package org.apache.cxf.transport.http_undertow;

import io.undertow.Handlers;
import io.undertow.Undertow;
import io.undertow.UndertowOptions;
import io.undertow.server.HttpHandler;
import io.undertow.server.handlers.HttpContinueReadHandler;
import io.undertow.server.handlers.PathHandler;
import io.undertow.servlet.api.DeploymentInfo;
import io.undertow.servlet.api.DeploymentManager;
import io.undertow.servlet.api.ServletInfo;
import io.undertow.servlet.core.ServletContainerImpl;
import io.undertow.util.CopyOnWriteMap;
import java.io.IOException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.LinkedList;
import java.util.List;
import java.util.concurrent.ConcurrentMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.X509KeyManager;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import org.apache.cxf.Bus;
import org.apache.cxf.common.i18n.Message;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.PropertyUtils;
import org.apache.cxf.common.util.SystemPropertyAction;
import org.apache.cxf.configuration.jsse.TLSServerParameters;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.transport.HttpUriMapper;
import org.apache.cxf.transport.https.AliasedX509ExtendedKeyManager;
import org.xnio.Options;
import org.xnio.Sequence;
import org.xnio.SslClientAuthMode;

/* loaded from: input_file:org/apache/cxf/transport/http_undertow/UndertowHTTPServerEngine.class */
public class UndertowHTTPServerEngine implements ServerEngine {
    public static final String DO_NOT_CHECK_URL_PROP = "org.apache.cxf.transports.http_undertow.DontCheckUrl";
    public static final String ENABLE_HTTP2_PROP = "org.apache.cxf.transports.http_undertow.EnableHttp2";
    private static final Logger LOG = LogUtils.getL7dLogger(UndertowHTTPServerEngine.class);
    private int port;
    private String host;
    private int servantCount;
    private Undertow server;
    private TLSServerParameters tlsServerParameters;
    private SSLContext sslContext;
    private boolean configFinalized;
    private ServletContext servletContext;
    private PathHandler path;
    private ThreadingParameters threadingParameters;
    private List<CXFUndertowHttpHandler> handlers;
    private String protocol = "http";
    private ConcurrentMap<String, UndertowHTTPHandler> registedPaths = new CopyOnWriteMap();
    private boolean continuationsEnabled = true;
    private int maxIdleTime = 200000;

    public UndertowHTTPServerEngine(String str, int i) {
        this.host = str;
        this.port = i;
    }

    public UndertowHTTPServerEngine() {
    }

    @Override // org.apache.cxf.transport.http_undertow.ServerEngine
    public void addServant(URL url, UndertowHTTPHandler undertowHTTPHandler) {
        if (shouldCheckUrl(undertowHTTPHandler.getBus())) {
            checkRegistedContext(url);
        }
        if (this.server == null) {
            try {
                this.servletContext = buildServletContext(HttpUriMapper.getContextName(url.getPath()));
                undertowHTTPHandler.setServletContext(this.servletContext);
                this.server = createServer(url, undertowHTTPHandler);
                this.server.start();
            } catch (Exception e) {
                LOG.log(Level.SEVERE, "START_UP_SERVER_FAILED_MSG", new Object[]{e.getMessage(), Integer.valueOf(this.port)});
                try {
                    this.server.stop();
                } catch (Exception e2) {
                }
                this.server = null;
                throw new Fault(new Message("START_UP_SERVER_FAILED_MSG", LOG, new Object[]{e.getMessage(), Integer.valueOf(this.port)}), e);
            }
        } else {
            try {
                this.servletContext = buildServletContext(HttpUriMapper.getContextName(url.getPath()));
                undertowHTTPHandler.setServletContext(this.servletContext);
                if (undertowHTTPHandler.isContextMatchExact()) {
                    this.path.addExactPath(url.getPath(), undertowHTTPHandler);
                } else {
                    this.path.addPrefixPath(url.getPath(), undertowHTTPHandler);
                }
            } catch (ServletException e3) {
                throw new Fault(new Message("START_UP_SERVER_FAILED_MSG", LOG, new Object[]{e3.getMessage(), Integer.valueOf(this.port)}), e3);
            }
        }
        undertowHTTPHandler.setName(HttpUriMapper.getResourceBase(url.getPath()));
        this.registedPaths.put(url.getPath(), undertowHTTPHandler);
        this.servantCount++;
    }

    private ServletContext buildServletContext(String str) throws ServletException {
        ServletContainerImpl servletContainerImpl = new ServletContainerImpl();
        DeploymentInfo deploymentInfo = new DeploymentInfo();
        deploymentInfo.setClassLoader(Thread.currentThread().getContextClassLoader());
        deploymentInfo.setDeploymentName("cxf-undertow");
        deploymentInfo.setContextPath(str);
        deploymentInfo.addServlet(new ServletInfo("default", CxfUndertowServlet.class));
        servletContainerImpl.addDeployment(deploymentInfo);
        DeploymentManager deployment = servletContainerImpl.getDeployment(deploymentInfo.getDeploymentName());
        deployment.deploy();
        deployment.start();
        return deployment.getDeployment().getServletContext();
    }

    private Undertow createServer(URL url, UndertowHTTPHandler undertowHTTPHandler) throws Exception {
        Undertow.Builder addHttpListener;
        Undertow.Builder handler;
        Undertow.Builder builder = Undertow.builder();
        builder.setServerOption(UndertowOptions.IDLE_TIMEOUT, Integer.valueOf(getMaxIdleTime()));
        if (shouldEnableHttp2(undertowHTTPHandler.getBus())) {
            builder.setServerOption(UndertowOptions.ENABLE_HTTP2, Boolean.TRUE);
        }
        if (this.tlsServerParameters != null) {
            if (this.sslContext == null) {
                this.sslContext = createSSLContext();
            }
            addHttpListener = builder.addHttpsListener(getPort(), getHost(), this.sslContext);
        } else {
            addHttpListener = builder.addHttpListener(getPort(), getHost());
        }
        this.path = Handlers.path(new NotFoundHandler());
        if (url.getPath().length() == 0) {
            handler = addHttpListener.setHandler(Handlers.trace(undertowHTTPHandler));
        } else {
            if (undertowHTTPHandler.isContextMatchExact()) {
                this.path.addExactPath(url.getPath(), undertowHTTPHandler);
            } else {
                this.path.addPrefixPath(url.getPath(), undertowHTTPHandler);
            }
            handler = addHttpListener.setHandler(wrapHandler(new HttpContinueReadHandler(this.path)));
        }
        return configureThreads(disableSSLv3(decorateUndertowSocketConnection(handler))).build();
    }

    private Undertow.Builder configureThreads(Undertow.Builder builder) {
        if (this.threadingParameters != null) {
            if (this.threadingParameters.isWorkerIOThreadsSet()) {
                builder = builder.setWorkerOption(Options.WORKER_IO_THREADS, Integer.valueOf(this.threadingParameters.getWorkerIOThreads()));
            }
            if (this.threadingParameters.isMinThreadsSet()) {
                builder = builder.setWorkerOption(Options.WORKER_TASK_CORE_THREADS, Integer.valueOf(this.threadingParameters.getMinThreads()));
            }
            if (this.threadingParameters.isMaxThreadsSet()) {
                builder = builder.setWorkerOption(Options.WORKER_TASK_MAX_THREADS, Integer.valueOf(this.threadingParameters.getMaxThreads()));
            }
            if (this.threadingParameters.isWorkerIONameSet()) {
                builder = builder.setWorkerOption(Options.WORKER_NAME, this.threadingParameters.getWorkerIOName());
            }
        }
        return builder;
    }

    private HttpHandler wrapHandler(HttpHandler httpHandler) {
        HttpHandler httpHandler2 = httpHandler;
        for (CXFUndertowHttpHandler cXFUndertowHttpHandler : getHandlers()) {
            cXFUndertowHttpHandler.setNext(httpHandler2);
            httpHandler2 = cXFUndertowHttpHandler;
        }
        return httpHandler2;
    }

    private Undertow.Builder disableSSLv3(Undertow.Builder builder) {
        if (this.tlsServerParameters == null || (!"SSLv3".equals(this.tlsServerParameters.getSecureSocketProtocol()) && this.tlsServerParameters.getIncludeProtocols().isEmpty())) {
            return builder.setSocketOption(Options.SSL_ENABLED_PROTOCOLS, Sequence.of(new String[]{"TLSv1", "TLSv1.1", "TLSv1.2"}));
        }
        LinkedList linkedList = new LinkedList(Arrays.asList("TLSv1", "TLSv1.1", "TLSv1.2", "SSLv3"));
        for (String str : this.tlsServerParameters.getExcludeProtocols()) {
            if (linkedList.contains(str)) {
                linkedList.remove(str);
            }
        }
        return builder.setSocketOption(Options.SSL_ENABLED_PROTOCOLS, Sequence.of(linkedList));
    }

    public Undertow.Builder decorateUndertowSocketConnection(Undertow.Builder builder) {
        if (this.tlsServerParameters != null && this.tlsServerParameters.getClientAuthentication() != null && this.tlsServerParameters.getClientAuthentication().isRequired().booleanValue()) {
            builder = builder.setSocketOption(Options.SSL_CLIENT_AUTH_MODE, SslClientAuthMode.REQUIRED);
        }
        if (this.tlsServerParameters != null && this.tlsServerParameters.getClientAuthentication() != null && this.tlsServerParameters.getClientAuthentication().isWant().booleanValue() && !this.tlsServerParameters.getClientAuthentication().isRequired().booleanValue()) {
            builder = builder.setSocketOption(Options.SSL_CLIENT_AUTH_MODE, SslClientAuthMode.REQUESTED);
        }
        return builder;
    }

    private boolean shouldCheckUrl(Bus bus) {
        Object obj = null;
        if (bus != null) {
            obj = bus.getProperty(DO_NOT_CHECK_URL_PROP);
        }
        if (obj == null) {
            obj = SystemPropertyAction.getPropertyOrNull(DO_NOT_CHECK_URL_PROP);
        }
        return !PropertyUtils.isTrue(obj);
    }

    private boolean shouldEnableHttp2(Bus bus) {
        Object obj = null;
        if (bus != null) {
            obj = bus.getProperty(ENABLE_HTTP2_PROP);
        }
        if (obj == null) {
            obj = SystemPropertyAction.getPropertyOrNull(ENABLE_HTTP2_PROP);
        }
        return PropertyUtils.isTrue(obj);
    }

    protected void checkRegistedContext(URL url) {
        String path = url.getPath();
        for (String str : this.registedPaths.keySet()) {
            if (path.equals(str)) {
                throw new Fault(new Message("ADD_HANDLER_CONTEXT_IS_USED_MSG", LOG, new Object[]{url, str}));
            }
            if (path.equals(HttpUriMapper.getContextName(str))) {
                throw new Fault(new Message("ADD_HANDLER_CONTEXT_IS_USED_MSG", LOG, new Object[]{url, str}));
            }
            if (str.equals(HttpUriMapper.getContextName(path))) {
                throw new Fault(new Message("ADD_HANDLER_CONTEXT_CONFILICT_MSG", LOG, new Object[]{url, str}));
            }
        }
    }

    @Override // org.apache.cxf.transport.http_undertow.ServerEngine
    public void removeServant(URL url) {
        UndertowHTTPHandler remove = this.registedPaths.remove(url.getPath());
        if (remove == null) {
            return;
        }
        this.servantCount--;
        if (url.getPath().isEmpty()) {
            return;
        }
        if (remove.isContextMatchExact()) {
            this.path.removeExactPath(url.getPath());
        } else {
            this.path.removePrefixPath(url.getPath());
        }
    }

    @Override // org.apache.cxf.transport.http_undertow.ServerEngine
    public UndertowHTTPHandler getServant(URL url) {
        return this.registedPaths.get(url.getPath());
    }

    public String getProtocol() {
        return this.protocol;
    }

    public int getPort() {
        return this.port;
    }

    public String getHost() {
        return this.host;
    }

    public void setPort(int i) {
        this.port = i;
    }

    public void setHost(String str) {
        this.host = str;
    }

    public void finalizeConfig() throws GeneralSecurityException, IOException {
        retrieveListenerFactory();
        this.configFinalized = true;
    }

    public void setTlsServerParameters(TLSServerParameters tLSServerParameters) {
        this.tlsServerParameters = tLSServerParameters;
        if (this.configFinalized) {
            retrieveListenerFactory();
        }
    }

    private void retrieveListenerFactory() {
        if (this.tlsServerParameters != null) {
            this.protocol = "https";
        } else {
            this.protocol = "http";
        }
        LOG.fine("Configured port " + this.port + " for \"" + this.protocol + "\".");
    }

    public TLSServerParameters getTlsServerParameters() {
        return this.tlsServerParameters;
    }

    public void stop() {
        if (this.server != null) {
            this.server.stop();
        }
    }

    public void shutdown() {
        this.registedPaths.clear();
        if (shouldDestroyPort()) {
            if (this.servantCount == 0) {
                UndertowHTTPServerEngineFactory.destroyForPort(this.port);
            } else {
                LOG.log(Level.WARNING, "FAILED_TO_SHUTDOWN_ENGINE_MSG", Integer.valueOf(this.port));
            }
        }
    }

    private boolean shouldDestroyPort() {
        String propertyOrNull = SystemPropertyAction.getPropertyOrNull("org.apache.cxf.transports.http_undertow.DontClosePort." + this.port);
        if (propertyOrNull == null) {
            propertyOrNull = SystemPropertyAction.getPropertyOrNull("org.apache.cxf.transports.http_undertow.DontClosePort");
        }
        return !Boolean.valueOf(propertyOrNull).booleanValue();
    }

    protected SSLContext createSSLContext() throws Exception {
        String secureSocketProtocol = this.tlsServerParameters.getSecureSocketProtocol() == null ? "TLS" : this.tlsServerParameters.getSecureSocketProtocol();
        SSLContext sSLContext = this.tlsServerParameters.getJsseProvider() == null ? SSLContext.getInstance(secureSocketProtocol) : SSLContext.getInstance(secureSocketProtocol, this.tlsServerParameters.getJsseProvider());
        KeyManager[] keyManagers = this.tlsServerParameters.getKeyManagers();
        if (this.tlsServerParameters.getCertAlias() != null) {
            keyManagers = getKeyManagersWithCertAlias(keyManagers);
        }
        sSLContext.init(keyManagers, this.tlsServerParameters.getTrustManagers(), this.tlsServerParameters.getSecureRandom());
        return sSLContext;
    }

    protected KeyManager[] getKeyManagersWithCertAlias(KeyManager[] keyManagerArr) throws Exception {
        if (this.tlsServerParameters.getCertAlias() != null) {
            for (int i = 0; i < keyManagerArr.length; i++) {
                if (keyManagerArr[i] instanceof X509KeyManager) {
                    keyManagerArr[i] = new AliasedX509ExtendedKeyManager(this.tlsServerParameters.getCertAlias(), (X509KeyManager) keyManagerArr[i]);
                }
            }
        }
        return keyManagerArr;
    }

    public void setThreadingParameters(ThreadingParameters threadingParameters) {
        this.threadingParameters = threadingParameters;
    }

    public boolean isSetThreadingParameters() {
        return this.threadingParameters != null;
    }

    public ThreadingParameters getThreadingParameters() {
        return this.threadingParameters;
    }

    public void setContinuationsEnabled(boolean z) {
        this.continuationsEnabled = z;
    }

    public boolean getContinuationsEnabled() {
        return this.continuationsEnabled;
    }

    public int getMaxIdleTime() {
        return this.maxIdleTime;
    }

    public void setMaxIdleTime(int i) {
        this.maxIdleTime = i;
    }

    public void setHandlers(List<CXFUndertowHttpHandler> list) {
        this.handlers = list;
    }

    public List<CXFUndertowHttpHandler> getHandlers() {
        return this.handlers != null ? this.handlers : new ArrayList();
    }
}
