package com.atlassian.jira.configurator.console;

import com.atlassian.jira.config.properties.JiraSystemProperties;
import com.atlassian.jira.configurator.config.ComplexConfigurationReason;
import com.atlassian.jira.configurator.config.FileExistanceWithCancelOptionValidator;
import com.atlassian.jira.configurator.config.FileSystem;
import com.atlassian.jira.configurator.config.Settings;
import com.atlassian.jira.configurator.config.SslSettings;
import com.atlassian.jira.configurator.config.ValidationException;
import com.atlassian.jira.configurator.config.Validator;
import com.atlassian.jira.configurator.config.WebServerProfile;
import com.atlassian.jira.configurator.ssl.CertificateDetails;
import com.atlassian.jira.configurator.ssl.CertificatePrettyPrinter;
import com.atlassian.jira.configurator.ssl.KeyStoreAccessor;
import com.google.common.base.Joiner;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import java.io.File;
import java.io.IOException;
import java.security.UnrecoverableEntryException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.SortedMap;
import java.util.TreeMap;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/atlassian/jira/configurator/console/WebServerConfigurationConsole.class */
public class WebServerConfigurationConsole {
    private static final String SSL_DETAILS_URL = "https://confluence.atlassian.com/display/JIRA/Running+JIRA+over+SSL+or+HTTPS";
    static final String MENU_CHOICE_MAIN_MENU = "Web Server";
    static final char MENU_ITEM_CHANGE_PROFILE = 'P';
    static final String MENU_CHOICE_SELECT_PROFILE = "Profile (leave blank to exit)";
    static final char MENU_ITEM_CONF_HTTP = 'H';
    static final String INPUT_HTTP_PORT = "HTTP Port";
    static final char MENU_ITEM_CONF_SSL = 'S';
    static final String MENU_CHOICE_SELECT_KEY_STORE = "Keystore";
    static final char MENU_ITEM_SYSTEM_KEY_STORE = 'S';
    static final char MENU_ITEM_USER_DEFINED_KEY_STORE = 'U';
    static final char MENU_ITEM_CURRENT_KEY_STORE = 'C';
    static final String INPUT_KEY_STORE_FILE_NAME = "Keystore Path (leave blank to exit)";
    static final String INPUT_KEY_STORE_PASSWORD = "Keystore Password";
    static final String INPUT_KEY_ALIAS = "Key Alias";
    static final String INPUT_HTTPS_PORT = "HTTPs Port";
    static final String YES_NO_USE_CERTIFICATE = "Do you want to use this certificate?";
    static final String YES_NO_CERT_NOT_FOUND_TRY_AGAIN = "The referenced certificate could not be found or accessed. Do you want to try again?";
    static final char MENU_ITEM_EXIT = 'X';
    private final ConsoleProvider console;
    private final ConsoleToolkit consoleToolkit;
    private final KeyStoreAccessor keyStoreAccessor;
    private final FileSystem fileSystem;
    private final Settings settings;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/atlassian/jira/configurator/console/WebServerConfigurationConsole$Result.class */
    public static class Result<T> {
        private final boolean hasResult;
        private final T value;

        public Result(@Nullable T t) {
            this.hasResult = true;
            this.value = t;
        }

        private Result() {
            this.hasResult = false;
            this.value = null;
        }

        public boolean hasResult() {
            return this.hasResult;
        }

        @Nullable
        public T getValue() {
            return this.value;
        }

        public static <T> Result<T> noResult() {
            return new Result<>();
        }
    }

    public WebServerConfigurationConsole(@Nonnull ConsoleProvider consoleProvider, @Nonnull KeyStoreAccessor keyStoreAccessor, @Nonnull FileSystem fileSystem, @Nonnull Settings settings) {
        this.console = consoleProvider;
        this.consoleToolkit = new ConsoleToolkit(consoleProvider);
        this.keyStoreAccessor = keyStoreAccessor;
        this.fileSystem = fileSystem;
        this.settings = settings;
    }

    public void showSettings() throws IOException {
        do {
            SslSettings sslSettings = this.settings.getSslSettings();
            WebServerProfile webServerProfile = this.settings.getWebServerProfile();
            List<ComplexConfigurationReason> complexConfigurationReasons = this.settings.getComplexConfigurationReasons();
            this.console.println();
            this.console.println("--- Web Server Configuration ---");
            if (!complexConfigurationReasons.isEmpty()) {
                this.console.println();
                this.console.println("Warning: It has been detected, that the current configuration is too complex or partly not supported to offer all options. The following items have been identified:");
                Iterator<ComplexConfigurationReason> it = complexConfigurationReasons.iterator();
                while (it.hasNext()) {
                    this.console.println("* " + it.next().getDescription());
                }
                this.console.println();
            }
            this.console.println("  Control Port  : " + StringUtils.defaultString(this.settings.getControlPort(), "N/A"));
            this.console.println("  Profile       : " + webServerProfile.getLabel());
            if (webServerProfile.isHttpEnabled()) {
                this.console.println("  HTTP Port     : " + this.settings.getHttpPort());
            }
            if (webServerProfile.isHttpsEnabled() && sslSettings != null) {
                this.console.println("  HTTPs Port    : " + sslSettings.getHttpsPort());
                this.console.println("  Keystore Path : " + Strings.nullToEmpty(sslSettings.getKeystoreFile()));
                this.console.println("  Key Alias     : " + Strings.nullToEmpty(sslSettings.getKeyAlias()));
            }
            this.console.println();
            this.consoleToolkit.showMenuItem('P', "Change the Profile (enable/disable HTTP/HTTPs)");
            if (webServerProfile.isHttpEnabled()) {
                this.consoleToolkit.showMenuItem('H', "Configure HTTP Port");
            }
            if (webServerProfile.isHttpsEnabled()) {
                this.consoleToolkit.showMenuItem('S', "Configure SSL Encryption (requires an installed X509 certificate)");
            }
            this.consoleToolkit.showMenuItem('X', "Return to Main Menu");
            this.console.println();
        } while (processWebServerSettings());
    }

    private boolean processWebServerSettings() throws IOException {
        WebServerProfile webServerProfile = this.settings.getWebServerProfile();
        while (true) {
            char readMenuChoice = this.consoleToolkit.readMenuChoice(MENU_CHOICE_MAIN_MENU);
            switch (readMenuChoice) {
                case '\n':
                case '\r':
                case '?':
                    return true;
                case MENU_ITEM_CONF_HTTP /* 72 */:
                    if (webServerProfile.isHttpEnabled()) {
                        showUpdateHttpConfiguration();
                        return true;
                    }
                    printUnknownCommand(readMenuChoice);
                    return true;
                case MENU_ITEM_CHANGE_PROFILE /* 80 */:
                    showChangeProfile();
                    return true;
                case 'S':
                    if (webServerProfile.isHttpsEnabled()) {
                        updateHttpsConfiguration();
                        return true;
                    }
                    printUnknownCommand(readMenuChoice);
                    return true;
                case MENU_ITEM_EXIT /* 88 */:
                    return false;
                default:
                    printUnknownCommand(readMenuChoice);
                    return true;
            }
        }
    }

    private void showChangeProfile() throws IOException {
        WebServerProfile webServerProfile = this.settings.getWebServerProfile();
        this.console.println();
        this.console.println("To change the web server profile, please select one of the following options. The current profile is: " + webServerProfile.getLabel() + ".");
        WebServerProfile askForWebServerProfile = askForWebServerProfile();
        if (askForWebServerProfile == null) {
            return;
        }
        String str = null;
        if (askForWebServerProfile.isHttpEnabled()) {
            if (webServerProfile.isHttpEnabled()) {
                this.console.println("Using currently configured HTTP port: " + this.settings.getHttpPort());
                str = this.settings.getHttpPort();
            } else {
                str = showEnterHttpConfiguration();
            }
        }
        SslSettings sslSettings = null;
        if (askForWebServerProfile.isHttpsEnabled()) {
            if (webServerProfile.isHttpsEnabled()) {
                this.console.println("Using currently configured SSL settings");
                sslSettings = this.settings.getSslSettings();
            } else {
                Result<SslSettings> showUpdateHttpsConfiguration = showUpdateHttpsConfiguration();
                if (!showUpdateHttpsConfiguration.hasResult()) {
                    this.console.println("The HTTPs configuration is not complete, aborting the profile change.");
                    return;
                }
                sslSettings = showUpdateHttpsConfiguration.getValue();
            }
        }
        this.settings.updateWebServerConfiguration(str, sslSettings);
        this.console.println();
        this.console.println("Updated the profile to '" + askForWebServerProfile.getLabel() + "'. Remember to save the changes on exit.");
    }

    private WebServerProfile askForWebServerProfile() throws IOException {
        SortedMap<Character, WebServerProfile> createProfileSelectionMap = createProfileSelectionMap(WebServerProfile.getUsableProfiles(this.settings));
        while (true) {
            this.console.println();
            for (Map.Entry<Character, WebServerProfile> entry : createProfileSelectionMap.entrySet()) {
                this.consoleToolkit.showMenuItem(entry.getKey().charValue(), entry.getValue().getLabel());
            }
            char readMenuChoice = this.consoleToolkit.readMenuChoice(MENU_CHOICE_SELECT_PROFILE);
            if (readMenuChoice == '\r' || readMenuChoice == '\n') {
                return null;
            }
            if (createProfileSelectionMap.containsKey(Character.valueOf(readMenuChoice))) {
                return createProfileSelectionMap.get(Character.valueOf(readMenuChoice));
            }
            printUnknownCommand(readMenuChoice);
        }
    }

    private SortedMap<Character, WebServerProfile> createProfileSelectionMap(List<WebServerProfile> list) {
        TreeMap treeMap = new TreeMap();
        for (int i = 0; i < list.size(); i++) {
            treeMap.put(Character.valueOf(Integer.toString(i + 1).charAt(0)), list.get(i));
        }
        return treeMap;
    }

    private void showUpdateHttpConfiguration() throws IOException {
        this.console.println();
        this.console.println("You can update the HTTP port to a new value. The current port is: " + this.settings.getHttpPort());
        String processUpdateHttpConfiguration = processUpdateHttpConfiguration();
        if (processUpdateHttpConfiguration != null) {
            this.settings.setHttpPort(processUpdateHttpConfiguration);
            this.console.println();
            this.console.println("Updated the HTTP port to " + processUpdateHttpConfiguration + ". Remember to save the changes on exit.");
        }
    }

    private String showEnterHttpConfiguration() throws IOException {
        this.console.println();
        this.console.println("There is currently no HTTP port set. Please enter the port you want to use.");
        return processUpdateHttpConfiguration();
    }

    private String processUpdateHttpConfiguration() throws IOException {
        int intValue;
        int parseInt = Integer.parseInt(this.settings.getControlPort());
        SslSettings sslSettings = this.settings.getSslSettings();
        Integer valueOf = sslSettings != null ? Integer.valueOf(Integer.parseInt(sslSettings.getHttpsPort())) : null;
        while (true) {
            intValue = ((Integer) this.consoleToolkit.askFor(INPUT_HTTP_PORT, Validator.PORT)).intValue();
            if (intValue == parseInt) {
                this.console.printErrorMessage("The entered port is already used by the control port. Please pick a different port.");
            } else {
                if (valueOf == null || intValue != valueOf.intValue()) {
                    break;
                }
                this.console.printErrorMessage("The entered port is already used by the HTTPs port. Please pick a different port.");
            }
        }
        return Integer.toString(intValue);
    }

    private void updateHttpsConfiguration() throws IOException {
        Result<SslSettings> showUpdateHttpsConfiguration = showUpdateHttpsConfiguration();
        if (showUpdateHttpsConfiguration.hasResult()) {
            this.settings.setSslSettings(showUpdateHttpsConfiguration.getValue());
            this.console.println();
            this.console.println("Updated the SSL encryption settings. Remember to save the changes on exit.");
        }
    }

    private Result<SslSettings> showUpdateHttpsConfiguration() throws IOException {
        this.console.println();
        this.console.println("The next steps gather all required information to set up the HTTPs port (HTTP over SSL encryption). First of all, you need provide a so called key store containing the private key and the signed certificate. This can be either self-signed or obtained from a certified authority (CA). For more information, please see the link below. In order to verify the entered information, this tool will access the key store and print the certificate found.");
        this.console.println();
        this.console.println(SSL_DETAILS_URL);
        CertificateDetails askForKeyStoreDetailsOrCancel = askForKeyStoreDetailsOrCancel();
        return askForKeyStoreDetailsOrCancel == null ? Result.noResult() : new Result<>(new SslSettings(Integer.toString(((Integer) this.consoleToolkit.askFor(INPUT_HTTPS_PORT, Validator.PORT)).intValue()), askForKeyStoreDetailsOrCancel.getKeyStoreLocation(), askForKeyStoreDetailsOrCancel.getKeyStorePassword(), "JKS", askForKeyStoreDetailsOrCancel.getKeyAlias()));
    }

    private CertificateDetails askForKeyStoreDetailsOrCancel() throws IOException {
        while (true) {
            String askForKeyStoreLocationOrCancel = askForKeyStoreLocationOrCancel();
            if (askForKeyStoreLocationOrCancel == null) {
                return null;
            }
            CertificateDetails certificateDetails = new CertificateDetails(askForKeyStoreLocationOrCancel, (String) this.consoleToolkit.askForPassword(INPUT_KEY_STORE_PASSWORD, Validator.NON_EMTPY_STRING), (String) this.consoleToolkit.askFor(INPUT_KEY_ALIAS, Validator.NON_EMTPY_STRING));
            X509Certificate loadCertificate = loadCertificate(certificateDetails);
            if (loadCertificate != null) {
                this.console.println();
                this.console.println("The following certificate was found:");
                this.console.println();
                this.console.println(CertificatePrettyPrinter.prettyPrint(loadCertificate));
                if (this.console.readYesNo(YES_NO_USE_CERTIFICATE, Boolean.TRUE.booleanValue())) {
                    return certificateDetails;
                }
            } else if (!this.console.readYesNo(YES_NO_CERT_NOT_FOUND_TRY_AGAIN, Boolean.TRUE.booleanValue())) {
                return null;
            }
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:11:0x008a. Please report as an issue. */
    private String askForKeyStoreLocationOrCancel() throws IOException {
        String canonicalPath = getCaCertsPath().getCanonicalPath();
        SslSettings sslSettings = this.settings.getSslSettings();
        boolean z = (sslSettings == null || Strings.nullToEmpty(sslSettings.getKeystoreFile()).isEmpty()) ? false : true;
        while (true) {
            this.console.println();
            this.console.println("Please select the keystore from the options below. It must contain the certificate and the private key to be used.");
            this.consoleToolkit.showMenuItem('S', String.format("The system-wide Java keystore (%s)", canonicalPath));
            this.consoleToolkit.showMenuItem('U', "User-defined location");
            if (z) {
                this.consoleToolkit.showMenuItem('C', String.format("The currently configured (%s)", sslSettings.getKeystoreFile()));
            }
            char readMenuChoice = this.consoleToolkit.readMenuChoice(MENU_CHOICE_SELECT_KEY_STORE);
            switch (readMenuChoice) {
                case '\n':
                case '\r':
                case MENU_ITEM_CURRENT_KEY_STORE /* 67 */:
                    if (z) {
                        return sslSettings.getKeystoreFile();
                    }
                    printUnknownCommand(readMenuChoice);
                case 'S':
                    return canonicalPath;
                case MENU_ITEM_USER_DEFINED_KEY_STORE /* 85 */:
                    return askForUserDefinedKeyStorePathOrCancel();
                default:
                    printUnknownCommand(readMenuChoice);
            }
        }
    }

    private void printUnknownCommand(char c) {
        this.console.println("Unknown command '" + c + "'");
    }

    private File getCaCertsPath() {
        return new File(Joiner.on(File.separatorChar).join(Lists.newArrayList(new String[]{JiraSystemProperties.getInstance().getProperty("java.home"), "lib", "security", "cacerts"})));
    }

    @Nullable
    public X509Certificate loadCertificate(@Nonnull CertificateDetails certificateDetails) {
        try {
            return this.keyStoreAccessor.loadCertificate(certificateDetails);
        } catch (UnrecoverableEntryException e) {
            this.console.printErrorMessage("The entered password is valid for the key store, but not for the private key. You need to synchronize both passwords in order to proceed.");
            return null;
        } catch (Exception e2) {
            this.console.printErrorMessage(e2);
            return null;
        }
    }

    private String askForUserDefinedKeyStorePathOrCancel() throws IOException {
        FileExistanceWithCancelOptionValidator fileExistanceWithCancelOptionValidator = new FileExistanceWithCancelOptionValidator(this.fileSystem);
        while (true) {
            try {
                return fileExistanceWithCancelOptionValidator.apply("Keystore Path", this.console.readLine(INPUT_KEY_STORE_FILE_NAME));
            } catch (ValidationException e) {
                this.console.printErrorMessage(e);
            }
        }
    }
}
