package com.ibm.ws.cloudoe.management.client.impl;

import com.ibm.ws.cloudoe.management.client.exception.ApplicationManagementException;
import com.ibm.ws.cloudoe.management.client.exception.ClientProxyException;
import com.ibm.ws.cloudoe.management.client.tunnel.ClientProxy;
import com.ibm.ws.cloudoe.management.client.util.IOUtils;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.net.URI;
import java.nio.channels.SelectionKey;
import java.nio.channels.Selector;
import java.nio.channels.ServerSocketChannel;
import java.nio.channels.SocketChannel;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLContext;
import javax.websocket.ClientEndpointConfig;
import javax.websocket.CloseReason;
import javax.websocket.ContainerProvider;
import javax.websocket.Session;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.cloudfoundry.client.lib.CloudFoundryOperations;
import org.cloudfoundry.client.lib.CloudOperationException;
import org.springframework.security.oauth2.common.OAuth2AccessToken;

/* loaded from: input_file:lib/com.ibm.ws.cloudoe.management.client_1.0.jar:com/ibm/ws/cloudoe/management/client/impl/ClientProxyImpl.class */
public class ClientProxyImpl implements ClientProxy {
    private static final String WS_CONNECT_TIMEOUT = "30000";
    private static final String AUTHORIZATION_HEADER_KEY = "Authorization";
    private final CloudFoundryOperations cfOperations;
    private final String endpointUrl;
    private final String appName;
    private final int localPort;
    private final boolean allowSelfSignedCert;
    private final Selector serverSelector;
    private volatile SelectionKey acceptKey;
    private volatile ServerSocketChannel ssChannel;
    private volatile String errorMsg;
    private List<Session> sessions = new CopyOnWriteArrayList();
    protected volatile boolean isStopping;
    private static final Log logger = LogFactory.getLog(ClientProxyImpl.class);
    private static final int CORE_POOL_NUMBER = Runtime.getRuntime().availableProcessors() + 1;
    private static final int DEFAULT_MAX_POOL_NUMBER = 21;
    protected static final ThreadPoolExecutor EXECUTOR = new ThreadPoolExecutor(CORE_POOL_NUMBER, DEFAULT_MAX_POOL_NUMBER, 120, TimeUnit.SECONDS, new LinkedBlockingQueue());

    /* loaded from: input_file:lib/com.ibm.ws.cloudoe.management.client_1.0.jar:com/ibm/ws/cloudoe/management/client/impl/ClientProxyImpl$RunServerTask.class */
    private class RunServerTask implements Runnable {
        private final CountDownLatch latch;

        public RunServerTask(CountDownLatch countDownLatch) {
            this.latch = countDownLatch;
        }

        @Override // java.lang.Runnable
        public void run() {
            try {
                try {
                    ClientProxyImpl.this.ssChannel = ServerSocketChannel.open();
                    ClientProxyImpl.this.ssChannel.configureBlocking(false);
                    ClientProxyImpl.this.ssChannel.bind((SocketAddress) new InetSocketAddress("127.0.0.1", ClientProxyImpl.this.localPort));
                    if (ClientProxyImpl.logger.isInfoEnabled()) {
                        ClientProxyImpl.logger.info(String.format("The server channel is listening on %s.", ClientProxyImpl.this.ssChannel.getLocalAddress()));
                    }
                    ClientProxyImpl.this.acceptKey = ClientProxyImpl.this.ssChannel.register(ClientProxyImpl.this.serverSelector, 16);
                    this.latch.countDown();
                    while (!ClientProxyImpl.this.isStopping) {
                        try {
                            try {
                                ClientProxyImpl.this.serverSelector.select();
                                Iterator<SelectionKey> it = ClientProxyImpl.this.serverSelector.selectedKeys().iterator();
                                while (it.hasNext()) {
                                    try {
                                        try {
                                            SelectionKey next = it.next();
                                            if (next.isValid() && next.isAcceptable()) {
                                                SocketChannel accept = ClientProxyImpl.this.ssChannel.accept();
                                                accept.configureBlocking(false);
                                                ClientProxyImpl.this.onNewClientSocket(accept);
                                            }
                                            it.remove();
                                        } catch (Throwable th) {
                                            it.remove();
                                            throw th;
                                        }
                                    } catch (ApplicationManagementException e) {
                                        ClientProxyImpl.logger.error(String.format("Cannot create the websocket connections for %s", e.getApplicationName()), e);
                                        it.remove();
                                    } catch (Exception e2) {
                                        ClientProxyImpl.logger.error(String.format("Cannot create the websocket connections as %s", e2.getMessage()), e2);
                                        it.remove();
                                    }
                                }
                            } catch (Throwable th2) {
                                ClientProxyImpl.this.errorMsg = getErrorMsg(th2);
                                if (!ClientProxyImpl.this.isStopping) {
                                    ClientProxyImpl.logger.error(th2.getMessage(), th2);
                                }
                                if (ClientProxyImpl.this.errorMsg != null) {
                                    ClientProxyImpl.this.stop();
                                    return;
                                }
                                return;
                            }
                        } catch (Throwable th3) {
                            if (ClientProxyImpl.this.errorMsg != null) {
                                ClientProxyImpl.this.stop();
                            }
                            throw th3;
                        }
                    }
                    if (ClientProxyImpl.this.errorMsg != null) {
                        ClientProxyImpl.this.stop();
                    }
                } catch (Throwable th4) {
                    ClientProxyImpl.this.errorMsg = getErrorMsg(th4);
                    ClientProxyImpl.this.stop();
                    this.latch.countDown();
                }
            } catch (Throwable th5) {
                this.latch.countDown();
                throw th5;
            }
        }

        private String getErrorMsg(Throwable th) {
            return (th.getMessage() == null || th.getMessage().equals("")) ? th.getClass().getName() : th.getMessage();
        }
    }

    public ClientProxyImpl(CloudFoundryOperations cloudFoundryOperations, String str, String str2, int i, boolean z) throws ClientProxyException {
        try {
            this.serverSelector = Selector.open();
            this.cfOperations = cloudFoundryOperations;
            this.endpointUrl = str;
            this.appName = str2;
            this.localPort = i;
            this.allowSelfSignedCert = z;
        } catch (IOException e) {
            throw new ClientProxyException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void start(CountDownLatch countDownLatch) {
        this.isStopping = false;
        this.errorMsg = null;
        EXECUTOR.submit(new RunServerTask(countDownLatch));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getError() {
        return this.errorMsg;
    }

    @Override // com.ibm.ws.cloudoe.management.client.tunnel.ClientProxy
    public int getLocalPort() throws ClientProxyException {
        if (null == this.ssChannel) {
            throw new ClientProxyException("Cannot get the valid server socket.");
        }
        try {
            return ((InetSocketAddress) this.ssChannel.getLocalAddress()).getPort();
        } catch (IOException e) {
            throw new ClientProxyException(e);
        }
    }

    @Override // com.ibm.ws.cloudoe.management.client.tunnel.ClientProxy
    public void stop() {
        this.isStopping = true;
        if (this.acceptKey != null) {
            this.acceptKey.cancel();
        }
        IOUtils.close(this.ssChannel);
        IOUtils.close(this.serverSelector);
        if (this.sessions != null) {
            Iterator<Session> it = this.sessions.iterator();
            while (it.hasNext()) {
                for (Session session : it.next().getOpenSessions()) {
                    try {
                        if (session.isOpen()) {
                            session.close(new CloseReason(CloseReason.CloseCodes.NORMAL_CLOSURE, "The client proxy is closed."));
                        }
                    } catch (IOException e) {
                    }
                }
            }
        }
    }

    public void onNewClientSocket(SocketChannel socketChannel) throws ApplicationManagementException {
        try {
            OAuth2AccessToken login = this.cfOperations.login();
            if (logger.isDebugEnabled()) {
                logger.debug("Get the accessToken: " + login.getValue());
            }
            this.sessions.add(ContainerProvider.getWebSocketContainer().connectToServer(new TunnelEndpoint(this, socketChannel), createConfig(login), new URI(this.endpointUrl)));
        } catch (Throwable th) {
            throw new ApplicationManagementException(this.appName, th);
        }
    }

    private ClientEndpointConfig createConfig(final OAuth2AccessToken oAuth2AccessToken) {
        ClientEndpointConfig build = ClientEndpointConfig.Builder.create().configurator(new ClientEndpointConfig.Configurator() { // from class: com.ibm.ws.cloudoe.management.client.impl.ClientProxyImpl.1
            public void beforeRequest(Map<String, List<String>> map) {
                String authorizationHeader = ClientProxyImpl.this.getAuthorizationHeader(oAuth2AccessToken);
                if (authorizationHeader != null) {
                    map.put("Authorization", Arrays.asList(authorizationHeader));
                    map.put("Origin", Arrays.asList("http://localhost/"));
                }
            }
        }).build();
        build.getUserProperties().put("org.apache.tomcat.websocket.IO_TIMEOUT_MS", WS_CONNECT_TIMEOUT);
        if (this.allowSelfSignedCert) {
            build.getUserProperties().put("org.apache.tomcat.websocket.SSL_CONTEXT", createSslContext());
        }
        return build;
    }

    private SSLContext createSslContext() {
        SSLContext sSLContext;
        try {
            try {
                sSLContext = SSLContext.getInstance("TLSv1.2");
            } catch (NoSuchAlgorithmException e) {
                sSLContext = SSLContext.getInstance("TLSv1.1");
            }
            sSLContext.init(null, null, null);
            return sSLContext;
        } catch (KeyManagementException e2) {
            throw new CloudOperationException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new CloudOperationException(e3);
        }
    }

    public String getAuthorizationHeader(OAuth2AccessToken oAuth2AccessToken) {
        return oAuth2AccessToken.getTokenType() + " " + oAuth2AccessToken.getValue();
    }

    static {
        EXECUTOR.allowCoreThreadTimeOut(true);
    }
}
