package com.guicedee.guicedservlets.undertow;

import com.google.common.base.Strings;
import com.guicedee.guicedinjection.GuiceContext;
import com.guicedee.guicedinjection.interfaces.IDefaultService;
import com.guicedee.guicedservlets.undertow.services.UndertowDeploymentConfigurator;
import com.guicedee.logger.LogFactory;
import io.undertow.Handlers;
import io.undertow.Undertow;
import io.undertow.UndertowOptions;
import io.undertow.attribute.ExchangeAttributes;
import io.undertow.server.HttpHandler;
import io.undertow.server.handlers.LearningPushHandler;
import io.undertow.server.handlers.encoding.EncodingHandler;
import io.undertow.server.session.InMemorySessionManager;
import io.undertow.server.session.SessionAttachmentHandler;
import io.undertow.server.session.SessionCookieConfig;
import io.undertow.servlet.Servlets;
import io.undertow.servlet.api.DeploymentInfo;
import io.undertow.servlet.api.DeploymentManager;
import java.io.InputStream;
import java.net.Socket;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.ServiceLoader;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import org.xnio.Xnio;

/* loaded from: input_file:com/guicedee/guicedservlets/undertow/GuicedUndertow.class */
public class GuicedUndertow {
    private static final Logger log = LogFactory.getLog("Guiced Undertow");
    private String serverKeystore;
    private char[] storePassword;
    private Class sslStoreReferenceClass;
    private String host;
    private int port;
    private boolean ssl;
    private String sslKeyLocation;
    private String serverTruststoreLocation;
    private String sslKeyName;
    private KeyStore sslKeystore;
    private KeyStore trustKeystore;
    private boolean http2 = true;
    private Undertow.Builder server = Undertow.builder();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/guicedee/guicedservlets/undertow/GuicedUndertow$FilteredKeyManager.class */
    public static class FilteredKeyManager implements X509KeyManager {
        private final X509KeyManager originatingKeyManager;
        private final X509Certificate sslCertificate;
        private final String SSLCertificateKeyStoreAlias;

        public FilteredKeyManager(X509KeyManager x509KeyManager, X509Certificate x509Certificate, String str) {
            this.originatingKeyManager = x509KeyManager;
            this.sslCertificate = x509Certificate;
            this.SSLCertificateKeyStoreAlias = str;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.SSLCertificateKeyStoreAlias;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return this.originatingKeyManager.chooseServerAlias(str, principalArr, socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return new X509Certificate[]{this.sslCertificate};
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return this.originatingKeyManager.getClientAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return this.originatingKeyManager.getServerAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.originatingKeyManager.getPrivateKey(str);
        }
    }

    public static Undertow boot(String str, int i, boolean z, KeyStore keyStore, KeyStore keyStore2, String str2, char[] cArr, Class cls, boolean z2) throws Exception {
        GuicedUndertow guicedUndertow = new GuicedUndertow();
        guicedUndertow.host = str;
        guicedUndertow.port = i;
        guicedUndertow.ssl = z;
        guicedUndertow.sslKeyLocation = str2;
        guicedUndertow.storePassword = cArr;
        guicedUndertow.sslStoreReferenceClass = cls;
        guicedUndertow.http2 = z2;
        guicedUndertow.sslKeystore = keyStore;
        guicedUndertow.trustKeystore = keyStore2;
        return guicedUndertow.bootMe();
    }

    public static Undertow boot(String str, int i) throws Exception {
        GuicedUndertow guicedUndertow = new GuicedUndertow();
        guicedUndertow.host = str;
        guicedUndertow.port = i;
        return guicedUndertow.bootMe();
    }

    public static Undertow boot(String str, int i, boolean z, String str2, String str3, String str4, char[] cArr, Class cls, boolean z2) throws Exception {
        return boot(str, i, z, str2, str3, str4, null, cArr, cls, z2);
    }

    public static Undertow boot(String str, int i, boolean z, String str2, String str3, String str4, String str5, char[] cArr, Class cls, boolean z2) throws Exception {
        GuicedUndertow guicedUndertow = new GuicedUndertow();
        guicedUndertow.host = str;
        guicedUndertow.port = i;
        guicedUndertow.ssl = z;
        guicedUndertow.sslKeyLocation = str4;
        guicedUndertow.storePassword = cArr;
        guicedUndertow.sslStoreReferenceClass = cls;
        guicedUndertow.http2 = z2;
        guicedUndertow.serverKeystore = str2;
        guicedUndertow.serverTruststoreLocation = str3;
        guicedUndertow.sslKeyName = str5;
        return guicedUndertow.bootMe();
    }

    public Undertow bootMe() throws Exception {
        if (this.ssl && this.sslKeystore == null) {
            this.sslKeystore = loadKeyStore(this.sslStoreReferenceClass, this.serverKeystore, this.storePassword);
            this.trustKeystore = loadKeyStore(this.sslStoreReferenceClass, this.serverTruststoreLocation, this.storePassword);
        }
        SSLContext createSSLContext = createSSLContext(this.sslKeystore, this.trustKeystore, this.storePassword);
        log.fine("Setting XNIO Provider : " + Xnio.getInstance().getName());
        if (this.http2) {
            this.server.setServerOption(UndertowOptions.ENABLE_HTTP2, true);
            this.server.setServerOption(UndertowOptions.HTTP2_SETTINGS_ENABLE_PUSH, true);
        }
        if (this.ssl) {
            this.server.addHttpsListener(this.port, this.host, createSSLContext);
        } else {
            this.server.addHttpListener(this.port, this.host);
        }
        DeploymentInfo deploymentName = Servlets.deployment().setClassLoader(GuicedUndertow.class.getClassLoader()).setContextPath("/").setDeploymentName(this.host + "-" + this.port + ".war");
        Iterator it = IDefaultService.loaderToSetNoInjection(ServiceLoader.load(UndertowDeploymentConfigurator.class)).iterator();
        while (it.hasNext()) {
            deploymentName = ((UndertowDeploymentConfigurator) it.next()).configure(deploymentName);
        }
        DeploymentManager addDeployment = Servlets.defaultContainer().addDeployment(deploymentName);
        try {
            GuiceContext.inject();
        } catch (Throwable th) {
            log.log(Level.SEVERE, "Unable to start injections", th);
        }
        addDeployment.deploy();
        HttpHandler wrap = new EncodingHandler.Builder().build((Map) null).wrap(addDeployment.start());
        this.server.setHandler(new SessionAttachmentHandler(new LearningPushHandler(100, -1, Handlers.header(GuicedUndertowWebSocketConfiguration.getWebSocketHandler() != null ? Handlers.path().addPrefixPath("/wssocket", GuicedUndertowWebSocketConfiguration.getWebSocketHandler()).addPrefixPath("/", wrap) : Handlers.path().addPrefixPath("/", wrap), "x-undertow-transport", ExchangeAttributes.transportProtocol())), new InMemorySessionManager("sessionManager"), new SessionCookieConfig().setSecure(true).setHttpOnly(true)));
        Undertow build = this.server.build();
        build.start();
        return build;
    }

    private SSLContext createSSLContext(KeyStore keyStore, KeyStore keyStore2, char[] cArr) throws Exception {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, cArr);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore2);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        if (Strings.isNullOrEmpty(this.sslKeyName)) {
            sSLContext.init(keyManagers, trustManagers, null);
        } else {
            Enumeration<String> aliases = this.trustKeystore.aliases();
            X509Certificate x509Certificate = null;
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (nextElement.equalsIgnoreCase(this.sslKeyName)) {
                    this.trustKeystore.getKey(nextElement, this.storePassword);
                    Certificate certificate = this.trustKeystore.getCertificate(nextElement);
                    if (certificate instanceof X509Certificate) {
                        x509Certificate = (X509Certificate) certificate;
                    }
                }
            }
            if (x509Certificate == null) {
                throw new RuntimeException("Cannot load that given alias as a private key cert");
            }
            sSLContext.init(new KeyManager[]{new FilteredKeyManager((X509KeyManager) keyManagerFactory.getKeyManagers()[0], x509Certificate, this.sslKeyName)}, trustManagerFactory.getTrustManagers(), new SecureRandom());
        }
        return sSLContext;
    }

    public static KeyStore loadKeyStore(Class cls, String str, char[] cArr) throws Exception {
        String property = System.getProperty(str);
        InputStream resourceAsStream = property == null ? cls.getResourceAsStream(str) : Files.newInputStream(Paths.get(property, new String[0]), new OpenOption[0]);
        if (resourceAsStream == null) {
            throw new RuntimeException("Could not load keystore");
        }
        InputStream inputStream = resourceAsStream;
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(inputStream, cArr);
            if (inputStream != null) {
                inputStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public String getServerKeystore() {
        return this.serverKeystore;
    }

    public GuicedUndertow setServerKeystore(String str) {
        this.serverKeystore = str;
        return this;
    }

    public char[] getStorePassword() {
        return this.storePassword;
    }

    public GuicedUndertow setStorePassword(char[] cArr) {
        this.storePassword = cArr;
        return this;
    }

    public Class getSslStoreReferenceClass() {
        return this.sslStoreReferenceClass;
    }

    public GuicedUndertow setSSLStoresReferenceClass(Class cls) {
        this.sslStoreReferenceClass = cls;
        return this;
    }

    public boolean isHttp2() {
        return this.http2;
    }

    public GuicedUndertow setHttp2(boolean z) {
        this.http2 = z;
        return this;
    }

    public String getHost() {
        return this.host;
    }

    public GuicedUndertow setHost(String str) {
        this.host = str;
        return this;
    }

    public int getPort() {
        return this.port;
    }

    public GuicedUndertow setPort(int i) {
        this.port = i;
        return this;
    }

    public boolean isSsl() {
        return this.ssl;
    }

    public GuicedUndertow setSsl(boolean z) {
        this.ssl = z;
        return this;
    }

    public String getSslKeyLocation() {
        return this.sslKeyLocation;
    }

    public GuicedUndertow setSslKeyLocation(String str) {
        this.sslKeyLocation = str;
        return this;
    }

    public String getServerTruststoreLocation() {
        return this.serverTruststoreLocation;
    }

    public GuicedUndertow setServerTruststoreLocation(String str) {
        this.serverTruststoreLocation = str;
        return this;
    }

    public KeyStore getSslKeystore() {
        return this.sslKeystore;
    }

    public GuicedUndertow setSslKeystore(KeyStore keyStore) {
        this.sslKeystore = keyStore;
        return this;
    }

    public KeyStore getTrustKeystore() {
        return this.trustKeystore;
    }

    public GuicedUndertow setTrustKeystore(KeyStore keyStore) {
        this.trustKeystore = keyStore;
        return this;
    }

    public Undertow.Builder getServer() {
        return this.server;
    }

    public void setServer(Undertow.Builder builder) {
        this.server = builder;
    }

    public String getSslKeyName() {
        return this.sslKeyName;
    }

    public GuicedUndertow setSslKeyName(String str) {
        this.sslKeyName = str;
        return this;
    }
}
