package org.glassfish.admin.rest.adapter;

import com.sun.enterprise.config.serverbeans.AdminService;
import com.sun.enterprise.config.serverbeans.Config;
import com.sun.enterprise.module.common_impl.LogHelper;
import com.sun.enterprise.util.LocalStringManagerImpl;
import com.sun.enterprise.v3.admin.adapter.AdminEndpointDecider;
import com.sun.grizzly.tcp.http11.GrizzlyAdapter;
import com.sun.grizzly.tcp.http11.GrizzlyRequest;
import com.sun.grizzly.tcp.http11.GrizzlyResponse;
import com.sun.grizzly.util.http.Cookie;
import com.sun.logging.LogDomains;
import java.io.IOException;
import java.net.InetAddress;
import java.util.List;
import java.util.Set;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.FutureTask;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.login.LoginException;
import org.glassfish.admin.rest.LazyJerseyInterface;
import org.glassfish.admin.rest.ResourceUtil;
import org.glassfish.admin.rest.RestService;
import org.glassfish.admin.rest.SessionManager;
import org.glassfish.api.admin.ServerEnvironment;
import org.glassfish.api.container.Adapter;
import org.glassfish.api.container.EndpointRegistrationException;
import org.glassfish.api.event.Events;
import org.glassfish.internal.api.AdminAccessController;
import org.glassfish.internal.api.PostStartup;
import org.glassfish.internal.api.ServerContext;
import org.jvnet.hk2.annotations.Inject;
import org.jvnet.hk2.component.Habitat;
import org.jvnet.hk2.component.PostConstruct;

/* loaded from: input_file:org/glassfish/admin/rest/adapter/RestAdapter.class */
public abstract class RestAdapter extends GrizzlyAdapter implements Adapter, PostStartup, PostConstruct {
    public static final LocalStringManagerImpl localStrings;

    @Inject
    protected Events events;

    @Inject
    protected Habitat habitat;

    @Inject(name = ServerEnvironment.DEFAULT_INSTANCE_NAME)
    protected Config config;

    @Inject
    protected ServerContext sc;

    @Inject
    protected ServerEnvironment serverEnvironment;

    @Inject
    protected SessionManager sessionManager;
    private static final Logger logger;
    private FutureTask<Boolean> exposeContextFuture;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Inject
    protected volatile AdminService as = null;
    protected CountDownLatch latch = new CountDownLatch(1);
    private volatile LazyJerseyInterface lazyJerseyInterface = null;
    private volatile com.sun.grizzly.tcp.Adapter adapter = null;
    private boolean isRegistered = false;
    private AdminEndpointDecider epd = null;

    /* JADX INFO: Access modifiers changed from: protected */
    public RestAdapter() {
        setAllowEncodedSlash(true);
    }

    @Override // org.jvnet.hk2.component.PostConstruct
    public void postConstruct() {
        this.epd = new AdminEndpointDecider(this.config, logger);
        this.latch.countDown();
    }

    @Override // com.sun.grizzly.tcp.http11.GrizzlyAdapter
    public void service(GrizzlyRequest grizzlyRequest, GrizzlyResponse grizzlyResponse) {
        int i;
        String localString;
        LogHelper.getDefaultLogger().log(Level.FINER, "Received resource request: {0}", grizzlyRequest.getRequestURI());
        try {
            grizzlyResponse.setCharacterEncoding("UTF-8");
            if (!this.latch.await(20L, TimeUnit.SECONDS)) {
                reportError(grizzlyRequest, grizzlyResponse, 503, localStrings.getLocalString("rest.adapter.server.wait", "Server cannot process this command at this time, please wait"));
                return;
            }
            if (this.serverEnvironment.isInstance() && !"GET".equalsIgnoreCase(grizzlyRequest.getRequest().method().getString())) {
                reportError(grizzlyRequest, grizzlyResponse, 403, localStrings.getLocalString("rest.resource.only.GET.on.instance", "Only GET requests are allowed on an instance that is not DAS."));
                return;
            }
            AdminAccessController.Access authenticate = authenticate(grizzlyRequest);
            if (authenticate.isOK()) {
                exposeContext();
                ((GrizzlyAdapter) this.adapter).service(grizzlyRequest, grizzlyResponse);
            } else {
                if (authenticate == AdminAccessController.Access.NONE) {
                    i = 401;
                    localString = localStrings.getLocalString("rest.adapter.auth.userpassword", "Invalid user name or password");
                    grizzlyResponse.setHeader("WWW-Authenticate", "BASIC");
                } else {
                    if (!$assertionsDisabled && authenticate != AdminAccessController.Access.FORBIDDEN) {
                        throw new AssertionError();
                    }
                    i = 403;
                    localString = localStrings.getLocalString("rest.adapter.auth.forbidden", "Remote access not allowed. If you desire remote access, please turn on secure admin");
                }
                reportError(grizzlyRequest, grizzlyResponse, i, localString);
            }
        } catch (IOException e) {
            reportError(grizzlyRequest, grizzlyResponse, 503, localStrings.getLocalString("rest.adapter.server.ioexception", "REST: IO Exception " + e.getLocalizedMessage()));
        } catch (InterruptedException e2) {
            reportError(grizzlyRequest, grizzlyResponse, 503, localStrings.getLocalString("rest.adapter.server.wait", "Server cannot process this command at this time, please wait"));
        } catch (LoginException e3) {
            reportError(grizzlyRequest, grizzlyResponse, 401, localStrings.getLocalString("rest.adapter.auth.error", "Error authenticating"));
        } catch (Exception e4) {
            reportError(grizzlyRequest, grizzlyResponse, 503, localStrings.getLocalString("rest.adapter.server.exception", "An error occurred while processing the request. Please see the server logs for details."));
        }
    }

    private AdminAccessController.Access authenticate(GrizzlyRequest grizzlyRequest) throws LoginException, IOException {
        AdminAccessController.Access access = AdminAccessController.Access.FULL;
        if (!authenticateViaLocalPassword(grizzlyRequest) && !authenticateViaRestToken(grizzlyRequest)) {
            access = ResourceUtil.authenticateViaAdminRealm(this.habitat, grizzlyRequest);
        }
        return access;
    }

    private boolean authenticateViaRestToken(GrizzlyRequest grizzlyRequest) {
        Cookie[] cookies = grizzlyRequest.getCookies();
        String str = null;
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if ("gfresttoken".equals(cookie.getName())) {
                    str = cookie.getValue();
                }
            }
        }
        if (str == null) {
            str = grizzlyRequest.getHeader("X-Auth-Token");
        }
        return str != null ? this.sessionManager.authenticate(str, grizzlyRequest) : false;
    }

    private boolean authenticateViaLocalPassword(GrizzlyRequest grizzlyRequest) {
        Cookie[] cookies = grizzlyRequest.getCookies();
        boolean z = false;
        String restUID = RestService.getRestUID();
        if (restUID != null && cookies != null) {
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie = cookies[i];
                if (cookie.getName().equals("gfrestuid") && cookie.getValue().equals(restUID)) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        return z;
    }

    @Override // com.sun.grizzly.tcp.http11.GrizzlyAdapter
    public void afterService(GrizzlyRequest grizzlyRequest, GrizzlyResponse grizzlyResponse) throws Exception {
    }

    public void fireAdapterEvent(String str, Object obj) {
    }

    @Override // org.glassfish.api.container.Adapter
    public boolean isRegistered() {
        return this.isRegistered;
    }

    @Override // org.glassfish.api.container.Adapter
    public void setRegistered(boolean z) {
        this.isRegistered = z;
    }

    @Override // org.glassfish.api.container.Adapter
    public int getListenPort() {
        return this.epd.getListenPort();
    }

    @Override // org.glassfish.api.container.Adapter
    public InetAddress getListenAddress() {
        return this.epd.getListenAddress();
    }

    @Override // org.glassfish.api.container.Adapter
    public List<String> getVirtualServers() {
        return this.epd.getAsadminHosts();
    }

    protected abstract Set<Class<?>> getResourcesConfig();

    /* JADX INFO: Access modifiers changed from: protected */
    public LazyJerseyInterface getLazyJersey() {
        if (this.lazyJerseyInterface != null) {
            return this.lazyJerseyInterface;
        }
        synchronized (com.sun.grizzly.tcp.Adapter.class) {
            if (this.lazyJerseyInterface == null) {
                try {
                    this.lazyJerseyInterface = (LazyJerseyInterface) Class.forName("org.glassfish.admin.rest.LazyJerseyInit").newInstance();
                } catch (Exception e) {
                    logger.log(Level.SEVERE, "Error trying to call org.glassfish.admin.rest.LazyJerseyInit via instrospection: ", (Throwable) e);
                }
            }
        }
        return this.lazyJerseyInterface;
    }

    private void exposeContext() throws EndpointRegistrationException {
        if (this.adapter == null) {
            synchronized (com.sun.grizzly.tcp.Adapter.class) {
                if (this.adapter == null) {
                    String contextRoot = getContextRoot();
                    logger.log(Level.FINE, "Exposing rest resource context root: {0}", contextRoot);
                    if (contextRoot != null || !"".equals(contextRoot)) {
                        this.adapter = getLazyJersey().exposeContext(getResourcesConfig(), this.sc, this.habitat);
                        ((GrizzlyAdapter) this.adapter).setResourcesContextPath(contextRoot);
                        logger.log(Level.INFO, "rest.rest_interface_initialized", contextRoot);
                    }
                }
            }
        }
    }

    private void reportError(GrizzlyRequest grizzlyRequest, GrizzlyResponse grizzlyResponse, int i, String str) {
        getLazyJersey().reportError(grizzlyRequest, grizzlyResponse, i, str);
    }

    static {
        $assertionsDisabled = !RestAdapter.class.desiredAssertionStatus();
        localStrings = new LocalStringManagerImpl(RestService.class);
        logger = LogDomains.getLogger(RestAdapter.class, "javax.enterprise.system.tools.admin");
    }
}
