package net.sf.ehcache.management;

import com.terracotta.management.security.IdentityAssertionServiceClient;
import com.terracotta.management.security.KeyChainAccessor;
import com.terracotta.management.security.KeychainInitializationException;
import com.terracotta.management.security.SSLContextFactory;
import com.terracotta.management.security.impl.ConstantSecurityServiceDirectory;
import com.terracotta.management.security.impl.ContextSecurityServiceDirectory;
import com.terracotta.management.security.impl.JerseyIdentityAssertionServiceClient;
import com.terracotta.management.security.impl.SecretFileStoreKeyChainAccessor;
import com.terracotta.management.security.impl.TMCStoresSSLContextFactory;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Collections;
import java.util.List;
import javax.net.ssl.SSLContext;
import net.sf.ehcache.config.ManagementRESTServiceConfiguration;
import net.sf.ehcache.management.resource.services.validator.impl.EmbeddedEhcacheRequestValidator;
import net.sf.ehcache.management.service.AgentService;
import net.sf.ehcache.management.service.CacheManagerService;
import net.sf.ehcache.management.service.CacheService;
import net.sf.ehcache.management.service.EntityResourceFactory;
import net.sf.ehcache.management.service.SamplerRepositoryService;
import net.sf.ehcache.management.service.impl.DfltEESamplerRepositoryService;
import org.apache.shiro.web.env.EnvironmentLoaderListener;
import org.apache.shiro.web.servlet.ShiroFilter;
import org.terracotta.management.ServiceLocator;
import org.terracotta.management.embedded.FilterDetail;
import org.terracotta.management.embedded.StandaloneServer;
import org.terracotta.management.resource.services.LicenseService;
import org.terracotta.management.resource.services.LicenseServiceImpl;
import org.terracotta.management.resource.services.Utils;
import org.terracotta.management.resource.services.validator.RequestValidator;

/* loaded from: input_file:ehcache/ehcache-ee.jar/rest-management-private-classpath/net/sf/ehcache/management/ManagementServerImpl.class_terracotta */
public final class ManagementServerImpl extends AbstractManagementServer {
    public ManagementServerImpl(String str, ManagementRESTServiceConfiguration managementRESTServiceConfiguration) {
        String host = managementRESTServiceConfiguration.getHost();
        int port = managementRESTServiceConfiguration.getPort();
        List list = null;
        List list2 = null;
        if (Utils.trimToNull(managementRESTServiceConfiguration.getSecurityServiceLocation()) != null) {
            list = Collections.singletonList(new EnvironmentLoaderListener());
            list2 = Collections.singletonList(new FilterDetail(new ShiroFilter(), "/*"));
        }
        loadEmbeddedAgentServiceLocator(str, managementRESTServiceConfiguration);
        SSLContext sSLContext = null;
        boolean z = false;
        if (managementRESTServiceConfiguration.isSslEnabled()) {
            sSLContext = createSslContext();
            z = managementRESTServiceConfiguration.isNeedClientAuth();
        }
        this.samplerRepoSvc = (SamplerRepositoryService) ServiceLocator.locate(SamplerRepositoryService.class);
        this.standaloneServer = new StandaloneServer(list2, list, "net.sf.ehcache.management", host, port, sSLContext, z);
    }

    private void loadEmbeddedAgentServiceLocator(String str, ManagementRESTServiceConfiguration managementRESTServiceConfiguration) {
        EmbeddedEhcacheRequestValidator embeddedEhcacheRequestValidator = new EmbeddedEhcacheRequestValidator();
        LicenseServiceImpl licenseServiceImpl = new LicenseServiceImpl(true);
        ServiceLocator serviceLocator = new ServiceLocator();
        serviceLocator.loadService(LicenseService.class, licenseServiceImpl).loadService(ManagementRESTServiceConfiguration.class, managementRESTServiceConfiguration).loadService(RequestValidator.class, embeddedEhcacheRequestValidator);
        SecretFileStoreKeyChainAccessor secretFileStoreKeyChainAccessor = null;
        if (Utils.trimToNull(managementRESTServiceConfiguration.getSecurityServiceLocation()) != null || managementRESTServiceConfiguration.isSslEnabled()) {
            try {
                secretFileStoreKeyChainAccessor = new SecretFileStoreKeyChainAccessor();
                serviceLocator.loadService(KeyChainAccessor.class, secretFileStoreKeyChainAccessor);
            } catch (KeychainInitializationException e) {
                throw new RuntimeException("Failure instantiating ManagementServer due to invalid keyChain configuration.", e);
            }
        }
        TMCStoresSSLContextFactory tMCStoresSSLContextFactory = null;
        if (managementRESTServiceConfiguration.isSslEnabled()) {
            tMCStoresSSLContextFactory = new TMCStoresSSLContextFactory(secretFileStoreKeyChainAccessor, replaceBackslashesWithSlashes(System.getProperty("user.home")) + "/.tc/mgmt/keystore", replaceBackslashesWithSlashes(System.getProperty("user.home")) + "/.tc/mgmt/truststore", managementRESTServiceConfiguration.isNeedClientAuth());
            serviceLocator.loadService(SSLContextFactory.class, tMCStoresSSLContextFactory);
        }
        ContextSecurityServiceDirectory contextSecurityServiceDirectory = null;
        JerseyIdentityAssertionServiceClient jerseyIdentityAssertionServiceClient = null;
        if (managementRESTServiceConfiguration.getSecurityServiceLocation() != null && !"".equals(managementRESTServiceConfiguration.getSecurityServiceLocation())) {
            try {
                jerseyIdentityAssertionServiceClient = new JerseyIdentityAssertionServiceClient(secretFileStoreKeyChainAccessor, tMCStoresSSLContextFactory, new ConstantSecurityServiceDirectory(new URI(managementRESTServiceConfiguration.getSecurityServiceLocation()), Integer.valueOf(managementRESTServiceConfiguration.getSecurityServiceTimeout())));
                serviceLocator.loadService(IdentityAssertionServiceClient.class, jerseyIdentityAssertionServiceClient);
            } catch (URISyntaxException e2) {
                throw new RuntimeException("Failure instantiating ManagementServer due to invalid securityServiceLocation.", e2);
            }
        } else if ("".equals(managementRESTServiceConfiguration.getSecurityServiceLocation())) {
            contextSecurityServiceDirectory = new ContextSecurityServiceDirectory(Integer.valueOf(managementRESTServiceConfiguration.getSecurityServiceTimeout()));
            serviceLocator.loadService(ContextSecurityServiceDirectory.class, contextSecurityServiceDirectory);
            jerseyIdentityAssertionServiceClient = new JerseyIdentityAssertionServiceClient(secretFileStoreKeyChainAccessor, tMCStoresSSLContextFactory, contextSecurityServiceDirectory);
            serviceLocator.loadService(IdentityAssertionServiceClient.class, jerseyIdentityAssertionServiceClient);
        }
        DfltEESamplerRepositoryService dfltEESamplerRepositoryService = new DfltEESamplerRepositoryService(str, managementRESTServiceConfiguration, jerseyIdentityAssertionServiceClient, contextSecurityServiceDirectory);
        serviceLocator.loadService(CacheManagerService.class, dfltEESamplerRepositoryService).loadService(CacheService.class, dfltEESamplerRepositoryService).loadService(EntityResourceFactory.class, dfltEESamplerRepositoryService).loadService(SamplerRepositoryService.class, dfltEESamplerRepositoryService).loadService(AgentService.class, dfltEESamplerRepositoryService);
        ServiceLocator.load(serviceLocator);
    }

    private SSLContext createSslContext() {
        try {
            return ((SSLContextFactory) ServiceLocator.locate(SSLContextFactory.class)).create();
        } catch (IOException e) {
            throw new RuntimeException("Failure instantiating ManagementServer due to inability to load keyStore.", e);
        } catch (URISyntaxException e2) {
            throw new RuntimeException("Failure instantiating ManagementServer due to bad store location.", e2);
        } catch (KeyManagementException e3) {
            throw new RuntimeException("Failure instantiating ManagementServer due to one or more invalid keys in a KeyStore.", e3);
        } catch (KeyStoreException e4) {
            throw new RuntimeException("Failure instantiating ManagementServer due to invalid KeyStore type.", e4);
        } catch (NoSuchAlgorithmException e5) {
            throw new RuntimeException("Failure instantiating ManagementServer due to invalid KeyManagerFactory algorithm.", e5);
        } catch (UnrecoverableKeyException e6) {
            throw new RuntimeException("Failure instantiating ManagementServer due to bad key in a KeyStore.", e6);
        } catch (CertificateException e7) {
            throw new RuntimeException("Failure instantiating ManagementServer due to invalid certificates in a KeyStore.", e7);
        }
    }

    static String replaceBackslashesWithSlashes(String str) {
        return str.replace("\\", "/");
    }
}
