package net.cnri.servletcontainer;

import java.io.File;
import java.io.FileInputStream;
import java.net.InetAddress;
import java.nio.file.Files;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import net.cnri.servletcontainer.EmbeddedJettyConfig;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory;
import org.eclipse.jetty.deploy.App;
import org.eclipse.jetty.deploy.DeploymentManager;
import org.eclipse.jetty.deploy.providers.WebAppProvider;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.http2.server.HTTP2CServerConnectionFactory;
import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.OptionalSslConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.StatisticsHandler;
import org.eclipse.jetty.server.handler.gzip.GzipHandler;
import org.eclipse.jetty.util.ssl.AliasedX509ExtendedKeyManager;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.Configuration;
import org.eclipse.jetty.webapp.WebAppContext;
import org.eclipse.jetty.xml.XmlConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/cnri/servletcontainer/EmbeddedJetty.class */
public class EmbeddedJetty {
    private Server httpServer;
    private ContextHandlerCollection contexts;
    private DeploymentManager priorityDeploymentManager;
    private DeploymentManager deploymentManager;
    private DependencyManagerImpl dependencyManager;
    private KeyFileWatcher keyFileWatcher;
    private final EmbeddedJettyConfig config;
    private File baseDir;
    private File webAppsBaseStorageDir;
    private File webAppsTempDir;
    private File webAppsDir;
    private File webAppsPriorityDir;
    private File jettyConfigFile;
    public static final String STARTUP_COMPLETE_EVENT = "priority-startup-complete";
    private Map<String, EmbeddedJettyConfig.ConnectorConfig> configIdConnectorConfigMap = new HashMap();
    private Map<String, SslContextFactory> configIdSslContextFactoryMap = new HashMap();
    private static final Logger logger = LoggerFactory.getLogger(EmbeddedJetty.class);
    private static final SecureRandom random = new SecureRandom();
    public static final String[] HTTPS_KEY_STORE_FILE_NAMES = {"https.jks", "https.keystore", "https.key"};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/cnri/servletcontainer/EmbeddedJetty$EmbeddedWebAppProvider.class */
    public class EmbeddedWebAppProvider extends WebAppProvider {
        private EmbeddedWebAppProvider() {
        }

        public ContextHandler createContextHandler(App app) throws Exception {
            getTempDir().mkdirs();
            WebAppContext createContextHandler = super.createContextHandler(app);
            createContextHandler.setAttribute("net.cnri.servercontainer.webapp_storage_directory", EmbeddedJetty.this.getWebAppStorageDirForContextPath(createContextHandler.getContextPath()));
            EmbeddedJetty.this.setUpWebAppContext(createContextHandler);
            return createContextHandler;
        }
    }

    public EmbeddedJetty(EmbeddedJettyConfig embeddedJettyConfig) {
        this.config = embeddedJettyConfig;
        this.baseDir = embeddedJettyConfig.getBaseDir();
        if (embeddedJettyConfig.getWebAppsPath() != null) {
            this.webAppsDir = new File(embeddedJettyConfig.getWebAppsPath());
        } else {
            this.webAppsDir = new File(this.baseDir, "webapps");
        }
        if (embeddedJettyConfig.getWebAppsPriorityPath() != null) {
            this.webAppsPriorityDir = new File(embeddedJettyConfig.getWebAppsPriorityPath());
        } else {
            this.webAppsPriorityDir = new File(this.baseDir, "webapps-priority");
        }
        if (embeddedJettyConfig.getWebAppsTempPath() != null) {
            this.webAppsTempDir = new File(embeddedJettyConfig.getWebAppsTempPath());
        } else {
            this.webAppsTempDir = new File(this.baseDir, "webapps-temp");
        }
        if (embeddedJettyConfig.getWebAppsStoragePath() != null) {
            this.webAppsBaseStorageDir = new File(embeddedJettyConfig.getWebAppsStoragePath());
        } else {
            this.webAppsBaseStorageDir = new File(this.baseDir, "webapps-storage");
        }
        if (embeddedJettyConfig.getJettyXmlPath() != null) {
            this.jettyConfigFile = new File(embeddedJettyConfig.getJettyXmlPath());
        } else {
            this.jettyConfigFile = new File(this.baseDir, "jetty.xml");
        }
    }

    public void setUpHttpServer() throws Exception {
        setupDependencyManager();
        this.keyFileWatcher = new KeyFileWatcher(this);
        if (!this.config.isEnableDefaultHttpConfig()) {
            this.httpServer = new Server();
        } else if (this.config.getConnectors().size() > 0) {
            this.httpServer = new Server();
            enableAnnotationConfiguration(this.httpServer);
            Iterator<EmbeddedJettyConfig.ConnectorConfig> it = this.config.getConnectors().iterator();
            while (it.hasNext()) {
                addConnector(it.next());
            }
            this.contexts = new ContextHandlerCollection();
            this.priorityDeploymentManager = setUpDeploymentManager(this.webAppsPriorityDir);
            if (this.priorityDeploymentManager != null) {
                this.httpServer.addBean(this.priorityDeploymentManager, true);
            }
            this.deploymentManager = setUpDeploymentManager(this.webAppsDir);
            File file = new File(this.baseDir, "realm.properties");
            if (file.exists()) {
                HashLoginService hashLoginService = new HashLoginService("default");
                hashLoginService.setConfig(file.getAbsolutePath());
                this.httpServer.addBean(hashLoginService);
            }
            Iterator<Handler> it2 = this.config.getDefaultHandlers().iterator();
            while (it2.hasNext()) {
                this.contexts.prependHandler(it2.next());
            }
            StatisticsHandler statisticsHandler = new StatisticsHandler();
            if (this.config.isEnableGzip()) {
                GzipHandler gzipHandler = new GzipHandler();
                gzipHandler.setMinGzipSize(this.config.getMinGzipSize());
                gzipHandler.setIncludedMethods(new String[]{"GET", "POST", "PUT", "DELETE", "PATCH"});
                gzipHandler.setHandler(this.contexts);
                statisticsHandler.setHandler(gzipHandler);
            } else {
                statisticsHandler.setHandler(this.contexts);
            }
            this.httpServer.setHandler(statisticsHandler);
            this.httpServer.setStopTimeout(5000L);
            this.httpServer.setStopAtShutdown(false);
        }
        if (this.httpServer == null || !this.jettyConfigFile.exists()) {
            return;
        }
        FileInputStream fileInputStream = new FileInputStream(this.jettyConfigFile);
        try {
            new XmlConfiguration(fileInputStream).configure(this.httpServer);
            fileInputStream.close();
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static void enableAnnotationConfiguration(Server server) {
        Configuration.ClassList serverDefault = Configuration.ClassList.setServerDefault(server);
        serverDefault.addAfter("org.eclipse.jetty.webapp.FragmentConfiguration", new String[]{"org.eclipse.jetty.plus.webapp.EnvConfiguration", "org.eclipse.jetty.plus.webapp.PlusConfiguration"});
        serverDefault.addBefore("org.eclipse.jetty.webapp.JettyWebXmlConfiguration", new String[]{"org.eclipse.jetty.annotations.AnnotationConfiguration"});
    }

    private void setupDependencyManager() {
        this.dependencyManager = new DependencyManagerImpl();
        this.config.addContextAttribute(DependencyManager.class.getName(), this.dependencyManager);
        this.config.addSystemClass(DependencyManager.class.getName());
    }

    public void startPriorityDeploymentManager() throws Exception {
        if (this.priorityDeploymentManager != null) {
            this.priorityDeploymentManager.start();
        }
        this.dependencyManager.provide(STARTUP_COMPLETE_EVENT);
    }

    public void startHttpServer() throws Exception {
        if (this.httpServer != null) {
            this.httpServer.start();
            if (this.deploymentManager != null) {
                this.httpServer.addBean(this.deploymentManager, true);
                this.deploymentManager.start();
            }
            if (this.keyFileWatcher != null) {
                this.keyFileWatcher.start();
            }
        }
    }

    public void join() throws InterruptedException {
        if (this.httpServer != null) {
            this.httpServer.join();
        }
    }

    public void stopHttpServer() {
        if (this.httpServer != null) {
            if (this.deploymentManager != null && this.priorityDeploymentManager != null) {
                this.deploymentManager.undeployAll();
            }
            if (this.keyFileWatcher != null) {
                this.keyFileWatcher.stop();
            }
            try {
                this.httpServer.stop();
                this.httpServer.join();
            } catch (Exception e) {
                e.printStackTrace();
            }
            this.httpServer = null;
        }
    }

    public void addConnector(EmbeddedJettyConfig.ConnectorConfig connectorConfig) throws Exception {
        SslContextFactory buildSslContextFactory = buildSslContextFactory(connectorConfig);
        String configId = getConfigId(connectorConfig);
        this.configIdConnectorConfigMap.put(configId, connectorConfig);
        this.configIdSslContextFactoryMap.put(configId, buildSslContextFactory);
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setSendServerVersion(false);
        httpConfiguration.setRequestHeaderSize(8192);
        if (connectorConfig.getRedirectPort() > 0) {
            httpConfiguration.setSecureScheme("https");
            httpConfiguration.setSecurePort(connectorConfig.getRedirectPort());
        } else if (!connectorConfig.isHttps() && !connectorConfig.isHttpOnly()) {
            httpConfiguration.setSecureScheme("https");
            httpConfiguration.setSecurePort(connectorConfig.getPort());
        }
        boolean z = (!connectorConfig.isHttp2() || "renegotiate".equalsIgnoreCase(connectorConfig.getHttpsClientAuth()) || System.getProperty("java.version").startsWith("1.8")) ? false : true;
        HTTP2ServerConnectionFactory hTTP2ServerConnectionFactory = null;
        ALPNServerConnectionFactory aLPNServerConnectionFactory = null;
        SslConnectionFactory sslConnectionFactory = null;
        if (!connectorConfig.isHttpOnly()) {
            SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
            httpConfiguration.addCustomizer(secureRequestCustomizer);
            httpConfiguration.addCustomizer(new TlsRenegotiationEnablingCustomizer(secureRequestCustomizer));
            String asString = HttpVersion.HTTP_1_1.asString();
            if (z) {
                hTTP2ServerConnectionFactory = new HTTP2ServerConnectionFactory(httpConfiguration);
                aLPNServerConnectionFactory = new ALPNServerConnectionFactory(new String[0]);
                aLPNServerConnectionFactory.setDefaultProtocol(HttpVersion.HTTP_1_1.asString());
                asString = aLPNServerConnectionFactory.getProtocol();
            }
            sslConnectionFactory = new SslConnectionFactory(buildSslContextFactory, asString);
        }
        ConnectionFactory httpConnectionFactory = new HttpConnectionFactory(httpConfiguration);
        HTTP2CServerConnectionFactory hTTP2CServerConnectionFactory = z ? new HTTP2CServerConnectionFactory(httpConfiguration) : null;
        ServerConnector serverConnector = z ? connectorConfig.isHttps() ? new ServerConnector(this.httpServer, new ConnectionFactory[]{sslConnectionFactory, aLPNServerConnectionFactory, hTTP2ServerConnectionFactory, httpConnectionFactory, hTTP2CServerConnectionFactory}) : connectorConfig.isHttpOnly() ? new ServerConnector(this.httpServer, new ConnectionFactory[]{httpConnectionFactory, hTTP2CServerConnectionFactory}) : new ServerConnector(this.httpServer, new ConnectionFactory[]{new OptionalSslConnectionFactory(sslConnectionFactory, HttpVersion.HTTP_1_1.asString()), sslConnectionFactory, aLPNServerConnectionFactory, hTTP2ServerConnectionFactory, httpConnectionFactory, hTTP2CServerConnectionFactory}) : connectorConfig.isHttps() ? new ServerConnector(this.httpServer, new ConnectionFactory[]{sslConnectionFactory, httpConnectionFactory}) : connectorConfig.isHttpOnly() ? new ServerConnector(this.httpServer, new ConnectionFactory[]{httpConnectionFactory}) : new ServerConnector(this.httpServer, new ConnectionFactory[]{new OptionalSslConnectionFactory(sslConnectionFactory, HttpVersion.HTTP_1_1.asString()), sslConnectionFactory, httpConnectionFactory});
        if (!connectorConfig.isHttpOnly()) {
            List<String> list = (List) Stream.of((Object[]) new String[]{connectorConfig.getHttpsKeyStoreFile(), connectorConfig.getHttpsPrivKeyFile(), connectorConfig.getHttpsCertificateChainFile()}).filter(str -> {
                return (str == null || str.trim().isEmpty()) ? false : true;
            }).collect(Collectors.toList());
            if (list.size() > 0) {
                for (String str2 : list) {
                    if (str2 != null && !str2.trim().isEmpty()) {
                        this.keyFileWatcher.addFileListener(new File(str2).toPath(), configId);
                        logger.info("Watching key file for changes: " + str2);
                    }
                }
            }
        }
        serverConnector.setPort(connectorConfig.getPort());
        InetAddress listenAddress = connectorConfig.getListenAddress();
        if (listenAddress != null) {
            serverConnector.setHost(listenAddress.getHostAddress());
        }
        serverConnector.setIdleTimeout(30000L);
        this.httpServer.addConnector(serverConnector);
    }

    private String getConfigId(EmbeddedJettyConfig.ConnectorConfig connectorConfig) {
        return "tcp:" + (connectorConfig.getListenAddress() == null ? "0.0.0.0" : connectorConfig.getListenAddress().getHostAddress()) + ":" + connectorConfig.getPort();
    }

    private SslContextFactory buildSslContextFactory(EmbeddedJettyConfig.ConnectorConfig connectorConfig) throws Exception {
        if (connectorConfig.isHttpOnly()) {
            return null;
        }
        if (System.getProperty("jdk.tls.ephemeralDHKeySize") == null) {
            System.setProperty("jdk.tls.ephemeralDHKeySize", "2048");
        }
        KeyManager[] loadKeyManagersFromFile = (connectorConfig.isHttpsUseSelfSignedCert() || (connectorConfig.getHttpsKeyStoreFile() == null && connectorConfig.getHttpsPrivKeyFile() == null)) ? connectorConfig.getHttpsCertificateChain() != null ? new KeyManager[]{new AutoSelfSignedKeyManager(connectorConfig.getHttpsId(), connectorConfig.getHttpsCertificateChain(), connectorConfig.getHttpsPrivKey())} : (connectorConfig.getHttpsPubKey() == null || connectorConfig.getHttpsPrivKey() == null) ? new KeyManager[]{new AutoSelfSignedKeyManager(connectorConfig.getHttpsId())} : new KeyManager[]{new AutoSelfSignedKeyManager(connectorConfig.getHttpsId(), connectorConfig.getHttpsPubKey(), connectorConfig.getHttpsPrivKey())} : loadKeyManagersFromFile(connectorConfig);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(loadKeyManagersFromFile, new TrustManager[]{new AllTrustingTrustManager()}, random);
        SslContextFactory sslContextFactory = new SslContextFactory();
        String httpsClientAuth = connectorConfig.getHttpsClientAuth();
        sslContextFactory.setWantClientAuth(true);
        if ("need".equalsIgnoreCase(httpsClientAuth) || "true".equalsIgnoreCase(httpsClientAuth)) {
            sslContextFactory.setNeedClientAuth(true);
        } else if (httpsClientAuth == null || "false".equalsIgnoreCase(httpsClientAuth) || "renegotiate".equalsIgnoreCase(httpsClientAuth)) {
            sslContextFactory.setWantClientAuth(false);
        }
        sslContextFactory.setSslContext(sSLContext);
        sslContextFactory.setIncludeCipherSuites(TlsProtocolAndCipherSuiteConfigurationUtil.ENABLED_CIPHER_SUITES);
        sslContextFactory.setUseCipherSuitesOrder(true);
        if ("renegotiate".equalsIgnoreCase(httpsClientAuth)) {
            sslContextFactory.setIncludeProtocols(TlsProtocolAndCipherSuiteConfigurationUtil.ENABLED_PROTOCOLS_WITH_RENEGOTIATION);
        } else {
            sslContextFactory.setIncludeProtocols(TlsProtocolAndCipherSuiteConfigurationUtil.ENABLED_PROTOCOLS);
        }
        sslContextFactory.setEndpointIdentificationAlgorithm((String) null);
        return sslContextFactory;
    }

    public void reloadKeyManager(String str) throws Exception {
        SslContextFactory sslContextFactory = this.configIdSslContextFactoryMap.get(str);
        EmbeddedJettyConfig.ConnectorConfig connectorConfig = this.configIdConnectorConfigMap.get(str);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(loadKeyManagersFromFile(connectorConfig), new TrustManager[]{new AllTrustingTrustManager()}, random);
        sslContextFactory.setSslContext(sSLContext);
        sslContextFactory.reload(sslContextFactory2 -> {
            logger.info("Reloading EmbeddedJetty keys");
        });
    }

    private KeyManager[] loadKeyManagersFromFile(EmbeddedJettyConfig.ConnectorConfig connectorConfig) throws Exception {
        String httpsKeyPassword = connectorConfig.getHttpsKeyPassword();
        char[] charArray = httpsKeyPassword == null ? new char[0] : httpsKeyPassword.toCharArray();
        if (connectorConfig.getHttpsKeyStoreFile() == null) {
            PrivateKey readPrivateKeyFromFile = readPrivateKeyFromFile(new File(connectorConfig.getHttpsPrivKeyFile()), httpsKeyPassword);
            if (connectorConfig.getHttpsCertificateChainFile() == null) {
                throw new CertificateException("Certificate file setting is required when using HttpsPrivateKeyFile");
            }
            File file = new File(connectorConfig.getHttpsCertificateChainFile());
            List<X509Certificate> readCertificateChain = readCertificateChain(file);
            if (readCertificateChain.isEmpty()) {
                throw new CertificateException("Certificate file does not contain any certificates: " + file);
            }
            return new KeyManager[]{new AutoSelfSignedKeyManager(connectorConfig.getHttpsId(), (X509Certificate[]) readCertificateChain.toArray(new X509Certificate[0]), readPrivateKeyFromFile)};
        }
        KeyStore keyStore = KeyStore.getInstance("JKS");
        String httpsKeyStorePassword = connectorConfig.getHttpsKeyStorePassword();
        char[] charArray2 = httpsKeyStorePassword == null ? null : httpsKeyStorePassword.toCharArray();
        File keystoreFile = getKeystoreFile(connectorConfig.getHttpsKeyStoreFile());
        if (keystoreFile == null) {
            throw new CertificateException("Certificate file specified does not exist");
        }
        FileInputStream fileInputStream = new FileInputStream(keystoreFile);
        try {
            keyStore.load(fileInputStream, charArray2);
            fileInputStream.close();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, charArray);
            return getKeyManagers(keyManagerFactory, connectorConfig.getHttpsAlias());
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private PrivateKey readPrivateKeyFromFile(File file, String str) throws Exception {
        PKCS8EncodedKeySpec keySpec;
        PemReader pemReader = new PemReader(Files.newBufferedReader(file.toPath()));
        try {
            PemObject readPemObject = pemReader.readPemObject();
            byte[] content = readPemObject.getContent();
            if (!readPemObject.getType().contains("ENCRYPTED")) {
                keySpec = new PKCS8EncodedKeySpec(content);
            } else {
                if (str == null) {
                    throw new Exception("Password required for encrypted key file " + file);
                }
                EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(content);
                SecretKey generateSecret = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(new PBEKeySpec(str.toCharArray()));
                Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
                cipher.init(2, generateSecret, encryptedPrivateKeyInfo.getAlgParameters());
                keySpec = encryptedPrivateKeyInfo.getKeySpec(cipher);
            }
            try {
                PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(keySpec);
                pemReader.close();
                return generatePrivate;
            } catch (InvalidKeySpecException e) {
                PrivateKey generatePrivate2 = KeyFactory.getInstance("DSA").generatePrivate(keySpec);
                pemReader.close();
                return generatePrivate2;
            }
        } catch (Throwable th) {
            try {
                pemReader.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private List<X509Certificate> readCertificateChain(File file) throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            List<X509Certificate> list = (List) certificateFactory.generateCertificates(fileInputStream).stream().map(certificate -> {
                return (X509Certificate) certificate;
            }).collect(Collectors.toList());
            fileInputStream.close();
            return list;
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public void addWebApp(File file, String str) throws Exception {
        WebAppContext webAppContext = new WebAppContext(file.getAbsolutePath(), str);
        setUpWebAppContext(webAppContext);
        for (String str2 : this.config.getContextAttributes().keySet()) {
            webAppContext.setAttribute(str2, this.config.getContextAttributes().get(str2));
        }
        webAppContext.setExtractWAR(true);
        webAppContext.setTempDirectory(new File(this.webAppsTempDir, str.substring(1)));
        this.contexts.prependHandler(webAppContext);
        webAppContext.start();
    }

    private DeploymentManager setUpDeploymentManager(File file) {
        if (file.exists() && !file.isDirectory()) {
            return null;
        }
        EmbeddedWebAppProvider embeddedWebAppProvider = new EmbeddedWebAppProvider();
        embeddedWebAppProvider.setDefaultsDescriptor("/webdefault.xml");
        embeddedWebAppProvider.setMonitoredDirName(file.getAbsolutePath());
        embeddedWebAppProvider.setParentLoaderPriority(false);
        embeddedWebAppProvider.setExtractWars(true);
        embeddedWebAppProvider.setTempDir(this.webAppsTempDir);
        embeddedWebAppProvider.setScanInterval(10);
        DeploymentManager deploymentManager = new DeploymentManager();
        deploymentManager.setContexts(this.contexts);
        for (String str : this.config.getContextAttributes().keySet()) {
            deploymentManager.setContextAttribute(str, this.config.getContextAttributes().get(str));
        }
        deploymentManager.addAppProvider(embeddedWebAppProvider);
        return deploymentManager;
    }

    private static KeyManager[] getKeyManagers(KeyManagerFactory keyManagerFactory, String str) throws Exception {
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        if (str == null || keyManagers == null) {
            return keyManagers;
        }
        for (int i = 0; i < keyManagers.length; i++) {
            if (keyManagers[i] instanceof X509KeyManager) {
                keyManagers[i] = new AliasedX509ExtendedKeyManager((X509ExtendedKeyManager) keyManagers[i], str);
            }
        }
        return keyManagers;
    }

    private File getKeystoreFile(String str) {
        if (str != null) {
            File file = new File(str);
            return file.isAbsolute() ? file : new File(this.baseDir, str);
        }
        for (String str2 : HTTPS_KEY_STORE_FILE_NAMES) {
            File file2 = new File(this.baseDir, str2);
            if (file2.exists()) {
                return file2;
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public File getWebAppStorageDirForContextPath(String str) {
        if (str == null) {
            return null;
        }
        File file = new File(this.webAppsBaseStorageDir, "/".equals(str) ? "root" : str.startsWith("/") ? str.substring(1) : str);
        file.mkdirs();
        return file;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setUpWebAppContext(WebAppContext webAppContext) {
        Iterator<String> it = this.config.getSystemClasses().iterator();
        while (it.hasNext()) {
            webAppContext.getSystemClasspathPattern().add(it.next());
        }
        Iterator<String> it2 = this.config.getServerClasses().iterator();
        while (it2.hasNext()) {
            webAppContext.getServerClasspathPattern().add(it2.next());
        }
        webAppContext.setExtraClasspath(this.config.getExtraClasspath());
        webAppContext.setInitParameter("org.eclipse.jetty.servlet.Default.dirAllowed", "false");
    }
}
