package com.sun.enterprise.admin.cli.optional;

import com.sun.appserv.management.client.prefs.LoginInfo;
import com.sun.appserv.management.client.prefs.LoginInfoStore;
import com.sun.appserv.management.client.prefs.LoginInfoStoreFactory;
import com.sun.enterprise.admin.cli.CLICommand;
import com.sun.enterprise.admin.servermgmt.DomainConfig;
import com.sun.enterprise.admin.servermgmt.DomainException;
import com.sun.enterprise.admin.servermgmt.KeystoreManager;
import com.sun.enterprise.admin.servermgmt.pe.PEDomainsManager;
import com.sun.enterprise.admin.util.CommandModelData;
import com.sun.enterprise.config.serverbeans.Config;
import com.sun.enterprise.config.util.PortConstants;
import com.sun.enterprise.config.util.RegisterInstanceCommandParameters;
import com.sun.enterprise.connectors.jms.system.ActiveJmsResourceAdapter;
import com.sun.enterprise.module.bootstrap.StartupContext;
import com.sun.enterprise.security.auth.realm.ldap.LDAPRealm;
import com.sun.enterprise.universal.i18n.LocalStringsImpl;
import com.sun.enterprise.util.SystemPropertyConstants;
import com.sun.enterprise.util.io.FileUtils;
import com.sun.enterprise.util.net.NetUtils;
import com.sun.logging.LogDomains;
import com.sun.messaging.bridge.service.Bridge;
import java.io.Console;
import java.io.File;
import java.util.Collection;
import java.util.LinkedHashSet;
import java.util.Properties;
import java.util.UUID;
import java.util.logging.Level;
import org.glassfish.api.Param;
import org.glassfish.api.admin.CommandException;
import org.glassfish.api.admin.CommandModel;
import org.glassfish.api.admin.CommandValidationException;
import org.glassfish.api.admin.config.DomainContext;
import org.glassfish.api.admin.config.DomainInitializer;
import org.glassfish.internal.embedded.EmbeddedFileSystem;
import org.glassfish.internal.embedded.LifecycleException;
import org.glassfish.internal.embedded.Server;
import org.glassfish.security.common.FileRealmHelper;
import org.jvnet.hk2.annotations.Scoped;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.component.Habitat;
import org.jvnet.hk2.component.PerLookup;

@Service(name = "create-domain")
@Scoped(PerLookup.class)
/* loaded from: input_file:com/sun/enterprise/admin/cli/optional/CreateDomainCommand.class */
public final class CreateDomainCommand extends CLICommand {
    private static final String ADMIN_PORT = "adminport";
    private static final String ADMIN_PASSWORD = "AS_ADMIN_PASSWORD";
    private static final String ADMIN_ADMINPASSWORD = "AS_ADMIN_ADMINPASSWORD";
    private static final String MASTER_PASSWORD = "AS_ADMIN_MASTERPASSWORD";
    private static final String DEFAULT_MASTER_PASSWORD = "changeit";
    private static final String SAVE_MASTER_PASSWORD = "savemasterpassword";
    private static final String INSTANCE_PORT = "instanceport";
    private static final String DOMAIN_PROPERTIES = "domainproperties";
    private static final String PORTBASE_OPTION = "portbase";

    @Param(name = ADMIN_PORT, optional = true)
    private String adminPort;

    @Param(name = "portbase", optional = true)
    private String portBase;

    @Param(obsolete = true, name = "profile", optional = true)
    private String profile;

    @Param(name = "template", optional = true)
    private String template;

    @Param(name = "domaindir", optional = true)
    private String domainDir;

    @Param(name = INSTANCE_PORT, optional = true)
    private String instancePort;

    @Param(name = DOMAIN_PROPERTIES, optional = true, separator = ':')
    private Properties domainProperties;

    @Param(name = DomainConfig.KEYTOOLOPTIONS, optional = true)
    private String keytoolOptions;

    @Param(name = "domain_name", primary = true)
    private String domainName;
    private CommandModelData.ParamModelData adminPasswordOption;
    private static final LocalStringsImpl strings = new LocalStringsImpl(CreateDomainCommand.class);
    private String adminUser = null;

    @Param(name = SAVE_MASTER_PASSWORD, optional = true, defaultValue = "false")
    private boolean saveMasterPassword = false;

    @Param(name = "usemasterpassword", optional = true, defaultValue = "false")
    private boolean useMasterPassword = false;

    @Param(name = "savelogin", optional = true, defaultValue = "false")
    private boolean saveLoginOpt = false;

    @Param(name = "nopassword", optional = true, defaultValue = "false")
    private boolean noPassword = false;
    private String adminPassword = null;
    private String masterPassword = null;

    @Param(name = RegisterInstanceCommandParameters.ParameterNames.PARAM_CHECKPORTS, optional = true, defaultValue = "true")
    private boolean checkPorts = true;
    private CommandModelData.ParamModelData masterPasswordOption = new CommandModelData.ParamModelData("AS_ADMIN_MASTERPASSWORD", String.class, false, null);

    public CreateDomainCommand() {
        this.masterPasswordOption.description = strings.get("MasterPassword");
        this.masterPasswordOption.param._password = true;
        this.adminPasswordOption = new CommandModelData.ParamModelData(ADMIN_PASSWORD, String.class, false, null);
        this.adminPasswordOption.description = strings.get(ActiveJmsResourceAdapter.ADMINPASSWORD);
        this.adminPasswordOption.param._password = true;
    }

    @Override // com.sun.enterprise.admin.cli.CLICommand
    protected Collection<CommandModel.ParamModel> usageOptions() {
        Collection<CommandModel.ParamModel> parameters = this.commandModel.getParameters();
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        CommandModelData.ParamModelData paramModelData = new CommandModelData.ParamModelData(ADMIN_PORT, String.class, true, Integer.toString(4848));
        CommandModelData.ParamModelData paramModelData2 = new CommandModelData.ParamModelData(INSTANCE_PORT, String.class, true, Integer.toString(PortConstants.DEFAULT_INSTANCE_PORT));
        for (CommandModel.ParamModel paramModel : parameters) {
            if (paramModel.getName().equals(ADMIN_PORT)) {
                linkedHashSet.add(paramModelData);
            } else if (paramModel.getName().equals(INSTANCE_PORT)) {
                linkedHashSet.add(paramModelData2);
            } else {
                linkedHashSet.add(paramModel);
            }
        }
        return linkedHashSet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.enterprise.admin.cli.CLICommand
    public void validate() throws CommandException, CommandValidationException {
        if (this.domainDir == null) {
            this.domainDir = getSystemProperty(SystemPropertyConstants.DOMAINS_ROOT_PROPERTY);
        }
        if (this.domainDir == null) {
            throw new CommandValidationException(strings.get("InvalidDomainPath", this.domainDir));
        }
        if (this.programOpts.getUser() == null && !this.noPassword) {
            Console console = System.console();
            if (console == null || !this.programOpts.isInteractive()) {
                throw new CommandValidationException(strings.get("AdminUserRequired"));
            }
            console.printf(LDAPRealm.SUBST_SUBJECT_NAME, strings.get("AdminUserRequiredPrompt", "admin"));
            String readLine = console.readLine();
            if (ok(readLine)) {
                this.programOpts.setUser(readLine);
            }
        }
        if (this.programOpts.getUser() != null) {
            try {
                FileRealmHelper.validateUserName(this.programOpts.getUser());
            } catch (IllegalArgumentException e) {
                throw new CommandValidationException(strings.get("InvalidUserName", this.programOpts.getUser()));
            }
        }
    }

    public void verifyPortBase() throws CommandValidationException {
        if (usePortBase()) {
            setOptionsWithPortBase(convertPortStr(this.portBase));
        }
    }

    private void setOptionsWithPortBase(int i) throws CommandValidationException {
        verifyPortBasePortIsValid(ADMIN_PORT, i + 48);
        this.adminPort = String.valueOf(i + 48);
        verifyPortBasePortIsValid(INSTANCE_PORT, i + 80);
        this.instancePort = String.valueOf(i + 80);
        this.domainProperties = new Properties();
        verifyPortBasePortIsValid(DomainConfig.K_HTTP_SSL_PORT, i + 81);
        this.domainProperties.put(DomainConfig.K_HTTP_SSL_PORT, String.valueOf(i + 81));
        verifyPortBasePortIsValid(DomainConfig.K_IIOP_SSL_PORT, i + 38);
        this.domainProperties.put(DomainConfig.K_IIOP_SSL_PORT, String.valueOf(i + 38));
        verifyPortBasePortIsValid(DomainConfig.K_IIOP_MUTUALAUTH_PORT, i + 39);
        this.domainProperties.put(DomainConfig.K_IIOP_MUTUALAUTH_PORT, String.valueOf(i + 39));
        verifyPortBasePortIsValid(DomainConfig.K_JMS_PORT, i + 76);
        this.domainProperties.put(DomainConfig.K_JMS_PORT, String.valueOf(i + 76));
        verifyPortBasePortIsValid(DomainConfig.K_ORB_LISTENER_PORT, i + 37);
        this.domainProperties.put(DomainConfig.K_ORB_LISTENER_PORT, String.valueOf(i + 37));
        verifyPortBasePortIsValid(DomainConfig.K_JMX_PORT, i + 86);
        this.domainProperties.put(DomainConfig.K_JMX_PORT, String.valueOf(i + 86));
        verifyPortBasePortIsValid(DomainConfig.K_OSGI_SHELL_TELNET_PORT, i + 66);
        this.domainProperties.put(DomainConfig.K_OSGI_SHELL_TELNET_PORT, String.valueOf(i + 66));
        verifyPortBasePortIsValid(DomainConfig.K_JAVA_DEBUGGER_PORT, i + 9);
        this.domainProperties.put(DomainConfig.K_JAVA_DEBUGGER_PORT, String.valueOf(i + 9));
    }

    @Override // com.sun.enterprise.admin.cli.CLICommand
    protected int executeCommand() throws CommandException, CommandValidationException {
        try {
            new PEDomainsManager().validateDomain(new DomainConfig(this.domainName, this.domainDir), false);
            verifyPortBase();
            this.adminUser = this.programOpts.getUser();
            if (!ok(this.adminUser)) {
                this.adminUser = "admin";
                this.adminPassword = "";
            } else if (this.noPassword) {
                this.adminPassword = "";
            } else {
                this.adminPassword = this.passwords.get(ADMIN_ADMINPASSWORD);
                if (this.adminPassword != null) {
                    logger.warning(strings.get("DeprecatedAdminPassword"));
                } else {
                    boolean z = this.passwords.get(ADMIN_PASSWORD) != null;
                    this.adminPassword = getAdminPassword();
                }
                validatePassword(this.adminPassword, this.adminPasswordOption);
            }
            if (this.saveMasterPassword) {
                this.useMasterPassword = true;
            }
            if (this.useMasterPassword) {
                this.masterPassword = getMasterPassword();
            }
            if (this.masterPassword == null) {
                this.masterPassword = "changeit";
            }
            validatePassword(this.masterPassword, this.masterPasswordOption);
            try {
                if (this.adminPort != null) {
                    verifyPortIsValid(this.adminPort);
                }
                if (this.instancePort != null) {
                    verifyPortIsValid(this.instancePort);
                }
                createTheDomain(this.domainDir, this.domainProperties);
                return 0;
            } catch (CommandException e) {
                logger.info(e.getLocalizedMessage());
                throw new CommandException(strings.get("CouldNotCreateDomain", this.domainName), e);
            } catch (Exception e2) {
                logger.fine(e2.getLocalizedMessage());
                throw new CommandException(strings.get("CouldNotCreateDomain", this.domainName), e2);
            }
        } catch (DomainException e3) {
            logger.fine(e3.getLocalizedMessage());
            throw new CommandException(strings.get("CouldNotCreateDomain", this.domainName), e3);
        }
    }

    private void verifyPortIsValid(String str) throws CommandException, CommandValidationException {
        int convertPortStr = convertPortStr(str);
        if (!NetUtils.isPortValid(convertPortStr)) {
            throw new CommandException(strings.get("InvalidPortRange", str));
        }
        if (!this.checkPorts) {
            logger.log(Level.FINER, "Port ={0}", Integer.valueOf(convertPortStr));
            return;
        }
        switch (NetUtils.checkPort(convertPortStr)) {
            case illegalNumber:
                throw new CommandException(strings.get("InvalidPortRange", str));
            case inUse:
                throw new CommandException(strings.get("PortInUseError", this.domainName, str));
            case noPermission:
                throw new CommandException(strings.get("NoPermissionForPortError", str, this.domainName));
            case unknown:
                throw new CommandException(strings.get("UnknownPortMsg", str));
            case OK:
                logger.log(Level.FINER, "Port ={0}", Integer.valueOf(convertPortStr));
                return;
            default:
                return;
        }
    }

    private int convertPortStr(String str) throws CommandValidationException {
        try {
            return Integer.parseInt(str);
        } catch (Exception e) {
            throw new CommandValidationException(strings.get("InvalidPortNumber", str));
        }
    }

    private void verifyPortBasePortIsValid(String str, int i) throws CommandValidationException {
        if (i <= 0 || i > 65535) {
            throw new CommandValidationException(strings.get("InvalidPortBaseRange", Integer.valueOf(i), str));
        }
        if (this.checkPorts && !NetUtils.isPortFree(i)) {
            throw new CommandValidationException(strings.get("PortBasePortInUse", Integer.valueOf(i), str));
        }
        logger.finer("Port =" + i);
    }

    private void createTheDomain(String str, Properties properties) throws DomainException, CommandValidationException {
        if (FileUtils.safeGetCanonicalFile(new File(str + File.separator + this.domainName)).exists()) {
            throw new CommandValidationException(strings.get("DomainExists", this.domainName));
        }
        Integer port = getPort(properties, DomainConfig.K_ADMIN_PORT, this.adminPort, Integer.toString(4848), "Admin");
        Integer port2 = getPort(properties, DomainConfig.K_INSTANCE_PORT, this.instancePort, Integer.toString(PortConstants.DEFAULT_INSTANCE_PORT), "HTTP Instance");
        Integer port3 = getPort(properties, DomainConfig.K_JMS_PORT, null, Integer.toString(7676), Bridge.JMS_TYPE);
        Integer port4 = getPort(properties, DomainConfig.K_ORB_LISTENER_PORT, null, Integer.toString(PortConstants.DEFAULT_IIOP_PORT), "IIOP");
        Integer port5 = getPort(properties, DomainConfig.K_HTTP_SSL_PORT, null, Integer.toString(PortConstants.DEFAULT_HTTPSSL_PORT), "HTTP_SSL");
        Integer port6 = getPort(properties, DomainConfig.K_IIOP_SSL_PORT, null, Integer.toString(PortConstants.DEFAULT_IIOPSSL_PORT), "IIOP_SSL");
        Integer port7 = getPort(properties, DomainConfig.K_IIOP_MUTUALAUTH_PORT, null, Integer.toString(PortConstants.DEFAULT_IIOPMUTUALAUTH_PORT), "IIOP_MUTUALAUTH");
        Integer port8 = getPort(properties, DomainConfig.K_JMX_PORT, null, Integer.toString(PortConstants.DEFAULT_JMX_PORT), "JMX_ADMIN");
        Integer port9 = getPort(properties, DomainConfig.K_OSGI_SHELL_TELNET_PORT, null, Integer.toString(PortConstants.DEFAULT_OSGI_SHELL_TELNET_PORT), "OSGI_SHELL");
        Integer port10 = getPort(properties, DomainConfig.K_JAVA_DEBUGGER_PORT, null, Integer.toString(9009), "JAVA_DEBUGGER");
        checkPortPrivilege(new Integer[]{port, port2, port3, port4, port5, port3, port4, port5, port6, port7, port8, port9, port10});
        DomainConfig domainConfig = new DomainConfig(this.domainName, port, str, this.adminUser, this.adminPassword, this.masterPassword, Boolean.valueOf(this.saveMasterPassword), port2, port3, port4, port5, port6, port7, port8, port9, port10, properties);
        if (this.template != null) {
            domainConfig.put(DomainConfig.K_TEMPLATE_NAME, this.template);
        }
        domainConfig.put(DomainConfig.K_VALIDATE_PORTS, Boolean.valueOf(this.checkPorts));
        domainConfig.put(DomainConfig.KEYTOOLOPTIONS, this.keytoolOptions);
        initSecureAdminSettings(domainConfig);
        new PEDomainsManager().createDomain(domainConfig);
        try {
            modifyInitialDomainXml(domainConfig);
        } catch (Exception e) {
            logger.warning(strings.get("CustomizationFailed", e.getMessage()));
        }
        logger.info(strings.get("DomainCreated", this.domainName));
        logger.info(strings.get("DomainPort", this.domainName, port.toString()));
        if (this.adminPassword.equals("")) {
            logger.info(strings.get("DomainAllowsUnauth", this.domainName, this.adminUser));
        } else {
            logger.info(strings.get("DomainAdminUser", this.domainName, this.adminUser));
        }
        if (this.saveLoginOpt) {
            saveLogin(port.intValue(), this.adminUser, this.adminPassword, this.domainName);
        }
    }

    private void saveLogin(int i, String str, String str2, String str3) {
        try {
            LoginInfoStore store = LoginInfoStoreFactory.getStore(null);
            LoginInfo loginInfo = new LoginInfo("localhost", i, str, str2);
            if (store.exists(loginInfo.getHost(), loginInfo.getPort())) {
                logger.info(strings.get("OverwriteLoginMsgCreateDomain", loginInfo.getHost(), "" + loginInfo.getPort()));
            }
            store.store(loginInfo, true);
            logger.info(strings.get("LoginInfoStoredCreateDomain", str, str3, store.getName()));
        } catch (Exception e) {
            logger.warning(strings.get("LoginInfoNotStoredCreateDomain", str, str3));
            printExceptionStackTrace(e);
        }
    }

    private Integer getPort(Properties properties, String str, String str2, String str3, String str4) throws CommandValidationException {
        int i = 0;
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        if (str2 != null && !str2.equals("")) {
            i = convertPortStr(str2);
            if (i <= 0 || i > 65535) {
                z2 = true;
            }
        } else if (properties != null) {
            String property = properties.getProperty(str);
            if (property == null || property.equals("")) {
                z = true;
            } else {
                i = convertPortStr(property);
            }
        } else {
            z = true;
        }
        if (z) {
            i = convertPortStr(str3);
            z3 = true;
        }
        if (this.checkPorts && !NetUtils.isPortFree(i)) {
            int freePort = NetUtils.getFreePort();
            if (z) {
                if (z3) {
                    logger.fine(strings.get("DefaultPortInUse", str4, str3, Integer.toString(freePort)));
                } else {
                    logger.fine(strings.get("PortNotSpecified", str4, Integer.toString(freePort)));
                }
            } else if (z2) {
                logger.fine(strings.get("InvalidPortRangeMsg", str4, Integer.toString(freePort)));
            } else {
                logger.fine(strings.get("PortInUse", str4, Integer.toString(i), Integer.toString(freePort)));
            }
            i = freePort;
        } else if (z3) {
            logger.fine(strings.get("UsingDefaultPort", str4, Integer.toString(i)));
        } else {
            logger.fine(strings.get("UsingPort", str4, Integer.toString(i)));
        }
        if (properties != null) {
            properties.remove(str);
        }
        return Integer.valueOf(i);
    }

    private boolean usePortBase() throws CommandValidationException {
        if (this.portBase == null) {
            return false;
        }
        if (this.adminPort != null) {
            throw new CommandValidationException(strings.get("MutuallyExclusiveOption", ADMIN_PORT, "portbase"));
        }
        if (this.instancePort != null) {
            throw new CommandValidationException(strings.get("MutuallyExclusiveOption", INSTANCE_PORT, "portbase"));
        }
        if (this.domainProperties != null) {
            throw new CommandValidationException(strings.get("MutuallyExclusiveOption", DOMAIN_PROPERTIES, "portbase"));
        }
        return true;
    }

    private void checkPortPrivilege(Integer[] numArr) {
        for (Integer num : numArr) {
            if (num.intValue() < 1024) {
                logger.warning(strings.get("PortPrivilege"));
                return;
            }
        }
    }

    public void validatePassword(String str, CommandModel.ParamModel paramModel) throws CommandValidationException {
        String defaultValue = paramModel.getParam().defaultValue();
        if (!ok(defaultValue)) {
            defaultValue = paramModel.getName();
        }
        if (str == null) {
            throw new CommandValidationException(strings.get("PasswordMissing", defaultValue));
        }
    }

    protected String getAdminPassword() throws CommandValidationException {
        return getPassword(this.adminPasswordOption, "", true);
    }

    private String getMasterPassword() throws CommandValidationException, CommandException {
        return getPassword(this.masterPasswordOption, "changeit", true);
    }

    private void modifyInitialDomainXml(DomainConfig domainConfig) throws LifecycleException {
        Server.Builder builder = new Server.Builder("dummylaunch");
        EmbeddedFileSystem.Builder builder2 = new EmbeddedFileSystem.Builder();
        builder2.installRoot(new File(domainConfig.getInstallRoot()));
        builder2.configurationFile(new File(new File(new File(domainConfig.getDomainRoot(), domainConfig.getDomainName()), "config"), "domain.xml"), false);
        builder.embeddedFileSystem(builder2.build());
        Properties properties = new Properties();
        properties.setProperty(StartupContext.STARTUP_MODULESTARTUP_NAME, "DomainCreation");
        properties.setProperty("-domain", domainConfig.getDomainName());
        Server build = builder.build(properties);
        build.start();
        Habitat habitat = build.getHabitat();
        Config config = (Config) habitat.getComponent(Config.class, ((com.sun.enterprise.config.serverbeans.Server) habitat.getComponent(com.sun.enterprise.config.serverbeans.Server.class, "server")).getConfigRef());
        DomainContext domainContext = new DomainContext();
        domainContext.setDomainType("dev");
        domainContext.setLogger(LogDomains.getLogger(DomainInitializer.class, LogDomains.SERVER_LOGGER));
        if (habitat.getAllByContract(DomainInitializer.class).isEmpty()) {
            logger.info(strings.get("NoCustomization"));
        }
        for (DomainInitializer domainInitializer : habitat.getAllByContract(DomainInitializer.class)) {
            logger.info(strings.get("InvokeInitializer", domainInitializer.getClass()));
            config.getContainers().add(domainInitializer.getInitialConfig(domainContext));
        }
        build.stop();
    }

    private void initSecureAdminSettings(DomainConfig domainConfig) {
        domainConfig.put(DomainConfig.K_ADMIN_CERT_DN, KeystoreManager.getDASCertDN(domainConfig));
        domainConfig.put(DomainConfig.K_INSTANCE_CERT_DN, KeystoreManager.getInstanceCertDN(domainConfig));
        domainConfig.put(DomainConfig.K_SECURE_ADMIN_IDENTIFIER, secureAdminIdentifier());
    }

    private String secureAdminIdentifier() {
        return UUID.randomUUID().toString();
    }
}
