package com.sun.enterprise.v3.admin;

import com.sun.appserv.connectors.internal.api.ConnectorConstants;
import com.sun.enterprise.admin.util.HttpConnectorAddress;
import com.sun.enterprise.config.serverbeans.AdminService;
import com.sun.enterprise.config.serverbeans.Config;
import com.sun.enterprise.config.serverbeans.Domain;
import com.sun.enterprise.config.serverbeans.Server;
import com.sun.enterprise.module.ModulesRegistry;
import com.sun.enterprise.module.common_impl.LogHelper;
import com.sun.enterprise.universal.GFBase64Decoder;
import com.sun.enterprise.util.LocalStringManagerImpl;
import com.sun.enterprise.util.uuid.UuidGeneratorImpl;
import com.sun.enterprise.v3.admin.CommandRunnerImpl;
import com.sun.enterprise.v3.admin.adapter.AdminEndpointDecider;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.annotation.Annotation;
import java.net.InetAddress;
import java.net.URLDecoder;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.inject.Named;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.glassfish.admin.payload.PayloadImpl;
import org.glassfish.api.ActionReport;
import org.glassfish.api.admin.AdminCommand;
import org.glassfish.api.admin.CommandModel;
import org.glassfish.api.admin.CommandRunner;
import org.glassfish.api.admin.ExecuteOn;
import org.glassfish.api.admin.ParameterMap;
import org.glassfish.api.admin.Payload;
import org.glassfish.api.admin.RuntimeType;
import org.glassfish.api.admin.ServerEnvironment;
import org.glassfish.api.container.Adapter;
import org.glassfish.api.event.EventListener;
import org.glassfish.api.event.EventTypes;
import org.glassfish.api.event.Events;
import org.glassfish.api.event.RestrictTo;
import org.glassfish.grizzly.http.Cookie;
import org.glassfish.grizzly.http.server.HttpHandler;
import org.glassfish.grizzly.http.server.Request;
import org.glassfish.grizzly.http.server.Response;
import org.glassfish.grizzly.http.server.StaticHttpHandler;
import org.glassfish.grizzly.http.util.CookieSerializerUtils;
import org.glassfish.grizzly.http.util.HttpStatus;
import org.glassfish.hk2.api.PostConstruct;
import org.glassfish.hk2.api.ServiceLocator;
import org.glassfish.hk2.utilities.BuilderHelper;
import org.glassfish.internal.api.AdminAccessController;
import org.glassfish.internal.api.Privacy;
import org.glassfish.internal.api.RemoteAdminAccessException;
import org.glassfish.internal.api.ServerContext;
import org.glassfish.kernel.KernelLoggerInfo;
import org.glassfish.server.ServerEnvironmentImpl;

/* loaded from: input_file:com/sun/enterprise/v3/admin/AdminAdapter.class */
public abstract class AdminAdapter extends StaticHttpHandler implements Adapter, PostConstruct, EventListener {
    public static final String VS_NAME = "__asadmin";
    public static final String PREFIX_URI = "/__asadmin";
    private static final LocalStringManagerImpl adminStrings = new LocalStringManagerImpl(AdminAdapter.class);
    private static final Logger aalogger = KernelLoggerInfo.getLogger();
    private static final GFBase64Decoder decoder = new GFBase64Decoder();
    private static final String BASIC = "Basic ";
    private static final String SET_COOKIE_HEADER = "Set-Cookie";
    public static final String SESSION_COOKIE_NAME = "JSESSIONID";
    public static final int MAX_AGE = 86400;
    public static final String ASADMIN_PATH = "/__asadmin";
    private static final String QUERY_STRING_SEPARATOR = "&";

    @Inject
    ModulesRegistry modulesRegistry;

    @Inject
    CommandRunnerImpl commandRunner;

    @Inject
    ServerEnvironmentImpl env;

    @Inject
    Events events;

    @Inject
    @Named(ServerEnvironment.DEFAULT_INSTANCE_NAME)
    Config config;
    private AdminEndpointDecider epd;

    @Inject
    ServerContext sc;

    @Inject
    ServiceLocator habitat;

    @Inject
    @Named(ServerEnvironment.DEFAULT_INSTANCE_NAME)
    volatile AdminService as;

    @Inject
    volatile Domain domain;

    @Inject
    @Named(ServerEnvironment.DEFAULT_INSTANCE_NAME)
    private volatile Server server;

    @Inject
    AdminAccessController authenticator;
    final Class<? extends Privacy> privacyClass;
    private boolean isRegistered;
    CountDownLatch latch;

    /* JADX INFO: Access modifiers changed from: protected */
    public AdminAdapter(Class<? extends Privacy> cls) {
        super((Set<String>) null);
        this.epd = null;
        this.isRegistered = false;
        this.latch = new CountDownLatch(1);
        this.privacyClass = cls;
    }

    @Override // org.glassfish.api.container.Adapter
    public final HttpHandler getHttpService() {
        return this;
    }

    @Override // org.glassfish.hk2.api.PostConstruct
    public void postConstruct() {
        this.events.register(this);
        this.epd = new AdminEndpointDecider(this.config);
        addDocRoot(this.env.getProps().get("com.sun.aas.instanceRoot") + "/asadmindocroot/");
    }

    @Override // org.glassfish.grizzly.http.server.StaticHttpHandlerBase
    public void onMissingResource(Request request, Response response) {
        LogHelper.getDefaultLogger().log(Level.FINER, "Received something on {0}", request.getRequestURI());
        LogHelper.getDefaultLogger().log(Level.FINER, "QueryString = {0}", request.getQueryString());
        HttpStatus httpStatus = HttpStatus.OK_200;
        String requestURI = request.getRequestURI();
        ActionReport clientActionReport = getClientActionReport(requestURI, request);
        if (requestURI.indexOf(46) != -1) {
            requestURI = requestURI.substring(0, requestURI.indexOf(46));
        }
        PayloadImpl.Outbound newInstance = PayloadImpl.Outbound.newInstance();
        try {
            if (this.latch.await(20L, TimeUnit.SECONDS)) {
                Subject loginAsAdmin = this.authenticator == null ? null : this.authenticator.loginAsAdmin(request);
                if (loginAsAdmin == null) {
                    reportAuthFailure(response, clientActionReport, "adapter.auth.userpassword", "Invalid user name or password", 401, "WWW-Authenticate", "BASIC");
                    return;
                }
                clientActionReport = doCommand(requestURI, request, clientActionReport, newInstance, loginAsAdmin);
            } else {
                clientActionReport = getClientActionReport(request.getRequestURI(), request);
                clientActionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                clientActionReport.setMessage("V3 cannot process this command at this time, please wait");
            }
        } catch (ProcessHttpCommandRequestException e) {
            clientActionReport = e.getReport();
            httpStatus = e.getResponseStatus();
        } catch (InterruptedException e2) {
            clientActionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            clientActionReport.setMessage("V3 cannot process this command at this time, please wait");
        } catch (Exception e3) {
            clientActionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            clientActionReport.setMessage("Exception while processing command: " + e3);
        }
        try {
            response.setStatus(httpStatus);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(1024);
            clientActionReport.writeReport(byteArrayOutputStream);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            Properties properties = new Properties();
            properties.setProperty("data-request-type", "report");
            newInstance.addPart(0, clientActionReport.getContentType(), "report", properties, byteArrayInputStream);
            response.setContentType(newInstance.getContentType());
            if (isSingleInstanceCommand(request.getRequestURI().substring(getContextRoot().length() + 1))) {
                response.addHeader(SET_COOKIE_HEADER, getCookieHeader(request));
            }
            newInstance.writeTo(response.getOutputStream());
            response.getOutputStream().flush();
            response.finish();
        } catch (Exception e4) {
            throw new RuntimeException(e4);
        }
    }

    public boolean hasCookieHeader(Request request) {
        String[] jSESSIONIDHeaders = getJSESSIONIDHeaders(request);
        if (jSESSIONIDHeaders == null) {
            return false;
        }
        String str = jSESSIONIDHeaders[1];
        return str.substring(str.lastIndexOf(46) + 1).equals(this.server.getName());
    }

    public String[] getJSESSIONIDHeaders(Request request) {
        Iterator<String> it = request.getHeaders("Cookie").iterator();
        while (it.hasNext()) {
            for (String str : it.next().trim().split(BuilderHelper.TOKEN_SEPARATOR)) {
                String[] split = str.trim().split(ConnectorConstants.HIDDEN_CLI_NAME_VALUE_PAIR_DELIMITER);
                if (split[0].equals("JSESSIONID")) {
                    return split;
                }
            }
        }
        return null;
    }

    public boolean isSingleInstanceCommand(String str) {
        ExecuteOn clusteringAttributes;
        CommandModel model = this.commandRunner.getModel(getScope(str), getCommandAfterScope(str), aalogger);
        return model != null && (clusteringAttributes = model.getClusteringAttributes()) != null && clusteringAttributes.value().length == 1 && clusteringAttributes.value()[0].equals(RuntimeType.SINGLE_INSTANCE);
    }

    public String getCookieHeader(Request request) {
        String createSessionId = hasCookieHeader(request) ? getJSESSIONIDHeaders(request)[1] : createSessionId();
        StringBuilder sb = new StringBuilder();
        Cookie cookie = new Cookie("JSESSIONID", createSessionId);
        cookie.setMaxAge(MAX_AGE);
        cookie.setPath("/__asadmin");
        cookie.setVersion(1);
        CookieSerializerUtils.serializeServerCookie(sb, true, false, false, cookie);
        return sb.toString();
    }

    public String createSessionId() {
        UuidGeneratorImpl uuidGeneratorImpl = new UuidGeneratorImpl();
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(uuidGeneratorImpl.generateUuid()).append('.').append(this.server.getName());
        return stringBuffer.toString();
    }

    public AdminAccessController.Access authenticate(Request request) throws Exception {
        try {
            this.authenticator.loginAsAdmin(request);
            return this.env.isDas() ? AdminAccessController.Access.FULL : AdminAccessController.Access.READONLY;
        } catch (RemoteAdminAccessException e) {
            return AdminAccessController.Access.FORBIDDEN;
        } catch (LoginException e2) {
            return AdminAccessController.Access.NONE;
        }
    }

    public static String[] getUserPassword(Request request) throws IOException {
        String str;
        int indexOf;
        String header = request.getHeader(HttpConnectorAddress.AUTHORIZATION_KEY);
        if (header != null && (indexOf = (str = new String(decoder.decodeBuffer(header.substring(BASIC.length())))).indexOf(58)) >= 0) {
            return new String[]{str.substring(0, indexOf), str.substring(indexOf + 1)};
        }
        return new String[]{"", ""};
    }

    private void reportAuthFailure(Response response, ActionReport actionReport, String str, String str2, int i, String str3, String str4) throws IOException {
        actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
        String localString = adminStrings.getLocalString(str, str2);
        actionReport.setMessage(localString);
        actionReport.setActionDescription("Authentication error");
        response.setStatus(i, localString);
        if (str3 != null) {
            response.setHeader(str3, str4);
        }
        response.setContentType(actionReport.getContentType());
        actionReport.writeReport(response.getOutputStream());
        response.getOutputStream().flush();
        response.finish();
    }

    private ActionReport getClientActionReport(String str, Request request) {
        String header;
        ActionReport actionReport = null;
        if (str.indexOf(46) != -1) {
            actionReport = (ActionReport) this.habitat.getService(ActionReport.class, str.substring(str.indexOf(46) + 1), new Annotation[0]);
        } else {
            String header2 = request.getHeader("User-Agent");
            if (header2 != null) {
                actionReport = (ActionReport) this.habitat.getService(ActionReport.class, header2.substring(header2.indexOf(47) + 1), new Annotation[0]);
            }
            if (actionReport == null && (header = request.getHeader("Accept")) != null) {
                StringTokenizer stringTokenizer = new StringTokenizer(header, ",");
                while (actionReport == null && stringTokenizer.hasMoreElements()) {
                    String nextToken = stringTokenizer.nextToken();
                    actionReport = (ActionReport) this.habitat.getService(ActionReport.class, nextToken.substring(nextToken.indexOf(47) + 1), new Annotation[0]);
                }
            }
        }
        if (actionReport == null) {
            actionReport = (ActionReport) this.habitat.getService(ActionReport.class, "html", new Annotation[0]);
        }
        return actionReport;
    }

    protected abstract boolean validatePrivacy(AdminCommand adminCommand);

    private ActionReport doCommand(String str, Request request, ActionReport actionReport, Payload.Outbound outbound, Subject subject) throws ProcessHttpCommandRequestException {
        PayloadImpl.Inbound newInstance;
        AdminCommand command;
        if (!str.startsWith(getContextRoot())) {
            String localString = adminStrings.getLocalString("adapter.panic", "Wrong request landed in AdminAdapter {0}", str);
            actionReport.setMessage(localString);
            LogHelper.getDefaultLogger().info(localString);
            return actionReport;
        }
        String substring = str.length() > getContextRoot().length() + 1 ? str.substring(getContextRoot().length() + 1) : "";
        String scope = getScope(substring);
        String commandAfterScope = getCommandAfterScope(substring);
        ParameterMap extractParameters = extractParameters(request.getQueryString());
        String header = request.getHeader("X-passwords");
        if (header != null) {
            decodePasswords(extractParameters, header);
        }
        try {
            newInstance = PayloadImpl.Inbound.newInstance(request.getContentType(), request.getInputStream());
            if (aalogger.isLoggable(Level.FINE)) {
                aalogger.log(Level.FINE, "***** AdminAdapter {0}  *****", request.getMethod());
            }
            command = this.commandRunner.getCommand(scope, commandAfterScope, actionReport, aalogger);
        } catch (ProcessHttpCommandRequestException e) {
            throw e;
        } catch (Throwable th) {
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            actionReport.setFailureCause(th);
            actionReport.setMessage(th.getLocalizedMessage());
            actionReport.setActionDescription("Last-chance AdminAdapter exception handler");
        }
        if (command == null) {
            if (actionReport.getActionExitCode() == ActionReport.ExitCode.FAILURE) {
                return actionReport;
            }
            String localString2 = adminStrings.getLocalString("adapter.command.notfound", "Command {0} not found", commandAfterScope);
            aalogger.log(Level.FINE, localString2);
            actionReport.setMessage(localString2);
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return actionReport;
        }
        String header2 = request.getHeader("X-If-Command-Model-Match");
        if (header2 != null && !this.commandRunner.validateCommandModelETag(command, header2)) {
            String localString3 = adminStrings.getLocalString("commandmodel.etag.invalid", "Cached command model for command {0} is invalid.", commandAfterScope);
            aalogger.log(Level.FINE, localString3);
            actionReport.setMessage(localString3);
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            throw new ProcessHttpCommandRequestException(actionReport, HttpStatus.PRECONDITION_FAILED_412);
        }
        if (!validatePrivacy(command)) {
            actionReport.failure(aalogger, adminStrings.getLocalString("adapter.wrongprivacy", "Command {0} does not have {1} visibility", commandAfterScope, this.privacyClass.getSimpleName().toLowerCase(Locale.ENGLISH)), null);
            return actionReport;
        }
        CommandRunner.CommandInvocation commandInvocation = this.commandRunner.getCommandInvocation(scope, commandAfterScope, actionReport, subject, extractParameters.containsKey("notify"));
        commandInvocation.parameters(extractParameters).inbound(newInstance).outbound(outbound).execute();
        try {
            actionReport = ((CommandRunnerImpl.ExecutionContext) commandInvocation).report();
        } catch (Exception e2) {
        }
        return actionReport;
    }

    public void afterService(Request request, Response response) throws Exception {
    }

    public void fireAdapterEvent(String str, Object obj) {
    }

    void decodePasswords(ParameterMap parameterMap, String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str == null ? "" : str, QUERY_STRING_SEPARATOR);
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.indexOf(ConnectorConstants.HIDDEN_CLI_NAME_VALUE_PAIR_DELIMITER) != -1) {
                String substring = nextToken.substring(0, nextToken.indexOf(ConnectorConstants.HIDDEN_CLI_NAME_VALUE_PAIR_DELIMITER));
                String substring2 = nextToken.substring(nextToken.indexOf(ConnectorConstants.HIDDEN_CLI_NAME_VALUE_PAIR_DELIMITER) + 1);
                try {
                    substring2 = URLDecoder.decode(substring2, "UTF-8");
                    try {
                        substring2 = new String(decoder.decodeBuffer(substring2));
                        parameterMap.add(substring, substring2);
                    } catch (IOException e) {
                        aalogger.log(Level.WARNING, KernelLoggerInfo.cantDecodeParameter, new Object[]{substring, substring2});
                    }
                } catch (UnsupportedEncodingException e2) {
                    aalogger.log(Level.WARNING, KernelLoggerInfo.cantDecodeParameter, new Object[]{substring, substring2});
                }
            }
        }
    }

    ParameterMap extractParameters(String str) {
        ParameterMap parameterMap = new ParameterMap();
        StringTokenizer stringTokenizer = new StringTokenizer(str == null ? "" : str, QUERY_STRING_SEPARATOR);
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.indexOf(ConnectorConstants.HIDDEN_CLI_NAME_VALUE_PAIR_DELIMITER) != -1) {
                String substring = nextToken.substring(0, nextToken.indexOf(ConnectorConstants.HIDDEN_CLI_NAME_VALUE_PAIR_DELIMITER));
                String substring2 = nextToken.substring(nextToken.indexOf(ConnectorConstants.HIDDEN_CLI_NAME_VALUE_PAIR_DELIMITER) + 1);
                try {
                    substring2 = URLDecoder.decode(substring2, "UTF-8");
                } catch (UnsupportedEncodingException e) {
                    aalogger.log(Level.WARNING, KernelLoggerInfo.cantDecodeParameter, new Object[]{substring, substring2});
                }
                parameterMap.add(substring, substring2);
            }
        }
        if (aalogger.isLoggable(Level.FINER)) {
            for (Map.Entry<String, List<String>> entry : parameterMap.entrySet()) {
                Iterator<String> it = entry.getValue().iterator();
                while (it.hasNext()) {
                    aalogger.log(Level.FINER, "Key {0} = {1}", new Object[]{entry.getKey(), it.next()});
                }
            }
        }
        return parameterMap;
    }

    @Override // org.glassfish.api.event.EventListener
    public void event(@RestrictTo("server_ready") EventListener.Event event) {
        if (event.is(EventTypes.SERVER_READY)) {
            this.latch.countDown();
            aalogger.fine("Ready to receive administrative commands");
        }
    }

    @Override // org.glassfish.api.container.Adapter
    public int getListenPort() {
        return this.epd.getListenPort();
    }

    @Override // org.glassfish.api.container.Adapter
    public InetAddress getListenAddress() {
        return this.epd.getListenAddress();
    }

    @Override // org.glassfish.api.container.Adapter
    public List<String> getVirtualServers() {
        return this.epd.getAsadminHosts();
    }

    @Override // org.glassfish.api.container.Adapter
    public boolean isRegistered() {
        return this.isRegistered;
    }

    @Override // org.glassfish.api.container.Adapter
    public void setRegistered(boolean z) {
        this.isRegistered = z;
    }

    private String getScope(String str) {
        int indexOf = str.indexOf(ConnectorConstants.MONITORING_SEPARATOR);
        if (indexOf != -1) {
            return str.substring(0, indexOf + 1);
        }
        return null;
    }

    private String getCommandAfterScope(String str) {
        int indexOf = str.indexOf(ConnectorConstants.MONITORING_SEPARATOR);
        return indexOf != -1 ? str.substring(indexOf + 1) : str;
    }
}
