package org.xbib.netty.http.server;

import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.CipherSuiteFilter;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Objects;
import java.util.ServiceLoader;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.NoSuchPaddingException;
import javax.net.ssl.TrustManagerFactory;
import org.xbib.netty.http.common.HttpAddress;
import org.xbib.netty.http.common.security.SecurityUtil;
import org.xbib.netty.http.server.api.Filter;
import org.xbib.netty.http.server.api.ServerRequest;
import org.xbib.netty.http.server.api.ServerResponse;
import org.xbib.netty.http.server.api.security.ServerCertificateProvider;
import org.xbib.netty.http.server.endpoint.HttpEndpoint;
import org.xbib.netty.http.server.endpoint.HttpEndpointResolver;
import org.xbib.netty.http.server.security.CertificateUtils;
import org.xbib.netty.http.server.security.PrivateKeyUtils;

/* loaded from: input_file:org/xbib/netty/http/server/Domain.class */
public class Domain {
    private static final Logger logger = Logger.getLogger(Domain.class.getName());
    private final String name;
    private final Set<String> aliases;
    private final HttpAddress httpAddress;
    private final SslContext sslContext;
    private final List<HttpEndpointResolver> httpEndpointResolvers;
    private final Collection<? extends X509Certificate> certificates;

    /* loaded from: input_file:org/xbib/netty/http/server/Domain$Builder.class */
    public static class Builder {
        private final HttpAddress httpAddress;
        private String serverName;
        private final Set<String> aliases;
        private final List<HttpEndpointResolver> httpEndpointResolvers;
        private SslContext sslContext;
        private TrustManagerFactory trustManagerFactory;
        private KeyStore trustManagerKeyStore;
        private Provider sslContextProvider;
        private SslProvider sslProvider;
        private Iterable<String> ciphers;
        private CipherSuiteFilter cipherSuiteFilter;
        private Collection<? extends X509Certificate> keyCertChain;
        private PrivateKey privateKey;

        private Builder(HttpAddress httpAddress) {
            Objects.requireNonNull(httpAddress);
            this.httpAddress = httpAddress;
            this.aliases = new LinkedHashSet();
            this.httpEndpointResolvers = new ArrayList();
            this.trustManagerFactory = SecurityUtil.Defaults.DEFAULT_TRUST_MANAGER_FACTORY;
            this.sslProvider = SecurityUtil.Defaults.DEFAULT_SSL_PROVIDER;
            this.ciphers = SecurityUtil.Defaults.DEFAULT_CIPHERS;
            this.cipherSuiteFilter = SecurityUtil.Defaults.DEFAULT_CIPHER_SUITE_FILTER;
        }

        private Builder(Domain domain) {
            this.httpAddress = domain.httpAddress;
            this.aliases = new LinkedHashSet();
            this.httpEndpointResolvers = new ArrayList(domain.httpEndpointResolvers);
            this.sslContext = domain.sslContext;
            this.keyCertChain = domain.certificates;
        }

        public Builder setServerName(String str) {
            if (this.serverName == null) {
                this.serverName = str;
            }
            return this;
        }

        public Builder setSslContext(SslContext sslContext) {
            this.sslContext = sslContext;
            return this;
        }

        public Builder setTrustManagerFactory(TrustManagerFactory trustManagerFactory) {
            Objects.requireNonNull(trustManagerFactory);
            this.trustManagerFactory = trustManagerFactory;
            return this;
        }

        public Builder setTrustManagerKeyStore(KeyStore keyStore) {
            Objects.requireNonNull(keyStore);
            this.trustManagerKeyStore = keyStore;
            return this;
        }

        public Builder setSslContextProvider(Provider provider) {
            Objects.requireNonNull(provider);
            this.sslContextProvider = provider;
            return this;
        }

        public Builder setSslProvider(SslProvider sslProvider) {
            Objects.requireNonNull(sslProvider);
            this.sslProvider = sslProvider;
            return this;
        }

        public Builder setCiphers(Iterable<String> iterable) {
            Objects.requireNonNull(iterable);
            this.ciphers = iterable;
            return this;
        }

        public Builder setCipherSuiteFilter(CipherSuiteFilter cipherSuiteFilter) {
            Objects.requireNonNull(cipherSuiteFilter);
            this.cipherSuiteFilter = cipherSuiteFilter;
            return this;
        }

        public Builder setJdkSslProvider() {
            setSslProvider(SslProvider.JDK);
            setCiphers(SecurityUtil.Defaults.JDK_CIPHERS);
            return this;
        }

        public Builder setOpenSSLSslProvider() {
            setSslProvider(SslProvider.OPENSSL);
            setCiphers(SecurityUtil.Defaults.OPENSSL_CIPHERS);
            return this;
        }

        public Builder setKeyCertChain(InputStream inputStream) throws CertificateException {
            Objects.requireNonNull(inputStream);
            this.keyCertChain = CertificateUtils.toCertificate(inputStream);
            return this;
        }

        public Builder setKey(InputStream inputStream, String str) throws NoSuchPaddingException, NoSuchAlgorithmException, IOException, KeyException, InvalidAlgorithmParameterException, InvalidKeySpecException {
            Objects.requireNonNull(inputStream);
            this.privateKey = PrivateKeyUtils.toPrivateKey(inputStream, str);
            return this;
        }

        public Builder setSelfCert() throws CertificateException, NoSuchPaddingException, NoSuchAlgorithmException, IOException, KeyException, InvalidAlgorithmParameterException, InvalidKeySpecException {
            Iterator it = ServiceLoader.load(ServerCertificateProvider.class).iterator();
            while (it.hasNext()) {
                ServerCertificateProvider serverCertificateProvider = (ServerCertificateProvider) it.next();
                if ("org.xbib.netty.http.bouncycastle.BouncyCastleSelfSignedCertificateProvider".equals(serverCertificateProvider.getClass().getName())) {
                    serverCertificateProvider.prepare(this.serverName);
                    setKeyCertChain(serverCertificateProvider.getCertificateChain());
                    setKey(serverCertificateProvider.getPrivateKey(), serverCertificateProvider.getKeyPassword());
                    Domain.logger.log(Level.INFO, "self signed certificate installed");
                }
            }
            if (this.keyCertChain == null) {
                throw new CertificateException("unable to set self certificate");
            }
            return this;
        }

        public Builder addAlias(String str) {
            Objects.requireNonNull(str);
            this.aliases.add(str);
            return this;
        }

        public Builder addEndpointResolver(HttpEndpointResolver httpEndpointResolver) {
            Objects.requireNonNull(httpEndpointResolver);
            this.httpEndpointResolvers.add(httpEndpointResolver);
            return this;
        }

        public Builder singleEndpoint(String str, Filter filter) {
            Objects.requireNonNull(str);
            Objects.requireNonNull(filter);
            this.httpEndpointResolvers.clear();
            this.httpEndpointResolvers.add(HttpEndpointResolver.builder().addEndpoint(HttpEndpoint.builder().setPath(str).build()).setDispatcher((httpEndpoint, serverRequest, serverResponse) -> {
                filter.handle(serverRequest, serverResponse);
            }).build());
            return this;
        }

        public Builder singleEndpoint(String str, String str2, Filter filter) {
            Objects.requireNonNull(str);
            Objects.requireNonNull(str2);
            Objects.requireNonNull(filter);
            addEndpointResolver(HttpEndpointResolver.builder().addEndpoint(HttpEndpoint.builder().setPrefix(str).setPath(str2).build()).setDispatcher((httpEndpoint, serverRequest, serverResponse) -> {
                filter.handle(serverRequest, serverResponse);
            }).build());
            return this;
        }

        public Builder singleEndpoint(String str, String str2, Filter filter, String... strArr) {
            Objects.requireNonNull(str);
            Objects.requireNonNull(str2);
            Objects.requireNonNull(filter);
            addEndpointResolver(HttpEndpointResolver.builder().addEndpoint(HttpEndpoint.builder().setPrefix(str).setPath(str2).setMethods(Arrays.asList(strArr)).build()).setDispatcher((httpEndpoint, serverRequest, serverResponse) -> {
                filter.handle(serverRequest, serverResponse);
            }).build());
            return this;
        }

        public Domain build() {
            if (!this.httpAddress.isSecure()) {
                return new Domain(this.serverName, this.aliases, this.httpAddress, this.httpEndpointResolvers, null, null);
            }
            try {
                if (this.sslContext == null && this.privateKey != null && this.keyCertChain != null) {
                    this.trustManagerFactory.init(this.trustManagerKeyStore);
                    SslContextBuilder ciphers = SslContextBuilder.forServer(this.privateKey, this.keyCertChain).trustManager(this.trustManagerFactory).sslProvider(this.sslProvider).ciphers(this.ciphers, this.cipherSuiteFilter);
                    if (this.sslContextProvider != null) {
                        ciphers.sslContextProvider(this.sslContextProvider);
                    }
                    if (this.httpAddress.getVersion().majorVersion() == 2) {
                        ciphers.applicationProtocolConfig(newApplicationProtocolConfig());
                    }
                    this.sslContext = ciphers.build();
                }
                return new Domain(this.serverName, this.aliases, this.httpAddress, this.httpEndpointResolvers, this.sslContext, this.keyCertChain);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }

        private static ApplicationProtocolConfig newApplicationProtocolConfig() {
            return new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, new String[]{"h2", "http/1.1"});
        }
    }

    private Domain(String str, Set<String> set, HttpAddress httpAddress, List<HttpEndpointResolver> list, SslContext sslContext, Collection<? extends X509Certificate> collection) {
        this.httpAddress = httpAddress;
        this.name = str;
        this.aliases = set;
        this.httpEndpointResolvers = list;
        this.sslContext = sslContext;
        this.certificates = collection;
        Objects.requireNonNull(list);
        if (list.isEmpty()) {
            throw new IllegalArgumentException("domain must have at least one endpoint resolver");
        }
    }

    public static Builder builder(HttpAddress httpAddress) {
        return builder(httpAddress, httpAddress.getInetSocketAddress().getHostString());
    }

    public static Builder builder(HttpAddress httpAddress, String str) {
        return new Builder(httpAddress).setServerName(str);
    }

    public static Builder builder(Domain domain) {
        return new Builder(domain);
    }

    public HttpAddress getHttpAddress() {
        return this.httpAddress;
    }

    public String getName() {
        return this.name;
    }

    public Set<String> getAliases() {
        return this.aliases;
    }

    public SslContext getSslContext() {
        return this.sslContext;
    }

    public Collection<? extends X509Certificate> getCertificateChain() {
        return this.certificates;
    }

    public void handle(ServerRequest serverRequest, ServerResponse serverResponse) throws IOException {
        boolean z = false;
        Iterator<HttpEndpointResolver> it = this.httpEndpointResolvers.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            HttpEndpointResolver next = it.next();
            List<HttpEndpoint> matchingEndpointsFor = next.matchingEndpointsFor(serverRequest);
            if (matchingEndpointsFor != null && !matchingEndpointsFor.isEmpty()) {
                next.handle(matchingEndpointsFor, serverRequest, serverResponse);
                z = true;
                break;
            }
        }
        if (z) {
            return;
        }
        ServerResponse.write(serverResponse, HttpResponseStatus.NOT_IMPLEMENTED, "text/plain", "No endpoint match for request " + serverRequest + " endpoints = " + this.httpEndpointResolvers);
    }

    public String toString() {
        return this.name + " (" + this.httpAddress + ") aliases=" + this.aliases;
    }
}
