package id.onyx.obdp.server.controller;

import com.google.common.base.Joiner;
import com.google.common.util.concurrent.ServiceManager;
import com.google.gson.Gson;
import com.google.inject.Guice;
import com.google.inject.Inject;
import com.google.inject.Injector;
import com.google.inject.Module;
import com.google.inject.Singleton;
import com.google.inject.name.Named;
import com.google.inject.persist.Transactional;
import id.onyx.obdp.server.OBDPException;
import id.onyx.obdp.server.StateRecoveryManager;
import id.onyx.obdp.server.actionmanager.ActionManager;
import id.onyx.obdp.server.actionmanager.HostRoleCommandFactory;
import id.onyx.obdp.server.agent.HeartBeatHandler;
import id.onyx.obdp.server.api.ContentTypeOverrideFilter;
import id.onyx.obdp.server.api.MethodOverrideFilter;
import id.onyx.obdp.server.api.OBDPErrorHandler;
import id.onyx.obdp.server.api.OBDPPersistFilter;
import id.onyx.obdp.server.api.UserNameOverrideFilter;
import id.onyx.obdp.server.api.rest.BootStrapResource;
import id.onyx.obdp.server.api.services.BaseService;
import id.onyx.obdp.server.api.services.KeyService;
import id.onyx.obdp.server.api.services.OBDPMetaInfo;
import id.onyx.obdp.server.api.services.PersistKeyValueImpl;
import id.onyx.obdp.server.api.services.PersistKeyValueService;
import id.onyx.obdp.server.api.services.stackadvisor.StackAdvisorBlueprintProcessor;
import id.onyx.obdp.server.api.services.stackadvisor.StackAdvisorHelper;
import id.onyx.obdp.server.audit.AuditLoggerModule;
import id.onyx.obdp.server.audit.request.RequestAuditLogger;
import id.onyx.obdp.server.bootstrap.BootStrapImpl;
import id.onyx.obdp.server.checks.DatabaseConsistencyCheckHelper;
import id.onyx.obdp.server.checks.DatabaseConsistencyCheckResult;
import id.onyx.obdp.server.configuration.ComponentSSLConfiguration;
import id.onyx.obdp.server.configuration.Configuration;
import id.onyx.obdp.server.configuration.SingleFileWatch;
import id.onyx.obdp.server.configuration.spring.AgentStompConfig;
import id.onyx.obdp.server.configuration.spring.ApiSecurityConfig;
import id.onyx.obdp.server.configuration.spring.ApiStompConfig;
import id.onyx.obdp.server.controller.internal.AbstractControllerResourceProvider;
import id.onyx.obdp.server.controller.internal.BaseClusterRequest;
import id.onyx.obdp.server.controller.internal.BlueprintResourceProvider;
import id.onyx.obdp.server.controller.internal.ClusterPrivilegeResourceProvider;
import id.onyx.obdp.server.controller.internal.ClusterResourceProvider;
import id.onyx.obdp.server.controller.internal.HostResourceProvider;
import id.onyx.obdp.server.controller.internal.OBDPPrivilegeResourceProvider;
import id.onyx.obdp.server.controller.internal.PermissionResourceProvider;
import id.onyx.obdp.server.controller.internal.PrivilegeResourceProvider;
import id.onyx.obdp.server.controller.internal.StackAdvisorResourceProvider;
import id.onyx.obdp.server.controller.internal.StackDefinedPropertyProvider;
import id.onyx.obdp.server.controller.internal.StackDependencyResourceProvider;
import id.onyx.obdp.server.controller.internal.UserPrivilegeResourceProvider;
import id.onyx.obdp.server.controller.internal.UserResourceProvider;
import id.onyx.obdp.server.controller.internal.ViewPermissionResourceProvider;
import id.onyx.obdp.server.controller.metrics.ThreadPoolEnabledPropertyProvider;
import id.onyx.obdp.server.controller.utilities.KerberosChecker;
import id.onyx.obdp.server.controller.utilities.KerberosIdentityCleaner;
import id.onyx.obdp.server.events.AmbariPropertiesChangedEvent;
import id.onyx.obdp.server.events.publishers.OBDPEventPublisher;
import id.onyx.obdp.server.ldap.LdapModule;
import id.onyx.obdp.server.listeners.WebSocketInitializerListener;
import id.onyx.obdp.server.metrics.system.MetricsService;
import id.onyx.obdp.server.orm.GuiceJpaInitializer;
import id.onyx.obdp.server.orm.PersistenceType;
import id.onyx.obdp.server.orm.dao.BlueprintDAO;
import id.onyx.obdp.server.orm.dao.ClusterDAO;
import id.onyx.obdp.server.orm.dao.GroupDAO;
import id.onyx.obdp.server.orm.dao.MetainfoDAO;
import id.onyx.obdp.server.orm.dao.PermissionDAO;
import id.onyx.obdp.server.orm.dao.PrincipalDAO;
import id.onyx.obdp.server.orm.dao.PrivilegeDAO;
import id.onyx.obdp.server.orm.dao.ResourceDAO;
import id.onyx.obdp.server.orm.dao.TopologyRequestDAO;
import id.onyx.obdp.server.orm.dao.UserDAO;
import id.onyx.obdp.server.orm.dao.ViewInstanceDAO;
import id.onyx.obdp.server.orm.entities.MetainfoEntity;
import id.onyx.obdp.server.orm.entities.UserEntity;
import id.onyx.obdp.server.resources.ResourceManager;
import id.onyx.obdp.server.resources.api.rest.GetResource;
import id.onyx.obdp.server.scheduler.ExecutionScheduleManager;
import id.onyx.obdp.server.security.AmbariServerSecurityHeaderFilter;
import id.onyx.obdp.server.security.AmbariViewsSecurityHeaderFilter;
import id.onyx.obdp.server.security.CertificateManager;
import id.onyx.obdp.server.security.SecurityFilter;
import id.onyx.obdp.server.security.authorization.Users;
import id.onyx.obdp.server.security.unsecured.rest.CertificateDownload;
import id.onyx.obdp.server.security.unsecured.rest.CertificateSign;
import id.onyx.obdp.server.security.unsecured.rest.ConnectionInfo;
import id.onyx.obdp.server.serveraction.kerberos.stageutils.KerberosKeytabController;
import id.onyx.obdp.server.stack.UpdateActiveRepoVersionOnStartup;
import id.onyx.obdp.server.state.Clusters;
import id.onyx.obdp.server.topology.AmbariContext;
import id.onyx.obdp.server.topology.BlueprintFactory;
import id.onyx.obdp.server.topology.SecurityConfigurationFactory;
import id.onyx.obdp.server.topology.TopologyManager;
import id.onyx.obdp.server.topology.TopologyRequestFactory;
import id.onyx.obdp.server.topology.TopologyRequestFactoryImpl;
import id.onyx.obdp.server.utils.AmbariPath;
import id.onyx.obdp.server.utils.RetryHelper;
import id.onyx.obdp.server.utils.StageUtils;
import id.onyx.obdp.server.utils.VersionUtils;
import id.onyx.obdp.server.view.AmbariViewsMDCLoggingFilter;
import id.onyx.obdp.server.view.ViewDirectoryWatcher;
import id.onyx.obdp.server.view.ViewRegistry;
import id.onyx.obdp.server.view.ViewThrottleFilter;
import jakarta.servlet.DispatcherType;
import jakarta.servlet.Filter;
import java.io.File;
import java.io.IOException;
import java.net.Authenticator;
import java.net.BindException;
import java.net.PasswordAuthentication;
import java.net.URL;
import java.util.EnumSet;
import java.util.Enumeration;
import java.util.Map;
import java.util.logging.LogManager;
import javax.crypto.BadPaddingException;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpVersion;
import org.apache.log4j.PropertyConfigurator;
import org.apache.velocity.app.Velocity;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.CustomRequestLog;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.handler.RequestLogHandler;
import org.eclipse.jetty.server.handler.gzip.GzipHandler;
import org.eclipse.jetty.server.session.DefaultSessionIdManager;
import org.eclipse.jetty.server.session.SessionHandler;
import org.eclipse.jetty.servlet.DefaultServlet;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.websocket.server.config.JettyWebSocketServletContainerInitializer;
import org.glassfish.jersey.jackson.JacksonFeature;
import org.glassfish.jersey.server.ResourceConfig;
import org.glassfish.jersey.servlet.ServletContainer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.bridge.SLF4JBridgeHandler;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.context.ContextLoaderListener;
import org.springframework.web.context.request.RequestContextListener;
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
import org.springframework.web.filter.DelegatingFilterProxy;
import org.springframework.web.servlet.DispatcherServlet;

@Singleton
/* loaded from: input_file:id/onyx/obdp/server/controller/OBDPServer.class */
public class OBDPServer {
    public static final String VIEWS_URL_PATTERN = "/api/v1/views/*";
    private static final String AGENT_THREAD_POOL_NAME = "qtp-obdp-agent";
    private static final String CLIENT_THREAD_POOL_NAME = "obdp-client-thread";
    protected static final String VELOCITY_LOG_CATEGORY = "VelocityLogger";
    private static final int DEFAULT_ACCEPTORS_COUNT = 1;
    private static final String CLASSPATH_CHECK_CLASS = "org/apache/ambari/server/controller/OBDPServer.class";
    private static final String CLASSPATH_SANITY_CHECK_FAILURE_MESSAGE;
    private Server server = null;
    public volatile boolean running = true;
    final String CONTEXT_PATH = "/";
    final String DISABLED_ENTRIES_SPLITTER = "\\|";

    @Inject
    Configuration configs;

    @Inject
    CertificateManager certMan;

    @Inject
    Injector injector;

    @Inject
    OBDPMetaInfo obdpMetaInfo;

    @Inject
    MetainfoDAO metainfoDAO;

    @Named("dbInitNeeded")
    @Inject
    boolean dbInitNeeded;

    @Inject
    private ServiceManager serviceManager;

    @Inject
    ViewRegistry viewRegistry;

    @Inject
    OBDPHandlerList handlerList;

    @Inject
    SessionHandler sessionHandler;

    @Inject
    DelegatingFilterProxy springSecurityFilter;

    @Inject
    ViewDirectoryWatcher viewDirectoryWatcher;

    @Inject
    SessionHandlerConfigurer sessionHandlerConfigurer;
    private static OBDPManagementController clusterController;
    private static final Logger LOG = LoggerFactory.getLogger(OBDPServer.class);
    public static final EnumSet<DispatcherType> DISPATCHER_TYPES = EnumSet.of(DispatcherType.REQUEST);
    private static final String[] DEPRECATED_SSL_PROTOCOLS = {"TLSv1"};

    public String getServerOsType() {
        return this.configs.getServerOsType();
    }

    static void setSystemProperties(Configuration configuration) {
        System.setProperty("java.io.tmpdir", configuration.getServerTempDir());
        if (configuration.getJavaVersion() >= 8) {
            System.setProperty("jdk.tls.ephemeralDHKeySize", String.valueOf(configuration.getTlsEphemeralDhKeySize()));
        }
    }

    public static OBDPManagementController getController() {
        return clusterController;
    }

    public static void setController(OBDPManagementController oBDPManagementController) {
        clusterController = oBDPManagementController;
    }

    public void run() throws Exception {
        setupJulLogging();
        performStaticInjection();
        initDB();
        Integer valueOf = Integer.valueOf(this.configs.getClientApiAcceptors() != null ? this.configs.getClientApiAcceptors().intValue() : 1);
        this.server = configureJettyThreadPool(valueOf.intValue(), CLIENT_THREAD_POOL_NAME, this.configs.getClientThreadPoolSize());
        DefaultSessionIdManager defaultSessionIdManager = new DefaultSessionIdManager(this.server);
        this.sessionHandler.setSessionIdManager(defaultSessionIdManager);
        this.server.setSessionIdManager(defaultSessionIdManager);
        Integer valueOf2 = Integer.valueOf(this.configs.getAgentApiAcceptors() != null ? this.configs.getAgentApiAcceptors().intValue() : 1);
        Server configureJettyThreadPool = configureJettyThreadPool(valueOf2.intValue() * 2, AGENT_THREAD_POOL_NAME, this.configs.getAgentThreadPoolSize());
        setSystemProperties(this.configs);
        runDatabaseConsistencyCheck();
        try {
            ClassPathXmlApplicationContext classPathXmlApplicationContext = new ClassPathXmlApplicationContext();
            classPathXmlApplicationContext.refresh();
            ConfigurableListableBeanFactory beanFactory = classPathXmlApplicationContext.getBeanFactory();
            beanFactory.registerSingleton("injector", this.injector);
            beanFactory.registerSingleton("ambariUsers", this.injector.getInstance(Users.class));
            AnnotationConfigWebApplicationContext annotationConfigWebApplicationContext = new AnnotationConfigWebApplicationContext();
            annotationConfigWebApplicationContext.setParent(classPathXmlApplicationContext);
            annotationConfigWebApplicationContext.register(new Class[]{ApiSecurityConfig.class});
            AnnotationConfigWebApplicationContext annotationConfigWebApplicationContext2 = new AnnotationConfigWebApplicationContext();
            annotationConfigWebApplicationContext2.register(new Class[]{ApiStompConfig.class});
            DispatcherServlet dispatcherServlet = new DispatcherServlet(annotationConfigWebApplicationContext2);
            AnnotationConfigWebApplicationContext annotationConfigWebApplicationContext3 = new AnnotationConfigWebApplicationContext();
            annotationConfigWebApplicationContext3.register(new Class[]{AgentStompConfig.class});
            DispatcherServlet dispatcherServlet2 = new DispatcherServlet(annotationConfigWebApplicationContext3);
            Handler servletContextHandler = new ServletContextHandler(3);
            configureRootHandler(servletContextHandler);
            this.sessionHandlerConfigurer.configureSessionHandler(this.sessionHandler);
            servletContextHandler.setSessionHandler(this.sessionHandler);
            servletContextHandler.addEventListener(new ContextLoaderListener(annotationConfigWebApplicationContext));
            this.certMan.initRootCert();
            ServletContextHandler servletContextHandler2 = new ServletContextHandler(configureJettyThreadPool, "/", 0);
            AnnotationConfigWebApplicationContext annotationConfigWebApplicationContext4 = new AnnotationConfigWebApplicationContext();
            annotationConfigWebApplicationContext4.setParent(classPathXmlApplicationContext);
            if (this.configs.isAgentApiGzipped()) {
                configureHandlerCompression(servletContextHandler2);
            }
            JettyWebSocketServletContainerInitializer jettyWebSocketServletContainerInitializer = new JettyWebSocketServletContainerInitializer((servletContext, jettyWebSocketServerContainer) -> {
                jettyWebSocketServerContainer.setMaxTextMessageSize(this.configs.getStompMaxIncomingMessageSize());
                LOG.info("Configured WebSocket container max text message size: {}", Integer.valueOf(this.configs.getStompMaxIncomingMessageSize()));
            });
            servletContextHandler2.addEventListener(new ContextLoaderListener(annotationConfigWebApplicationContext4));
            servletContextHandler2.addEventListener(new WebSocketInitializerListener(jettyWebSocketServletContainerInitializer));
            ServletHolder addServlet = servletContextHandler.addServlet(DefaultServlet.class, "/");
            addServlet.setInitParameter("dirAllowed", "false");
            addServlet.setInitParameter("precompressed", "gzip=.gz");
            addServlet.setInitOrder(1);
            servletContextHandler2.addServlet(DefaultServlet.class, "/").setInitOrder(1);
            servletContextHandler.addFilter(new FilterHolder((Filter) this.injector.getInstance(AmbariServerSecurityHeaderFilter.class)), "/*", DISPATCHER_TYPES);
            servletContextHandler.addFilter(new FilterHolder((Filter) this.injector.getInstance(AmbariViewsSecurityHeaderFilter.class)), VIEWS_URL_PATTERN, DISPATCHER_TYPES);
            servletContextHandler.addFilter(new FilterHolder((Filter) this.injector.getInstance(ViewThrottleFilter.class)), VIEWS_URL_PATTERN, DISPATCHER_TYPES);
            servletContextHandler.addFilter(new FilterHolder((Filter) this.injector.getInstance(AmbariViewsMDCLoggingFilter.class)), VIEWS_URL_PATTERN, DISPATCHER_TYPES);
            servletContextHandler.addFilter(new FilterHolder((Filter) this.injector.getInstance(OBDPPersistFilter.class)), "/api/*", DISPATCHER_TYPES);
            servletContextHandler.addFilter(new FilterHolder(new MethodOverrideFilter()), "/api/*", DISPATCHER_TYPES);
            servletContextHandler.addFilter(new FilterHolder(new ContentTypeOverrideFilter()), "/api/*", DISPATCHER_TYPES);
            JettyWebSocketServletContainerInitializer jettyWebSocketServletContainerInitializer2 = new JettyWebSocketServletContainerInitializer((servletContext2, jettyWebSocketServerContainer2) -> {
                jettyWebSocketServerContainer2.setMaxTextMessageSize(this.configs.getStompMaxIncomingMessageSize());
                LOG.info("Configured WebSocket container max text message size: {}", Integer.valueOf(this.configs.getStompMaxIncomingMessageSize()));
            });
            servletContextHandler.addEventListener(new RequestContextListener());
            servletContextHandler.addEventListener(new WebSocketInitializerListener(jettyWebSocketServletContainerInitializer2));
            servletContextHandler.addFilter(new FilterHolder(this.springSecurityFilter), "/api/*", DISPATCHER_TYPES);
            servletContextHandler.addFilter(new FilterHolder(new UserNameOverrideFilter()), "/api/v1/users/*", DISPATCHER_TYPES);
            servletContextHandler2.addFilter(new FilterHolder((Filter) this.injector.getInstance(OBDPPersistFilter.class)), "/agent/*", DISPATCHER_TYPES);
            servletContextHandler2.addFilter(SecurityFilter.class, "/*", DISPATCHER_TYPES);
            Map<String, String> configsMap = this.configs.getConfigsMap();
            ServerConnector createSelectChannelConnectorForAgent = createSelectChannelConnectorForAgent(configureJettyThreadPool, this.configs.getOneWayAuthPort(), false, valueOf2.intValue());
            ServerConnector createSelectChannelConnectorForAgent2 = createSelectChannelConnectorForAgent(configureJettyThreadPool, this.configs.getTwoWayAuthPort(), this.configs.isTwoWaySsl(), valueOf2.intValue());
            configureJettyThreadPool.addConnector(createSelectChannelConnectorForAgent);
            configureJettyThreadPool.addConnector(createSelectChannelConnectorForAgent2);
            ServletHolder servletHolder = new ServletHolder(new ServletContainer(new ResourceConfig().packages(new String[]{"id.onyx.obdp.server.api.rest", "id.onyx.obdp.server.api.services", "id.onyx.obdp.eventdb.webservice", "id.onyx.obdp.server.api"}).register(JacksonFeature.class)));
            servletContextHandler.addServlet(servletHolder, "/api/v1/*");
            servletHolder.setInitOrder(2);
            ServletHolder servletHolder2 = new ServletHolder("springDispatcherServlet", dispatcherServlet);
            servletHolder2.setInitOrder(3);
            servletContextHandler.addServlet(servletHolder2, "/api/stomp/*");
            ServletHolder servletHolder3 = new ServletHolder("agentSpringDispatcherServlet", dispatcherServlet2);
            servletHolder3.setInitOrder(2);
            servletContextHandler2.addServlet(servletHolder3, "/agent/stomp/*");
            SecurityContextHolder.setStrategyName("MODE_INHERITABLETHREADLOCAL");
            this.viewRegistry.readViewArchives();
            loadRequestlogHandler(this.handlerList, configureJettyThreadPool, configsMap);
            enableLog4jMonitor(configsMap);
            if (this.configs.isGzipHandlerEnabledForJetty()) {
                Handler gzipHandler = new GzipHandler();
                gzipHandler.setHandler(servletContextHandler);
                gzipHandler.setIncludedMimeTypes(new String[]{"text/html", "text/plain", "text/xml", "text/css", "application/javascript", "application/x-javascript", "application/xml", "application/x-www-form-urlencoded", "application/json"});
                this.handlerList.addHandler(gzipHandler);
            } else {
                this.handlerList.addHandler(servletContextHandler);
            }
            this.server.setHandler(this.handlerList);
            ServletHolder servletHolder4 = new ServletHolder(new ServletContainer(new ResourceConfig().packages(new String[]{"id.onyx.obdp.server.agent.rest", "id.onyx.obdp.server.api"}).register(JacksonFeature.class)));
            servletContextHandler2.addServlet(servletHolder4, "/agent/v1/*");
            servletHolder4.setInitOrder(3);
            ((HeartBeatHandler) this.injector.getInstance(HeartBeatHandler.class)).start();
            LOG.info("********** Started Heartbeat handler **********");
            ServletHolder servletHolder5 = new ServletHolder(new ServletContainer(new ResourceConfig().packages(new String[]{"id.onyx.obdp.server.security.unsecured.rest", "id.onyx.obdp.server.api"}).register(JacksonFeature.class)));
            servletContextHandler2.addServlet(servletHolder5, "/*");
            servletHolder5.setInitOrder(4);
            File file = new File(this.configs.getResourceDirPath());
            ServletHolder servletHolder6 = new ServletHolder(DefaultServlet.class);
            servletHolder6.setInitParameter("resourceBase", file.getParent());
            servletHolder6.setInitParameter("dirAllowed", "false");
            servletContextHandler.addServlet(servletHolder6, "/resources/*");
            servletHolder6.setInitOrder(5);
            if (this.configs.csrfProtectionEnabled()) {
                servletHolder.setInitParameter("org.glassfish.jersey.server.ContainerRequestFilter", "id.onyx.obdp.server.api.AmbariCsrfProtectionFilter");
            }
            this.server.addConnector(createSelectChannelConnectorForClient(this.server, valueOf.intValue()));
            this.server.setStopAtShutdown(true);
            configureJettyThreadPool.setStopAtShutdown(true);
            String serverOsType = getServerOsType();
            if (serverOsType == null || serverOsType.isEmpty()) {
                throw new RuntimeException(Configuration.OS_VERSION.getKey() + " is not  set in the obdp.properties file");
            }
            LOG.info("********* Initializing Clusters **********");
            Clusters clusters = (Clusters) this.injector.getInstance(Clusters.class);
            StringBuilder sb = new StringBuilder();
            LOG.info("********* Current Clusters State *********");
            LOG.info(sb.toString());
            LOG.info("********* Reconciling Alert Definitions **********");
            this.obdpMetaInfo.reconcileAlertDefinitions(clusters, false);
            LOG.info("********* Initializing ActionManager **********");
            ActionManager actionManager = (ActionManager) this.injector.getInstance(ActionManager.class);
            LOG.info("********* Initializing Controller **********");
            OBDPManagementController oBDPManagementController = (OBDPManagementController) this.injector.getInstance(OBDPManagementController.class);
            LOG.info("********* Initializing Scheduled Request Manager **********");
            ExecutionScheduleManager executionScheduleManager = (ExecutionScheduleManager) this.injector.getInstance(ExecutionScheduleManager.class);
            MetricsService metricsService = (MetricsService) this.injector.getInstance(MetricsService.class);
            clusterController = oBDPManagementController;
            ((StateRecoveryManager) this.injector.getInstance(StateRecoveryManager.class)).doWork();
            this.server.start();
            this.handlerList.shareSessionCacheToViews(this.sessionHandler.getSessionCache());
            this.sessionHandlerConfigurer.configureMaxInactiveInterval(this.sessionHandler);
            configureJettyThreadPool.start();
            LOG.info("********* Started Server **********");
            if (!this.configs.isViewDirectoryWatcherServiceDisabled()) {
                LOG.info("Starting View Directory Watcher");
                this.viewDirectoryWatcher.start();
            }
            actionManager.start();
            LOG.info("********* Started ActionManager **********");
            executionScheduleManager.start();
            LOG.info("********* Started Scheduled Request Manager **********");
            this.serviceManager.startAsync();
            LOG.info("********* Started Services **********");
            if (this.configs.isMetricsServiceDisabled()) {
                LOG.info("OBDPServer Metrics disabled.");
            } else {
                metricsService.start();
            }
            this.server.join();
            LOG.info("Joined the Server");
        } catch (BindException e) {
            LOG.error("Could not bind to server port - instance may already be running. Terminating this instance.", e);
            throw e;
        } catch (BadPaddingException e2) {
            LOG.error("Bad keystore or private key password. HTTPS certificate re-importing may be required.");
            throw e2;
        }
    }

    private ServerConnector createSelectChannelConnectorForAgent(Server server, int i, boolean z, int i2) {
        ServerConnector serverConnector;
        Map<String, String> configsMap = this.configs.getConfigsMap();
        if (this.configs.getAgentSSLAuthentication()) {
            String str = configsMap.get(Configuration.SRVR_KSTR_DIR.getKey()) + File.separator + configsMap.get(Configuration.KSTR_NAME.getKey());
            String str2 = configsMap.get(Configuration.SRVR_KSTR_DIR.getKey()) + File.separator + configsMap.get(Configuration.TSTR_NAME.getKey());
            String str3 = configsMap.get(Configuration.SRVR_CRT_PASS.getKey());
            SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
            secureRequestCustomizer.setSniHostCheck(false);
            secureRequestCustomizer.setSniRequired(false);
            HttpConfiguration httpConfiguration = new HttpConfiguration();
            httpConfiguration.addCustomizer(secureRequestCustomizer);
            httpConfiguration.setRequestHeaderSize(this.configs.getHttpRequestHeaderSize());
            httpConfiguration.setResponseHeaderSize(this.configs.getHttpResponseHeaderSize());
            httpConfiguration.setSendServerVersion(false);
            SslContextFactory.Server server2 = new SslContextFactory.Server();
            disableInsecureProtocols(server2);
            server2.setKeyStorePath(str);
            server2.setTrustStorePath(str2);
            server2.setKeyStorePassword(str3);
            server2.setKeyManagerPassword(str3);
            server2.setTrustStorePassword(str3);
            server2.setKeyStoreType(configsMap.get(Configuration.KSTR_TYPE.getKey()));
            server2.setTrustStoreType(configsMap.get(Configuration.TSTR_TYPE.getKey()));
            server2.setNeedClientAuth(z);
            server2.setSniRequired(false);
            serverConnector = new ServerConnector(server, i2, -1, new ConnectionFactory[]{new SslConnectionFactory(server2, HttpVersion.HTTP_1_1.toString()), new HttpConnectionFactory(httpConfiguration)});
        } else {
            serverConnector = new ServerConnector(server, i2, -1);
            serverConnector.setIdleTimeout(this.configs.getConnectionMaxIdleTime());
        }
        serverConnector.setPort(i);
        return serverConnector;
    }

    private ServerConnector createSelectChannelConnectorForClient(Server server, int i) {
        ServerConnector serverConnector;
        Map<String, String> configsMap = this.configs.getConfigsMap();
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setRequestHeaderSize(this.configs.getHttpRequestHeaderSize());
        httpConfiguration.setResponseHeaderSize(this.configs.getHttpResponseHeaderSize());
        httpConfiguration.setSendServerVersion(false);
        if (this.configs.getApiSSLAuthentication()) {
            String str = configsMap.get(Configuration.CLIENT_API_SSL_KSTR_DIR_NAME.getKey()) + File.separator + configsMap.get(Configuration.CLIENT_API_SSL_KSTR_NAME.getKey());
            String str2 = configsMap.get(Configuration.CLIENT_API_SSL_KSTR_DIR_NAME.getKey()) + File.separator + configsMap.get(Configuration.CLIENT_API_SSL_TSTR_NAME.getKey());
            LOG.info("API SSL Authentication is turned on. Keystore - " + str);
            String str3 = configsMap.get(Configuration.CLIENT_API_SSL_CRT_PASS.getKey());
            HttpConfiguration httpConfiguration2 = new HttpConfiguration(httpConfiguration);
            SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
            secureRequestCustomizer.setSniRequired(false);
            secureRequestCustomizer.setSniHostCheck(false);
            httpConfiguration2.addCustomizer(secureRequestCustomizer);
            httpConfiguration2.setSecurePort(this.configs.getClientSSLApiPort());
            SslContextFactory.Server server2 = new SslContextFactory.Server();
            disableInsecureProtocols(server2);
            server2.setKeyStorePath(str);
            server2.setTrustStorePath(str2);
            server2.setKeyStorePassword(str3);
            server2.setKeyManagerPassword(str3);
            server2.setTrustStorePassword(str3);
            server2.setKeyStoreType(configsMap.get(Configuration.CLIENT_API_SSL_KSTR_TYPE.getKey()));
            server2.setTrustStoreType(configsMap.get(Configuration.CLIENT_API_SSL_KSTR_TYPE.getKey()));
            server2.setSniRequired(false);
            serverConnector = new ServerConnector(server, i, -1, new ConnectionFactory[]{new SslConnectionFactory(server2, HttpVersion.HTTP_1_1.toString()), new HttpConnectionFactory(httpConfiguration2)});
            serverConnector.setPort(this.configs.getClientSSLApiPort());
        } else {
            serverConnector = new ServerConnector(server, i, -1, new ConnectionFactory[]{new HttpConnectionFactory(httpConfiguration)});
            serverConnector.setPort(this.configs.getClientApiPort());
        }
        serverConnector.setIdleTimeout(this.configs.getConnectionMaxIdleTime());
        return serverConnector;
    }

    protected void runDatabaseConsistencyCheck() throws Exception {
        if (System.getProperty("skipDatabaseConsistencyCheck") == null) {
            try {
                DatabaseConsistencyCheckResult runAllDBChecks = DatabaseConsistencyCheckHelper.runAllDBChecks(System.getProperty("fixDatabaseConsistency") != null);
                System.out.println("Database consistency check result: " + runAllDBChecks);
                if (runAllDBChecks.isError()) {
                    System.exit(1);
                }
            } catch (Throwable th) {
                System.out.println("Database consistency check result: " + DatabaseConsistencyCheckResult.DB_CHECK_ERROR);
                throw new Exception(th);
            }
        }
    }

    private void setupJulLogging() {
        LogManager.getLogManager().reset();
        SLF4JBridgeHandler.install();
    }

    protected Server configureJettyThreadPool(int i, String str, int i2) {
        int i3 = i * 2;
        if (i2 < i3 + 20) {
            int i4 = i3 + 20;
            LOG.warn("The configured Jetty {} thread pool value of {} is not sufficient on a host with {} processors. Increasing the value to {}.", new Object[]{str, Integer.valueOf(i2), Integer.valueOf(Runtime.getRuntime().availableProcessors()), Integer.valueOf(i4)});
            i2 = i4;
        }
        LOG.info("Jetty is configuring {} with {} reserved acceptors/selectors and a total pool size of {} for {} processors.", new Object[]{str, Integer.valueOf(i * 2), Integer.valueOf(i2), Integer.valueOf(Runtime.getRuntime().availableProcessors())});
        QueuedThreadPool queuedThreadPool = new QueuedThreadPool(i2);
        queuedThreadPool.setName(str);
        return new Server(queuedThreadPool);
    }

    private void disableInsecureProtocols(SslContextFactory sslContextFactory) {
        sslContextFactory.setExcludeProtocols(DEPRECATED_SSL_PROTOCOLS);
        sslContextFactory.setIncludeProtocols(new String[]{"SSLv2Hello", "SSLv3", "TLSv1.1", "TLSv1.2"});
        if (!this.configs.getSrvrDisabledCiphers().isEmpty()) {
            sslContextFactory.setExcludeCipherSuites(this.configs.getSrvrDisabledCiphers().split("\\|"));
        }
        if (this.configs.getSrvrDisabledProtocols().isEmpty()) {
            return;
        }
        sslContextFactory.setExcludeProtocols(this.configs.getSrvrDisabledProtocols().split("\\|"));
    }

    protected void configureRootHandler(ServletContextHandler servletContextHandler) {
        configureHandlerCompression(servletContextHandler);
        configureAdditionalContentTypes(servletContextHandler);
        servletContextHandler.setContextPath("/");
        OBDPErrorHandler oBDPErrorHandler = (OBDPErrorHandler) this.injector.getInstance(OBDPErrorHandler.class);
        oBDPErrorHandler.setShowStacks(this.configs.isServerShowErrorStacks());
        servletContextHandler.setErrorHandler(oBDPErrorHandler);
        servletContextHandler.setMaxFormContentSize(-1);
        servletContextHandler.setResourceBase(this.configs.getWebAppDir());
    }

    protected void configureHandlerCompression(ServletContextHandler servletContextHandler) {
        if (this.configs.isApiGzipped()) {
            GzipHandler gzipHandler = new GzipHandler();
            gzipHandler.setIncludedMethods(new String[]{"GET", "POST", "PUT", "DELETE"});
            gzipHandler.setExcludedPaths(new String[]{"*.woff", "*.ttf", "*.woff2", "*.eot", "*.svg"});
            gzipHandler.setIncludedMimeTypes(new String[]{"text/html", "text/plain", "text/xml", "text/css", "application/x-javascript", "application/xml", "application/x-www-form-urlencoded", "application/javascript", "application/json"});
            gzipHandler.setMinGzipSize(Integer.parseInt(this.configs.getApiGzipMinSize()));
            servletContextHandler.setGzipHandler(gzipHandler);
        }
    }

    private void configureAdditionalContentTypes(ServletContextHandler servletContextHandler) {
        servletContextHandler.getMimeTypes().addMimeMapping("woff", "application/font-woff");
        servletContextHandler.getMimeTypes().addMimeMapping("ttf", "application/font-sfnt");
    }

    @Transactional
    protected void initDB() throws OBDPException {
        if (this.configs.getPersistenceType() == PersistenceType.IN_MEMORY || this.dbInitNeeded) {
            LOG.info("Database init needed - creating default data");
            Users users = (Users) this.injector.getInstance(Users.class);
            UserEntity createUser = users.createUser(UserResourceProvider.ADMIN_PROPERTY_ID, UserResourceProvider.ADMIN_PROPERTY_ID, UserResourceProvider.ADMIN_PROPERTY_ID);
            users.addLocalAuthentication(createUser, UserResourceProvider.ADMIN_PROPERTY_ID);
            users.grantAdminPrivilege(createUser);
            users.addLocalAuthentication(users.createUser("user", "user", "user"), "user");
            MetainfoEntity metainfoEntity = new MetainfoEntity();
            metainfoEntity.setMetainfoName("version");
            metainfoEntity.setMetainfoValue(VersionUtils.getVersionSubstring(this.obdpMetaInfo.getServerVersion()));
            this.metainfoDAO.create(metainfoEntity);
        }
    }

    public void stop() throws Exception {
        if (this.server == null) {
            throw new OBDPException("Error stopping the server");
        }
        try {
            this.server.stop();
        } catch (Exception e) {
            LOG.error("Error stopping the server", e);
        }
    }

    @Deprecated
    public void performStaticInjection() {
        CertificateDownload.init((CertificateManager) this.injector.getInstance(CertificateManager.class));
        ConnectionInfo.init((Configuration) this.injector.getInstance(Configuration.class));
        CertificateSign.init((CertificateManager) this.injector.getInstance(CertificateManager.class));
        GetResource.init((ResourceManager) this.injector.getInstance(ResourceManager.class));
        PersistKeyValueService.init((PersistKeyValueImpl) this.injector.getInstance(PersistKeyValueImpl.class));
        KeyService.init((PersistKeyValueImpl) this.injector.getInstance(PersistKeyValueImpl.class));
        BootStrapResource.init((BootStrapImpl) this.injector.getInstance(BootStrapImpl.class));
        StackAdvisorResourceProvider.init((StackAdvisorHelper) this.injector.getInstance(StackAdvisorHelper.class), (Configuration) this.injector.getInstance(Configuration.class), (Clusters) this.injector.getInstance(Clusters.class), (OBDPMetaInfo) this.injector.getInstance(OBDPMetaInfo.class));
        StageUtils.setGson((Gson) this.injector.getInstance(Gson.class));
        StageUtils.setTopologyManager((TopologyManager) this.injector.getInstance(TopologyManager.class));
        StageUtils.setConfiguration((Configuration) this.injector.getInstance(Configuration.class));
        SecurityFilter.init((Configuration) this.injector.getInstance(Configuration.class));
        StackDefinedPropertyProvider.init(this.injector);
        AbstractControllerResourceProvider.init((ResourceProviderFactory) this.injector.getInstance(ResourceProviderFactory.class));
        BlueprintResourceProvider.init((BlueprintFactory) this.injector.getInstance(BlueprintFactory.class), (BlueprintDAO) this.injector.getInstance(BlueprintDAO.class), (TopologyRequestDAO) this.injector.getInstance(TopologyRequestDAO.class), (SecurityConfigurationFactory) this.injector.getInstance(SecurityConfigurationFactory.class), (Gson) this.injector.getInstance(Gson.class), this.obdpMetaInfo);
        StackDependencyResourceProvider.init(this.obdpMetaInfo);
        ClusterResourceProvider.init((TopologyManager) this.injector.getInstance(TopologyManager.class), (TopologyRequestFactory) this.injector.getInstance(TopologyRequestFactoryImpl.class), (SecurityConfigurationFactory) this.injector.getInstance(SecurityConfigurationFactory.class), (Gson) this.injector.getInstance(Gson.class));
        HostResourceProvider.setTopologyManager((TopologyManager) this.injector.getInstance(TopologyManager.class));
        BlueprintFactory.init((BlueprintDAO) this.injector.getInstance(BlueprintDAO.class));
        BaseClusterRequest.init((BlueprintFactory) this.injector.getInstance(BlueprintFactory.class));
        AmbariContext.init((HostRoleCommandFactory) this.injector.getInstance(HostRoleCommandFactory.class));
        PermissionResourceProvider.init((PermissionDAO) this.injector.getInstance(PermissionDAO.class));
        ViewPermissionResourceProvider.init((PermissionDAO) this.injector.getInstance(PermissionDAO.class));
        PrivilegeResourceProvider.init((PrivilegeDAO) this.injector.getInstance(PrivilegeDAO.class), (UserDAO) this.injector.getInstance(UserDAO.class), (GroupDAO) this.injector.getInstance(GroupDAO.class), (PrincipalDAO) this.injector.getInstance(PrincipalDAO.class), (PermissionDAO) this.injector.getInstance(PermissionDAO.class), (ResourceDAO) this.injector.getInstance(ResourceDAO.class));
        UserPrivilegeResourceProvider.init((UserDAO) this.injector.getInstance(UserDAO.class), (ClusterDAO) this.injector.getInstance(ClusterDAO.class), (GroupDAO) this.injector.getInstance(GroupDAO.class), (ViewInstanceDAO) this.injector.getInstance(ViewInstanceDAO.class), (Users) this.injector.getInstance(Users.class));
        ClusterPrivilegeResourceProvider.init((ClusterDAO) this.injector.getInstance(ClusterDAO.class));
        OBDPPrivilegeResourceProvider.init((ClusterDAO) this.injector.getInstance(ClusterDAO.class));
        ActionManager.setTopologyManager((TopologyManager) this.injector.getInstance(TopologyManager.class));
        KerberosKeytabController.setKerberosHelper((KerberosHelper) this.injector.getInstance(KerberosHelper.class));
        StackAdvisorBlueprintProcessor.init((StackAdvisorHelper) this.injector.getInstance(StackAdvisorHelper.class));
        ThreadPoolEnabledPropertyProvider.init((Configuration) this.injector.getInstance(Configuration.class));
        BaseService.init((RequestAuditLogger) this.injector.getInstance(RequestAuditLogger.class));
        RetryHelper.init((Clusters) this.injector.getInstance(Clusters.class), this.configs.getOperationsRetryAttempts());
        ((KerberosIdentityCleaner) this.injector.getInstance(KerberosIdentityCleaner.class)).register();
        configureFileWatcher();
    }

    private void configureFileWatcher() {
        OBDPEventPublisher oBDPEventPublisher = (OBDPEventPublisher) this.injector.getInstance(OBDPEventPublisher.class);
        new SingleFileWatch(((Configuration) this.injector.getInstance(Configuration.class)).getConfigFile(), file -> {
            oBDPEventPublisher.publish(new AmbariPropertiesChangedEvent());
        }).start();
    }

    public void initViewRegistry() {
        ViewRegistry.initInstance(this.viewRegistry);
    }

    public static void setupProxyAuth() {
        final String property = System.getProperty("http.proxyUser");
        final String property2 = System.getProperty("http.proxyPassword");
        if (null == property || null == property2) {
            LOG.debug("Proxy authentication not specified");
        } else {
            LOG.info("Proxy authentication enabled");
            Authenticator.setDefault(new Authenticator() { // from class: id.onyx.obdp.server.controller.OBDPServer.1
                @Override // java.net.Authenticator
                protected PasswordAuthentication getPasswordAuthentication() {
                    return new PasswordAuthentication(property, property2.toCharArray());
                }
            });
        }
    }

    private static void logStartup() {
        LOG.info(Joiner.on("\nSTARTUP_MESSAGE: ").join(new String[]{"STARTUP_MESSAGE: Starting OBDPServer.java executable", "java.class.path = " + System.getProperty("java.class.path")}));
    }

    public static void enableLog4jMonitor(Map<String, String> map) {
        String url = OBDPServer.class.getResource("/log4j.properties").toString();
        String str = map.get(Configuration.LOG4JMONITOR_DELAY.getKey());
        long longValue = Configuration.LOG4JMONITOR_DELAY.getDefaultValue().longValue();
        try {
            url = url.replace("file:", Configuration.JDBC_IN_MEMORY_PASSWORD);
            if (StringUtils.isNotBlank(str)) {
                longValue = Long.parseLong(str);
            }
            PropertyConfigurator.configureAndWatch(url, longValue);
        } catch (Exception e) {
            LOG.error("Exception in setting log4j monitor delay of {} for {}", new Object[]{str, url, e});
        }
    }

    private static void loadRequestlogHandler(OBDPHandlerList oBDPHandlerList, Server server, Map<String, String> map) {
        String str = map.get(Configuration.REQUEST_LOGPATH.getKey());
        if (StringUtils.isBlank(str)) {
            return;
        }
        LOG.info("********* Initializing request access log: " + (str + "//" + Configuration.REQUEST_LOGNAMEPATTERN.getDefaultValue()));
        RequestLogHandler requestLogHandler = new RequestLogHandler();
        CustomRequestLog customRequestLog = new CustomRequestLog(str);
        String str2 = map.get(Configuration.REQUEST_LOG_RETAINDAYS.getKey());
        Configuration.REQUEST_LOG_RETAINDAYS.getDefaultValue().intValue();
        if (str2 != null && !StringUtils.isBlank(str2)) {
            Integer.parseInt(str2.trim());
        }
        requestLogHandler.setRequestLog(customRequestLog);
        oBDPHandlerList.addHandler(requestLogHandler);
        HandlerCollection handlerCollection = new HandlerCollection();
        Handler[] handlers = server.getHandlers();
        if (handlers != null) {
            handlerCollection.setHandlers(handlers);
            handlerCollection.addHandler(requestLogHandler);
            server.setHandler(handlerCollection);
        }
    }

    public static void main(String[] strArr) throws Exception {
        logStartup();
        Injector createInjector = Guice.createInjector(new Module[]{new ControllerModule(), new AuditLoggerModule(), new LdapModule()});
        OBDPServer oBDPServer = null;
        try {
            LOG.info("Getting the controller");
            Configuration configuration = (Configuration) createInjector.getInstance(Configuration.class);
            configuration.validatePasswordPolicyRegexp();
            if (!configuration.isActiveInstance()) {
                throw new OBDPException("This instance of OBDP server is not designated as active. Cannot start OBDP server.The property active.instance is set to false in obdp.properties");
            }
            setupProxyAuth();
            ((GuiceJpaInitializer) createInjector.getInstance(GuiceJpaInitializer.class)).setInitialized();
            DatabaseConsistencyCheckHelper.checkDBVersionCompatible();
            OBDPServer oBDPServer2 = (OBDPServer) createInjector.getInstance(OBDPServer.class);
            ((UpdateActiveRepoVersionOnStartup) createInjector.getInstance(UpdateActiveRepoVersionOnStartup.class)).process();
            ((CertificateManager) createInjector.getInstance(CertificateManager.class)).initRootCert();
            KerberosChecker.checkJaasConfiguration();
            ViewRegistry.initInstance(oBDPServer2.viewRegistry);
            ComponentSSLConfiguration.instance().init(oBDPServer2.configs);
            oBDPServer2.run();
        } catch (Throwable th) {
            System.err.println("An unexpected error occured during starting OBDP Server.");
            th.printStackTrace();
            LOG.error("Failed to run the OBDP Server", th);
            if (0 != 0) {
                oBDPServer.stop();
            }
            System.exit(-1);
        }
    }

    static {
        int i;
        Velocity.setProperty("runtime.log.logsystem.log4j.logger", VELOCITY_LOG_CATEGORY);
        CLASSPATH_SANITY_CHECK_FAILURE_MESSAGE = "%s class is found in multiple jar files. Possible reasons include multiple OBDP server jar files in the OBDP classpath.\n" + String.format("Check for additional OBDP server jar files and check that %s matches only one file.", AmbariPath.getPath("/usr/lib/obdp-server/obdp-server*.jar"));
        try {
            Enumeration<URL> resources = OBDPServer.class.getClassLoader().getResources(CLASSPATH_CHECK_CLASS);
            i = 0;
            while (resources.hasMoreElements()) {
                i++;
                LOG.info(String.format("Found %s class in %s", CLASSPATH_CHECK_CLASS, resources.nextElement().getPath()));
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
        if (i > 1) {
            throw new RuntimeException(String.format(CLASSPATH_SANITY_CHECK_FAILURE_MESSAGE, CLASSPATH_CHECK_CLASS));
        }
        clusterController = null;
    }
}
