnames = System.getProperty(SYS_PROP_ROLE_CLASS_NAMES, null);
        this.appContext = System.getProperty(SYS_PROP_WEB_CONTEXT, "/");
    }

    public void run(String[] strArr) throws Exception {
        parseArgs(strArr);
        init();
        if (null != this.basedir) {
            System.setProperty("rdeck.base", this.basedir.getAbsolutePath());
        }
        Server server = new Server();
        if (isSSLEnabled()) {
            configureSSLConnector(server);
        } else {
            warnNoSSLConfig();
            configureHTTPConnector(server);
        }
        server.setStopAtShutdown(true);
        server.setHandler(createWebAppContext(new File(this.serverdir, "exp/webapp")));
        configureRealms(server);
        try {
            server.start();
            server.join();
        } catch (Exception e) {
            e.printStackTrace();
            System.exit(100);
        }
    }

    private void warnNoSSLConfig() {
        System.err.println("WARNING: HTTPS is not enabled, specify -Drundeck.ssl.config=" + this.basedir.getAbsolutePath().replaceAll("\\\\", "/") + "/server/config/ssl.properties to enable.");
    }

    private boolean isSSLEnabled() {
        if (null == System.getProperty(RUNDECK_SSL_CONFIG)) {
            return false;
        }
        if (null == this.keystore) {
            System.err.println("ERROR: keystore property not specified: " + System.getProperty(RUNDECK_SSL_CONFIG));
            return false;
        }
        if (new File(this.keystore).exists()) {
            return true;
        }
        System.err.println("ERROR: keystore file does not exist, you must create it: " + this.keystore);
        return false;
    }

    private void configureHTTPConnector(Server server) {
        SelectChannelConnector selectChannelConnector = new SelectChannelConnector();
        selectChannelConnector.setPort(this.port);
        selectChannelConnector.setHost(System.getProperty(SERVER_HTTP_HOST, null));
        selectChannelConnector.setForwarded(Boolean.getBoolean(RUNDECK_JETTY_CONNECTOR_FORWARDED));
        server.addConnector(selectChannelConnector);
    }

    private void configureSSLConnector(Server server) {
        SslSelectChannelConnector sslSelectChannelConnector = new SslSelectChannelConnector();
        sslSelectChannelConnector.setPort(this.httpsPort);
        sslSelectChannelConnector.setMaxIdleTime(30000);
        sslSelectChannelConnector.setForwarded(Boolean.getBoolean(RUNDECK_JETTY_CONNECTOR_FORWARDED));
        SslContextFactory sslContextFactory = sslSelectChannelConnector.getSslContextFactory();
        sslContextFactory.setKeyStorePath(this.keystore);
        sslContextFactory.setKeyStorePassword(this.keystorePassword);
        sslContextFactory.setKeyManagerPassword(this.keyPassword);
        sslContextFactory.setTrustStore(this.truststore);
        sslContextFactory.setTrustStorePassword(this.truststorePassword);
        sslContextFactory.setExcludeProtocols(System.getProperty(RUNDECK_JETTY_SSL_CONNECTOR_EXCLUDED_PROTOCOLS, DEFAULT_SSL_CONNECTER_EXCLUDED_PROTOCOLS).split(","));
        String property = System.getProperty(RUNDECK_JETTY_SSL_CONNECTOR_INCLUDED_PROTOCOLS, DEFAULT_SSL_CONNECTER_INCLUDED_PROTOCOLS);
        if (null != property) {
            sslContextFactory.setIncludeProtocols(property.split(","));
        }
        String property2 = System.getProperty(RUNDECK_JETTY_SSL_CONNECTOR_EXCLUDED_CIPHER_SUITES, DEFAULT_SSL_CONNECTER_EXCLUDED_CIPHER_SUITES);
        if (property2 != null) {
            sslContextFactory.setExcludeCipherSuites(property2.split(","));
        }
        String property3 = System.getProperty(RUNDECK_JETTY_SSL_CONNECTOR_INCLUDED_CIPHER_SUITES, DEFAULT_SSL_CONNECTER_INCLUDED_CIPHER_SUITES);
        if (property3 != null) {
            sslContextFactory.setIncludeCipherSuites(property3.split(","));
        }
        sslSelectChannelConnector.setHost(System.getProperty(SERVER_HTTP_HOST, null));
        server.addConnector(sslSelectChannelConnector);
    }

    private void configureRealms(Server server) throws IOException {
        if (this.useJaas) {
            configureJAASRealms(server);
        } else {
            configureHashRealms(server);
        }
    }

    private void configureHashRealms(Server server) throws IOException {
        HashLoginService hashLoginService = new HashLoginService();
        hashLoginService.setName(REALM_NAME);
        hashLoginService.setConfig(new File(this.configdir, PropertyFileLoginModule.DEFAULT_FILENAME).getAbsolutePath());
        server.addBean(hashLoginService);
    }

    private void configureJAASRealms(Server server) {
        JAASLoginService jAASLoginService = new JAASLoginService();
        jAASLoginService.setName(REALM_NAME);
        jAASLoginService.setLoginModuleName(this.loginmodulename);
        if (null != this.roleclassnames && !"".equals(this.roleclassnames.trim())) {
            jAASLoginService.setRoleClassNames(this.roleclassnames.split(",\\s*"));
        }
        server.addBean(jAASLoginService);
    }

    private WebAppContext createWebAppContext(File file) throws IOException {
        if (!file.isDirectory() || !new File(file, "WEB-INF").isDirectory()) {
            throw new RuntimeException("expected expanded webapp at location: " + file.getAbsolutePath());
        }
        WebAppContext webAppContext = new WebAppContext(file.getAbsolutePath(), this.appContext);
        webAppContext.setTempDirectory(this.workdir);
        webAppContext.setInitParameter("org.eclipse.jetty.servlet.Default.dirAllowed", "false");
        return webAppContext;
    }

    private void init() {
        if (null != System.getProperty(RUNDECK_SERVER_SERVER_DIR)) {
            this.serverdir = new File(System.getProperty(RUNDECK_SERVER_SERVER_DIR));
        } else {
            this.serverdir = new File(this.basedir, "server");
        }
        if (null != System.getProperty(RUNDECK_SERVER_CONFIG_DIR)) {
            this.configdir = new File(System.getProperty(RUNDECK_SERVER_CONFIG_DIR));
        } else {
            this.configdir = new File(this.serverdir, "config");
        }
        if (null != System.getProperty(RUNDECK_SERVER_WORK_DIR)) {
            this.workdir = new File(System.getProperty(RUNDECK_SERVER_WORK_DIR));
        } else {
            this.workdir = new File(this.serverdir, "work");
        }
        if (null != System.getProperty(RUNDECK_SSL_CONFIG)) {
            Properties properties = new Properties();
            try {
                properties.load(new FileInputStream(System.getProperty(RUNDECK_SSL_CONFIG)));
            } catch (IOException e) {
                System.err.println("Could not load specified rundeck.ssl.config file: " + System.getProperty(RUNDECK_SSL_CONFIG) + ": " + e.getMessage());
                e.printStackTrace(System.err);
            }
            this.keystore = properties.getProperty(RUNDECK_KEYSTORE);
            this.keystorePassword = properties.getProperty(RUNDECK_KEYSTORE_PASSWORD);
            this.keyPassword = properties.getProperty(RUNDECK_KEY_PASSWORD);
            this.truststore = properties.getProperty(RUNDECK_TRUSTSTORE);
            this.truststorePassword = properties.getProperty(RUNDECK_TRUSTSTORE_PASSWORD);
        }
    }

    private void parseArgs(String[] strArr) {
        if (strArr.length <= 0) {
            throw new RuntimeException("Basedir argument required");
        }
        this.basedir = new File(strArr[0]);
        if (strArr.length > 1) {
            this.port = Integer.parseInt(strArr[1]);
        }
        if (strArr.length > 2) {
            this.httpsPort = Integer.parseInt(strArr[2]);
        }
    }
}
