package com.atlassian.bamboo.amq;

import com.atlassian.bamboo.security.JmsSslManagementUtils;
import com.atlassian.bamboo.security.KeyStoreFactory;
import com.atlassian.bamboo.utils.SystemProperty;
import com.atlassian.bamboo.web.utils.ServletContextHolder;
import com.google.common.base.Preconditions;
import io.atlassian.util.concurrent.Lazy;
import java.net.InetAddress;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.function.Supplier;
import javax.annotation.PostConstruct;
import org.apache.activemq.broker.BrokerService;
import org.apache.activemq.broker.TransportConnector;
import org.apache.activemq.transport.TransportFactory;
import org.apache.activemq.usage.SystemUsage;
import org.apache.http.client.utils.URIBuilder;
import org.apache.log4j.Logger;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/atlassian/bamboo/amq/BambooBrokerService.class */
public class BambooBrokerService {
    private static final String CUSTOM_PROTOCOL = "http";
    private static final String SCHEME_TCP = "tcp";
    private static final String SCHEME_SSL = "ssl";
    private static final int PORT_OFFSET_SSL = 1;
    private static final int PORT_OFFSET_TUNNEL = 2;
    private final BrokerService brokerService;

    @Autowired
    private KeyStoreFactory keyStoreFactory;
    private final Supplier<KeyStore> keyStore = Lazy.supplier(new Supplier<KeyStore>() { // from class: com.atlassian.bamboo.amq.BambooBrokerService.1
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.function.Supplier
        public KeyStore get() {
            try {
                return JmsSslManagementUtils.getBrokerKeyStore(BambooBrokerService.this.keyStoreFactory, BambooBrokerService.KEYSTORE_AND_KEY_PASSWORD);
            } catch (Exception e) {
                throw new IllegalStateException("Unable to access key store", e);
            }
        }
    });
    private volatile URI endpointForJmsTunnel;
    private static final boolean IS_JMS_TUNNEL_ENABLED = SystemProperty.EC2_JMS_TUNNEL_ENABLED.getTypedValue();
    private static final Logger log = Logger.getLogger(BambooBrokerService.class);
    private static final char[] KEYSTORE_AND_KEY_PASSWORD = "bamboo".toCharArray();

    public BambooBrokerService(BrokerService brokerService) {
        this.brokerService = brokerService;
    }

    @PostConstruct
    public void start() throws Exception {
        registerCustomProtocols();
    }

    @PostConstruct
    private void setUpSslIfRequired() {
        if (JmsSslManagementUtils.isJmsKeystoreManagementDisabled() || this.brokerService.getSslContext() != null) {
            log.info("Automatic JMS SSL management disabled");
            return;
        }
        try {
            this.brokerService.setSslContext(JmsSslManagementUtils.newSslContext(this.keyStore.get(), KEYSTORE_AND_KEY_PASSWORD));
        } catch (Exception e) {
            log.info("Cannot enable SSL on broker:", e);
        }
    }

    private void registerCustomProtocols() throws Exception {
        log.info("Registering custom http transport in ActiveMQ.");
        TransportFactory.registerTransportFactory(CUSTOM_PROTOCOL, new TomcatHttpTransportFactory(ServletContextHolder.get()));
        startConnector(URI.create("http://localhost/bamboo/jmsServlet"));
    }

    @Nullable
    public Certificate getCertificate() throws KeyStoreException {
        if (JmsSslManagementUtils.isJmsKeystoreManagementDisabled()) {
            return null;
        }
        return JmsSslManagementUtils.getBrokerCertificate(this.keyStore.get());
    }

    public void addStartedConnectors(URI uri) throws Exception {
        log.info("Starting the primary JMS connector...");
        startConnector(uri);
        if (IS_JMS_TUNNEL_ENABLED) {
            URI bindAddressForTunnelEndpoint = getBindAddressForTunnelEndpoint(uri);
            if (!bindAddressForTunnelEndpoint.equals(uri)) {
                log.info("Starting the Elastic Agents JMS connector...");
                startConnector(bindAddressForTunnelEndpoint);
            }
            this.endpointForJmsTunnel = bindAddressForTunnelEndpoint;
        }
        URI bindAddressForEncryptedEndpoint = getBindAddressForEncryptedEndpoint(uri);
        if (bindAddressForEncryptedEndpoint.equals(uri)) {
            return;
        }
        log.info("Starting the SSL JMS connector...");
        startConnector(bindAddressForEncryptedEndpoint);
    }

    private void startConnector(URI uri) {
        try {
            TransportConnector addConnector = this.brokerService.addConnector(uri);
            addConnector.setBrokerService(this.brokerService);
            addConnector.start();
        } catch (Exception e) {
            log.error("Unable to start JMS connector at " + uri, e);
        }
    }

    @NotNull
    static URI getBindAddressForTunnelEndpoint(@NotNull URI uri) throws URISyntaxException {
        if (uri.getScheme().equals(SCHEME_TCP)) {
            return uri;
        }
        URIBuilder uRIBuilder = new URIBuilder(uri);
        uRIBuilder.setScheme(SCHEME_TCP);
        uRIBuilder.setHost(InetAddress.getLoopbackAddress().getHostAddress());
        uRIBuilder.setPort(uRIBuilder.getPort() + PORT_OFFSET_TUNNEL);
        return uRIBuilder.build();
    }

    @NotNull
    static URI getBindAddressForEncryptedEndpoint(URI uri) throws URISyntaxException {
        if (uri.getScheme().equals(SCHEME_SSL)) {
            return uri;
        }
        URIBuilder uRIBuilder = new URIBuilder(uri);
        uRIBuilder.setScheme(SCHEME_SSL);
        uRIBuilder.setPort(uRIBuilder.getPort() + 1);
        return uRIBuilder.build();
    }

    public void removeAllConnectors() throws Exception {
        Iterator it = this.brokerService.getTransportConnectors().iterator();
        while (it.hasNext()) {
            try {
                ((TransportConnector) it.next()).stop();
            } catch (Exception e) {
                log.warn("Error when stopping connector: ", e);
            }
        }
        this.brokerService.setTransportConnectors(Collections.emptyList());
        this.endpointForJmsTunnel = null;
    }

    @NotNull
    public URI getEndpointForJmsTunnel() {
        Preconditions.checkState(this.endpointForJmsTunnel != null, "JMS endpoints have been shut down");
        Preconditions.checkState(IS_JMS_TUNNEL_ENABLED, "JMS tunnelling disabled");
        return this.endpointForJmsTunnel;
    }

    public SystemUsage getSystemUsage() {
        return this.brokerService.getSystemUsage();
    }

    public List<TransportConnector> getTransportConnectors() {
        return this.brokerService.getTransportConnectors();
    }

    @Deprecated
    public BrokerService getBrokerService() {
        return this.brokerService;
    }
}
