package net.e6tech.elements.web.cxf.jetty;

import java.io.IOException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.TrustManager;
import net.e6tech.elements.common.inject.Inject;
import net.e6tech.elements.common.logging.Logger;
import net.e6tech.elements.common.util.SystemException;
import net.e6tech.elements.security.JavaKeyStore;
import net.e6tech.elements.security.SelfSignedCert;
import net.e6tech.elements.web.cxf.CXFServer;
import net.e6tech.elements.web.cxf.ServerController;
import net.e6tech.elements.web.cxf.ServerEngine;
import org.apache.cxf.configuration.jsse.TLSServerParameters;
import org.apache.cxf.configuration.security.ClientAuthentication;
import org.apache.cxf.endpoint.Server;
import org.apache.cxf.jaxrs.JAXRSServerFactoryBean;
import org.apache.cxf.jaxws.JaxWsServerFactoryBean;
import org.apache.cxf.transport.http_jetty.JettyHTTPDestination;
import org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine;
import org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;

/* loaded from: input_file:net/e6tech/elements/web/cxf/jetty/JettyEngine.class */
public class JettyEngine implements ServerEngine {
    private static Logger logger = Logger.getLogger();
    private QueuedThreadPool queuedThreadPool;

    public QueuedThreadPool getQueuedThreadPool() {
        return this.queuedThreadPool;
    }

    @Inject(optional = true)
    public void setQueuedThreadPool(QueuedThreadPool queuedThreadPool) {
        this.queuedThreadPool = queuedThreadPool;
    }

    @Override // net.e6tech.elements.web.cxf.ServerEngine
    public void start(CXFServer cXFServer, ServerController<?> serverController) {
        Server create;
        List list = (List) cXFServer.computeServerEngineData(LinkedList::new);
        try {
            initKeyStore(cXFServer);
            if (serverController.getFactory() instanceof JAXRSServerFactoryBean) {
                JAXRSServerFactoryBean jAXRSServerFactoryBean = (JAXRSServerFactoryBean) serverController.getFactory();
                jAXRSServerFactoryBean.setStart(false);
                create = jAXRSServerFactoryBean.create();
            } else {
                if (!(serverController.getFactory() instanceof JaxWsServerFactoryBean)) {
                    throw new SystemException("Don't know how to start " + serverController.getFactory().getClass());
                }
                JaxWsServerFactoryBean jaxWsServerFactoryBean = (JaxWsServerFactoryBean) serverController.getFactory();
                jaxWsServerFactoryBean.setStart(false);
                create = jaxWsServerFactoryBean.create();
            }
            list.add(create);
            if (this.queuedThreadPool != null) {
                JettyHTTPDestination destination = create.getDestination();
                if (destination instanceof JettyHTTPDestination) {
                    JettyHTTPDestination jettyHTTPDestination = destination;
                    if (jettyHTTPDestination.getEngine() instanceof JettyHTTPServerEngine) {
                        jettyHTTPDestination.getEngine().setThreadPool(this.queuedThreadPool);
                    }
                }
            }
            cXFServer.setServerEngineData(list);
            create.start();
        } catch (Exception e) {
            throw new SystemException(e);
        }
    }

    @Override // net.e6tech.elements.web.cxf.ServerEngine
    public void stop(CXFServer cXFServer) {
        Iterator it = ((List) cXFServer.computeServerEngineData(LinkedList::new)).iterator();
        while (it.hasNext()) {
            Server server = (Server) it.next();
            try {
                server.stop();
                server.destroy();
                server.getDestination().getEngine().shutdown();
                it.remove();
            } catch (Exception e) {
                logger.warn("Cannot stop Jetty {}", server.getDestination().getAddress().getAddress().getValue());
            }
        }
    }

    public void initKeyStore(CXFServer cXFServer) throws GeneralSecurityException, IOException {
        KeyManager[] keyManagers;
        TrustManager[] trustManagers;
        String keyStoreFile = cXFServer.getKeyStoreFile();
        SelfSignedCert selfSignedCert = cXFServer.getSelfSignedCert();
        KeyStore keyStore = cXFServer.getKeyStore();
        if (keyStoreFile == null && selfSignedCert == null && keyStore == null) {
            return;
        }
        if (keyStore == null && keyStoreFile == null) {
            keyManagers = selfSignedCert.getKeyManagers();
            trustManagers = selfSignedCert.getTrustManagers();
        } else {
            JavaKeyStore javaKeyStore = keyStore != null ? new JavaKeyStore(keyStore) : new JavaKeyStore(keyStoreFile, cXFServer.getKeyStorePassword(), cXFServer.getKeyStoreFormat());
            if (cXFServer.getKeyManagerPassword() == null) {
                cXFServer.setKeyManagerPassword(cXFServer.getKeyStorePassword());
            }
            javaKeyStore.init(cXFServer.getKeyManagerPassword());
            keyManagers = javaKeyStore.getKeyManagers();
            trustManagers = javaKeyStore.getTrustManagers();
        }
        TLSServerParameters tLSServerParameters = new TLSServerParameters();
        tLSServerParameters.setKeyManagers(keyManagers);
        tLSServerParameters.setTrustManagers(trustManagers);
        ClientAuthentication clientAuthentication = new ClientAuthentication();
        clientAuthentication.setRequired(false);
        clientAuthentication.setWant(false);
        tLSServerParameters.setClientAuthentication(clientAuthentication);
        JettyHTTPServerEngineFactory jettyHTTPServerEngineFactory = new JettyHTTPServerEngineFactory();
        for (URL url : cXFServer.getURLs()) {
            if ("https".equals(url.getProtocol())) {
                JettyHTTPServerEngine retrieveJettyHTTPServerEngine = jettyHTTPServerEngineFactory.retrieveJettyHTTPServerEngine(url.getPort());
                TLSServerParameters tlsServerParameters = retrieveJettyHTTPServerEngine == null ? null : retrieveJettyHTTPServerEngine.getTlsServerParameters();
                if (tlsServerParameters != null) {
                    LinkedHashSet linkedHashSet = new LinkedHashSet();
                    if (tlsServerParameters.getKeyManagers() != null) {
                        Collections.addAll(linkedHashSet, tlsServerParameters.getKeyManagers());
                    }
                    if (keyManagers != null) {
                        Collections.addAll(linkedHashSet, keyManagers);
                    }
                    LinkedHashSet linkedHashSet2 = new LinkedHashSet();
                    if (tlsServerParameters.getTrustManagers() != null) {
                        Collections.addAll(linkedHashSet2, tlsServerParameters.getTrustManagers());
                    }
                    if (trustManagers != null) {
                        Collections.addAll(linkedHashSet2, trustManagers);
                    }
                    tlsServerParameters.setKeyManagers((KeyManager[]) linkedHashSet.toArray(new KeyManager[0]));
                    tlsServerParameters.setTrustManagers((TrustManager[]) linkedHashSet2.toArray(new TrustManager[0]));
                    ClientAuthentication clientAuthentication2 = new ClientAuthentication();
                    String clientAuth = cXFServer.getClientAuth();
                    if ("true".equalsIgnoreCase(clientAuth) || "yes".equalsIgnoreCase(clientAuth) || "require".equalsIgnoreCase(clientAuth) || "required".equalsIgnoreCase(clientAuth)) {
                        clientAuthentication2.setRequired(true);
                    } else if ("optional".equalsIgnoreCase(clientAuth) || "want".equalsIgnoreCase(clientAuth)) {
                        clientAuthentication2.setWant(true);
                    } else if (!"false".equalsIgnoreCase(clientAuth) && !"no".equalsIgnoreCase(clientAuth) && !"none".equalsIgnoreCase(clientAuth) && clientAuth != null) {
                        throw new IllegalArgumentException("Invalid ClientAuth value: " + clientAuth);
                    }
                    if (clientAuthentication2.isRequired() != null || clientAuthentication2.isWant() != null) {
                        tlsServerParameters.setClientAuthentication(clientAuthentication2);
                    }
                } else {
                    jettyHTTPServerEngineFactory.setTLSServerParametersForPort(url.getPort(), tLSServerParameters);
                }
            }
        }
    }
}
